Jump to content

Cannot open Malwarebytes Anti-malware -- Chameleon would not work either


opus22

Recommended Posts

Google Chrome has been shutting down or strange ads have been appearing so I decided to run malwarebytes anti-malware (version installed last year), However, I could not open it. I tried all 13 Chameleon boxes but the program would not open.

 

I uninstalled the version of malwarebytes anti-malware and tried to reinstall but the following error messages came up during the install process:
"Internal Error: Expression error; Runtime error (at 79:177); External exception E06D7363"

 

and

 

"Internal Error: Expression error; Runtime error (at 69:252); External exception E06D7363"

 

The install completed but I cannot open the anti-malware program.

Link to post
Share on other sites

I'm sorry -- here are the results of the Farbar Scan -- I did not add that when I started this topic. Because of the length, I have to put into 2 separate posts 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014
Ran by Aaron G (administrator) on AARONG-PC on 28-09-2014 10:54:43
Running from C:\Users\Aaron G\Downloads
Loaded Profile: Aaron G (Available profiles: Aaron G & Aaron's iphone)
Platform: Windows 7 Home Premium (X64) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
(Affinegy, Inc.) C:\Program Files (x86)\Time Warner Cable\TWC WiFi\AffinegyService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Dropbox, Inc.) C:\Users\Aaron G\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Affinegy, Inc.) C:\Program Files (x86)\Time Warner Cable\TWC WiFi\TrayApp.exe
() C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Affinegy, Inc.) C:\Program Files (x86)\Time Warner Cable\TWC WiFi\TWC WiFi.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\mcmigrator.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSM\McSmtFwk.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1909032 2010-01-14] (Synaptics Incorporated)
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-20] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3168336 2009-11-03] (Dell Inc.)
HKLM\...\Run: [intelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1926928 2009-09-21] (Intel® Corporation)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680 2010-02-09] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-10-15] ()
HKLM-x32\...\Run: [DellSupportCenter] => C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [300472 2010-05-12] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [106496 2014-01-22] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [DigiDo] => C:\Program Files (x86)\Time Warner Cable\TWC WiFi\TrayApp.exe [1158480 2013-02-27] (Affinegy, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [560128 2011-09-18] (Dell)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [165184 2010-05-21] (Softthinks)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1349641208-1990007855-262660626-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1349641208-1990007855-262660626-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-1349641208-1990007855-262660626-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-1349641208-1990007855-262660626-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-1349641208-1990007855-262660626-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
HKU\S-1-5-21-1349641208-1990007855-262660626-1000\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [146888 2014-08-21] (PC Utilities Software Limited)
HKU\S-1-5-21-1349641208-1990007855-262660626-1000\...\MountPoints2: {1b3f79c0-3638-11e0-a4da-5c260a13bf54} - E:\AutorunCM.exe
Startup: C:\Users\Aaron G\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Aaron G\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Aaron G\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Aaron G\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Aaron's iphone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {9FE74412-E561-498E-A7BF-8E8F9119F280} URL = 
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: saoferrwEB -> {557d9ebb-546d-49a2-8e06-5e967f156878} -> C:\ProgramData\saoferrwEB\gas3DXy0IMIsim.x64.dll ()
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files\McAfee\MSK\mskapbho.dll ()
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{BB9B2CFB-D95F-419E-AD4D-8F72139B370B}: [NameServer] 0.0.0.0
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Aaron G\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2014-01-09]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2010-10-26]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> 747A8395A34D81449B9EA84EDBC84AF7630B083DF2F5F2C0F8B1F38CD0F10F1F
CHR DefaultSearchURL: Default -> 64BEE9F587A229FF1528D637C1400FE50BFAF0C05259A178D0F5BE122D0DF8F1
CHR Profile: C:\Users\Aaron G\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Aaron G\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-01]
CHR Extension: (Google Drive) - C:\Users\Aaron G\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Aaron G\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (YouTube) - C:\Users\Aaron G\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-01]
CHR Extension: (McAfee Security Scan+) - C:\Users\Aaron G\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-22]
CHR Extension: (Google Search) - C:\Users\Aaron G\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-01]
CHR Extension: (SurfPatrol) - C:\Users\Aaron G\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkppgpkggbadgdkdjephjfpmblapdcpb [2014-09-28]
CHR Extension: (Skype Click to Call) - C:\Users\Aaron G\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-12-01]
CHR Extension: (Google Wallet) - C:\Users\Aaron G\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-01]
CHR Extension: (Gmail) - C:\Users\Aaron G\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 70e6ca8c; c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll [3541448 2014-09-06] ()
R2 AffinegyService; C:\Program Files (x86)\Time Warner Cable\TWC WiFi\AffinegyService.exe [592720 2013-02-27] (Affinegy, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7393280 2014-01-22] (LeapFrog Enterprises, Inc.) [File not signed]
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [315664 2009-09-21] ()
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-08-21] (IBM Corp.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [244736 2010-01-20] (IDT, Inc.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R1 RapportCerberus_80049; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80049.sys [768184 2014-09-06] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [444184 2014-08-21] (IBM Corp.)
S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [536984 2014-08-21] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [563096 2014-08-21] (IBM Corp.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 cpuz134; \??\C:\Users\AARONG~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-28 10:54 - 2014-09-28 10:55 - 00028416 _____ () C:\Users\Aaron G\Downloads\FRST.txt
2014-09-28 10:54 - 2014-09-28 10:54 - 02108928 _____ (Farbar) C:\Users\Aaron G\Downloads\FRST64.exe
2014-09-28 10:54 - 2014-09-28 10:54 - 00000000 ____D () C:\FRST
2014-09-28 10:53 - 2014-09-28 10:53 - 01100288 _____ (Farbar) C:\Users\Aaron G\Downloads\FRST.exe
2014-09-28 10:25 - 2014-09-28 10:25 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-28 10:25 - 2014-09-28 10:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-28 10:25 - 2014-09-28 10:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-28 10:25 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-28 10:25 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-28 10:25 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-28 10:19 - 2014-09-28 10:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Aaron G\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-09-28 09:28 - 2014-09-28 09:28 - 00000000 ____D () C:\Users\Aaron G\AppData\Roaming\McAfee
2014-09-28 08:55 - 2014-09-28 08:57 - 00000000 ____D () C:\Users\Aaron G\AppData\Local\{4D086663-9C1B-4810-B0F8-E9B226F8C8C2}
2014-09-28 08:48 - 2014-09-28 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-28 08:17 - 2014-09-28 08:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Aaron G\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-28 08:12 - 2014-09-28 08:13 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Aaron G\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-28 08:01 - 2014-09-28 08:02 - 00000000 ____D () C:\ProgramData\saoferrwEB
2014-09-28 07:41 - 2014-09-28 07:41 - 00000000 ____D () C:\ProgramData\CouponFactor
2014-09-27 21:34 - 2014-09-28 08:02 - 00000000 ____D () C:\ProgramData\634effb6e7599364
2014-09-27 20:55 - 2014-09-27 20:55 - 00000000 ____D () C:\Users\Aaron G\AppData\Local\{1876DDB9-9AC4-492D-96D4-6C3854AF6BA9}
2014-09-27 08:37 - 2014-09-27 08:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-09-27 08:36 - 2014-09-27 08:36 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-27 08:36 - 2014-09-27 08:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-27 08:34 - 2014-09-27 08:35 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-27 08:34 - 2014-09-27 08:35 - 00000000 ____D () C:\Program Files\iTunes
2014-09-27 08:34 - 2014-09-27 08:34 - 00000000 ____D () C:\Program Files\iPod
2014-09-26 07:16 - 2014-09-27 08:13 - 00000000 ____D () C:\Users\Aaron G\AppData\Local\{F042C345-021A-4CDB-8E3D-55C55FEA0BB4}
2014-09-25 17:31 - 2014-09-25 17:31 - 00000000 ____D () C:\Users\Aaron G\AppData\Local\{377BB399-ACD5-4951-9E2D-5B588A75CA30}
2014-09-21 09:46 - 2014-09-24 19:57 - 00000000 ____D () C:\Users\Aaron G\AppData\Local\{C11D0033-49A7-45B3-96F7-05AEB77A9581}
2014-09-20 19:27 - 2014-09-20 19:28 - 00000000 ____D () C:\Users\Aaron G\AppData\Local\{6D3020AC-0265-43BE-A02D-EDB12F2CC113}
2014-09-20 07:26 - 2014-09-20 07:26 - 00000000 ____D () C:\Users\Aaron G\AppData\Local\{81F8F9BA-A640-4870-A4EF-C9E0DF78E093}
2014-09-19 19:25 - 2014-09-19 19:25 - 00000000 ____D () C:\Users\Aaron G\AppData\Local\{B4506D43-C847-4733-B9EC-C7F730FADB19}
2014-09-18 17:12 - 2014-09-18 17:12 - 00000000 ____D () C:\Users\Aaron G\AppData\Local\{B8BD17BB-A254-4EEC-92FD-B4D617AED0EE}
2014-09-18 13:24 - 2014-09-18 13:24 - 00000000 ____D () C:\Users\Aaron G\AppData\Local\{006EFFF9-D556-4B96-9968-59C5B7E43D25}
2014-09-16 23:15 - 2014-09-16 23:15 - 00083312 _____ (Premium Installer ) C:\Users\Aaron G\Downloads\fl_setup.exe
2014-09-16 22:19 - 2014-09-16 22:19 - 00000329 _____ () C:\Users\Aaron G\Desktop\HP Printer Diagnostic Tools.url
2014-09-14 17:44 - 2014-09-17 10:29 - 00000000 ____D () C:\Users\Aaron G\AppData\Local\{5281F035-5224-4995-A385-051F41D38A2F}
2014-09-11 17:19 - 2014-09-11 17:19 - 00000000 ____D () C:\Users\Aaron G\AppData\Local\{779E2893-038C-4170-924B-F6ADF1B7E0EA}
2014-09-09 17:21 - 2014-09-04 22:01 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-09 17:21 - 2014-09-04 21:55 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-07 07:04 - 2014-09-10 16:45 - 00000000 ____D () C:\Users\Aaron G\AppData\Local\{DBEE445C-A789-46CF-8811-B5BC7E983E3D}
2014-09-07 07:04 - 2014-09-07 07:04 - 00000041 _____ () C:\Users\Aaron G\AppData\Roaming\WB.CFG
2014-09-06 22:23 - 2014-09-28 10:23 - 00000302 _____ () C:\Windows\Tasks\UpdaterEX.job
2014-09-06 22:23 - 2014-09-06 22:23 - 00003248 _____ () C:\Windows\System32\Tasks\UpdaterEX
2014-09-06 22:23 - 2014-09-06 22:23 - 00000000 ____D () C:\Users\Aaron G\AppData\Roaming\UpdaterEX
2014-09-06 22:16 - 2014-09-06 22:16 - 00001064 _____ () C:\Users\Aaron G\Desktop\Optimizer Pro.lnk
2014-09-06 22:16 - 2014-09-06 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-09-06 22:16 - 2014-09-06 22:16 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-09-06 22:15 - 2014-09-06 22:15 - 18607792 _____ (Adobe Systems Incorporated) C:\Users\Aaron G\Downloads\install_flash_player_ax.exe
2014-09-06 21:59 - 2014-09-06 21:59 - 00857696 _____ ( ) C:\Users\Aaron G\Downloads\Adobe_Flash_Setup.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-28 10:48 - 2010-11-10 22:18 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-28 10:20 - 2013-01-08 10:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-28 10:19 - 2009-07-14 00:45 - 00019520 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-28 10:19 - 2009-07-14 00:45 - 00019520 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-28 10:16 - 2009-07-14 01:13 - 00005396 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-28 10:14 - 2009-07-14 01:10 - 01194793 _____ () C:\Windows\WindowsUpdate.log
2014-09-28 10:13 - 2013-07-24 15:17 - 00000000 ___RD () C:\Users\Aaron G\Dropbox
2014-09-28 10:13 - 2013-07-24 15:13 - 00000000 ____D () C:\Users\Aaron G\AppData\Roaming\Dropbox
2014-09-28 10:11 - 2011-01-23 07:09 - 00000000 ____D () C:\Users\Aaron G\Tracing
2014-09-28 10:11 - 2010-10-23 11:47 - 00000000 ____D () C:\Users\Aaron G\AppData\Local\SoftThinks
2014-09-28 10:10 - 2010-11-10 22:18 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-28 10:10 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-28 10:10 - 2009-07-14 00:51 - 00047483 _____ () C:\Windows\setupact.log
2014-09-28 09:09 - 2010-10-12 18:32 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-28 09:09 - 2010-10-12 18:32 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-28 08:41 - 2010-10-12 20:04 - 00137774 _____ () C:\Windows\PFRO.log
2014-09-27 20:57 - 2012-12-29 16:12 - 00000000 ____D () C:\Users\Aaron G\AppData\Local\E2EEA4AC-FE29-4BB1-A7BE-512B883FE65B.aplzod
2014-09-27 08:35 - 2012-09-30 21:23 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-26 12:52 - 2013-07-15 13:26 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-26 07:09 - 2013-01-08 10:34 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-26 07:09 - 2013-01-08 10:34 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-26 07:09 - 2011-08-01 19:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 13:25 - 2014-01-09 11:07 - 00000000 ____D () C:\Users\Aaron G\AppData\Roaming\HpUpdate
2014-09-18 17:16 - 2011-06-29 18:27 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-18 17:15 - 2013-07-24 15:17 - 00001028 _____ () C:\Users\Aaron G\Desktop\Dropbox.lnk
2014-09-18 17:15 - 2013-07-24 15:14 - 00000000 ____D () C:\Users\Aaron G\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-15 09:06 - 2012-12-30 22:57 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-10 03:26 - 2012-08-13 21:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 03:24 - 2014-07-11 03:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 03:24 - 2013-07-14 10:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 03:02 - 2011-06-29 22:30 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-06 22:34 - 2010-10-12 18:32 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-09-06 22:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-06 21:53 - 2013-08-20 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2014-09-06 13:35 - 2014-08-13 07:02 - 00000000 ____D () C:\Users\Aaron G\AppData\Local\{4AB5B364-4281-4EA5-8C79-5195A1B0448E}
2014-09-02 20:35 - 2012-08-16 22:36 - 00000000 ____D () C:\Users\Aaron G\Documents\Outlook Files
 
Some content of TEMP:
====================
C:\Users\Aaron G\AppData\Local\Temp\D983.exe
C:\Users\Aaron G\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzhuw3f.dll
C:\Users\Aaron G\AppData\Local\Temp\ICSW_0M1T1L1G1V0D0L0M.exe
C:\Users\Aaron G\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Aaron G\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Aaron G\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Aaron G\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Aaron G\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Aaron G\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Aaron G\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Aaron G\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Aaron G\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Aaron G\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Aaron G\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Aaron G\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Aaron G\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Aaron G\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Aaron G\AppData\Local\Temp\optprosetup.exe
C:\Users\Aaron G\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Aaron G\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Aaron G\AppData\Local\Temp\_hz1hlf2.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-26 07:08
 
==================== End Of Log ============================

 

 

 
Link to post
Share on other sites

Here is the results from the other Farbar text file

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2014
Ran by Aaron G at 2014-09-28 10:56:03
Running from C:\Users\Aaron G\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.10 (HKLM-x32\...\DPP) (Version: 3.10.2.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.0.204 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.)
Citrix online plug-in - web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.0.3.6 - Citrix Systems, Inc.)
Citrix online plug-in (DV) (x32 Version: 12.0.3.6 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (HDX) (x32 Version: 12.0.3.6 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (USB) (x32 Version: 12.0.3.6 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (Web) (x32 Version: 12.0.3.6 - Citrix Systems, Inc.) Hidden
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
CouponFactor (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - CouponFactor) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version:  - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.40 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0011 - Dell, Inc.)
Dell Dock (HKLM-x32\...\Dell Dock) (Version:  - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Extended Update (HKCU\...\UpdaterEX) (Version:  - Extended Update) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{2D5E3D2B-919F-407C-8757-E64827518BB6}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{F792E5B0-11C4-4C68-8A63-FB5F52749180}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Intel® Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 5.3.0.18537 - LeapFrog)
LeapFrog Connect (x32 Version: 5.3.0.18537 - LeapFrog) Hidden
LeapFrog LeapReader Plugin (x32 Version: 5.2.4.18512 - LeapFrog) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 7.5.0.3093 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version:  - ) <==== ATTENTION
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.3.2 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rapport (Version: 3.5.1201.94 - Trusteer) Hidden
Rapport (x32 Version: 3.5.1403.78 - Trusteer) Hidden
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
Roxio Burn (x32 Version: 1.01 - Roxio) Hidden
saoferrwEB (HKLM-x32\...\{5F488658-35A7-2AB8-A756-560BA8F103C3}) (Version:  - "")
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.3.0 - Synaptics Incorporated)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1403.78 - Trusteer)
TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version:  - Intuit, Inc)
TurboTax 2010 WinPerFedFormset (x32 Version: 010.000.4227 - Intuit Inc.) Hidden
TurboTax 2010 WinPerReleaseEngine (x32 Version: 010.000.0483 - Intuit Inc.) Hidden
TurboTax 2010 WinPerTaxSupport (x32 Version: 010.000.0214 - Intuit Inc.) Hidden
TurboTax 2010 wohiper (x32 Version: 010.000.1322 - Intuit Inc.) Hidden
TurboTax 2010 wrapper (x32 Version: 010.000.0157 - Intuit Inc.) Hidden
TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version:  - Intuit, Inc)
TurboTax 2011 WinPerFedFormset (x32 Version: 011.000.3351 - Intuit Inc.) Hidden
TurboTax 2011 WinPerReleaseEngine (x32 Version: 011.000.0496 - Intuit Inc.) Hidden
TurboTax 2011 WinPerTaxSupport (x32 Version: 011.000.0222 - Intuit Inc.) Hidden
TurboTax 2011 wohiper (x32 Version: 011.000.1629 - Intuit Inc.) Hidden
TurboTax 2011 wrapper (x32 Version: 011.000.0121 - Intuit Inc.) Hidden
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2309 - Intuit Inc.) Hidden
TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0474 - Intuit Inc.) Hidden
TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0186 - Intuit Inc.) Hidden
TurboTax 2012 wohiper (x32 Version: 012.000.1529 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) Hidden
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2013 WinPerFedFormset (x32 Version: 013.000.1986 - Intuit Inc.) Hidden
TurboTax 2013 WinPerReleaseEngine (x32 Version: 013.000.0492 - Intuit Inc.) Hidden
TurboTax 2013 WinPerTaxSupport (x32 Version: 013.000.0168 - Intuit Inc.) Hidden
TurboTax 2013 wohiper (x32 Version: 013.000.1364 - Intuit Inc.) Hidden
TurboTax 2013 wrapper (x32 Version: 013.000.0135 - Intuit Inc.) Hidden
TWC WiFi (HKLM-x32\...\TWC WiFi_is1) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapReader Plugin) (HKLM-x32\...\LeapReaderPlugin) (Version:  - LeapFrog)
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1349641208-1990007855-262660626-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Aaron G\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1349641208-1990007855-262660626-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aaron G\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1349641208-1990007855-262660626-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aaron G\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1349641208-1990007855-262660626-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aaron G\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1349641208-1990007855-262660626-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aaron G\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1349641208-1990007855-262660626-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aaron G\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1349641208-1990007855-262660626-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aaron G\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1349641208-1990007855-262660626-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aaron G\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1349641208-1990007855-262660626-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aaron G\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
03-09-2014 00:43:23 Windows Update
07-09-2014 01:52:18 Installed Rapport
09-09-2014 21:21:15 Windows Update
10-09-2014 07:00:40 Windows Update
16-09-2014 22:18:54 Windows Update
19-09-2014 23:29:48 Windows Update
23-09-2014 21:00:40 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {37D0CCED-5975-4C90-8382-81377AEE24E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-10] (Google Inc.)
Task: {597722B5-E1E3-4A9A-AE30-2C63247C1B8D} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2011-09-09] (Hewlett-Packard Co.)
Task: {87E621FC-3223-44CD-AA9F-AC4E3006FC66} - System32\Tasks\UpdaterEX => C:\Users\AARONG~1\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {8ADA7145-D785-4F66-B536-2DF516DE9108} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-26] (Adobe Systems Incorporated)
Task: {B7B866B1-EB25-4E5E-93DF-836571BC40E9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C4256934-83D1-4B7C-B451-38A7FA6CC598} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-10] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\AARONG~1\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2009-09-21 15:04 - 2009-09-21 15:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-10-12 18:21 - 2010-05-21 13:00 - 00783680 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
2009-09-21 15:04 - 2009-09-21 15:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-02-14 04:31 - 2013-02-14 04:31 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\44c097f1ffbd769564fe85f295286523\VistaBridgeLibrary.ni.dll
2010-02-09 14:34 - 2010-02-09 14:34 - 01807680 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2009-10-15 04:10 - 2009-10-15 04:10 - 00498160 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2009-09-21 16:03 - 2009-09-21 16:03 - 00315664 _____ () C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
2014-09-06 22:16 - 2014-09-06 22:16 - 03541448 _____ () c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll
2014-01-02 17:08 - 2013-02-27 16:19 - 00023376 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\AffinegyServicePS.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-10-12 18:21 - 2010-05-21 12:58 - 00116032 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2010-10-12 18:21 - 2010-05-21 12:58 - 00128320 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2010-10-12 18:21 - 2010-05-21 12:58 - 01123648 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2010-10-12 18:21 - 2010-05-21 12:59 - 00079168 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2010-10-12 18:21 - 2010-05-21 12:58 - 00234816 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2010-10-12 18:21 - 2010-05-21 12:58 - 00075072 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2010-10-12 18:21 - 2010-05-21 12:58 - 00111936 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2010-10-12 18:21 - 2010-05-21 12:58 - 00121152 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2010-02-09 14:34 - 2010-02-09 14:34 - 00275776 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2010-02-09 14:34 - 2010-02-09 14:34 - 00058688 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2010-02-09 14:34 - 2010-02-09 14:34 - 00095552 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2010-02-09 14:34 - 2010-02-09 14:34 - 00152896 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2010-02-09 14:34 - 2010-02-09 14:34 - 00017728 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2014-09-28 10:12 - 2014-09-28 10:12 - 00043008 _____ () c:\Users\Aaron G\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzhuw3f.dll
2013-08-23 15:01 - 2013-08-23 15:01 - 25100288 _____ () C:\Users\Aaron G\AppData\Roaming\Dropbox\bin\libcef.dll
2014-01-02 17:08 - 2010-03-19 22:58 - 00325632 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\QtXml4.dll
2014-01-02 17:08 - 2010-03-19 22:58 - 01954304 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\QtCore4.dll
2014-01-02 17:08 - 2010-03-19 22:58 - 07187456 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\QtGui4.dll
2014-01-02 17:08 - 2010-03-19 22:58 - 00847360 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\QtNetwork4.dll
2014-01-02 17:08 - 2013-02-27 14:56 - 00309248 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\DigiDoFlavor.dll
2014-01-02 17:08 - 2012-01-31 15:43 - 00119808 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\imageformats\qjpeg4.dll
2014-01-02 17:08 - 2013-02-27 15:34 - 01781248 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\gateways\ArrisDG860ALOC.dll
2014-01-02 17:08 - 2013-02-27 15:30 - 01781248 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\gateways\ArrisTG852GLOC.dll
2014-01-02 17:08 - 2013-02-27 15:32 - 01781248 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\gateways\ArrisTG862GLOC.dll
2014-01-02 17:08 - 2013-02-27 15:25 - 01789952 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\gateways\MotorolaSBG900LOC.dll
2014-01-02 17:08 - 2013-02-27 15:29 - 01760256 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\gateways\NetgearWNR1000v3LOC.dll
2014-01-02 17:08 - 2013-02-27 15:35 - 01762816 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\gateways\UbeeDVW3201BLOC.dll
2011-03-26 14:21 - 2011-03-26 14:21 - 00854016 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
2011-03-26 14:21 - 2011-03-26 14:21 - 00476520 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-26 12:52 - 2014-09-23 00:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-26 12:52 - 2014-09-23 00:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-26 12:52 - 2014-09-23 00:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-26 12:52 - 2014-09-23 00:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-26 12:52 - 2014-09-23 00:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-26 12:52 - 2014-09-23 00:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Aaron G (S-1-5-21-1349641208-1990007855-262660626-1000 - Administrator - Enabled) => C:\Users\Aaron G
Aaron's iphone (S-1-5-21-1349641208-1990007855-262660626-1001 - Limited - Enabled) => C:\Users\Aaron's iphone
Administrator (S-1-5-21-1349641208-1990007855-262660626-500 - Administrator - Disabled)
Guest (S-1-5-21-1349641208-1990007855-262660626-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1349641208-1990007855-262660626-1003 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
Name: McAfee Inc. mfewfpk
Description: McAfee Inc. mfewfpk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: mfewfpk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/28/2014 10:27:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x1064
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/28/2014 10:26:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x180c
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (09/28/2014 10:19:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McSvHost.exe, version: 3.8.703.0, time stamp: 0x51f7deae
Faulting module name: McSvHost.exe, version: 3.8.703.0, time stamp: 0x51f7deae
Exception code: 0x40000015
Fault offset: 0x0000000000023799
Faulting process id: 0xbd4
Faulting application start time: 0xMcSvHost.exe0
Faulting application path: McSvHost.exe1
Faulting module path: McSvHost.exe2
Report Id: McSvHost.exe3
 
Error: (09/28/2014 10:16:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (09/28/2014 10:16:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (09/28/2014 10:16:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McSvHost.exe, version: 3.8.703.0, time stamp: 0x51f7deae
Faulting module name: McSvHost.exe, version: 3.8.703.0, time stamp: 0x51f7deae
Exception code: 0x40000015
Fault offset: 0x0000000000023799
Faulting process id: 0xc1c
Faulting application start time: 0xMcSvHost.exe0
Faulting application path: McSvHost.exe1
Faulting module path: McSvHost.exe2
Report Id: McSvHost.exe3
 
Error: (09/28/2014 10:13:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McSvHost.exe, version: 3.8.703.0, time stamp: 0x51f7deae
Faulting module name: McSvHost.exe, version: 3.8.703.0, time stamp: 0x51f7deae
Exception code: 0x40000015
Fault offset: 0x0000000000023799
Faulting process id: 0x1a80
Faulting application start time: 0xMcSvHost.exe0
Faulting application path: McSvHost.exe1
Faulting module path: McSvHost.exe2
Report Id: McSvHost.exe3
 
Error: (09/28/2014 10:12:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McSvHost.exe, version: 3.8.703.0, time stamp: 0x51f7deae
Faulting module name: McSvHost.exe, version: 3.8.703.0, time stamp: 0x51f7deae
Exception code: 0x40000015
Fault offset: 0x0000000000023799
Faulting process id: 0x1114
Faulting application start time: 0xMcSvHost.exe0
Faulting application path: McSvHost.exe1
Faulting module path: McSvHost.exe2
Report Id: McSvHost.exe3
 
Error: (09/28/2014 10:10:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: McSvHost.exe, version: 3.8.703.0, time stamp: 0x51f7deae
Faulting module name: McSvHost.exe, version: 3.8.703.0, time stamp: 0x51f7deae
Exception code: 0x40000015
Fault offset: 0x0000000000023799
Faulting process id: 0xc38
Faulting application start time: 0xMcSvHost.exe0
Faulting application path: McSvHost.exe1
Faulting module path: McSvHost.exe2
Report Id: McSvHost.exe3
 
Error: (09/28/2014 10:04:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x20e4
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
 
System errors:
=============
Error: (09/28/2014 10:19:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The McAfee VirusScan Announcer service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (09/28/2014 10:19:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Home Network service terminated unexpectedly.  It has done this 3 time(s).
 
Error: (09/28/2014 10:16:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Anti-Spam Service service terminated unexpectedly.  It has done this 3 time(s).
 
Error: (09/28/2014 10:16:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Platform Services service terminated unexpectedly.  It has done this 3 time(s).
 
Error: (09/28/2014 10:16:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The McAfee VirusScan Announcer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (09/28/2014 10:16:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The McAfee Home Network service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (09/28/2014 10:14:46 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Platform Services service, but this action failed with the following error: 
%%1056
 
Error: (09/28/2014 10:14:46 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Anti-Spam Service service, but this action failed with the following error: 
%%1056
 
Error: (09/28/2014 10:13:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The McAfee Anti-Spam Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (09/28/2014 10:13:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Proxy Service service terminated unexpectedly.  It has done this 3 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (09/28/2014 10:27:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd106401cfdb284d861e0dC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll8b867f21-471b-11e4-a82e-5c260a13bf54
 
Error: (09/28/2014 10:26:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd180c01cfdb2837ea2f4dC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll76671533-471b-11e4-a82e-5c260a13bf54
 
Error: (09/28/2014 10:19:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe3.8.703.051f7deaeMcSvHost.exe3.8.703.051f7deae400000150000000000023799bd401cfdb26fd09537fC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exeC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe83c3688e-471a-11e4-a82e-5c260a13bf54
 
Error: (09/28/2014 10:16:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (09/28/2014 10:16:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (09/28/2014 10:16:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe3.8.703.051f7deaeMcSvHost.exe3.8.703.051f7deae400000150000000000023799c1c01cfdb2670b6091aC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exeC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe14eb00c2-471a-11e4-a82e-5c260a13bf54
 
Error: (09/28/2014 10:13:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe3.8.703.051f7deaeMcSvHost.exe3.8.703.051f7deae4000001500000000000237991a8001cfdb26590999a0C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exeC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exea2bbf7c2-4719-11e4-a82e-5c260a13bf54
 
Error: (09/28/2014 10:12:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe3.8.703.051f7deaeMcSvHost.exe3.8.703.051f7deae400000150000000000023799111401cfdb2610fbd3c7C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exeC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe76f73c78-4719-11e4-a82e-5c260a13bf54
 
Error: (09/28/2014 10:10:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: McSvHost.exe3.8.703.051f7deaeMcSvHost.exe3.8.703.051f7deae400000150000000000023799c3801cfdb25fa08c182C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exeC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe4415bb00-4719-11e4-a82e-5c260a13bf54
 
Error: (09/28/2014 10:04:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd20e401cfdb250d89f3a7C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll4d43a3f1-4718-11e4-8734-5c260a13bf54
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-08-29 23:34:33.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-29 23:34:33.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-29 23:34:33.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 48%
Total physical RAM: 5812.55 MB
Available physical RAM: 2987.64 MB
Total Pagefile: 11623.23 MB
Available Pagefile: 8353.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:351.13 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: B14F877B)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.1 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

 

Uninnstall the following program, then re-boot:

 

C:\Program Files (x86)\Optimizer Pro

 

next,

 

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

next,

 

Please run a Threat Scan with MBAM.  If you're unable to run or complete the scan as shown below please see the following:  MBAM Clean Removal Process 2x

 

Follow the relevant steps and ensure to run mbam-clean tool after UNinstalling Malwarebytes.

 

When reinstalling the program please try the latest version from here:

 

http://www.malwarebytes.org/mwb-download/

 

Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link

Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.

Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.

Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

 

Let me see those logs in next reply..

 

Kevin...

 

 

 

Fixlist.txt

Link to post
Share on other sites

Will Malwarebytes run?

 

what popups do you get after removing optimizer pro,

 

PC Optimizer Pro is a registry cleaner program, which is promoted via other free downloads, and once installed it claims that several issues were been detected on your computer.
If you try to fix these problems, PC Optimizer Pro will state that you need to buy its full version before being able to do so.

Link to post
Share on other sites

I was able to download Malwarebytes anti-malware. 

 

Here are the results of the scan

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 9/28/2014
Scan Time: 12:38:15 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.03.04.09
Rootkit Database: v2014.02.20.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7
CPU: x64
File System: NTFS
User: Aaron G
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 4074
Time Elapsed: 1 min, 42 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

If your login account does not have administrator level rights, then before starting MBAM, do this:  Locate the shortcut link Right-click the icon and select Run as Administrator and allow to run  ( answer YES).

 

If you have both realtime protection as well as self-protection selected in MBAM, you need to first turn off the self-protection using the programs Settings >>Advanced Settings screen.

 

Next, ( but only if the program is running) let's shutdown the realtime Malwarebytes Anti-Malware. Go to the desktop Taskbar. See the blue-color MBAM icon in the notification area.

 

Do a Right-click on it with your mouse, and select EXIT.

 

{ if you are only running the Free mode program, you will not see that, so in that case you can ignore that step.}.

 

If you are unable to update Malwarebytes Anti-Malware's database, please follow the steps below :

 

1: Download the netconf replacement tool from the link below

 

https://malwarebytes.app.box.com/s/vmg0am1plzyl4m73l75o

 

2: Unzip the zip file to Extract the "Net Conf Fix" folder on your desktop.

3: Once extracted, open the **Net Conf Fix** folder.

4: Double click on the net-replacement.bat file. If you are using Windows Vista or higher, please Right-click the net-replacement.bat file and click Run as Administrator from the menu.

5: After the tool has run, launch Malwarebytes Anti-Malware and click Update Now

 

Please let me know if you are able to update the database after running this tool.

Link to post
Share on other sites

Open Malwarebytes Anti-Malware, from the Dashboard please Check for Updates by clicking the Update Now... link

When the update completes select > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.

 

 

Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.

 

When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

 

 

In most cases, a restart will be required.

 

 

Wait for the prompt to restart the computer to appear, then click on Yes.

 

 

Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

Link to post
Share on other sites

results of the scan are posted below
 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 9/28/2014
Scan Time: 1:04:39 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.09.28.07
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7
CPU: x64
File System: NTFS
User: Aaron G
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 380416
Time Elapsed: 29 min, 46 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 33
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{35B367AB-9BC9-09D9-3F86-1AD3E45D9FE7}, Quarantined, [0c7942ad314adc5aec6e3a7dce33cf31], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{35B367AB-9BC9-09D9-3F86-1AD3E45D9FE7}, Quarantined, [0c7942ad314adc5aec6e3a7dce33cf31], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\topbuyer.topbuyer, Quarantined, [0c7942ad314adc5aec6e3a7dce33cf31], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\topbuyer.topbuyer.4.1, Quarantined, [0c7942ad314adc5aec6e3a7dce33cf31], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\topbuyer.topbuyer, Quarantined, [0c7942ad314adc5aec6e3a7dce33cf31], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\topbuyer.topbuyer.4.1, Quarantined, [0c7942ad314adc5aec6e3a7dce33cf31], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{35B367AB-9BC9-09D9-3F86-1AD3E45D9FE7}, Quarantined, [0c7942ad314adc5aec6e3a7dce33cf31], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{35B367AB-9BC9-09D9-3F86-1AD3E45D9FE7}, Quarantined, [0c7942ad314adc5aec6e3a7dce33cf31], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{35B367AB-9BC9-09D9-3F86-1AD3E45D9FE7}, Quarantined, [0c7942ad314adc5aec6e3a7dce33cf31], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{35B367AB-9BC9-09D9-3F86-1AD3E45D9FE7}\INPROCSERVER32, Quarantined, [0c7942ad314adc5aec6e3a7dce33cf31], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{557d9ebb-546d-49a2-8e06-5e967f156878}, Quarantined, [89fc09e6c3b8db5b1347585f15ec7a86], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{557D9EBB-546D-49A2-8E06-5E967F156878}, Quarantined, [89fc09e6c3b8db5b1347585f15ec7a86], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\., Quarantined, [89fc09e6c3b8db5b1347585f15ec7a86], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\..9, Quarantined, [89fc09e6c3b8db5b1347585f15ec7a86], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\., Quarantined, [89fc09e6c3b8db5b1347585f15ec7a86], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\..9, Quarantined, [89fc09e6c3b8db5b1347585f15ec7a86], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{557D9EBB-546D-49A2-8E06-5E967F156878}, Quarantined, [89fc09e6c3b8db5b1347585f15ec7a86], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{557D9EBB-546D-49A2-8E06-5E967F156878}, Quarantined, [89fc09e6c3b8db5b1347585f15ec7a86], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{557D9EBB-546D-49A2-8E06-5E967F156878}, Quarantined, [89fc09e6c3b8db5b1347585f15ec7a86], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{557D9EBB-546D-49A2-8E06-5E967F156878}\INPROCSERVER32, Quarantined, [89fc09e6c3b8db5b1347585f15ec7a86], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5F488658-35A7-2AB8-A756-560BA8F103C3}, Quarantined, [e5a0bb3447346ccaf566199e39c87789], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{FE139F4C-CE5B-121A-8A2D-191FA2226094}, Quarantined, [c5c09b546f0c76c06deec6f1fa07e21e], 
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5F189DF5-2D05-472B-9091-84D9848AE48B}{892cc6a3}, Quarantined, [760fe9066813a98db188001d7093a759], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1349641208-1990007855-262660626-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [681de00f4a3162d49ae15de40201f010], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1349641208-1990007855-262660626-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [582d06e9e794ae889a3f0651b94b06fa], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [aed77679a2d9a195d38641c461a2cf31], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Quarantined, [aed77679a2d9a195d38641c461a2cf31], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Quarantined, [aed77679a2d9a195d38641c461a2cf31], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, Quarantined, [aed77679a2d9a195d38641c461a2cf31], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Quarantined, [aed77679a2d9a195d38641c461a2cf31], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Quarantined, [aed77679a2d9a195d38641c461a2cf31], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, Quarantined, [aed77679a2d9a195d38641c461a2cf31], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [aed77679a2d9a195d38641c461a2cf31], 
 
Registry Values: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1349641208-1990007855-262660626-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, zr2X2X1G1S1F2V1S2Q0V, Quarantined, [582d06e9e794ae889a3f0651b94b06fa]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 2
Rogue.Multiple, C:\ProgramData\374311380, Quarantined, [8401c926ee8d54e2ccf1735ab54d07f9], 
PUP.Optional.MultiPlug.A, C:\ProgramData\topbuyer, Quarantined, [aed77679a2d9a195d38641c461a2cf31], 
 
Files: 10
PUP.Optional.MultiPlug, C:\ProgramData\topbuyer\R.x64.dll, Quarantined, [0c7942ad314adc5aec6e3a7dce33cf31], 
PUP.Optional.MultiPlug, C:\ProgramData\saoferrwEB\gas3DXy0IMIsim.x64.dll, Quarantined, [89fc09e6c3b8db5b1347585f15ec7a86], 
PUP.Optional.MultiPlug, C:\ProgramData\saoferrwEB\gas3DXy0IMIsim.exe, Quarantined, [e5a0bb3447346ccaf566199e39c87789], 
PUP.Optional.MultiPlug, C:\ProgramData\topbuyer\R.exe, Quarantined, [c5c09b546f0c76c06deec6f1fa07e21e], 
PUP.Optional.MultiPlug, C:\Windows\Temp\1411921930, Delete-on-Reboot, [d7aeb23d19628da9f96102b54db4ae52], 
PUP.Optional.OptimunInstaller, C:\Users\Aaron G\Downloads\fl_setup.exe, Quarantined, [bdc867881d5e3ef80ecad77254acfc04], 
PUP.Optional.Superfish.A, C:\Users\Aaron G\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Quarantined, [35509f50dc9f94a208929099d033c937], 
PUP.Optional.Superfish.A, C:\Users\Aaron G\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [c3c2e50adaa13ef892084cddba4931cf], 
PUP.Optional.MultiPlug.A, C:\ProgramData\topbuyer\R.dat, Quarantined, [aed77679a2d9a195d38641c461a2cf31], 
PUP.Optional.MultiPlug.A, C:\ProgramData\topbuyer\R.tlb, Quarantined, [aed77679a2d9a195d38641c461a2cf31], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

Download AdwCleaner by Xplode onto your Desktop.


Double click on Adwcleaner.exe to run the tool.
Click on Scan
Once the scan is done, click on the Clean button.
You will get a prompt asking to close all programs. Click OK.
Click OK again to reboot your computer.
A text file will open after the restart. Please post the content of that logfile in your reply.
You can also find the logfile at C:\AdwCleaner[sn].txt. Where n in the scan reference number

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


Shut down your protection software now to avoid potential conflicts. (re-enable when done)
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Next,

 

Check Malwarebytes for updates then run another threat scan, post the new log.....

 

 

Let me see those logs in your next reply, also give an update on any remaining issues or concerns....

 

Kevin

Link to post
Share on other sites

From AdwCleaner

# AdwCleaner v3.310 - Report created 28/09/2014 at 19:06:40
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium  (64 bits)
# Username : Aaron G - AARONG-PC
# Running from : C:\Users\Aaron G\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
[!] Folder Deleted : C:\ProgramData\Performance Optimizer
Folder Deleted : C:\ProgramData\CouponFactor
Folder Deleted : C:\ProgramData\saoferrwEB
Folder Deleted : C:\Users\Aaron G\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : UpdaterEX
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\perfor~1\perfor~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\PERFOR~1\PERFOR~2.DLL
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7600.17267
 
 
-\\ Google Chrome v37.0.2062.124
 
[ File : C:\Users\Aaron G\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [search Provider] : hxxp://www.foodnetwork.com/search/search-results.html?searchTerm={searchTerms}&form=global&_charset_=UTF-8
Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
 
[ File : C:\Users\Aaron's iphone\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
 
*************************
 
AdwCleaner[R0].txt - [3315 octets] - [28/09/2014 18:57:48]
AdwCleaner[s0].txt - [3362 octets] - [28/09/2014 19:06:40]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3422 octets] ##########
Link to post
Share on other sites

Junkware removal log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.2.3 (09.27.2014:1)
OS: Windows 7 Home Premium x64
Ran by Aaron G on Sun 09/28/2014 at 19:24:36.62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\syswow64\sho539E.tmp
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{006EFFF9-D556-4B96-9968-59C5B7E43D25}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{00CEAE2C-4864-4490-BAAE-6CA2F39710CA}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{0249286E-1042-4761-824B-A9C48759234F}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{06604836-4EF2-4F2F-88EC-37231FC6FF9B}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{07DCD9D7-6810-4DDD-91D7-C0710E493FCB}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{10AFC24F-49BD-4B2E-95AF-ECB5D99EE221}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{1179AE3A-FD3E-4540-93B0-51F967957E9B}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{120D578D-3E13-4C9D-B264-76FAA129449C}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{168DCE7F-8E54-4F01-8F52-5B7300D9EA83}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{171C6BA4-3452-4DD4-AD72-03C72CF7FDC4}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{1755FE8D-906D-4EAF-84D8-B5F5C65DF7EB}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{1876DDB9-9AC4-492D-96D4-6C3854AF6BA9}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{1A588950-5955-47F6-A290-A65C5EED47CE}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{1CAEA975-5F25-417E-8A4C-360D0017B075}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{1F454862-AA13-424C-8928-B355410DACA4}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{235D178C-6428-4296-B0BC-F55E465323B9}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{28EF352E-CEB7-4D50-8544-F321612AC8B8}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{377BB399-ACD5-4951-9E2D-5B588A75CA30}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{45D56421-CB5B-4B68-9FF0-7BF1042000C9}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{4AB5B364-4281-4EA5-8C79-5195A1B0448E}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{4C0DA396-E3A8-4354-99EB-A80DC5C83793}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{4D086663-9C1B-4810-B0F8-E9B226F8C8C2}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{4E9B8B67-2BDC-4D4B-B0A2-273809E807A7}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{4F91E02E-08D0-4971-BD49-EFB3418D60D3}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{5281F035-5224-4995-A385-051F41D38A2F}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{61433A7F-BA16-4CAC-BABD-1466D397E69A}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{61DA65CA-56F0-4B5F-B00B-F4E4E8D35F27}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{63FEF112-D575-4325-874C-9BEB63122C7C}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{6720851A-64A2-40EB-A48E-48EA902267B9}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{6D3020AC-0265-43BE-A02D-EDB12F2CC113}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{71143CCA-A788-47DC-AFC0-721E489FD804}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{76A33C39-39C6-438B-BBD9-E7A28529FDFA}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{779E2893-038C-4170-924B-F6ADF1B7E0EA}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{81F8F9BA-A640-4870-A4EF-C9E0DF78E093}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{83E300E6-A625-4537-B06F-3E0DF1782899}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{8DFC04BE-B4AB-4BFE-A391-5BC773F2CE14}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{8F68EA87-6CD5-4640-AE37-D93B4D76B538}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{9A2C40B1-278F-45BD-ADA0-4F5577DF1FFB}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{A2527124-BEC9-4958-B137-A8B97C15E62D}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{A6D81447-606F-4FAD-AF0F-E0104E559E96}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{A71C545B-F2EA-4BF4-90DB-62ADFDF4B191}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{AC244432-F80F-45EF-9A74-ECF1EBCE61AB}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{AD559F71-F718-463F-BA73-5DE58C64F893}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{B42563BA-17C9-46C0-89AD-84E888FAD2AD}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{B4506D43-C847-4733-B9EC-C7F730FADB19}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{B8BD17BB-A254-4EEC-92FD-B4D617AED0EE}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{B9C7A2B1-75E5-421C-8AE5-C7788F8A4855}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{C11D0033-49A7-45B3-96F7-05AEB77A9581}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{C5532CEC-3D85-4BD3-948F-102C33A7B278}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{C687B151-9526-44A5-BD2E-F3201659B1A5}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{C9AD020D-E697-4412-A9AD-B71605DE1E55}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{D22A463E-D599-4599-90D5-E06B4F2CA7C7}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{D3A023F7-58FE-4CBC-AB76-61047545468C}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{D454A5DB-0531-45E1-9F98-1CDC80DDDC7E}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{D624B570-88BC-40D7-BC21-0093199633DC}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{D90E3BAB-D42D-4287-B375-277CAD9F1EDE}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{DBEE445C-A789-46CF-8811-B5BC7E983E3D}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{E0488CAF-E211-4C79-9816-07F3E07C2A69}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{E6DE6797-FBD8-486B-8D1A-9DD204031730}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{F042C345-021A-4CDB-8E3D-55C55FEA0BB4}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{F332251F-FF39-4FD6-9A86-026476EDBE0C}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{F40E4C7B-110F-4DB8-AE47-9BCF8F4713D3}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{F5A73928-2E42-45A2-9E9E-EC86B0272945}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{F6D69CE7-F80E-4038-92D5-BC04AA3B6C9D}
Successfully deleted: [Empty Folder] C:\Users\Aaron G\appdata\local\{FDB0FACD-B84A-4D1F-9B47-62D100D541CA}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 09/28/2014 at 19:42:42.12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

Malwarebytes scan log is below. Unwanted popups, ads, and pages in google chrome seem to be gone.

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 9/28/2014
Scan Time: 7:46:59 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.09.28.08
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7
CPU: x64
File System: NTFS
User: Aaron G
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 380501
Time Elapsed: 18 min, 32 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

Thanks for the update, good to hear the the issues are finally corrected. We still need to run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and Windows 7/8 right click on IE shortcut and run as admin.

 

(To run ESET Online Scanner in a browser other than Internet Explorer, you'll need to download ESET SMART  Installer during the process)

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 


Turn off the real time scanner of any existing antivirus program while performing the online scan
click on the Run ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the add/on to be installed
Click Start
Make sure that the option "Remove found threats"  is UNticked
Click on Advanced Settings, ensure the following options are checked:
 
Scan for potentially unsafe applications
Enable Anti-Stealth Technology
 
Click Scan
wait for the virus definitions to be downloaded
Wait for the scan to finish

 

When the scan is complete

 


If no threats were found
put a checkmark in "Uninstall application on close"
close program
report to me that nothing was found

 

If threats were found

 


click on "list of threats found"
click on "export to text file" and save it as ESET SCAN and save to the desktop
Click on back
put a checkmark in "Uninstall application on close"
click on finish

 

close program

 

Copy and paste the report in next reply. Also let me know if there are any remaining ssues or cocnerns..

 

Thanks,

 

Kevin..

Link to post
Share on other sites

Results of ESET scan below -- still seem to be no issues while online

 

C:\AdwCleaner\Quarantine\C\ProgramData\Performance Optimizer\PerformanceOptimizer.dll.vir a variant of Win32/SProtector.D potentially unwanted application

C:\AdwCleaner\Quarantine\C\ProgramData\Performance Optimizer\PerformanceOptimizer_x64.dll.vir a variant of Win64/SProtector.B potentially unwanted application

C:\FRST\Quarantine\C\Users\Aaron G\AppData\Local\Temp\ICSW_0M1T1L1G1V0D0L0M.exe.xBAD a variant of Win32/InstallCore.QL potentially unwanted application

C:\FRST\Quarantine\C\Users\Aaron G\AppData\Local\Temp\optprosetup.exe.xBAD multiple threats

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application

C:\Users\Aaron G\Downloads\Adobe_Flash_Setup.exe a variant of Win32/InstallCore.QB potentially unwanted application

C:\Users\Aaron G\Downloads\OffercastInstaller_AVR_U-0087-01-P_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application

C:\Users\Aaron G\Downloads\ReimageRepair.exe Win32/Toolbar.Babylon.T potentially unwanted application
Link to post
Share on other sites

Delete the following entries listed from ESET log, the remainder are either ok or safe as already quarantined:

 

C:\Users\Aaron G\Downloads\OffercastInstaller_AVR_U-0087-01-P_.exe

C:\Users\Aaron G\Downloads\ReimageRepair.exe

 

If installing free sofware be aware many will be bundled with unwanted extras, think about researching and installing "UnChecky" to stop the bundled unwanted extras from accessing your system:

 

http://unchecky.com/

 

Next,

 

Download "Delfix by Xplode" and save it to your desktop.

 

Or use the following if first link is down:

 

"Delfix link mirror"

 

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

 

Make Sure the following items are checked:

 


    Activate UAC
    Remove disinfection tools
    Create registry backup
    Purge System Restore
    Reset system settings

 

Now click on "Run" and wait patiently until the tool has completed.

 

The tool will create a log when it has completed. We don't need you to post this.

 

Part of the routine will be to create a registry back up with ERUNT,  the back up will be created here:

 

C:\Windows\ERUNT

 

When all is known to be well with your system you can delete that back up folder if you consider it as not needed...

 

Any remnant files/logs from tools we have used can be deleted…

 

Let me know if there are any remaining issues or concerns, if non are we ok to close out...

 

Kevin..

Link to post
Share on other sites

Thanks for the update, it was a pleasure to work with you....

 

Take care and surf safe, read the following link to fully understand PC security and best practices, you may find it useful....

 

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629

 

Kevin....

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.