Jump to content

Search the Community

Showing results for tags 'iLivid'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 5 results

  1. Have used a combination of Malware Bytes, Hitman Pro, Eset Online Scanner and Norton Online Scanner to remove/delete close to 200 infected files and/or registry keys (some of which are listed in the Topic Tags). Ran these a few months ago and thought I had things cleaned. Today I ran ADWCleaner and came up with about 50 infections - which I haven't cleaned. After ADW, I ran Malware Bytes and Farber Recovery Scan as suggested in the "I'm infected what do I do now" post. Malware Bytes quarantined a Yontoo PUP for me. I am copying the Farber logs for expert review. Also included the ADWCleaner log - which I have not cleaned - after the Farber logs. Based on my review of forum topics related to these types of malware, i did not run the recommended programs in a necessarily proper order. Am hoping someone might be able to use the Farber logs and the ADW screen shot to provide some assistance. I have the old Malware Bytes, Hitman and Eset logs I could provide if that would help. Any assistance greatly appreciated ! Sam Haber FRST Farber Log Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014 Ran by shaber (administrator) on LAPTOP on 18-05-2014 16:50:05Running from C:\Users\shaber\DownloadsPlatform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe() C:\Windows\System32\spool\drivers\x64\3\dleaserv.exe( ) C:\Windows\System32\dleacoms.exe(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe() C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe(Support.com, Inc.) C:\Program Files (x86)\Office Depot PC Support Agent\esService.exe(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe() C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe(Support.com, Inc.) C:\Program Files (x86)\Office Depot PC Support Agent\escont.exe(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE(Intel Corporation) C:\Windows\System32\igfxsrvc.exe(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe() C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe() C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe(Google Inc.) C:\Users\shaber\AppData\Local\Programs\Google\MusicManager\MusicManager.exe(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe(Dell) C:\Users\shaber\AppData\Local\Apps\2.0\OGXX1OAO.Q30\NXTQME62.O5Z\dell..tion_0f612f649c4a10af_0005.0005_9914611622934cec\DellSystemDetect.exe(Dropbox, Inc.) C:\Users\shaber\AppData\Roaming\Dropbox\bin\Dropbox.exe(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(6337)\ShwiconX.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe(Apple Inc.) C:\Program Files (x86)\QuickTime\QTTask.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe(Apple Inc.) C:\Program Files (x86)\iPod\bin\iPodService.exe(Google Inc.) C:\Users\shaber\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler.exe(Google Inc.) C:\Users\shaber\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler64.exe(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe(McAfee, Inc.) C:\Program Files\McAfee\MSM\McSmtFwk.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe() C:\Users\shaber\AppData\Local\Temp\dlm876A.tmp\adwcleaner.exe(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe(PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe(Google Inc.) C:\Users\shaber\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\shaber\AppData\Local\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Users\shaber\AppData\Local\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe(Google Inc.) C:\Users\shaber\AppData\Local\Google\Chrome\Application\chrome.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [384296 2010-04-05] (Alps Electric Co., Ltd.)HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-17] (Dell Inc.)HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.)HKLM\...\Run: [iAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)HKLM\...\Run: [dleamon.exe] => C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe [766632 2009-07-10] ()HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe [139944 2009-07-10] ()HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-02-26] (IDT, Inc.)HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-06-24] (CyberLink Corp.)HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-10-15] ()HKLM-x32\...\Run: [DellSupportCenter] => "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenterHKLM-x32\...\Run: [Dell V310-V510 Series] => C:\Program Files (x86)\Dell V310-V510 Series\fm3032.exe [316072 2009-07-10] ()HKLM-x32\...\Run: [shwiconXP6377] => C:\Program Files (x86)\Multimedia Card Reader(6337)\ShwiconX.exe [237568 2009-01-05] (Alcor Micro Corp.)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [103768 2009-09-12] (Citrix Systems, Inc.)HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\896\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKLM\...\Policies\Explorer: [NoControlPanel] 0HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe -update activexHKU\.DEFAULT\...\RunOnce: [{91120000-002F-0000-0000-0000000FF1CE}] - C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:HHKU\S-1-5-21-2477104216-3071022368-541353855-1001\...\Run: [Google Update] => C:\Users\shaber\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-23] (Google Inc.)HKU\S-1-5-21-2477104216-3071022368-541353855-1001\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exeHKU\S-1-5-21-2477104216-3071022368-541353855-1001\...\Run: [MusicManager] => C:\Users\shaber\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7382528 2014-03-03] (Google Inc.)HKU\S-1-5-21-2477104216-3071022368-541353855-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)HKU\S-1-5-21-2477104216-3071022368-541353855-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1095000 2013-12-13] (Garmin Ltd or its subsidiaries)HKU\S-1-5-21-2477104216-3071022368-541353855-1001\...\Run: [iLivid] => "C:\Users\shaber\AppData\Local\iLivid\iLivid.exe" -autorunHKU\S-1-5-21-2477104216-3071022368-541353855-1001\...\Run: [DellSystemDetect] => C:\Users\shaber\AppData\Local\Apps\2.0\OGXX1OAO.Q30\NXTQME62.O5Z\dell..tion_0f612f649c4a10af_0005.0005_9914611622934cec\DellSystemDetect.exe [253952 2014-03-02] (Dell)HKU\S-1-5-21-2477104216-3071022368-541353855-1001\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)HKU\S-1-5-21-2477104216-3071022368-541353855-1001\...\MountPoints2: D - D:\autorun.exeHKU\S-1-5-21-2477104216-3071022368-541353855-1001\...\MountPoints2: {b73aa86b-f9fa-11e1-b04d-a4badb9fc964} - E:\MotoCastSetup.exe -aHKU\S-1-5-21-2477104216-3071022368-541353855-1006\...\MountPoints2: {2068c34d-15b6-11df-b92e-806e6f6e6963} - D:\ice_age_pc.exeAppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not FoundAppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL => C:\PROGRA~3\Wincert\WIN64C~1.DLL File Not FoundAppInit_DLLs: C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll => C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll File Not FoundAppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not FoundAppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL => "C:\PROGRA~3\Wincert\WIN32C~1.DLL" File Not FoundIFEO\bitguard.exe: [Debugger] tasklist.exeIFEO\bprotect.exe: [Debugger] tasklist.exeIFEO\bpsvc.exe: [Debugger] tasklist.exeIFEO\browsemngr.exe: [Debugger] tasklist.exeIFEO\browserdefender.exe: [Debugger] tasklist.exeIFEO\browsermngr.exe: [Debugger] tasklist.exeIFEO\browserprotect.exe: [Debugger] tasklist.exeIFEO\browsersafeguard.exe: [Debugger] tasklist.exeIFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exeIFEO\delta babylon.exe: [Debugger] tasklist.exeIFEO\delta tb.exe: [Debugger] tasklist.exeIFEO\delta2.exe: [Debugger] tasklist.exeIFEO\deltainstaller.exe: [Debugger] tasklist.exeIFEO\deltasetup.exe: [Debugger] tasklist.exeIFEO\deltatb.exe: [Debugger] tasklist.exeIFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exeIFEO\iminentsetup.exe: [Debugger] tasklist.exeIFEO\protectedsearch.exe: [Debugger] tasklist.exeIFEO\rjatydimofu.exe: [Debugger] tasklist.exeIFEO\searchprotection.exe: [Debugger] tasklist.exeIFEO\snapdo.exe: [Debugger] tasklist.exeIFEO\stinst32.exe: [Debugger] tasklist.exeIFEO\stinst64.exe: [Debugger] tasklist.exeIFEO\sweetimsetup.exe: [Debugger] tasklist.exeIFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exeStartup: C:\Users\Alana's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnkShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnkShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnkShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)Startup: C:\Users\shaber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\shaber\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll <===== ATTENTIONHKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll <===== ATTENTION ==================== Internet (Whitelisted) ==================== ProxyServer: lmhg7:80HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchURLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - DefaultScope {5ECDE222-74A1-4D08-801D-188310A29496} URL = http://search.yahoo.com/search?fr=mcafee&type=A011US105&p={SearchTerms}SearchScopes: HKCU - {5ECDE222-74A1-4D08-801D-188310A29496} URL = http://search.yahoo.com/search?fr=mcafee&type=A011US105&p={SearchTerms}SearchScopes: HKCU - {712A47CD-7C1B-4406-A8B9-097F7F546B6D} URL = SearchScopes: HKCU - {C7E37EC4-3211-4744-B795-4CCB32984834} URL = BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll No FileBHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No FileBHO-x32: Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()BHO-x32: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll No FileBHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Toolbar: HKLM-x32 - Dell Toolbar - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll ()Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileToolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No FileDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No FileHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No FileHandler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll ()FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\shaber\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\shaber\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\shaber\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xmlFF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-07-17]FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-10-19]FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010-12-21]FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-03-07]FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-06-24]FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisorFF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-05-13]FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKFF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-05-13] Chrome: =======CHR HomePage: CHR StartupUrls: "https://www.google.com/"CHR DefaultSearchKeyword: mcafeeCHR DefaultSearchProvider: McAfeeCHR DefaultSearchURL: http://search.yahoo.com/search?fr=mcafee&type=A211US105&p={searchTerms}CHR DefaultNewTabURL: CHR Plugin: (Remoting Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Users\shaber\AppData\Local\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Users\shaber\AppData\Local\Google\Chrome\Application\34.0.1847.137\pdf.dll ()CHR Plugin: (Shockwave Flash) - C:\Users\shaber\AppData\Local\Google\Chrome\Application\34.0.1847.137\gcswf32.dll No FileCHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No FileCHR Plugin: (McAfee SiteAdvisor) - C:\Users\shaber\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll No FileCHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)CHR Plugin: (Skype Toolbars) - C:\Users\shaber\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll No FileCHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No FileCHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No FileCHR Plugin: (Java Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No FileCHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\14\NP_wtapp.dll No FileCHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()CHR Plugin: (Unity Player) - C:\Users\shaber\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)CHR Plugin: (Google Update) - C:\Users\shaber\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No FileCHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No FileCHR Extension: (Google Drive) - C:\Users\shaber\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-12]CHR Extension: (YouTube) - C:\Users\shaber\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]CHR Extension: (Google Search) - C:\Users\shaber\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]CHR Extension: (SiteAdvisor) - C:\Users\shaber\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2012-12-12]CHR Extension: (Skype Click to Call) - C:\Users\shaber\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-11-08]CHR Extension: (Google Wallet) - C:\Users\shaber\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]CHR Extension: (Gmail) - C:\Users\shaber\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-04-20]CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]CHR StartMenuInternet: Google Chrome - C:\Users\shaber\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)S2 0016741400295544mcinstcleanup; C:\Windows\TEMP\001674~1.EXE [836168 2014-03-13] (McAfee, Inc.)R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation)R2 dleaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe [45224 2010-05-21] ()R2 dlea_device; C:\Windows\system32\dleacoms.exe [1052328 2010-05-21] ( )R2 dlea_device; C:\Windows\SysWOW64\dleacoms.exe [602792 2009-07-01] ( )S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-03] (WildTangent)R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-12-13] (Garmin Ltd or its subsidiaries)R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [350792 2013-09-13] (Verizon)R3 iPod Service; C:\Program Files (x86)\iPod\bin\iPodService.exe [641352 2014-02-21] (Apple Inc.)R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-03-17] (McAfee, Inc.)R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-03-17] (McAfee, Inc.)R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [120728 2012-10-02] ()R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 Office Depot PC Support Agent; C:\Program Files (x86)\Office Depot PC Support Agent\esService.exe [1005144 2014-01-22] (Support.com, Inc.)R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe [244736 2010-02-26] (IDT, Inc.)R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) ==================== Drivers (Whitelisted) ==================== R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-03-17] (McAfee, Inc.)S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-05-18] (Malwarebytes Corporation)R0 McPvDrv; C:\Windows\System32\drivers\McPvDrv.sys [74560 2013-09-09] (McAfee, Inc.)S2 MCSTRM; No ImagePathR3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-03-17] (McAfee, Inc.)R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-03-17] (McAfee, Inc.)S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [41032 2009-06-18] (McAfee, Inc.)R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-03-17] (McAfee, Inc.)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-03-17] (McAfee, Inc.)R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [40904 2009-11-04] (McAfee, Inc.)S3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [49480 2009-11-04] (McAfee, Inc.)R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [345456 2014-03-17] (McAfee, Inc.)S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)S1 SBRE; C:\Windows\SysWOW64\drivers\SBREdrv.sys [93872 2009-08-05] (Sunbelt Software)S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()S0 TfFsMon; system32\drivers\TfFsMon.sys [X]S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]S0 TfSysMon; system32\drivers\TfSysMon.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-18 16:50 - 2014-05-18 16:51 - 00035479 _____ () C:\Users\shaber\Downloads\FRST.txt2014-05-18 16:49 - 2014-05-18 16:50 - 00000000 ____D () C:\FRST2014-05-18 16:47 - 2014-05-18 16:48 - 02067456 _____ (Farbar) C:\Users\shaber\Downloads\FRST64.exe2014-05-18 16:43 - 2014-05-18 16:43 - 00001249 _____ () C:\Users\shaber\Documents\mbam 5-18-14.txt2014-05-18 10:38 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll2014-05-18 10:35 - 2014-05-18 10:38 - 00000000 ____D () C:\AdwCleaner2014-05-18 10:33 - 2014-05-18 10:33 - 00929416 _____ (CNET Download.com) C:\Users\shaber\Downloads\cbsidlm-cbsi188-AdwCleaner-SEO-75851221.exe2014-05-17 15:42 - 2014-05-17 15:42 - 00001810 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk2014-05-17 15:42 - 2014-05-17 15:42 - 00000000 ____D () C:\Users\shaber\AppData\Roaming\SUPERAntiSpyware.com2014-05-17 15:42 - 2014-05-17 15:42 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com2014-05-17 15:42 - 2014-05-17 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware2014-05-17 15:42 - 2014-05-17 15:42 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware2014-05-17 15:39 - 2014-05-17 15:40 - 19166520 _____ (SUPERAntiSpyware) C:\Users\shaber\Downloads\SUPERAntiSpyware.exe2014-05-15 22:21 - 2014-05-15 22:21 - 00000000 ____D () C:\Users\shaber\AppData\Roaming\DropboxMaster2014-05-15 22:21 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2014-05-15 22:20 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2014-05-15 22:20 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2014-05-15 22:20 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2014-05-15 22:20 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2014-05-15 22:20 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2014-05-15 22:20 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2014-05-15 22:20 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2014-05-15 22:20 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2014-05-15 22:20 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2014-05-15 22:20 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2014-05-15 22:20 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll2014-05-15 22:20 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll2014-05-15 22:20 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2014-05-15 22:20 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2014-05-15 22:20 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2014-05-15 22:20 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2014-05-15 22:20 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll2014-05-15 22:20 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe2014-05-15 22:20 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll2014-05-15 22:20 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll2014-05-15 22:20 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll2014-05-15 22:20 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll2014-05-15 22:20 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll2014-05-15 22:20 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2014-05-15 22:20 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2014-05-15 22:20 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2014-05-15 22:20 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2014-05-15 22:20 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll2014-05-15 22:20 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2014-05-15 22:20 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2014-05-15 22:20 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2014-05-15 22:20 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2014-05-15 22:20 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll2014-05-15 22:20 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll2014-05-15 22:20 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll2014-05-15 22:20 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll2014-05-15 22:20 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll2014-05-15 22:20 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll2014-05-15 22:20 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2014-05-15 22:20 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll2014-05-15 03:12 - 2014-05-06 00:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-15 03:12 - 2014-05-06 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-15 03:12 - 2014-05-05 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-05-15 03:12 - 2014-05-05 23:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-05-15 03:12 - 2014-05-05 23:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-05-15 03:12 - 2014-05-05 22:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-05-14 19:56 - 2014-05-09 02:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-05-14 19:56 - 2014-05-09 02:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-05-14 19:56 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll2014-05-14 19:56 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll2014-05-09 21:58 - 2014-05-18 16:38 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2477104216-3071022368-541353855-1001UA1cf6bf34c202d8e.job2014-05-09 21:58 - 2014-05-17 22:03 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2477104216-3071022368-541353855-1001Core1cf6bf34bae5744.job2014-05-09 21:58 - 2014-05-09 21:58 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2477104216-3071022368-541353855-1001UA1cf6bf34c202d8e2014-05-09 21:58 - 2014-05-09 21:58 - 00003488 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2477104216-3071022368-541353855-1001Core1cf6bf34bae57442014-05-06 03:01 - 2014-05-15 03:30 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-04-27 17:37 - 2014-04-27 17:37 - 00000000 __SHD () C:\Users\shaber\AppData\Local\EmieUserList2014-04-27 17:37 - 2014-04-27 17:37 - 00000000 __SHD () C:\Users\shaber\AppData\Local\EmieSiteList2014-04-27 08:31 - 2014-04-27 08:31 - 00000219 _____ () C:\Users\shaber\Desktop\Team Fortress 2.url2014-04-22 21:13 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys2014-04-20 22:59 - 2014-03-06 05:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-04-20 22:59 - 2014-03-06 04:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-04-20 22:59 - 2014-03-06 04:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-04-20 22:59 - 2014-03-06 04:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-04-20 22:59 - 2014-03-06 04:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-04-20 22:59 - 2014-03-06 04:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-04-20 22:59 - 2014-03-06 04:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-04-20 22:59 - 2014-03-06 04:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-04-20 22:59 - 2014-03-06 04:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-04-20 22:59 - 2014-03-06 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-04-20 22:59 - 2014-03-06 04:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-04-20 22:59 - 2014-03-06 04:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-04-20 22:59 - 2014-03-06 04:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-04-20 22:59 - 2014-03-06 04:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-04-20 22:59 - 2014-03-06 04:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-04-20 22:59 - 2014-03-06 04:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-04-20 22:59 - 2014-03-06 04:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-04-20 22:59 - 2014-03-06 03:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-04-20 22:59 - 2014-03-06 03:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-04-20 22:59 - 2014-03-06 03:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-04-20 22:59 - 2014-03-06 03:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-04-20 22:59 - 2014-03-06 03:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-04-20 22:59 - 2014-03-06 03:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-04-20 22:59 - 2014-03-06 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-04-20 22:59 - 2014-03-06 03:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-04-20 22:59 - 2014-03-06 03:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-04-20 22:59 - 2014-03-06 03:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-04-20 22:59 - 2014-03-06 03:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-04-20 22:59 - 2014-03-06 03:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-04-20 22:59 - 2014-03-06 03:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-04-20 22:59 - 2014-03-06 03:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-04-20 22:59 - 2014-03-06 03:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-04-20 22:59 - 2014-03-06 02:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-04-20 22:59 - 2014-03-06 02:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-04-20 22:59 - 2014-03-06 02:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-04-20 22:59 - 2014-03-06 01:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-04-20 22:59 - 2014-03-06 01:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-04-20 22:59 - 2014-03-06 01:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-04-20 22:59 - 2014-03-06 01:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-04-20 22:59 - 2014-03-06 01:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-04-20 22:58 - 2014-03-06 04:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-04-20 22:58 - 2014-03-06 03:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-04-20 22:58 - 2014-03-06 02:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-04-20 22:58 - 2014-03-06 02:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-04-20 18:31 - 2014-04-20 18:01 - 00007142 _____ () C:\Users\shaber\ipconfig.all.txt ==================== One Month Modified Files and Folders ======= 2014-05-18 16:51 - 2014-05-18 16:50 - 00035479 _____ () C:\Users\shaber\Downloads\FRST.txt2014-05-18 16:51 - 2014-03-02 19:46 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask2014-05-18 16:50 - 2014-05-18 16:49 - 00000000 ____D () C:\FRST2014-05-18 16:48 - 2014-05-18 16:47 - 02067456 _____ (Farbar) C:\Users\shaber\Downloads\FRST64.exe2014-05-18 16:47 - 2013-05-13 18:09 - 00001846 _____ () C:\Users\Public\Desktop\McAfee Total Protection.lnk2014-05-18 16:47 - 2013-05-13 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee2014-05-18 16:43 - 2014-05-18 16:43 - 00001249 _____ () C:\Users\shaber\Documents\mbam 5-18-14.txt2014-05-18 16:38 - 2014-05-09 21:58 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2477104216-3071022368-541353855-1001UA1cf6bf34c202d8e.job2014-05-18 16:38 - 2009-07-14 01:10 - 01530584 _____ () C:\Windows\WindowsUpdate.log2014-05-18 12:54 - 2014-04-05 18:45 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-05-18 12:10 - 2012-09-20 20:01 - 00089088 ___SH () C:\Users\shaber\Documents\Thumbs.db2014-05-18 10:38 - 2014-05-18 10:35 - 00000000 ____D () C:\AdwCleaner2014-05-18 10:33 - 2014-05-18 10:33 - 00929416 _____ (CNET Download.com) C:\Users\shaber\Downloads\cbsidlm-cbsi188-AdwCleaner-SEO-75851221.exe2014-05-18 00:48 - 2010-03-24 22:30 - 00149899 _____ () C:\ProgramData\dlea.log2014-05-18 00:47 - 2014-03-02 22:05 - 00000000 ____D () C:\ProgramData\Norton2014-05-18 00:29 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF2014-05-18 00:18 - 2010-11-16 22:33 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C423BC85-4ABA-45D3-93BE-2C22D1DA1204}2014-05-17 22:03 - 2014-05-09 21:58 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2477104216-3071022368-541353855-1001Core1cf6bf34bae5744.job2014-05-17 22:00 - 2014-03-22 16:49 - 00000000 ____D () C:\Users\shaber\AppData\Roaming\QuickScan2014-05-17 15:42 - 2014-05-17 15:42 - 00001810 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk2014-05-17 15:42 - 2014-05-17 15:42 - 00000000 ____D () C:\Users\shaber\AppData\Roaming\SUPERAntiSpyware.com2014-05-17 15:42 - 2014-05-17 15:42 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com2014-05-17 15:42 - 2014-05-17 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware2014-05-17 15:42 - 2014-05-17 15:42 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware2014-05-17 15:40 - 2014-05-17 15:39 - 19166520 _____ (SUPERAntiSpyware) C:\Users\shaber\Downloads\SUPERAntiSpyware.exe2014-05-16 23:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache2014-05-16 22:58 - 2012-12-12 20:08 - 00000000 ____D () C:\Program Files\Common Files\McAfee2014-05-16 22:49 - 2013-06-20 21:47 - 00000000 ____D () C:\Users\shaber\AppData\Roaming\Dropbox2014-05-15 22:53 - 2009-07-14 00:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-05-15 22:53 - 2009-07-14 00:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-05-15 22:48 - 2013-06-20 21:51 - 00000000 ___RD () C:\Users\shaber\Dropbox2014-05-15 22:48 - 2013-05-13 18:08 - 00000000 __RSD () C:\Users\shaber\Documents\McAfee Vaults2014-05-15 22:46 - 2010-03-24 21:22 - 00158283 _____ () C:\ProgramData\dleascan.log2014-05-15 22:44 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-05-15 22:43 - 2013-04-09 21:45 - 00017887 _____ () C:\Windows\setupact.log2014-05-15 22:21 - 2014-05-15 22:21 - 00000000 ____D () C:\Users\shaber\AppData\Roaming\DropboxMaster2014-05-15 22:21 - 2013-06-20 21:51 - 00001022 _____ () C:\Users\shaber\Desktop\Dropbox.lnk2014-05-15 22:21 - 2013-06-20 21:48 - 00000000 ____D () C:\Users\shaber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2014-05-15 22:21 - 2010-02-16 23:35 - 00000000 ___RD () C:\Users\shaber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-05-15 21:48 - 2011-06-15 16:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk2014-05-15 19:44 - 2010-02-16 23:39 - 00000000 ___RD () C:\Users\shaber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2014-05-15 03:31 - 2010-02-09 16:03 - 01159958 _____ () C:\Windows\PFRO.log2014-05-15 03:30 - 2014-05-06 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-05-15 03:12 - 2010-02-09 14:22 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-05-15 03:11 - 2013-07-19 03:01 - 00000000 ____D () C:\Windows\system32\MRT2014-05-15 03:07 - 2010-03-06 07:41 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-05-14 19:42 - 2012-03-22 18:13 - 00000000 ____D () C:\ProgramData\Sonos,_Inc2014-05-13 20:21 - 2013-12-23 11:01 - 00000000 ____D () C:\Program Files (x86)\Steam2014-05-11 16:37 - 2014-03-22 16:32 - 00000000 ____D () C:\Program Files (x86)\Office Depot PC Support Agent2014-05-09 21:58 - 2014-05-09 21:58 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2477104216-3071022368-541353855-1001UA1cf6bf34c202d8e2014-05-09 21:58 - 2014-05-09 21:58 - 00003488 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2477104216-3071022368-541353855-1001Core1cf6bf34bae57442014-05-09 02:14 - 2014-05-14 19:56 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-05-09 02:11 - 2014-05-14 19:56 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-05-06 00:40 - 2014-05-15 03:12 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-06 00:17 - 2014-05-15 03:12 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-05 23:25 - 2014-05-15 03:12 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-05-05 23:07 - 2014-05-15 03:12 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-05-05 23:00 - 2014-05-15 03:12 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-05-05 22:10 - 2014-05-15 03:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-04-27 17:37 - 2014-04-27 17:37 - 00000000 __SHD () C:\Users\shaber\AppData\Local\EmieUserList2014-04-27 17:37 - 2014-04-27 17:37 - 00000000 __SHD () C:\Users\shaber\AppData\Local\EmieSiteList2014-04-27 08:31 - 2014-04-27 08:31 - 00000219 _____ () C:\Users\shaber\Desktop\Team Fortress 2.url2014-04-27 08:31 - 2013-12-23 11:21 - 00000000 ____D () C:\Users\shaber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam2014-04-24 17:31 - 2012-10-08 08:03 - 00000000 ____D () C:\Users\shaber\AppData\Roaming\.minecraft2014-04-22 12:19 - 2013-02-24 20:45 - 00000000 ____D () C:\Users\shaber\Documents\Jake2014-04-21 12:41 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions2014-04-20 22:47 - 2013-10-08 20:04 - 00000000 ____D () C:\Program Files\HitmanPro2014-04-20 18:31 - 2010-02-16 23:35 - 00000000 ____D () C:\Users\shaber2014-04-20 18:01 - 2014-04-20 18:31 - 00007142 _____ () C:\Users\shaber\ipconfig.all.txt2014-04-20 14:42 - 2010-05-05 03:34 - 00000000 ____D () C:\Users\shaber\Documents\Jackie2014-04-19 09:26 - 2013-12-31 21:27 - 00000000 ____D () C:\Program Files\Microsoft Office 152014-04-19 09:08 - 2009-07-14 01:13 - 00831090 _____ () C:\Windows\system32\PerfStringBackup.INI Some content of TEMP:====================C:\Users\shaber\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppxkmhz.dllC:\Users\shaber\AppData\Local\Temp\Quarantine.exeC:\Users\shaber\AppData\Local\Temp\{397E31AA-0D78-4649-A01C-339D73A2ED35}_NSS_10225.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe[2014-05-15 22:20] - [2014-03-04 05:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C C:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-15 04:01 ==================== End Of Log ============================ AdwCleanerR0.txt Addition.txt
  2. Hi Has anyone had success getting rid of iLivid and Torch? iLivid prompt comes up everytime I turn on the PC. I've tried to run system checks and have also run Malwarebytes but no success. I have also tried to uninstall Torch. I looks like it goes through the uninstall motions and then asked for feedback on a website which I don't post. Just can't get rid of it. I've changed all the settings in I.E. and Chrome but just want to get rid of the bug. I've tried to get a reaction from both on their Facebook pages but no reply. If you've had the same and managed to get rid of it, if you could share your experience and explain how you got rid of it I would be extremely grateful.
  3. My computer was running fine, then I ran Malwarebytes quick scan. It said I had 40 PUPS, I was shocked. I tried to delete them, but Malwarebytes was not responding, so I closed it, and reran it. It only had about 16 PUPS left, It wouldn't respond again at the attempt to remove the malware. After reading info online, I deleted ilivid movie program - in reading some of the PUPS, it indicated movietoolkit, and I had recently download the ilivid program and I also disabled the add on Datamngr as was suggested online. I closed it and reran Malwarebytes quick scan again. At first it seemed to not be responding, but it didn't say so. I had someplace to go, so I left it on, and thought I would check when I got back. When I got back the computer was shut down - I'm thinking maybe it got hot and it shut down to save the CPU, but not sure. I restarted the computer, it appeared that the Malwarebytes had completed, and a box was open that said something like "Urgent - immediate shut down required to insure virus removal." So I shut down the computer, then tried to restart it. IT WON'T START!!!! Please help!
  4. Hi, I've been reinstalling my laptop for a while and suddenly I've noticed the iLivid webpage open on its own in firefox. I don't remember doing a lot of stupid things, but I did use a uxtheme.dll patcher that in hindsight may have been suspicious. NOD32 didn't pick anything up though, and when I ran malwarebytes it did find 3 objects but they seemed unrelated (I realize now that it might've been a good idea to save the log for that one, but alas I didn't). I saw this thread that seems to describe my problem pretty well but of course the steps taken were personalized so I'm not sure if I can apply it to my problem as well. My DDS results are included. Any help would be appreciated. attach.txt dds.txt
  5. I have been getting popups in all browers in the bottom right and left corners of my browser screen. It originall started as iLivid but now I also get on that covers the entire bottom of the browser screen from chitika. It is making my browsers unusable. Somerimes redirect me to other web sites. I have tried Malware Bytes with no errors, Security Essentionals with no errors, reset host file woth no effect. No process running , No unknown software program to remove Please Help, Tks dds.txt attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.