dadelman35

Members

View Profile See their activity

Posts
3
Joined
June 4, 2014
Last visited
June 4, 2014

Reputation

0 Neutral

Need help!

dadelman35 replied to dadelman35's topic in Resolved Malware Removal Logs

Here is Addition Additional scan result of Farbar Recovery Scan Tool (x86) Version:02-06-2014Ran by Dave at 2014-06-04 15:21:49Running from C:\Users\Dave\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: McAfee VirusScan (Enabled - Out of date) {86355677-4064-3EA7-ABB3-1B136EB04637}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: McAfee VirusScan (Enabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}FW: McAfee Personal Firewall (Enabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C} ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) HiddenAdobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)Adobe AIR (Version: 1.0.8.4990 - Adobe Systems Inc.) HiddenAdobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)AIM 6 (HKLM\...\AIM_6) (Version: - )AIM Toolbar (HKLM\...\AIM Toolbar) (Version: - )Amazon MP3 Downloader 1.0.5 (HKLM\...\Amazon MP3 Downloader) (Version: - )Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Banctec Service Agreement (HKLM\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)Broadcom Management Programs (HKLM\...\{C99C0593-3B48-41D9-B42F-6E035B320449}) (Version: 10.15.01 - Broadcom Corporation)Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)Carbonite Online Backup Setup (HKLM\...\Carbonite Setup Lite) (Version: 3.7.3 - Carbonite Inc.)Cisco EAP-FAST Module (HKLM\...\{6D3963B0-E13B-4FC3-B0FF-506A304BB043}) (Version: 2.1.3 - Cisco Systems, Inc.)Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)Cisco NAC Agent (HKLM\...\{7ECF4252-E10A-4BCC-AF34-A21E6F9A7852}) (Version: 4.9.1.6 - Cisco Systems, Inc.)Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: 7.74.00 - Conexant)Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)Dell Support Center (Support Software) (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.2.09085 - Dell)Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.102.7 - Alps Electric)Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.77.17 - Dell Inc.)Dell-eBay (HKLM\...\{B935C985-A17F-484B-8470-09E4FC27DC26}) (Version: 1.00.0000 - Dell)Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)Download Updater (AOL LLC) (HKLM\...\SoftwareUpdUtility) (Version: - ) <==== ATTENTIONDropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)EDocs (HKLM\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version: - )Epson Easy Photo Print 2 (HKLM\...\{DEDB47A3-C988-4A43-A645-E2CEA571E680}) (Version: 2.0.0.0 - SEIKO EPSON CORPORATION)EPSON NX100 Series Printer Uninstall (HKLM\...\EPSON NX100 Series) (Version: - SEIKO EPSON Corporation)EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)Full Tilt Poker.Net (HKLM\...\{E07B7A31-E160-466D-A003-3BB7B8989D52}) (Version: 4.17.10.WIN.FullTilt.Play - Full Tilt Poker)Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)Google Desktop (HKLM\...\Google Desktop) (Version: 5.8.0809.23506 - Google)Google Gmail Notifier (HKLM\...\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}) (Version: - Google Inc.)Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - Google Inc.)Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) HiddenGoogle Update Helper (Version: 1.3.24.7 - Google Inc.) HiddenGoToAssist 8.0.0.514 (HKLM\...\GoToAssist) (Version: - )iCloud (HKLM\...\{8CC68433-5837-4075-B81F-EA7E4F14CE60}) (Version: 2.0.2.187 - Apple Inc.)iPhone Configuration Utility (HKLM\...\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}) (Version: 2.1.0.163 - Apple Inc.)IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.27 - Irfan Skiljan)iTunes (HKLM\...\{DF9C119C-7F26-45B9-93D4-7C372CBBBA11}) (Version: 11.1.0.126 - Apple Inc.)Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenJava 6 Update 37 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.370 - Oracle)Java 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)Logitech QuickCam (HKLM\...\{937B232D-9776-471E-92BD-D424E514EF14}) (Version: 11.90.1263 - Logitech Inc.)Logitech QuickCam Driver Package (HKLM\...\lvdrivers_11.90) (Version: - )Magic DVD Ripper V5.4 (HKLM\...\Magic DVD Ripper_is1) (Version: - Magic DVD Software, Inc.)Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)McAfee SecurityCenter (HKLM\...\MSC) (Version: - McAfee, Inc.)MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 3.5 - Dell)Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) HiddenMicrosoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) HiddenMicrosoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) HiddenMicrosoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) HiddenMicrosoft VC9 runtime libraries (Version: 1.0.0 - AOL LLC) HiddenMicrosoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)MobileMe Control Panel (HKLM\...\{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}) (Version: 3.1.8.0 - Apple Inc.)Modem Diagnostic Tool (HKLM\...\{294EAADF-E50F-4DD8-AD8D-19587EA10512}) (Version: 1.0.24.0 - Dell)Move Media Player (HKCU\...\Move Media Player) (Version: - Move Networks)MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)MyITLab ActiveX Installer 2, 9, 8, 65535 (HKLM\...\MyITLab ActiveX Installer_is1) (Version: - Pearson Education)NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.53 - BVRP Software, Inc)Norton Security Scan (HKLM\...\NSS) (Version: 2.7.0.52 - Symantec Corporation)NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) HiddenOLYMPUS Master 2 (HKLM\...\{3A1AB8E6-748E-4B95-AA2D-FE9952EB3106}) (Version: 1.0.13 - OLYMPUS IMAGING CORP.)Origin (HKLM\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.)OutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink)Pinger (HKCU\...\Pinger 1.4.0.0) (Version: 1.4.0.0 - Pinger Inc.)Pinger (Version: 1.4.0.0 - Pinger Inc.) HiddenPokerStars.net (HKLM\...\PokerStars.net) (Version: - PokerStars.net)QuickSet (HKLM\...\{4B6AD248-D3BF-426A-8D64-847288154F13}) (Version: 8.2.20 - Dell Inc.)QuickTime (HKLM\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)Roll (HKLM\...\RollerCoaster Tycoon Setup) (Version: - )Roller Coaster Tycoon 2 (HKLM\...\Roller Coaster Tycoon 2) (Version: - )RollerCoaster Tycoon 3 Demo (HKLM\...\{990036E7-D647-45A4-8F7F-1CB277EF0ABD}) (Version: 1.00.000 - )Roxio Creator Audio (Version: 3.7.0 - Roxio) HiddenRoxio Creator Copy (Version: 3.7.0 - Roxio) HiddenRoxio Creator Data (Version: 3.7.0 - Roxio) HiddenRoxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)Roxio Creator DE (Version: 3.7.0 - Roxio) HiddenRoxio Creator Tools (Version: 3.7.0 - Roxio) HiddenRoxio Express Labeler 3 (Version: 3.2.1 - Roxio) HiddenRoxio Update Manager (Version: 6.0.0 - Roxio) HiddenSafari (HKLM\...\{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}) (Version: 5.34.52.7 - Apple Inc.)SeaWorld Adventure Parks Tycoon (HKLM\...\SeaWorld Adventure Parks Tycoon) (Version: - )SharePort Network USB Utility (HKLM\...\{D88064EC-0864-420E-99D5-E34828ABF39D}) (Version: 1.11 - D-Link Corporation)SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5210.0 - SigmaTel)SimCity 4 (HKLM\...\{611BD998-34B9-4DDA-00AE-0CB4632E86FA}) (Version: - )SimCity™ Closed Beta (HKLM\...\{CB6284F3-308A-4c0b-B2CF-401F78AA8881}) (Version: 1.0.0.0 - Electronic Arts)Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)Spotify (HKCU\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB)Spotify (HKLM\...\Spotify) (Version: 0.5.2 - )swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) HiddenSystem Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )System Update kb70007 (Version: 1.0.0 - MRS) HiddenTeamViewer 6 (HKLM\...\TeamViewer 6) (Version: 6.0.9947 - TeamViewer GmbH)The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)Winamp (HKLM\...\Winamp) (Version: 5.581 - Nullsoft, Inc)Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)Winamp Remote (HKLM\...\Orb) (Version: 2.2008.0508.1530 - Orb Networks)Winamp Toolbar (HKLM\...\Winamp Toolbar) (Version: - ) <==== ATTENTIONWindows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version: - Yahoo! Inc.) ==================== Restore Points ========================= 26-02-2014 23:07:25 Scheduled Checkpoint28-02-2014 08:00:15 Windows Update13-03-2014 07:00:18 Windows Update19-03-2014 07:00:11 Windows Update09-04-2014 16:21:50 Windows Update04-05-2014 00:53:18 Windows Update19-05-2014 18:48:08 Scheduled Checkpoint23-05-2014 17:06:32 Windows Update03-06-2014 02:24:22 Windows Update ==================== Hosts content: ========================== 2006-11-02 06:23 - 2006-09-18 17:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts127.0.0.1 localhost::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {0430FD32-8565-4D51-98A7-9F8134DA2380} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {19171D4B-42AB-4035-BC4E-660993367EC7} - System32\Tasks\{9FBB68D8-5BD0-4401-9352-C3193136C578} => Chrome.exe http://ui.skype.com/ui/0/4.1.0.166/en/go/help.faq.installer?source=lightinstaller&LastError=1618Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMMTask: {21D11607-9A51-4608-9275-BE17A869996E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-03] (Google Inc.)Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UITask: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPagesTask: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)Task: {5B3A81D1-AC5E-4742-89F4-CFEC09CB4B55} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)Task: {67735CB7-D692-4DF9-9BD2-47C69CC87B90} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-910741185-1763553365-2663291245-1000Core => C:\Users\Dave\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-20] (Facebook Inc.)Task: {81DD7E9E-503D-4E81-A799-9305C4A6B22C} - System32\Tasks\Norton Security Scan for Dave => C:\Program Files\Norton Security Scan\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2010-07-07] (Symantec Corporation)Task: {8F37C3AB-3CE9-427C-B123-6D91985D2900} - System32\Tasks\McDefragTask => C:\Program Files\McAfee\MQC\QcConsol.exe [2009-01-09] (McAfee, Inc.)Task: {94A51B92-930D-458D-B987-BD57F8B81F5C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)Task: {B8ECF367-C5BC-429A-9F64-3C963A86AF74} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-910741185-1763553365-2663291245-1000UA => C:\Users\Dave\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-20] (Facebook Inc.)Task: {BC0141B7-6E1C-4E94-A1EB-535D7079316E} - System32\Tasks\PC Optimizer Pro startups => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTIONTask: {C3A8529F-9423-4868-924B-2A178C7AE828} - System32\Tasks\McQcTask => C:\Program Files\McAfee\MQC\QcConsol.exe [2009-01-09] (McAfee, Inc.)Task: {DF5EF5F5-8324-442E-B986-DDB3E849E03A} - System32\Tasks\PC Optimizer Pro Updates => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTIONTask: {E31D9BFD-D8E7-4A0A-B0D2-D665BE328BA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-03] (Google Inc.)Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-910741185-1763553365-2663291245-1000Core.job => C:\Users\Dave\AppData\Local\Facebook\Update\FacebookUpdate.exeTask: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-910741185-1763553365-2663291245-1000UA.job => C:\Users\Dave\AppData\Local\Facebook\Update\FacebookUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\McDefragTask.job => C:\Windows\system32\defrag.exeTask: C:\Windows\Tasks\McQcTask.job => c:\PROGRA~1\mcafee\mqc\QcConsol.exeTask: C:\Windows\Tasks\Norton Security Scan for Dave.job => C:\Program Files\Norton Security Scan\Norton Security Scan\Engine\2.7.0.52\Nss.exeTask: C:\Windows\Tasks\PC Optimizer Pro startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTIONTask: C:\Windows\Tasks\PC Optimizer Pro Updates.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION ==================== Loaded Modules (whitelisted) ============= 2009-01-28 22:22 - 2008-10-27 05:54 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE2009-01-28 22:22 - 2008-10-27 05:52 - 00055808 _____ () C:\Windows\System32\bcmwlrmt.dll2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll2014-06-02 20:28 - 2014-05-29 17:59 - 00029184 _____ () C:\Users\Dave\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe2014-06-02 20:28 - 2014-05-29 17:59 - 00017920 _____ () C:\Users\Dave\AppData\Roaming\MRS\SystemUpdatekb70007\ConfigurationData.dll2014-06-02 20:28 - 2014-05-29 17:59 - 00013824 _____ () C:\Users\Dave\AppData\Roaming\MRS\SystemUpdatekb70007\BaseLibrary.dll2014-06-03 20:20 - 2014-06-03 20:20 - 00015360 _____ () C:\Users\Dave\AppData\Roaming\MRS\SystemUpdatekb70007\Installer.dll2014-06-03 20:20 - 2014-06-03 20:20 - 00054784 _____ () C:\Users\Dave\AppData\Roaming\MRS\SystemUpdatekb70007\InstallerLibrary.dll2014-06-02 20:28 - 2014-05-29 17:59 - 00021504 _____ () C:\Users\Dave\AppData\Local\MRS\winsystem.exe2014-06-02 20:28 - 2014-05-29 17:59 - 00013824 _____ () C:\Users\Dave\AppData\Local\MRS\BaseLibrary.dll2014-06-02 20:28 - 2014-05-29 17:59 - 00017920 _____ () C:\Users\Dave\AppData\Local\MRS\ConfigurationData.dll2014-06-03 20:01 - 2014-05-29 17:59 - 02322944 _____ () C:\Users\Dave\AppData\Local\MRS\svcsystem.exe2008-12-20 07:50 - 2008-12-20 07:50 - 02656528 _____ () C:\Program Files\Logitech\QuickCam\Quickcam.exe2012-01-20 00:56 - 2014-05-19 14:05 - 36966968 _____ () C:\Users\Dave\AppData\Roaming\Spotify\Data\libcef.dll2008-12-20 07:46 - 2008-12-20 07:46 - 00558864 _____ () C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe2013-09-25 10:52 - 2014-05-19 14:05 - 00598072 _____ () C:\Users\Dave\AppData\Roaming\Spotify\Data\SpotifyHelper.exe2014-06-03 13:01 - 2014-05-13 19:40 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll2014-06-03 13:01 - 2014-05-13 19:40 - 13695816 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll2014-06-03 13:01 - 2014-05-13 19:40 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll2014-06-03 13:01 - 2014-05-13 19:40 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll2014-04-10 23:51 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Dave\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll2014-04-10 23:51 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Dave\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll2014-06-02 20:28 - 2014-06-04 15:10 - 00086528 _____ () C:\Program Files\MRS\pvx\mgwz.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\00514321.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\45347250.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\00514321.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\45347250.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\plsapp => ""="service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (06/04/2014 01:27:23 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/04/2014 00:31:08 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/03/2014 01:20:47 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/03/2014 00:44:05 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/03/2014 00:40:54 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program rundll32.exe version 6.0.6000.16386 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.Process ID: 16d0Start Time: 01cf7ef79628fc18Termination Time: 56 Error: (06/03/2014 00:35:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 35315023 Error: (06/03/2014 00:35:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 35315023 Error: (06/03/2014 00:35:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/03/2014 00:35:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 35313026 Error: (06/03/2014 00:35:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 35313026 System errors:=============Error: (06/04/2014 01:28:00 PM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: SystemUpdatekb70007 Error: (06/04/2014 01:27:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: nuttkoqiez32%%2 Error: (06/04/2014 01:27:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: IePlugin Services%%2 Error: (06/04/2014 01:26:18 PM) (Source: Microsoft-Windows-ResourcePublication) (EventID: 1002) (User: NT AUTHORITY)Description: Provider\Microsoft.Base.Publication/Publication/Computer Error: (06/04/2014 00:33:14 PM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: SystemUpdatekb70007 Error: (06/04/2014 00:31:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: nuttkoqiez32%%2 Error: (06/04/2014 00:31:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: IePlugin Services%%2 Error: (06/03/2014 10:19:37 PM) (Source: DCOM) (EventID: 10010) (User: )Description: {6295DF2D-35EE-11D1-8707-00C04FD93327} Error: (06/03/2014 06:13:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Google Update Service (gupdate)%%1053 Error: (06/03/2014 06:13:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: 30000Google Update Service (gupdate) Microsoft Office Sessions:=========================Error: (01/07/2014 09:39:06 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash. Error: (01/07/2014 09:38:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 21 seconds with 0 seconds of active time. This session ended with a crash. Error: (01/07/2014 09:37:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash. Error: (01/07/2014 08:11:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 29 seconds with 0 seconds of active time. This session ended with a crash. Error: (12/18/2013 11:36:07 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 87 seconds with 0 seconds of active time. This session ended with a crash. Error: (11/25/2013 03:38:08 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 6161 seconds with 1560 seconds of active time. This session ended with a crash. Error: (08/20/2013 11:32:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16 seconds with 0 seconds of active time. This session ended with a crash. Error: (08/20/2013 11:32:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash. Error: (08/20/2013 11:19:31 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 26 seconds with 0 seconds of active time. This session ended with a crash. Error: (08/20/2013 11:18:46 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 32 seconds with 0 seconds of active time. This session ended with a crash. CodeIntegrity Errors:=================================== Date: 2014-06-04 15:20:46.817 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-04 15:20:44.352 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-04 15:20:41.485 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-04 15:20:39.320 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-04 15:20:36.698 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-04 15:20:34.277 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-04 15:20:31.664 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-04 15:20:29.028 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-04 15:09:22.162 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-04 15:09:20.548 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 69%Total physical RAM: 3069.31 MBAvailable physical RAM: 930.25 MBTotal Pagefile: 6354.93 MBAvailable Pagefile: 3534.07 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1922.3 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:220.29 GB) (Free:36.1 GB) NTFS ==>[Drive with boot components (obtained from BCD)]Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:3.19 GB) NTFSDrive e: (RCTYCOON) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 90000000)Partition 1: (Not Active) - (Size=94 MB) - (Type=DE)Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)Partition 3: (Active) - (Size=220 GB) - (Type=07 NTFS)Partition 4: (Not Active) - (Size=3 GB) - (Type=OF Extended) ==================== End Of Log ============================
- June 4, 2014
- 4 replies
Need help!

dadelman35 replied to dadelman35's topic in Resolved Malware Removal Logs

Here is the FRST Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014Ran by Dave (administrator) on DAVE-PC on 04-06-2014 15:18:48Running from C:\Users\Dave\DownloadsPlatform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)Internet Explorer Version 9Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Microsoft Corporation) C:\Windows\System32\SLsvc.exe(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe() C:\Windows\System32\WLTRYSVC.EXE(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\Mcshield.exe(McAfee, Inc.) C:\Program Files\McAfee\MPF\MpfSrv.exe(McAfee, Inc.) C:\Program Files\McAfee\MSK\msksrver.exe(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco NAC Agent\NACAgent.exe(IDT, Inc.) C:\Windows\System32\stacsv.exe(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco NAC Agent\NACAgentUI.exe() C:\Users\Dave\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe(TeamViewer GmbH) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe() C:\Users\Dave\AppData\Local\MRS\winsystem.exe() C:\Users\Dave\AppData\Local\MRS\svcsystem.exe(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe(McAfee, Inc.) C:\Program Files\McAfee\MSC\mcmscsvc.exe(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcsysmon.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe(Dell Inc.) C:\Windows\System32\WLTRAY.EXE(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe(CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe(Google Inc.) C:\Program Files\Google\Gmail Notifier\gnotify.exe() C:\Program Files\Logitech\QuickCam\Quickcam.exe(D-Link Corporation) C:\Program Files\D-Link\SharePort\SharePort Network USB Utility.exe(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe(Microsoft Corporation) C:\Windows\ehome\ehtray.exe(AOL LLC) C:\Program Files\AIM6\aim6.exe(OLYMPUS IMAGING CORP.) C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe(Spotify Ltd) C:\Users\Dave\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe(Spotify Ltd) C:\Users\Dave\AppData\Roaming\Spotify\spotify.exe(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe() C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe() C:\Users\Dave\AppData\Roaming\Spotify\Data\SpotifyHelper.exe() C:\Users\Dave\AppData\Roaming\Spotify\Data\SpotifyHelper.exe(AOL LLC) C:\Program Files\AIM6\aolsoftware.exe() C:\Users\Dave\AppData\Roaming\Spotify\Data\SpotifyHelper.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(The Privoxy team - www.privoxy.org) C:\Program Files\MRS\pvx\privoxy.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [159744 2007-09-24] (Alps Electric Co., Ltd.)HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2008-10-27] (Dell Inc.)HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2009-01-28] (Google)HKLM\...\Run: [mcagent_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [645328 2009-01-08] (McAfee, Inc.)HKLM\...\Run: [PCMService] => C:\Program Files\Dell\MediaDirect\PCMService.exe [184320 2007-12-21] (CyberLink Corp.)HKLM\...\Run: [dellsupportcenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-06-03] (SupportSoft, Inc.)HKLM\...\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] => C:\Program Files\Google\Gmail Notifier\gnotify.exe [479232 2005-07-15] (Google Inc.)HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [13543968 2008-06-09] (NVIDIA Corporation)HKLM\...\Run: [NvMediaCenter] => C:\Windows\system32\NvMcTray.dll [92704 2008-06-09] (NVIDIA Corporation)HKLM\...\Run: [NVHotkey] => C:\Windows\system32\nvHotkey.dll [96800 2008-06-09] (NVIDIA Corporation)HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\QuickCam\Quickcam.exe [2656528 2008-12-20] ()HKLM\...\Run: [D-Link Network USB Utility] => C:\Program Files\D-Link\SharePort\SharePort Network USB Utility.exe [2605312 2008-12-26] (D-Link Corporation)HKLM\...\Run: [OM2_Monitor] => C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [54672 2009-11-25] (OLYMPUS IMAGING CORP.)HKLM\...\Run: [CarboniteSetupLite] => C:\Program Files\Carbonite\CarbonitePreinstaller.exe [283792 2010-03-09] (Carbonite, Inc.)HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2010-07-12] (Nullsoft, Inc.)HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)HKLM\...\Run: [ROC_roc_dec12] => "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12HKLM\...\Run: [ROC_ROC_JULY_P1] => "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1HKLM\...\Run: [NACAgentUI] => C:\Program Files\Cisco\Cisco NAC Agent\NACAgentUI.exe [593880 2012-05-24] (Cisco Systems, Inc.)HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM\...\Run: [sigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-13] (IDT, Inc.)Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenterHKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenterHKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-01-28] (Google Inc.)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [Aim6] => C:\Program Files\AIM6\aim6.exe [49968 2009-07-09] (AOL LLC)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [OM2_Monitor] => C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [95632 2009-11-25] (OLYMPUS IMAGING CORP.)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [Orb] => C:\Program Files\Winamp Remote\bin\OrbTray.exe [507904 2008-03-31] (Orb Networks)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [spotify Web Helper] => C:\Users\Dave\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-19] (Spotify Ltd)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [EADM] => C:\Program Files\Origin\Origin.exe [3549528 2013-09-13] (Electronic Arts)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [spotify] => C:\Users\Dave\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-19] (Spotify Ltd)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\Run: [Facebook Update] => C:\Users\Dave\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-11-20] (Facebook Inc.)HKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\MountPoints2: {1773bff4-f62d-11e1-bb93-0023aeb49a32} - F:\TL-Bootstrap.exeHKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\MountPoints2: {1773c028-f62d-11e1-bb93-0023aeb49a32} - F:\TL-Bootstrap.exeHKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\MountPoints2: {68552873-cb0e-11df-b27f-0023aeb49a32} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\ClickMe.exeHKU\S-1-5-21-910741185-1763553365-2663291245-1000\...\MountPoints2: {c167e9fa-ed75-11dd-87e4-806e6f6e6963} - E:\SETUP.EXE -autorunHKU\S-1-5-21-910741185-1763553365-2663291245-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)HKU\S-1-5-21-910741185-1763553365-2663291245-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Winlogon: [shell] C:\Windows\eHome\McrMgr.exe [173056 2009-04-11] (Microsoft Corporation) <==== ATTENTION AppInit_DLLs: c:\progra~1\suptab\search~1.dll => c:\progra~1\suptab\search~1.dll File Not FoundStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnkShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnkShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnkShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Dave\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Epson all-in-one Registration.lnkShortcutTarget: Epson all-in-one Registration.lnk -> E:\Common\EpsonReg\EPS2.exe (No File)Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnkShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnkShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)Startup: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnkShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== ProxyEnable: Internet Explorer proxy is enabled.ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com/web/?type=ds&ts=1401755165&from=irs&uid=WDCXWD2500BEVT-75ZCT2_WD-WXEX08TU4132U4132&i=psd&t=34382dd27&q={searchTerms}HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ieHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com/web/?type=ds&ts=1401755165&from=irs&uid=WDCXWD2500BEVT-75ZCT2_WD-WXEX08TU4132U4132&i=psd&t=34382dd27&q={searchTerms}URLSearchHook: HKLM - AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)URLSearchHook: HKCU - AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)StartMenuInternet: IEXPLORE.EXE - iexplore.exeSearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query={searchTerms}&invocationType=tb50trie7SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}SearchScopes: HKCU - DefaultScope {47AD7A66-2030-4BF5-A384-D0393375BDDB} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}SearchScopes: HKCU - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query={searchTerms}&invocationType=tb50trie7SearchScopes: HKCU - {47AD7A66-2030-4BF5-A384-D0393375BDDB} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={CA65EF01-EBDC-4CF3-8B8A-D95D08382349}&mid=3bd339ccd02981e460482666ec8b2752-f7cf5aabd559603c7a471e390cbaf2a9c3e18e48〈=us&ds=AVG&pr=&d=2012-02-18 23:47:43&v=12.2.5.32&sap=dsp&q={searchTerms} SearchScopes: HKCU - {AE73B74A-703D-4C29-A851-431BD1F3B306} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=w3i&hsimp=yhs-geneiotransfer&type=W3i_IA,206,0_0,StartPage,20120102,18482,0,0,6434&p={searchTerms}BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files\McAfee\MSK\mskapbho.dll ()BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll No FileBHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No FileToolbar: HKLM - AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)Toolbar: HKLM - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No FileToolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No FileToolbar: HKCU - AIM Toolbar - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)Toolbar: HKCU - Winamp Toolbar - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cabDPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cabDPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cabHandler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75 FireFox:========FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Users\Dave\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll (Move Networks)FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Dave\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Dave\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []FF HKCU\...\Firefox\Extensions: [moveplayer@movenetworks.com] - C:\Users\Dave\AppData\Roaming\Move NetworksFF Extension: Move Media Player - C:\Users\Dave\AppData\Roaming\Move Networks [2009-09-05] Chrome: =======CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-04]CHR Extension: (Google Wallet) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02] ========================== Services (Whitelisted) ================= R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-24] (Stardock Corporation)R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-16] (SEIKO EPSON CORPORATION)R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-10] (SEIKO EPSON CORPORATION)S3 GoogleDesktopManager-092308-165331; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2009-01-28] (Google)R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)R2 mcmscsvc; C:\Program Files\McAfee\MSC\mcmscsvc.exe [797864 2009-01-08] (McAfee, Inc.)R2 McNASvc; C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe [2482848 2009-01-09] (McAfee, Inc.)S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [365072 2009-01-09] (McAfee, Inc.)R2 McProxy; C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe [359952 2009-01-09] (McAfee, Inc.)R2 McShield; C:\Program Files\McAfee\VirusScan\Mcshield.exe [144704 2009-01-09] (McAfee, Inc.)R3 McSysmon; C:\Program Files\McAfee\VirusScan\mcsysmon.exe [606736 2009-01-09] (McAfee, Inc.)R2 MpfService; C:\Program Files\McAfee\MPF\MPFSrv.exe [884360 2009-01-09] (McAfee, Inc.)R2 MSK80Service; C:\Program Files\McAfee\MSK\MskSrver.exe [26640 2009-01-09] (McAfee, Inc.)R2 NACAgent; C:\Program Files\Cisco\Cisco NAC Agent\NACAgent.exe [1259480 2012-05-24] (Cisco Systems, Inc.)R2 sprtsvc_DellSupportCenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-10-04] (SupportSoft, Inc.)R2 SystemUpdatekb70007; C:\Users\Dave\AppData\Roaming\MRS\SystemUpdatekb70007\WindowsUpdater.exe [29184 2014-05-29] ()R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2008-10-27] (Dell Inc.)S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X] ==================== Drivers (Whitelisted) ==================== R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-10-27] (Broadcom Corporation)R3 DlinkUDSMBus; C:\Windows\System32\Drivers\DlinkUDSMBus.sys [74624 2008-11-11] (Windows ® Codename Longhorn DDK provider)S3 DlinkUDSTcpBus; C:\Windows\System32\Drivers\DlinkUDSTcpBus.sys [97664 2008-11-11] (Windows ® Codename Longhorn DDK provider)R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25624 2008-12-16] ()S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-12-17] (Logitech Inc.)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-04] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [79304 2009-01-09] (McAfee, Inc.)R3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [35272 2009-01-09] (McAfee, Inc.)R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [213640 2009-01-09] (McAfee, Inc.)S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [34216 2009-01-09] (McAfee, Inc.)R3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40552 2009-01-09] (McAfee, Inc.)R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [130424 2008-10-23] (McAfee, Inc.)S3 netr28u; C:\Windows\System32\DRIVERS\Dnetr28u.sys [735232 2009-08-03] (Ralink Technology Corp.)S3 IpInIp; system32\DRIVERS\ipinip.sys [X]S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-04 15:08 - 2014-06-04 15:17 - 00016994 _____ () C:\Users\Dave\Downloads\Addition.txt2014-06-04 15:03 - 2014-06-04 15:19 - 00028628 _____ () C:\Users\Dave\Downloads\FRST.txt2014-06-04 15:03 - 2014-06-04 15:19 - 00000000 ____D () C:\FRST2014-06-04 14:58 - 2014-06-04 14:58 - 01059840 _____ (Farbar) C:\Users\Dave\Downloads\FRST.exe2014-06-04 13:47 - 2014-06-04 13:49 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-04 13:44 - 2014-06-04 13:44 - 00000901 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-04 13:44 - 2014-06-04 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-04 13:44 - 2014-06-04 13:44 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-06-04 13:44 - 2014-06-04 13:44 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware2014-06-04 13:44 - 2014-05-12 07:35 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-06-04 13:44 - 2014-05-12 07:35 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-06-04 13:44 - 2014-05-12 07:35 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-06-04 13:39 - 2014-06-04 13:40 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Dave\Downloads\mbam-setup.exe2014-06-03 13:39 - 2014-06-03 13:39 - 00000000 ____D () C:\Program Files\ESET2014-06-03 13:38 - 2014-06-03 13:38 - 02347384 _____ (ESET) C:\Users\Dave\Downloads\esetsmartinstaller_enu.exe2014-06-03 13:16 - 2014-06-03 13:16 - 04176736 _____ (Kaspersky Lab ZAO) C:\Users\Dave\Downloads\tdsskiller.exe2014-06-03 13:01 - 2014-06-03 13:01 - 00001973 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-06-03 13:01 - 2014-06-03 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-06-03 13:00 - 2014-06-04 15:05 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-06-03 13:00 - 2014-06-04 13:26 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-06-03 12:55 - 2014-06-03 12:55 - 00442892 _____ () C:\Users\Dave\Documents\bookmarks_6_3_14.html2014-06-02 22:25 - 2014-03-31 09:35 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2014-06-02 20:32 - 2014-06-02 20:32 - 00000000 ____D () C:\Program Files\predm2014-06-02 20:28 - 2014-06-03 20:01 - 00000000 ____D () C:\Users\Dave\AppData\Local\MRS2014-06-02 20:28 - 2014-06-02 20:28 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\MRS2014-06-02 20:28 - 2014-06-02 20:28 - 00000000 ____D () C:\Program Files\MRS2014-06-02 20:26 - 2014-06-03 19:59 - 00000000 ____D () C:\ProgramData\IePluginServices2014-06-02 20:26 - 2014-06-03 19:59 - 00000000 ____D () C:\Program Files\SupTab2014-06-02 20:26 - 2014-06-02 20:30 - 00000258 __RSH () C:\ProgramData\ntuser.pol2014-06-02 20:26 - 2014-06-02 20:26 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google2014-06-02 20:26 - 2014-06-02 20:26 - 00000000 ____D () C:\Users\Administrator2014-06-02 20:25 - 2014-06-02 20:25 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\wi_upd2014-06-02 20:13 - 2014-06-03 13:03 - 00000000 ____D () C:\Users\Dave\Documents\Optimizer Pro2014-06-02 20:13 - 2014-06-02 20:13 - 00000000 ____D () C:\ProgramData\TEMP2014-06-02 20:07 - 2014-06-04 14:46 - 00000000 ____D () C:\temp2014-06-02 20:07 - 2014-06-02 20:15 - 00000000 ____D () C:\Program Files\Optimizer Pro2014-06-02 20:04 - 2014-06-03 19:59 - 00000000 ____D () C:\Program Files\0032014-06-02 20:04 - 2014-06-02 20:04 - 00000000 _____ () C:\END2014-06-02 20:02 - 2014-06-03 02:07 - 00000000 ____D () C:\Program Files\globalUpdate2014-06-02 20:02 - 2014-06-02 20:02 - 00000000 ____D () C:\Users\Dave\AppData\Local\globalUpdate2014-06-02 19:58 - 2014-06-02 19:58 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\OpenCandy2014-06-02 19:56 - 2014-06-02 20:37 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\uTorrent2014-05-23 13:27 - 2014-05-23 13:27 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER2014-05-23 13:18 - 2014-05-05 19:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-23 13:18 - 2014-05-05 19:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-23 13:18 - 2014-05-05 19:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-05-14 23:00 - 2014-03-25 09:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll ==================== One Month Modified Files and Folders ======= 2014-06-04 15:21 - 2009-02-04 19:48 - 00000000 ____D () C:\Users\Dave\AppData\Local\Temp2014-06-04 15:19 - 2014-06-04 15:03 - 00028628 _____ () C:\Users\Dave\Downloads\FRST.txt2014-06-04 15:19 - 2014-06-04 15:03 - 00000000 ____D () C:\FRST2014-06-04 15:17 - 2014-06-04 15:08 - 00016994 _____ () C:\Users\Dave\Downloads\Addition.txt2014-06-04 15:10 - 2011-08-03 20:13 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Spotify2014-06-04 15:05 - 2014-06-03 13:00 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-06-04 15:02 - 2013-03-05 21:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-06-04 15:02 - 2006-11-02 08:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A02014-06-04 15:02 - 2006-11-02 08:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A02014-06-04 14:58 - 2014-06-04 14:58 - 01059840 _____ (Farbar) C:\Users\Dave\Downloads\FRST.exe2014-06-04 14:46 - 2014-06-02 20:07 - 00000000 ____D () C:\temp2014-06-04 14:26 - 2013-11-20 00:21 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-910741185-1763553365-2663291245-1000UA.job2014-06-04 13:49 - 2014-06-04 13:47 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-04 13:44 - 2014-06-04 13:44 - 00000901 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-04 13:44 - 2014-06-04 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-04 13:44 - 2014-06-04 13:44 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-06-04 13:44 - 2014-06-04 13:44 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware2014-06-04 13:40 - 2014-06-04 13:39 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Dave\Downloads\mbam-setup.exe2014-06-04 13:37 - 2009-01-28 16:00 - 01720489 _____ () C:\Windows\WindowsUpdate.log2014-06-04 13:32 - 2013-01-26 11:03 - 00000000 ____D () C:\Program Files\Origin2014-06-04 13:31 - 2013-09-18 09:37 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Dropbox2014-06-04 13:29 - 2009-02-05 23:44 - 00027744 _____ () C:\ProgramData\nvModes.0012014-06-04 13:28 - 2009-01-28 22:28 - 00068353 _____ () C:\Windows\system32\Config.MPF2014-06-04 13:26 - 2014-06-03 13:00 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-06-04 13:26 - 2012-10-11 15:48 - 00000408 _____ () C:\Windows\Tasks\PC Optimizer Pro startups.job2014-06-04 13:26 - 2009-02-05 23:44 - 00027744 _____ () C:\ProgramData\nvModes.dat2014-06-04 13:26 - 2006-11-02 09:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-06-04 13:24 - 2006-11-02 09:01 - 00032520 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2014-06-03 20:01 - 2014-06-02 20:28 - 00000000 ____D () C:\Users\Dave\AppData\Local\MRS2014-06-03 19:59 - 2014-06-02 20:26 - 00000000 ____D () C:\ProgramData\IePluginServices2014-06-03 19:59 - 2014-06-02 20:26 - 00000000 ____D () C:\Program Files\SupTab2014-06-03 19:59 - 2014-06-02 20:04 - 00000000 ____D () C:\Program Files\0032014-06-03 18:19 - 2009-07-19 18:05 - 00000556 ____H () C:\Windows\Tasks\Norton Security Scan for Dave.job2014-06-03 13:39 - 2014-06-03 13:39 - 00000000 ____D () C:\Program Files\ESET2014-06-03 13:38 - 2014-06-03 13:38 - 02347384 _____ (ESET) C:\Users\Dave\Downloads\esetsmartinstaller_enu.exe2014-06-03 13:19 - 2008-01-20 22:47 - 00099288 _____ () C:\Windows\PFRO.log2014-06-03 13:16 - 2014-06-03 13:16 - 04176736 _____ (Kaspersky Lab ZAO) C:\Users\Dave\Downloads\tdsskiller.exe2014-06-03 13:03 - 2014-06-02 20:13 - 00000000 ____D () C:\Users\Dave\Documents\Optimizer Pro2014-06-03 13:01 - 2014-06-03 13:01 - 00001973 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-06-03 13:01 - 2014-06-03 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-06-03 13:01 - 2009-01-28 22:24 - 00000000 ____D () C:\Program Files\Google2014-06-03 13:00 - 2009-07-30 00:55 - 00000000 ____D () C:\Users\Dave\AppData\Local\Deployment2014-06-03 12:58 - 2009-02-04 19:52 - 00000000 ____D () C:\Users\Dave\AppData\Local\Google2014-06-03 12:55 - 2014-06-03 12:55 - 00442892 _____ () C:\Users\Dave\Documents\bookmarks_6_3_14.html2014-06-03 12:50 - 2006-11-02 06:33 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI2014-06-03 02:42 - 2013-04-14 22:50 - 00000000 ____D () C:\Program Files\7-Zip2014-06-03 02:28 - 2009-02-04 21:06 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Apple Computer2014-06-03 02:07 - 2014-06-02 20:02 - 00000000 ____D () C:\Program Files\globalUpdate2014-06-02 23:26 - 2013-11-20 00:21 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-910741185-1763553365-2663291245-1000Core.job2014-06-02 21:38 - 2012-10-11 15:48 - 00000436 _____ () C:\Windows\Tasks\PC Optimizer Pro Updates.job2014-06-02 20:37 - 2014-06-02 19:56 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\uTorrent2014-06-02 20:36 - 2011-09-28 23:46 - 00000951 _____ () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-06-02 20:32 - 2014-06-02 20:32 - 00000000 ____D () C:\Program Files\predm2014-06-02 20:30 - 2014-06-02 20:26 - 00000258 __RSH () C:\ProgramData\ntuser.pol2014-06-02 20:28 - 2014-06-02 20:28 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\MRS2014-06-02 20:28 - 2014-06-02 20:28 - 00000000 ____D () C:\Program Files\MRS2014-06-02 20:26 - 2014-06-02 20:26 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google2014-06-02 20:26 - 2014-06-02 20:26 - 00000000 ____D () C:\Users\Administrator2014-06-02 20:25 - 2014-06-02 20:25 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\wi_upd2014-06-02 20:15 - 2014-06-02 20:07 - 00000000 ____D () C:\Program Files\Optimizer Pro2014-06-02 20:13 - 2014-06-02 20:13 - 00000000 ____D () C:\ProgramData\TEMP2014-06-02 20:04 - 2014-06-02 20:04 - 00000000 _____ () C:\END2014-06-02 20:03 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Resources2014-06-02 20:02 - 2014-06-02 20:02 - 00000000 ____D () C:\Users\Dave\AppData\Local\globalUpdate2014-06-02 19:58 - 2014-06-02 19:58 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\OpenCandy2014-06-02 10:03 - 2011-08-03 20:13 - 00000000 ____D () C:\Users\Dave\AppData\Local\Spotify2014-06-01 01:00 - 2009-01-28 22:26 - 00000348 _____ () C:\Windows\Tasks\McQcTask.job2014-05-23 22:16 - 2009-02-04 21:01 - 00000000 ____D () C:\Program Files\Full Tilt Poker.Net2014-05-23 18:33 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Microsoft.NET2014-05-23 13:39 - 2013-10-21 09:42 - 00000000 ____D () C:\Windows\system32\MRT2014-05-23 13:28 - 2006-11-02 06:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe2014-05-23 13:27 - 2014-05-23 13:27 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER2014-05-23 13:27 - 2009-02-05 14:56 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-05-23 13:03 - 2009-03-23 18:53 - 00000680 _____ () C:\Users\Dave\AppData\Local\d3d9caps.dat2014-05-18 15:03 - 2009-02-04 21:02 - 00000000 ____D () C:\Users\Dave\AppData\Local\FullTiltPoker.NET2014-05-15 00:59 - 2009-01-28 22:26 - 00000356 _____ () C:\Windows\Tasks\McDefragTask.job2014-05-14 02:02 - 2013-03-05 21:06 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe2014-05-14 02:02 - 2011-07-07 01:26 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl2014-05-12 07:35 - 2014-06-04 13:44 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-05-12 07:35 - 2014-06-04 13:44 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-05-12 07:35 - 2014-06-04 13:44 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-05-05 19:32 - 2014-05-23 13:18 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-05 19:14 - 2014-05-23 13:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-05 19:14 - 2014-05-23 13:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll Some content of TEMP:====================C:\Users\Dave\AppData\Local\Temp\AutoRun.exeC:\Users\Dave\AppData\Local\Temp\AutoRunGUI.dllC:\Users\Dave\AppData\Local\Temp\CarboniteSetupLiteSunPreinstaller.exeC:\Users\Dave\AppData\Local\Temp\CommonInstaller.exeC:\Users\Dave\AppData\Local\Temp\contentDATs.exeC:\Users\Dave\AppData\Local\Temp\First15.exeC:\Users\Dave\AppData\Local\Temp\IeSearchProvider.exeC:\Users\Dave\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exeC:\Users\Dave\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exeC:\Users\Dave\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exeC:\Users\Dave\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exeC:\Users\Dave\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exeC:\Users\Dave\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exeC:\Users\Dave\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exeC:\Users\Dave\AppData\Local\Temp\mpengine.dllC:\Users\Dave\AppData\Local\Temp\mssinstaller.exeC:\Users\Dave\AppData\Local\Temp\NewsFeed[0].dllC:\Users\Dave\AppData\Local\Temp\NewsFeed[1].dllC:\Users\Dave\AppData\Local\Temp\NewsFeed[2].dllC:\Users\Dave\AppData\Local\Temp\NewsFeed[3].dllC:\Users\Dave\AppData\Local\Temp\NewsFeed[4].dllC:\Users\Dave\AppData\Local\Temp\NewsFeed[5].dllC:\Users\Dave\AppData\Local\Temp\ose00000.exeC:\Users\Dave\AppData\Local\Temp\SearchWithGoogleUpdate.exeC:\Users\Dave\AppData\Local\Temp\SecurityScan_Release.exeC:\Users\Dave\AppData\Local\Temp\SkypeSetup.exeC:\Users\Dave\AppData\Local\Temp\SpOrder.dllC:\Users\Dave\AppData\Local\Temp\SportFeed[0].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[10].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[11].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[12].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[13].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[14].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[15].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[16].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[17].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[18].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[19].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[1].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[20].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[21].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[22].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[2].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[3].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[4].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[5].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[6].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[7].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[8].dllC:\Users\Dave\AppData\Local\Temp\SportFeed[9].dllC:\Users\Dave\AppData\Local\Temp\SpotifyUpgrader.exeC:\Users\Dave\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dllC:\Users\Dave\AppData\Local\Temp\Uninstall.exeC:\Users\Dave\AppData\Local\Temp\updater_uninstall.exeC:\Users\Dave\AppData\Local\Temp\VP6Install.exeC:\Users\Dave\AppData\Local\Temp\VP6VFW.dllC:\Users\Dave\AppData\Local\Temp\wmpfirefoxplugin.exeC:\Users\Dave\AppData\Local\Temp\xpbekr2c.3xh.exeC:\Users\Dave\AppData\Local\Temp\xrhjuakk.k0d.exeC:\Users\Dave\AppData\Local\Temp\_is1576.exeC:\Users\Dave\AppData\Local\Temp\_is54F5.exeC:\Users\Dave\AppData\Local\Temp\_isCE66.exeC:\Users\Dave\AppData\Local\Temp\_isEE45.exeC:\Users\Dave\AppData\Local\Temp\{1B63298F-8C41-4FAE-83F3-0C9333749BB1}.exeC:\Users\Dave\AppData\Local\Temp\{5ACB1A80-98C6-4837-9887-E00165C183A5}.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legitC:\Windows\system32\winlogon.exe => MD5 is legitC:\Windows\system32\wininit.exe => MD5 is legitC:\Windows\system32\svchost.exe => MD5 is legitC:\Windows\system32\services.exe => MD5 is legitC:\Windows\system32\User32.dll => MD5 is legitC:\Windows\system32\userinit.exe => MD5 is legitC:\Windows\system32\rpcss.dll => MD5 is legitC:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-06-04 13:34 ==================== End Of Log ============================
- June 4, 2014
- 4 replies
Need help!

dadelman35 posted a topic in Resolved Malware Removal Logs

I followed the directions in running Malwarebytes from here but am still experiencing sluggish internet browsing and what seems like Malware popups.
- June 4, 2014
- 4 replies

Sign In

dadelman35

Posts

Joined

Last visited

Reputation

Need help!

Need help!

Need help!

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information