Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Mouse and Keyboard lock up on one user [Solved]

Started by wisesilver , Jun 09 2013 09:19 AM

  • This topic is locked This topic is locked

#1
wisesilver
Posted 09 June 2013 - 09:19 AM

wisesilver

    Member

  • Member
  • PipPipPip
  • 501 posts
Hello:)

I'm experiencing a problem on one of my home computers. Here is a description of activities and observations:
  • Shortly after booting I find that my mouse and keyboard are no longer active
  • One of my McAfee security products was turned off - I had to turn it on
  • We need to do a hard shut down (holding down the power button)
  • My regular login user also eventually locked (mouse and keyboard) in safe mode as well
  • However, an alternate user login did not
  • While loged in with the alternate user in safe mode I first ran RKill. It removed a registry entry "Explorer Policy Removed NoActiveDesktopChanges HKLM."
  • Then I ran a fresh updated copy of Malware bytes. It did not find anything.
Here is my OTL Log:

OTL logfile created on: 6/9/2013 11:05:10 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\WeissFamily\Desktop\Anti Virus & Spyware
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.98 Gb Total Physical Memory | 5.84 Gb Available Physical Memory | 73.19% Memory free
13.84 Gb Paging File | 10.78 Gb Available in Paging File | 77.90% Paging File free
Paging file location(s): c:\pagefile.sys 6000 8000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.22 Gb Total Space | 630.69 Gb Free Space | 68.61% Space Free | Partition Type: NTFS
Drive K: | 2794.51 Gb Total Space | 2098.82 Gb Free Space | 75.11% Space Free | Partition Type: NTFS

Computer Name: WEISSFAMILY-PC | User Name: WeissfamilyAd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/09 11:04:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\WeissFamily\Desktop\Anti Virus & Spyware\OTL.exe
PRC - [2013/05/14 20:39:47 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/02/11 18:30:54 | 000,185,176 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2013/02/05 11:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2012/04/02 09:38:46 | 048,367,104 | ---- | M] (CompanionLink Software, Inc.) -- C:\Program Files (x86)\CompanionLink\CompanionLink.exe
PRC - [2012/03/21 18:49:10 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/02/01 17:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2012/02/01 17:55:58 | 000,214,896 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2012/02/01 12:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
PRC - [2011/11/21 08:50:14 | 000,161,792 | ---- | M] () -- c:\Program Files (x86)\CompanionLink\Android\adb.exe
PRC - [2011/07/22 19:13:10 | 000,030,568 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
PRC - [2011/07/22 19:12:04 | 000,138,600 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2011/07/15 01:03:00 | 000,021,488 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
PRC - [2011/07/08 12:31:22 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe
PRC - [2011/07/01 01:07:24 | 000,607,592 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\PdfPro7Hook.exe
PRC - [2011/06/29 08:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
PRC - [2011/06/28 08:18:36 | 000,605,032 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDFCreate\PdfCreate7Hook.exe
PRC - [2011/06/27 19:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
PRC - [2011/06/12 19:07:24 | 000,506,352 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2011/06/01 12:42:28 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 12:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/03/21 14:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/02/09 17:36:58 | 000,457,200 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
PRC - [2010/09/13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/09/13 19:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/23 09:56:18 | 000,466,712 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe
PRC - [2010/03/10 17:26:30 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
PRC - [2009/08/25 12:27:26 | 000,142,200 | ---- | M] (Ilium Software, Inc.) -- C:\Program Files (x86)\Ilium Software\ListPro\ListProAlarms.exe
PRC - [2005/08/26 14:11:14 | 000,169,552 | ---- | M] (PKWARE, Inc.) -- C:\Program Files (x86)\PKWARE\PKZIPM\9.00.0010\PKTray.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/23 05:09:01 | 002,521,040 | ---- | M] () -- c:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll
MOD - [2013/05/16 03:21:37 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013/05/16 03:21:27 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll
MOD - [2013/05/16 03:21:23 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013/05/14 20:39:47 | 016,033,160 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2013/02/13 04:23:25 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
MOD - [2013/02/13 04:23:20 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013/01/10 04:44:15 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ceda881f46083cfb6356ed39e6bf9dcb\IAStorUtil.ni.dll
MOD - [2013/01/10 04:44:15 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\85a17526c326bfb377b5c2124dce39f2\IAStorCommon.ni.dll
MOD - [2013/01/10 04:29:22 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/10 04:29:20 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll
MOD - [2013/01/10 04:29:17 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/01/10 04:29:11 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/10 04:29:09 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/10 04:29:05 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/03/21 18:49:09 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/02/01 17:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2012/02/01 12:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
MOD - [2012/02/01 12:44:34 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
MOD - [2012/02/01 12:44:34 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
MOD - [2011/11/21 08:50:14 | 000,161,792 | ---- | M] () -- c:\Program Files (x86)\CompanionLink\Android\adb.exe
MOD - [2011/07/08 12:31:22 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe
MOD - [2011/06/29 08:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
MOD - [2011/06/28 01:04:26 | 000,478,208 | ---- | M] () -- C:\Program Files (x86)\Common Files\Scansoft Shared\PDF7\OutlookAddin.dll
MOD - [2011/06/28 01:03:56 | 000,276,480 | ---- | M] () -- C:\Program Files (x86)\Common Files\Scansoft Shared\PDF7\MailProcessor7.dll
MOD - [2011/06/27 19:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
MOD - [2011/06/27 19:25:30 | 000,058,944 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
MOD - [2011/06/24 23:21:46 | 000,322,624 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
MOD - [2011/06/24 23:20:26 | 000,565,968 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/12 19:07:24 | 000,506,352 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2011/06/01 12:46:02 | 000,030,984 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 12:42:24 | 000,108,296 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 12:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 12:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2011/03/21 14:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 14:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/21 01:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/03/23 09:56:40 | 000,223,016 | ---- | M] () -- C:\Windows\libactivboardex.dll
MOD - [2010/03/23 09:56:32 | 000,342,808 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\QtXml4.dll
MOD - [2010/03/23 09:56:28 | 000,880,928 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\QtNetwork4.dll
MOD - [2010/03/23 09:56:26 | 007,469,848 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\QtGui4.dll
MOD - [2010/03/23 09:56:24 | 002,018,584 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\QtCore4.dll
MOD - [2010/03/23 09:56:18 | 000,466,712 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe
MOD - [2010/03/22 15:52:42 | 006,776,832 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
MOD - [2010/03/16 20:28:28 | 000,326,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
MOD - [2010/03/16 20:28:16 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
MOD - [2010/03/16 20:28:04 | 001,926,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
MOD - [2010/03/11 19:52:34 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
MOD - [2010/03/11 19:52:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
MOD - [2010/03/05 15:07:58 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
MOD - [2010/03/05 15:07:58 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/02/19 14:56:14 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013/02/19 14:53:32 | 000,218,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013/02/19 14:51:54 | 000,241,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2012/11/16 22:10:22 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2011/08/05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2011/08/05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2011/08/05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2010/11/10 08:55:50 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/08/30 15:42:00 | 000,220,528 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2013/05/14 20:39:50 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/02/11 18:30:54 | 000,185,176 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2013/02/05 11:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/01 17:55:58 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/10/28 19:20:16 | 000,286,736 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/07/22 19:12:04 | 000,138,600 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2011/07/15 01:03:00 | 000,021,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)
SRV - [2011/07/13 07:41:52 | 000,340,976 | ---- | M] (Rovi Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12)
SRV - [2011/07/13 07:41:30 | 001,095,664 | ---- | M] (Rovi Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13)
SRV - [2011/06/02 17:39:00 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/05/04 17:10:32 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2011/02/09 17:36:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)
SRV - [2010/11/25 06:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/10/22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/09/13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/02/19 14:59:06 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2013/02/19 14:56:26 | 000,340,216 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013/02/19 14:55:14 | 000,106,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2013/02/19 14:54:32 | 000,771,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013/02/19 14:53:42 | 000,515,968 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2013/02/19 14:53:02 | 000,309,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2013/02/19 14:52:44 | 000,179,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2013/02/12 00:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/04/20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/04/18 16:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2012/04/10 15:04:32 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/25 13:58:02 | 000,027,136 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2012/01/25 13:57:50 | 000,030,720 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2012/01/25 13:57:46 | 000,009,728 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2012/01/25 13:57:38 | 000,022,016 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011/05/24 03:00:00 | 000,055,952 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/09 01:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)
DRV:64bit: - [2011/02/09 01:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)
DRV:64bit: - [2011/02/09 01:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/10 09:34:04 | 008,013,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/11/10 08:18:54 | 000,287,232 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 21:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/24 19:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/09/14 08:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/06/08 08:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010/02/27 11:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/10/05 16:56:58 | 000,008,152 | ---- | M] (Promethean Technologies Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\activmouse.sys -- (prmvmouse)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/10 13:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motoandroid.sys -- (motandroidusb)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/05 16:26:00 | 000,065,152 | ---- | M] (Promethean Technologies Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\activhidsermini.sys -- (ActivHidSerMini)
DRV:64bit: - [2009/01/29 17:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2007/11/02 15:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-sea...0B4782BCBA599E9
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-sea...0B4782BCBA599E9
IE - HKCU\..\SearchScopes\{AE993A48-012D-423D-B232-EDFD2EED78FC}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\nppdf.dll (Zeon Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/29 23:22:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/10/07 15:04:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/06/07 21:40:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013/03/07 17:20:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/16 09:59:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/17 16:01:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2012/10/25 10:23:08 | 000,000,000 | ---D | M]

[2012/03/21 18:49:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/21 18:49:10 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 15:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012/02/25 10:57:24 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/11 14:04:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/05/22 09:21:17 | 000,002,021 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/02/11 14:04:00 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.delta-sea...0B4782BCBA599E9
CHR - Extension: No name found = C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0\
CHR - Extension: No name found = C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\
CHR - Extension: No name found = C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120629002612.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120629002612.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (ZeonIEEventHelper Class) - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files (x86)\Nuance\PDFCreate\bin\ZeonIEFavClient.dll (Zeon Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (DocuCom PDF) - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDFCreate\bin\ZeonIEFavClient.dll (Zeon Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ActivControl] C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe (Promethean Technologies Group Ltd)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\SysNative\EptMon64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe (Flexera Software, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF3 Registry Controller] C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\RegistryController.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PDF7 Registry Controller] C:\Program Files (x86)\Nuance\PDFCreate\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFCreHook] C:\Program Files (x86)\Nuance\PDFCreate\PdfCreate7Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFProHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\PdfPro7Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort14reminder] C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe (Rovi Corporation)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKCU..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKLM..\RunOnce: [!DPLauncher] C:\Program Files (x86)\Microsoft\DefaultPack\DPLauncher.EXE (© 2012 Microsoft Corporation)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" File not found
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Open with PDF Viewer 7 - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O8 - Extra context menu item: Open with PDF Viewer 7 - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...xControl_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.252.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1AEED542-308E-4CE5-8480-A6A649D8F7F3}: DhcpNameServer = 192.168.1.1 71.252.0.12
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/14 23:53:50 | 000,000,027 | ---- | M] () - K:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/08 15:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserDefender
[2013/06/08 15:05:46 | 000,000,000 | ---D | C] -- C:\Users\WeissfamilyAd\AppData\Roaming\Mozilla
[2013/06/08 15:05:46 | 000,000,000 | ---D | C] -- C:\Users\WeissfamilyAd\AppData\Roaming\BabSolution
[2013/06/08 15:05:23 | 000,000,000 | ---D | C] -- C:\Users\WeissfamilyAd\AppData\Roaming\Babylon
[2013/06/08 15:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013/06/08 12:15:03 | 000,000,000 | ---D | C] -- C:\Users\WeissfamilyAd\AppData\Roaming\McAfee
[2013/06/08 11:42:02 | 000,000,000 | ---D | C] -- C:\Users\WeissfamilyAd\Desktop\rkill
[2013/06/08 11:16:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/06/08 11:12:26 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\WeissfamilyAd\Desktop\mbam-setup-1.75.0.1300.exe

========== Files - Modified Within 30 Days ==========

[2013/06/09 11:06:19 | 000,000,304 | ---- | M] () -- C:\Windows\tasks\DSite.job
[2013/06/09 11:04:00 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2013/06/09 11:03:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2013/06/09 10:47:59 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/09 10:47:59 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/09 10:42:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/09 10:23:29 | 000,797,204 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/06/09 10:23:29 | 000,671,612 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/06/09 10:23:29 | 000,126,558 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/06/09 10:22:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/09 10:17:56 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/09 10:17:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/09 10:17:34 | 2133,676,031 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/08 15:08:49 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/08 11:40:20 | 000,002,281 | ---- | M] () -- C:\Users\WeissfamilyAd\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/06/08 08:50:59 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\WeissfamilyAd\Desktop\mbam-setup-1.75.0.1300.exe
[2013/06/04 22:23:45 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/05/17 16:01:49 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013/05/16 03:18:30 | 001,290,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2013/06/08 15:05:20 | 000,000,304 | ---- | C] () -- C:\Windows\tasks\DSite.job
[2013/03/12 09:27:24 | 000,007,609 | ---- | C] () -- C:\Users\WeissfamilyAd\AppData\Local\Resmon.ResmonCfg
[2012/12/30 16:21:02 | 000,001,415 | ---- | C] () -- C:\Users\WeissfamilyAd\AppData\Roaming\csv2qif.ini
[2012/08/19 16:41:45 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/05/31 16:07:49 | 000,103,272 | ---- | C] () -- C:\Users\WeissfamilyAd\GoToAssistDownloadHelper.exe
[2011/09/29 23:02:53 | 000,212,852 | ---- | C] () -- C:\Windows\hpoins52.dat
[2011/07/22 18:32:34 | 000,034,326 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2011/06/11 19:52:23 | 000,790,928 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/11 19:42:27 | 000,073,526 | ---- | C] () -- C:\Windows\hpqins16.dat
[2011/06/11 14:23:34 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/05/03 18:42:27 | 000,000,000 | ---D | M] -- C:\Users\WeissfamilyAd\AppData\Roaming\ACTIV Software
[2013/06/08 15:05:48 | 000,000,000 | ---D | M] -- C:\Users\WeissfamilyAd\AppData\Roaming\BabSolution
[2013/06/08 15:05:23 | 000,000,000 | ---D | M] -- C:\Users\WeissfamilyAd\AppData\Roaming\Babylon
[2012/05/03 18:42:34 | 000,000,000 | ---D | M] -- C:\Users\WeissfamilyAd\AppData\Roaming\Fingertapps
[2013/02/13 21:32:27 | 000,000,000 | ---D | M] -- C:\Users\WeissfamilyAd\AppData\Roaming\Garmin
[2012/06/02 21:53:25 | 000,000,000 | ---D | M] -- C:\Users\WeissfamilyAd\AppData\Roaming\Ilium Software
[2012/06/24 21:42:27 | 000,000,000 | ---D | M] -- C:\Users\WeissfamilyAd\AppData\Roaming\Leadertech
[2012/06/28 18:10:24 | 000,000,000 | ---D | M] -- C:\Users\WeissfamilyAd\AppData\Roaming\Memeo
[2012/05/03 18:42:01 | 000,000,000 | ---D | M] -- C:\Users\WeissfamilyAd\AppData\Roaming\Motorola
[2012/05/03 18:42:36 | 000,000,000 | ---D | M] -- C:\Users\WeissfamilyAd\AppData\Roaming\PKWARE
[2012/05/03 18:43:13 | 000,000,000 | ---D | M] -- C:\Users\WeissfamilyAd\AppData\Roaming\Promethean
[2012/06/28 18:10:10 | 000,000,000 | ---D | M] -- C:\Users\WeissfamilyAd\AppData\Roaming\Seagate
[2012/05/10 20:38:59 | 000,000,000 | ---D | M] -- C:\Users\WeissfamilyAd\AppData\Roaming\Zeon

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 242 bytes -> C:\ProgramData\Temp:FD9CE1F3

< End of report >
  • 0

Advertisements

#2
emeraldnzl
Posted 15 June 2013 - 04:41 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello wisesilver,

Sorry for the delay.

Shortly after booting I find that my mouse and keyboard are no longer active


Might or might not be malware related that one but we will check for malware.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. For your machine it will be the 64bit version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

  • 0

#3
wisesilver
Posted 15 June 2013 - 09:28 PM

wisesilver

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 501 posts
Hi emeraldnzl :)

Sorry for the delay.

No problem, thank you for getting back to me. Your work is noble, G2G must be swamped with requests! :)
While waiting I did one additional thing that I should tell you about, encase it is relevant. In safe mode I downloaded Malwarebytes Anti-Root kit. Then I ran the file fixdamage. When I booted in normal mode, the next time my PC locked up it was only he mouse and not the keyboard. But eventually it was both locked up again.

Also, I’m wondering I I may have had a fake McAfee popup fairly recently.

Here are the FRST.txt scan results:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-06-2013
Ran by WeissfamilyAd (administrator) on 15-06-2013 22:16:20
Running from C:\Users\WeissFamily\Desktop\Anti Virus & Spyware
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
() C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
(Microsoft Corporation) C:\Windows\system32\CISVC.EXE
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(Promethean Technologies Group Ltd) C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
(CompanionLink Software, Inc.) C:\Program Files (x86)\CompanionLink\CompanionLink.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
() C:\Program Files\Activ Software\ActivDriver\activmgr.exe
(Ilium Software, Inc.) C:\Program Files (x86)\Ilium Software\ListPro\ListProAlarms.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(PKWARE, Inc.) C:\Program Files (x86)\PKWARE\PKZIPM\9.00.0010\PKTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
(Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7510 series\bin\HPNetworkCommunicator.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe
() C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\PdfPro7Hook.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDFCreate\PdfCreate7Hook.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7510 series\Bin\HPNetworkCommunicator.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Axentra Corporation) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\sysWow64\SearchProtocolHost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry_THXCfg] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 [17920 2009-10-15] (Creative Technology Ltd.)
HKLM\...\Run: [RunDLLEntry_EptMon] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64 [21504 2009-10-15] (Creative Technology Ltd.)
HKLM\...\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet [2022976 2011-06-27] ()
HKLM\...\Run: [ActivControl] C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe [1233704 2010-03-23] (Promethean Technologies Group Ltd)
HKLM\...\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe" [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [483424 2012-02-01] ()
HKLM-x32\...\Runonce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [x]
HKLM-x32\...\RunOnce: [!DPLauncher] "C:\Program Files (x86)\Microsoft\DefaultPack\DPLauncher.EXE" partner=p001 comb=9 [59952 2012-10-17] (© 2012 Microsoft Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [MyTomTomSA.exe] "C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe" [451656 2013-01-07] (TomTom)
HKCU\...\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [1099608 2013-02-11] (Garmin Ltd or its subsidiaries)
HKLM-x32\...\Runonce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [x]
HKLM-x32\...\RunOnce: [!DPLauncher] "C:\Program Files (x86)\Microsoft\DefaultPack\DPLauncher.EXE" partner=p001 comb=9 [59952 2012-10-17] (© 2012 Microsoft Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-11-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)
HKLM-x32\...\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1532992 2013-03-13] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [37960 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" [293360 2011-07-13] (Rovi Corporation)
HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" [506352 2011-06-12] ()
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [PDF3 Registry Controller] "C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\\RegistryController.exe" [106496 2005-04-12] (ScanSoft, Inc.)
HKLM-x32\...\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler [324976 2010-05-21] (Flexera Software, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" [30568 2011-07-22] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" [46952 2011-07-22] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort14reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\14\Config\Ereg\Ereg.ini" [333088 2011-05-16] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro7hook.exe [607592 2011-07-01] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFCreHook] C:\Program Files (x86)\Nuance\PDFCreate\pdfcreate7hook.exe [605032 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF7 Registry Controller] C:\Program Files (x86)\Nuance\PDFCreate\RegistryController.exe [140136 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1230704 2011-03-21] ()
HKLM-x32\...\Run: [CPMonitor] "C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe" [84464 2011-07-08] ()
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup [968048 2012-02-01] ()
HKLM-x32\...\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui [131072 2012-04-13] (Memeo Inc.)
HKLM-x32\...\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui [79112 2011-06-01] ()
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKU\Sheri\...\RunOnce: [Application Restart #0] C:\Windows\WindowsMobile\wmdc.exe C:\Windows\WindowsMobile\wmdc.exe /show [660360 2007-05-31] (Microsoft Corporation)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Event Reminder.lnk
ShortcutTarget: Event Reminder.lnk -> C:\Program Files (x86)\The Print Shop 23.1\Remind.exe (Broderbund Properties LLC)
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\ListProAlarms.lnk
ShortcutTarget: ListProAlarms.lnk -> C:\Program Files (x86)\Ilium Software\ListPro\ListProAlarms.exe (Ilium Software, Inc.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\PKZIP Attachments Status.lnk
ShortcutTarget: PKZIP Attachments Status.lnk -> C:\Program Files (x86)\PKWARE\PKZIPM\9.00.0010\PKTray.exe (PKWARE, Inc.)
Startup: C:\Users\WeissFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7510 series (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 7510 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 7510 series\bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\WeissFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-sea...0B4782BCBA599E9
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
HKCU SearchScopes: DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-sea...0B4782BCBA599E9
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-sea...0B4782BCBA599E9
SearchScopes: HKCU - {49606DC7-976D-4030-A74E-9FB5C842FA68} URL =
SearchScopes: HKCU - {AE993A48-012D-423D-B232-EDFD2EED78FC} URL = http://search.yahoo....p={SearchTerms}
BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120629002612.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\progra~1\mcafee\msk\mskapbho.dll ()
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120629002612.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files (x86)\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll (Zeon Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll (Zeon Corporation)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 71.252.0.12

FireFox:
========
FF ProfilePath: C:\Users\WeissfamilyAd\AppData\Roaming\Mozilla\Firefox\Profiles\sfdnnxh7.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/MVT - C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\nppdf.dll (Zeon Corporation)

Chrome:
=======
CHR HomePage: hxxp://www.delta-search.com/?affID=119351&babsrc=HP_ss&mntrId=A0B4782BCBA599E9
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?affID=119357&babsrc=HP_ss&mntrId=A0B4782BCBA599E9"
CHR DefaultSearchURL: (Delta Search) - http://www.delta-sea...0B4782BCBA599E9
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java™ Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (McAfee Virtual Technician) - C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (DocuCom PDF Plus) - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Extension: (Docs) - C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Delta Toolbar) - C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0
CHR Extension: (SiteAdvisor) - C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0
CHR Extension: (Gmail) - C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457200 2011-02-09] ()
R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [21488 2011-07-15] ()
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185176 2013-02-11] (Garmin Ltd or its subsidiaries)
R2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [286736 2011-10-28] (Verizon)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [220528 2010-08-30] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2012-02-01] ()
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [138600 2011-07-22] (Nuance Communications, Inc.)
S3 RoxMediaDB13; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [1095664 2011-07-13] (Rovi Corporation)
S2 RoxWatch12; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [340976 2011-07-13] (Rovi Corporation)

==================== Drivers (Whitelisted) ====================

R3 ActivHidSerMini; C:\Windows\System32\DRIVERS\activhidsermini.sys [65152 2009-05-05] (Promethean Technologies Ltd)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
R3 prmvmouse; C:\Windows\System32\DRIVERS\activmouse.sys [8152 2009-10-05] (Promethean Technologies Ltd)
U3 mfeavfk01; No ImagePath
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-15 22:16 - 2013-06-15 22:16 - 00000000 ____D C:\FRST
2013-06-15 14:52 - 2013-06-08 10:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 14:52 - 2013-06-08 10:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 14:52 - 2013-06-08 10:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 14:52 - 2013-06-08 10:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 14:52 - 2013-06-08 10:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 14:52 - 2013-06-08 08:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 14:52 - 2013-06-08 07:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 14:52 - 2013-06-08 07:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 14:52 - 2013-06-08 07:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 14:52 - 2013-06-08 07:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 14:52 - 2013-06-08 07:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 14:52 - 2013-06-08 07:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-13 20:38 - 2013-06-13 20:39 - 00149504 ____A C:\Users\WeissFamily\Documents\ClassThank you card 13.car
2013-06-13 16:40 - 2013-06-13 17:00 - 00817002 ____A C:\Users\WeissFamily\Documents\SherwoodElClass2012.pptx
2013-06-12 21:22 - 2013-05-16 21:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 21:22 - 2013-05-16 21:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 21:22 - 2013-05-16 21:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 21:22 - 2013-05-16 21:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 21:22 - 2013-05-16 21:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 21:22 - 2013-05-16 21:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 21:22 - 2013-05-16 21:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 21:22 - 2013-05-16 21:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 21:22 - 2013-05-16 20:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 21:22 - 2013-05-16 20:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 21:22 - 2013-05-16 20:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 21:22 - 2013-05-16 20:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 21:22 - 2013-05-16 20:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 21:22 - 2013-05-16 20:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 21:22 - 2013-05-16 20:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 21:22 - 2013-05-16 20:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 21:22 - 2013-05-16 20:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 21:22 - 2013-05-14 08:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 21:22 - 2013-05-14 04:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 20:11 - 2013-05-10 01:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 20:11 - 2013-05-09 23:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 20:11 - 2013-05-08 02:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 20:11 - 2013-04-26 01:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 20:11 - 2013-04-26 00:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 20:10 - 2013-05-13 01:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 20:10 - 2013-05-13 01:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 20:10 - 2013-05-13 01:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 20:10 - 2013-05-13 01:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 20:10 - 2013-05-13 00:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 20:10 - 2013-05-13 00:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 20:10 - 2013-05-13 00:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 20:10 - 2013-05-12 23:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 20:10 - 2013-05-12 23:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 20:10 - 2013-05-12 23:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 20:10 - 2013-04-17 03:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 20:10 - 2013-04-17 02:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 20:09 - 2013-04-25 19:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 20:09 - 2013-03-31 18:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-10 20:08 - 2013-06-10 20:08 - 00000000 ____D C:\Users\WeissfamilyAd\AppData\Local\Macromedia
2013-06-10 20:07 - 2013-06-10 20:07 - 00000000 ____D C:\Users\WeissfamilyAd\AppData\Local\Mozilla
2013-06-09 10:56 - 2013-06-09 11:16 - 00000745 ____A C:\Users\WeissFamily\Documents\Sari.txt
2013-06-08 15:05 - 2013-06-10 20:07 - 00000000 ____D C:\Users\WeissfamilyAd\AppData\Roaming\Mozilla
2013-06-08 15:05 - 2013-06-08 15:05 - 00000000 ____D C:\Users\WeissfamilyAd\AppData\Roaming\Babylon
2013-06-08 15:05 - 2013-06-08 15:05 - 00000000 ____D C:\Users\WeissfamilyAd\AppData\Roaming\BabSolution
2013-06-08 15:05 - 2013-06-08 15:05 - 00000000 ____D C:\Users\WeissFamily\AppData\Roaming\DSite
2013-06-08 15:05 - 2013-06-08 15:05 - 00000000 ____D C:\ProgramData\Babylon
2013-06-08 15:04 - 2013-06-08 15:07 - 00793536 ____A C:\Users\WeissFamily\Documents\ZipOpenerSetup.exe
2013-06-08 13:50 - 2013-06-08 13:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\Apple Computer
2013-06-08 13:50 - 2013-06-08 13:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Apple Computer
2013-06-08 13:40 - 2012-08-23 10:13 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2013-06-08 13:40 - 2012-08-23 10:10 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2013-06-08 13:40 - 2012-08-23 10:07 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2013-06-08 13:40 - 2012-08-23 09:47 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-06-08 13:40 - 2012-08-23 09:46 - 00016896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-06-08 13:40 - 2012-08-23 09:41 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2013-06-08 13:40 - 2012-08-23 09:40 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2013-06-08 13:40 - 2012-08-23 09:24 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2013-06-08 13:40 - 2012-08-23 09:20 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\MsRdpWebAccess.dll
2013-06-08 13:40 - 2012-08-23 09:18 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-06-08 13:40 - 2012-08-23 09:17 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\wksprtPS.dll
2013-06-08 13:40 - 2012-08-23 09:06 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2013-06-08 13:40 - 2012-08-23 08:52 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-06-08 13:40 - 2012-08-23 07:20 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2013-06-08 13:40 - 2012-08-23 07:15 - 00269312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-06-08 13:40 - 2012-08-23 07:14 - 00384000 ____A (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2013-06-08 13:40 - 2012-08-23 07:12 - 00192000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-06-08 13:40 - 2012-08-23 06:54 - 00322560 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-06-08 13:40 - 2012-08-23 06:51 - 00228864 ____A (Microsoft Corporation) C:\Windows\System32\rdpendp_winip.dll
2013-06-08 13:40 - 2012-08-23 06:39 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-06-08 13:40 - 2012-08-23 06:22 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-06-08 13:40 - 2012-08-23 05:51 - 03174912 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-06-08 13:40 - 2012-08-23 04:19 - 04916224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-06-08 13:40 - 2012-08-23 04:13 - 05773824 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-06-08 13:34 - 2012-08-24 14:13 - 00154480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-06-08 13:34 - 2012-08-24 14:09 - 00458712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-06-08 13:34 - 2012-08-24 14:05 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-06-08 13:34 - 2012-08-24 14:03 - 01448448 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-06-08 13:34 - 2012-08-24 12:57 - 00247808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-06-08 13:34 - 2012-08-24 12:57 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-06-08 13:34 - 2012-08-24 12:53 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-06-08 13:34 - 2012-05-04 07:00 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2013-06-08 13:34 - 2012-05-04 05:59 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-06-08 12:15 - 2013-06-08 12:15 - 00000000 ____D C:\Users\WeissfamilyAd\AppData\Roaming\McAfee
2013-06-08 12:11 - 2013-06-08 12:11 - 00578640 ____A (McAfee, Inc.) C:\Users\WeissfamilyAd\Downloads\MVTInstaller.exe
2013-06-08 11:42 - 2013-06-08 11:42 - 00000000 ____D C:\Users\WeissfamilyAd\Desktop\rkill
2013-06-08 11:41 - 2013-06-08 11:43 - 00001922 ____A C:\Users\WeissfamilyAd\Desktop\Rkill.txt
2013-06-08 11:41 - 2013-06-08 11:41 - 01814144 ____A (Bleeping Computer, LLC) C:\Users\WeissfamilyAd\Downloads\rkill.exe
2013-06-08 11:12 - 2013-06-08 08:50 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\WeissfamilyAd\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-03 05:57 - 2013-06-03 05:57 - 00423424 ____A C:\Users\WeissFamily\Documents\Junecal 2013.cal

==================== One Month Modified Files and Folders =======

2013-06-15 22:17 - 2012-04-20 19:50 - 00000506 ____A C:\Windows\Tasks\SystemToolsDailyTest.job
2013-06-15 22:16 - 2013-06-15 22:16 - 00000000 ____D C:\FRST
2013-06-15 22:15 - 2009-07-14 00:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-15 22:15 - 2009-07-14 00:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-15 22:14 - 2011-06-11 12:23 - 00000000 ____D C:\Users\WeissFamily\Desktop\Anti Virus & Spyware
2013-06-15 22:11 - 2011-06-10 21:52 - 00000000 ____D C:\Users\WeissFamily\Documents\Outlook Files
2013-06-15 22:09 - 2012-04-20 19:50 - 00000564 ____A C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2013-06-15 22:07 - 2011-06-26 11:46 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-15 22:07 - 2009-07-14 01:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-15 22:07 - 2009-07-14 00:51 - 00085011 ____A C:\Windows\setupact.log
2013-06-15 22:06 - 2009-07-14 01:10 - 01431483 ____A C:\Windows\WindowsUpdate.log
2013-06-15 21:42 - 2012-04-19 17:20 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-15 21:22 - 2011-06-26 11:46 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-15 14:47 - 2009-07-14 01:08 - 00032650 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-13 22:58 - 2012-01-05 21:09 - 00000000 ____D C:\Weissfamily
2013-06-13 20:39 - 2013-06-13 20:38 - 00149504 ____A C:\Users\WeissFamily\Documents\ClassThank you card 13.car
2013-06-13 20:07 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\System32\FxsTmp
2013-06-13 17:49 - 2011-06-10 23:35 - 00000000 ____D C:\Users\WeissFamily\AppData\Local\Adobe
2013-06-13 17:00 - 2013-06-13 16:40 - 00817002 ____A C:\Users\WeissFamily\Documents\SherwoodElClass2012.pptx
2013-06-13 15:29 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2013-06-12 21:23 - 2011-06-11 11:18 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 20:15 - 2009-07-14 01:13 - 00797204 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-12 14:42 - 2012-04-19 17:20 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 14:42 - 2011-06-15 21:05 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-10 21:00 - 2011-06-17 23:27 - 00002021 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-06-10 20:22 - 2012-02-26 01:02 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-10 20:22 - 2011-06-11 00:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-10 20:09 - 2012-05-03 18:42 - 00000000 ____D C:\Users\WeissfamilyAd\AppData\Roaming\PKWARE
2013-06-10 20:08 - 2013-06-10 20:08 - 00000000 ____D C:\Users\WeissfamilyAd\AppData\Local\Macromedia
2013-06-10 20:07 - 2013-06-10 20:07 - 00000000 ____D C:\Users\WeissfamilyAd\AppData\Local\Mozilla
2013-06-10 20:07 - 2013-06-08 15:05 - 00000000 ____D C:\Users\WeissfamilyAd\AppData\Roaming\Mozilla
2013-06-10 20:06 - 2011-06-26 11:46 - 00000000 ____D C:\Program Files (x86)\Google
2013-06-09 12:12 - 2011-06-02 19:10 - 00126332 ____A C:\Windows\PFRO.log
2013-06-09 11:16 - 2013-06-09 10:56 - 00000745 ____A C:\Users\WeissFamily\Documents\Sari.txt
2013-06-08 15:49 - 2011-07-21 20:04 - 00116269 ____A C:\Users\WeissFamily\ACTIVstudioError.log
2013-06-08 15:07 - 2013-06-08 15:04 - 00793536 ____A C:\Users\WeissFamily\Documents\ZipOpenerSetup.exe
2013-06-08 15:05 - 2013-06-08 15:05 - 00000000 ____D C:\Users\WeissfamilyAd\AppData\Roaming\Babylon
2013-06-08 15:05 - 2013-06-08 15:05 - 00000000 ____D C:\Users\WeissfamilyAd\AppData\Roaming\BabSolution
2013-06-08 15:05 - 2013-06-08 15:05 - 00000000 ____D C:\Users\WeissFamily\AppData\Roaming\DSite
2013-06-08 15:05 - 2013-06-08 15:05 - 00000000 ____D C:\ProgramData\Babylon
2013-06-08 13:53 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-08 13:50 - 2013-06-08 13:50 - 00000000 ____D C:\Users\Default\AppData\Roaming\Apple Computer
2013-06-08 13:50 - 2013-06-08 13:50 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Apple Computer
2013-06-08 13:03 - 2011-06-11 09:03 - 00000000 ____D C:\DOC#WORD
2013-06-08 12:15 - 2013-06-08 12:15 - 00000000 ____D C:\Users\WeissfamilyAd\AppData\Roaming\McAfee
2013-06-08 12:11 - 2013-06-08 12:11 - 00578640 ____A (McAfee, Inc.) C:\Users\WeissfamilyAd\Downloads\MVTInstaller.exe
2013-06-08 11:43 - 2013-06-08 11:41 - 00001922 ____A C:\Users\WeissfamilyAd\Desktop\Rkill.txt
2013-06-08 11:42 - 2013-06-08 11:42 - 00000000 ____D C:\Users\WeissfamilyAd\Desktop\rkill
2013-06-08 11:41 - 2013-06-08 11:41 - 01814144 ____A (Bleeping Computer, LLC) C:\Users\WeissfamilyAd\Downloads\rkill.exe
2013-06-08 11:40 - 2013-03-14 15:49 - 00000000 ____D C:\Users\WeissfamilyAd\AppData\Local\Google
2013-06-08 10:08 - 2013-06-15 14:52 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 10:07 - 2013-06-15 14:52 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 10:06 - 2013-06-15 14:52 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 10:06 - 2013-06-15 14:52 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 10:06 - 2013-06-15 14:52 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 08:50 - 2013-06-08 11:12 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\WeissfamilyAd\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-08 08:28 - 2013-06-15 14:52 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 07:42 - 2013-06-15 14:52 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 07:40 - 2013-06-15 14:52 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 07:40 - 2013-06-15 14:52 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 07:40 - 2013-06-15 14:52 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 07:40 - 2013-06-15 14:52 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 07:13 - 2013-06-15 14:52 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-07 21:41 - 2011-06-02 17:46 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-06-05 14:16 - 2011-06-02 17:46 - 00000000 ____D C:\Program Files\mcafee
2013-06-03 05:57 - 2013-06-03 05:57 - 00423424 ____A C:\Users\WeissFamily\Documents\Junecal 2013.cal
2013-05-31 22:38 - 2011-06-11 09:00 - 00000000 ____D C:\Doc@PhotosForms
2013-05-16 21:25 - 2013-06-12 21:22 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-16 21:25 - 2013-06-12 21:22 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-16 21:25 - 2013-06-12 21:22 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-16 21:25 - 2013-06-12 21:22 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-16 21:25 - 2013-06-12 21:22 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-16 21:25 - 2013-06-12 21:22 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-16 21:25 - 2013-06-12 21:22 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-16 21:25 - 2013-06-12 21:22 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-16 20:59 - 2013-06-12 21:22 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-16 20:59 - 2013-06-12 21:22 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-16 20:58 - 2013-06-12 21:22 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-16 20:58 - 2013-06-12 21:22 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-16 20:58 - 2013-06-12 21:22 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-16 20:58 - 2013-06-12 21:22 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-16 20:58 - 2013-06-12 21:22 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-16 20:58 - 2013-06-12 21:22 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-16 20:58 - 2013-06-12 21:22 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-16 05:50 - 2011-08-26 16:06 - 00000000 ___RD C:\Users\WeissFamily\Podcasts
2013-05-16 03:18 - 2009-07-14 00:45 - 01290664 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-16 03:12 - 2011-06-10 21:20 - 00000000 ____D C:\ProgramData\Microsoft Help

Files to move or delete:
====================
C:\Users\WeissFamily\GoToAssistDownloadHelper.exe
C:\Users\WeissfamilyAd\GoToAssistDownloadHelper.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-13 15:21

==================== End Of Log ============================

Here are the Addition.txt results:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-06-2013
Ran by WeissfamilyAd at 2013-06-15 22:45:04 Run:
Running from C:\Users\WeissFamily\Desktop\Anti Virus & Spyware
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

64 Bit HP CIO Components Installer (Version: 7.2.8)
ActivDriver x64 v5.4.7 (Version: 5.4.7.1)
ActivInspire Core Resources (ENU) v1 (Version: 1.4.0)
ActivInspire Help (USA) v1 (Version: 1.4.0)
ActivInspire HWR Resources (ENU) v1 (Version: 1.3.0)
ActivInspire v1 (Version: 1.4.20411)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader X (10.1.7) MUI (Version: 10.1.7)
Adobe Shockwave Player 11.6 (Version: 11.6.0.626)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 2.010.1110.1531)
Audacity 1.2.6
BIAS SoundSaver for INport (Version: 1.00.0000)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 140.0.212.000)
C410 (Version: 140.0.273.000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.1110.1532.27809)
Catalyst Control Center Graphics Previews Vista (Version: 2010.1110.1532.27809)
Catalyst Control Center InstallProxy (Version: 2010.1110.1532.27809)
Catalyst Control Center Localization All (Version: 2010.1110.1532.27809)
CCC Help Chinese Standard (Version: 2010.1110.1531.27809)
CCC Help Chinese Traditional (Version: 2010.1110.1531.27809)
CCC Help Czech (Version: 2010.1110.1531.27809)
CCC Help Danish (Version: 2010.1110.1531.27809)
CCC Help Dutch (Version: 2010.1110.1531.27809)
CCC Help English (Version: 2010.1110.1531.27809)
CCC Help Finnish (Version: 2010.1110.1531.27809)
CCC Help French (Version: 2010.1110.1531.27809)
CCC Help German (Version: 2010.1110.1531.27809)
CCC Help Greek (Version: 2010.1110.1531.27809)
CCC Help Hungarian (Version: 2010.1110.1531.27809)
CCC Help Italian (Version: 2010.1110.1531.27809)
CCC Help Japanese (Version: 2010.1110.1531.27809)
CCC Help Korean (Version: 2010.1110.1531.27809)
CCC Help Norwegian (Version: 2010.1110.1531.27809)
CCC Help Polish (Version: 2010.1110.1531.27809)
CCC Help Portuguese (Version: 2010.1110.1531.27809)
CCC Help Russian (Version: 2010.1110.1531.27809)
CCC Help Spanish (Version: 2010.1110.1531.27809)
CCC Help Swedish (Version: 2010.1110.1531.27809)
CCC Help Thai (Version: 2010.1110.1531.27809)
CCC Help Turkish (Version: 2010.1110.1531.27809)
ccc-core-static (Version: 2010.1110.1532.27809)
ccc-utility64 (Version: 2010.1110.1532.27809)
CodeStuff Starter (Version: 5.6.2.9)
CompanionLink (Version: 5.00.5000)
Consumer In-Home Service Agreement (Version: 2.0.0)
Coupon Printer for Windows (Version: 5.0.0.0)
Cozi (Version: 1.0.4323.24051)
CSV2QIF (Version: 2.2.4.3)
D3DX10 (Version: 15.4.2368.0902)
Data Lifeguard Diagnostic for Windows 1.24
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.4.162.0)
Dell PhotoStage (Version: 1.5.0.1)
Dell PhotoStage (Version: 1.5.0.66)
Dell Stage (Version: 1.7.209.0)
Dell Stage Remote (Version: 2.0.0.43)
Dell Support Center (Version: 3.1.5907.39)
Dell VideoStage (Version: 1.1.1.1408)
Delta Chrome Toolbar
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 140.0.212.000)
DirectX 9 Runtime (Version: 1.00.0000)
DivX Setup (Version: 2.5.0.15)
DocProc (Version: 13.0.0.0)
Elevated Installer (Version: 2.1.6)
eWallet 7.3.2 for Windows PCs (Version: 7.3.2)
Face Filter (Version: 1.0.007)
Fax (Version: 140.0.212.000)
Garmin Express (Version: 2.1.6)
Garmin Express Tray (Version: 2.1.6)
Garmin Update Service (Version: 2.1.6)
Google Earth Plug-in (Version: 7.0.3.8542)
Google Update Helper (Version: 1.3.21.145)
GPBaseService2 (Version: 140.0.211.000)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Photosmart 7510 series Basic Device Software (Version: 25.0.617.0)
HP Photosmart 7510 series Help (Version: 140.0.2.2)
HP Photosmart 7510 series Product Improvement Study (Version: 25.0.617.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Prem C410 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Product Detection (Version: 11.14.0001)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.005.000.002)
HPAppStudio (Version: 140.0.95.000)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.04.0000)
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.04.0000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
hpphotosmartdisclabelplugin (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.212.0)
iCloud (Version: 2.1.2.8)
IHA_MessageCenter (Version: 1.8.8)
Intel® IPP Run-Time Installer 5.2 for Windows* on IA-32 (Version: 5.2.0.2)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
iTunes (Version: 11.0.2.26)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
ListPro 5.0 Windows Mobile & Windows PC (Version: 5.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 140.0.212.000)
McAfee Security Scan Plus (Version: 3.0.318.3)
McAfee SecurityCenter (Version: 11.6.511)
McAfee Virtual Technician (Version: 7.1.0.2483)
Memeo Instant Backup (Version: 4.60.0.7946)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.6106.5001)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (Version: 9.0.30729.4048)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (Version: 9.0.30729.4048)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Web Publishing Wizard 1.52
MotoHelper 2.1.40 Driver 5.5.0 (Version: 2.1.40)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Mobile Drivers Installation 5.5.0 (Version: 5.5.0)
Mozilla Firefox 11.0 (x86 en-US) (Version: 11.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Multimedia Card Reader (Version: 1.7.915.93)
MyTomTom 3.2.0.906 (Version: 3.2.0.906)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
Nuance PaperPort 14 (Version: 14.0.0002)
Nuance PDF Create 7 (Version: 7.10.2364)
Nuance PDF Viewer Plus (Version: 7.10.3211)
OCR Software by I.R.I.S. 14.0 (Version: 14.0)
OLYMPUS Master 2 (Version: 1.0.2)
OLYMPUS muvee theaterPack (Version: 1.0.2)
PaperPort Anywhere 1.1.4269.39023 powered by OfficeDrop (Version: 1.1.4269.39023)
PaperPort Image Printer 64-bit (Version: 14.00.0001)
PhotoShowExpress (Version: 2.0.063)
PKZIP for Windows 9.00.0010 (Version: 9.00.0010)
Pocket Informant 9.01 Build 2398 (Version: 9.01 Build 2398)
PS_AIO_07_C410_SW_Min (Version: 140.0.273.000)
Quicken 2011 (Version: 20.1.8.6)
Quicken WillMaker Plus 2011
QuickTime (Version: 7.73.80.64)
QuickTransfer (Version: 140.0.98.000)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
Redist (Version: 3.00.0000)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio BackOnTrack (Version: 4.1)
Roxio Burn (Version: 1.6)
Roxio CinePlayer (Version: 5.8)
Roxio CinePlayer Decoder Pack (Version: 4.3.0)
Roxio Creator 2012 (Version: 1.3.675)
Roxio Creator 2012 (Version: 13.5)
Roxio Creator 2012 (Version: 6.5.0)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Roxio PhotoShow (Version: 6.0)
Roxio Video Capture USB (Version: 1.22.0000)
Safari (Version: 5.34.57.2)
Scan (Version: 140.0.80.000)
ScanSoft PDF Converter 3.0 (Version: 3.00.0000)
Scansoft PDF Create
Seagate Dashboard (Version: 1.1.0.1421)
Seagate Manager Installer (Version: 2.01.0014)
SeaTools for Windows (Version: 1.2.0.6)
Secure Download Manager (Version: 3.0.3)
Shared C Run-time for x64 (Version: 10.0.0)
Shop for HP Supplies (Version: 14.0)
Skins (Version: 2010.1110.1532.27809)
Skype Toolbars (Version: 1.0.4051)
Skype™ 5.10 (Version: 5.10.116)
SmartSound Common Data (Version: 1.1.0)
SmartSound Quicktracks 5 (Version: 5.1.7)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.214.000)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Spb Mobile DVD (Version: 1.00.0000)
SPFSourceEdit 3.5
Status (Version: 140.0.256.000)
The Print Shop 23.1 (Version: 23.1.11)
THX TruStudio PC (Version: 1.0)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VD64Inst (Version: 1.00.0000)
Verizon Media Manager (Version: 9.5.67)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
WebReg (Version: 140.0.212.017)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
Yahoo! Detect
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)

==================== Restore Points =========================

08-06-2013 17:37:40 Windows Update
13-06-2013 01:21:25 Windows Update
15-06-2013 18:52:01 Windows Update

==================== Faulty Device Manager Devices =============

Name: Photosmart 7510 series
Description: Photosmart 7510 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart Prem C410 series
Description: Photosmart Prem C410 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/15/2013 10:15:32 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 11.0.0.4454, time stamp: 0x4f5ecc44
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x1a10f918
Faulting process id: 0x1128
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3

Error: (06/15/2013 03:41:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/14/2013 10:27:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/13/2013 10:24:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/13/2013 10:24:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/13/2013 10:07:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/13/2013 10:07:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/13/2013 10:07:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/13/2013 10:07:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/13/2013 10:07:41 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (06/14/2013 09:27:33 PM) (Source: DCOM) (User: WeissFamily-PC)
Description: application-specificLocalActivation{D3DCB472-7261-43CE-924B-0704BD730D5F}{D3DCB472-7261-43CE-924B-0704BD730D5F}WeissFamily-PCWeissFamilyS-1-5-21-1159144477-2886216316-554297653-1000LocalHost (Using LRPC)

Error: (06/14/2013 09:27:32 PM) (Source: DCOM) (User: WeissFamily-PC)
Description: application-specificLocalActivation{145B4335-FE2A-4927-A040-7C35AD3180EF}{145B4335-FE2A-4927-A040-7C35AD3180EF}WeissFamily-PCWeissFamilyS-1-5-21-1159144477-2886216316-554297653-1000LocalHost (Using LRPC)

Error: (06/12/2013 09:00:07 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:35:37 PM on ?6/?12/?2013 was unexpected.

Error: (06/12/2013 01:44:02 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (06/12/2013 01:44:02 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (120000 milliseconds) while waiting for the Windows Search service to connect.

Error: (06/12/2013 01:43:59 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (06/12/2013 01:43:59 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (120000 milliseconds) while waiting for the Windows Search service to connect.

Error: (06/12/2013 01:43:59 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (06/12/2013 01:43:59 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (120000 milliseconds) while waiting for the Windows Search service to connect.

Error: (06/12/2013 01:43:59 PM) (Source: DCOM) (User: )
Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}


Microsoft Office Sessions:
=========================
Error: (06/15/2013 10:15:32 PM) (Source: Application Error)(User: )
Description: firefox.exe11.0.0.44544f5ecc44unknown0.0.0.000000000c00000051a10f918112801ce6a36556df567C:\Program Files (x86)\Mozilla Firefox\firefox.exeunknown9f04467f-d62a-11e2-8cce-782bcba599e9

Error: (06/15/2013 03:41:06 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (06/14/2013 10:27:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (06/13/2013 10:24:21 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (06/13/2013 10:24:21 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (06/13/2013 10:07:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (06/13/2013 10:07:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (06/13/2013 10:07:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (06/13/2013 10:07:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (06/13/2013 10:07:41 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe


CodeIntegrity Errors:
===================================
Date: 2013-06-10 23:47:05.048
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-10 23:47:04.939
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-10 23:47:04.939
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-08 11:58:39.106
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-08 11:58:39.106
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-08 11:58:39.106
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-08 11:31:37.863
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-08 11:31:37.863
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-08 11:31:37.863
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-06-08 09:37:54.566
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 26%
Total physical RAM: 8174.45 MB
Available physical RAM: 6009.85 MB
Total Pagefile: 14172.63 MB
Available Pagefile: 10853.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:919.22 GB) (Free:632.24 GB) NTFS (Disk=0 Partition=3)
Drive k: (FreeAgent GoFlex Drive) (Fixed) (Total:2794.51 GB) (Free:1906.72 GB) NTFS (Disk=1 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 03CDF2C3)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=12 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=919 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.

==================== End Of Log ============================
  • 0

#4
emeraldnzl
Posted 16 June 2013 - 01:55 AM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello wisesilver,

Also, I’m wondering I I may have had a fake McAfee popup fairly recently.


You certainly have a lot of McAfee stuff on your machine lol.

Now

The home page in Chrome is related to Babylon/Delta which is classified as malware.

If you don't use Chrome please uninstall it.

If you do use Chrome please do this:

Go to the link below for instructions on how to change you homepage in Chrome.

http://support.googl...en&answer=95314

Next

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
After that

Please run OTL.exe

  • Under the Custom Scans/Fixes box at the bottom, copy and paste the content of the quote box below:

    :OTL
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}
    IE - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}
    IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-sea...0B4782BCBA599E9

    :Files
    C:\ProgramData\Babylon
    ipconfig /flushdns /c

    :Commands
    [resethosts]
    [emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.The log is saved in the same location as OTL.
So when you return please post
  • JRT.txt
  • OTL.txt
  • 0

#5
wisesilver
Posted 16 June 2013 - 10:35 AM

wisesilver

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 501 posts
Hi emeraldnzl :)

If you don't use Chrome please uninstall it.

I actually already uninstalled it after entering my original post. :)

Below are the logs for JRT & OTL. After we are finished should I perform any clean up on my external hard drive to avoid possible reinfection?


JRT Log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by WeissfamilyAd on Sun 06/16/2013 at 11:50:41.63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1159144477-2886216316-554297653-1005\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\datamngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}



~~~ Files

Successfully deleted: [File] "C:\Windows\couponprinter.ocx"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\WeissfamilyAd\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\WeissfamilyAd\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"



~~~ FireFox

Emptied folder: C:\Users\WeissfamilyAd\AppData\Roaming\mozilla\firefox\profiles\sfdnnxh7.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 06/16/2013 at 11:55:14.95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Here is the OTL Log
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
========== FILES ==========
File\Folder C:\ProgramData\Babylon not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Anti Virus & Spyware\cmd.bat deleted successfully.
C:\Anti Virus & Spyware\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Sheri
->Temp folder emptied: 7818770 bytes
->Temporary Internet Files folder emptied: 138040787 bytes
->Flash cache emptied: 1541 bytes

User: Steve
->Temp folder emptied: 1353693 bytes
->Temporary Internet Files folder emptied: 2978143 bytes
->Flash cache emptied: 631 bytes

User: WeissFamily
->Temp folder emptied: 1553349731 bytes
->Temporary Internet Files folder emptied: 805238489 bytes
->Java cache emptied: 59991647 bytes
->FireFox cache emptied: 335581206 bytes
->Google Chrome cache emptied: 17633638 bytes
->Flash cache emptied: 73764 bytes

User: WeissfamilyAd
->Temp folder emptied: 172556933 bytes
->Temporary Internet Files folder emptied: 32234866 bytes
->Java cache emptied: 99205 bytes
->FireFox cache emptied: 30656392 bytes
->Google Chrome cache emptied: 11635536 bytes
->Flash cache emptied: 1014 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 796880232 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85068 bytes
RecycleBin emptied: 51447736 bytes

Total Files Cleaned = 3,832.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 06162013_120816

Files\Folders moved on Reboot...
File\Folder C:\Users\WeissFamily\AppData\Local\Temp\OICE_B0A32161-2595-42CC-884E-B859BFD8AE81.0\9F3FF0A8. not found!
File\Folder C:\Users\WeissFamily\AppData\Local\Temp\OICE_9C62585E-B102-486E-9CF3-9D5601703B5E.0\CA69FA0C. not found!
File\Folder C:\Users\WeissFamily\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SAKJAZM8\o.prod.demandstudios.com_fa7e073b-6000-499f-a904-9375fd76dad8_86cf333f-5d3e-455e-bd4f-d73829d3ac6f_google_power_tools_thumbnail_fc91902e-7e79-486d-8929-f34aaa9a101e[1].jpg not found!
File\Folder C:\Users\WeissFamily\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SAKJAZM8\ugc=0;lvl=4;tyn=0;sz=300x250,300x600;dx=10481;u=cat-electronics_scat-telephones_sscat-phones_dmd-5E6451A9-E400-455D-BD3C-E97ED67972E9_dcs-y1;tile=4;ord=1339767361006[1].js not found!
File\Folder C:\Users\WeissFamily\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\LPGGKWWY\c=0;lvl=4;tyn=0;sz=990x90,728x90;;u=cat-electronics_scat-cellphonesaccessories_sscat-iphones_dmd-5E6451A9-E400-455D-BD3C-E97ED67972E9_dcs-y0;tile=2;ord=1217077779398[1].js not found!
File\Folder C:\Users\WeissFamily\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\B0O99WL9\gc=0;lvl=4;tyn=0;sz=249x77;dcopt=ist;dx=10481;u=cat-electronics_scat-telephones_sscat-phones_dmd-5E6451A9-E400-455D-BD3C-E97ED67972E9_dcs-y1;tile=1;ord=1339767361006[1].js not found!
File\Folder C:\Users\WeissFamily\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\B0O99WL9\les;ugc=0;lvl=4;tyn=0;sz=160x600;;u=cat-electronics_scat-cellphonesaccessories_sscat-iphones_dmd-5E6451A9-E400-455D-BD3C-E97ED67972E9_dcs-y0;tile=3;ord=1217077779398[1].js not found!
File\Folder C:\Users\WeissFamily\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\B0O99WL9\rticles;ugc=0;lvl=4;tyn=0;sz=160x600;dx=10481;u=cat-electronics_scat-telephones_sscat-phones_dmd-5E6451A9-E400-455D-BD3C-E97ED67972E9_dcs-y1;tile=3;ord=1339767361006[1].js not found!
File\Folder C:\Users\WeissFamily\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\B0O99WL9\rticles;ugc=0;lvl=4;tyn=0;sz=300x250;dx=10481;u=cat-electronics_scat-telephones_sscat-phones_dmd-5E6451A9-E400-455D-BD3C-E97ED67972E9_dcs-y1;tile=5;ord=1339767361006[1].js not found!
File\Folder C:\Users\WeissFamily\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\6BGMOX2G\0;lvl=4;tyn=0;sz=300x250,300x600;;u=cat-electronics_scat-cellphonesaccessories_sscat-iphones_dmd-5E6451A9-E400-455D-BD3C-E97ED67972E9_dcs-y0;tile=4;ord=1217077779398[1].js not found!
File\Folder C:\Users\WeissFamily\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\6BGMOX2G\les;ugc=0;lvl=4;tyn=0;sz=300x250;;u=cat-electronics_scat-cellphonesaccessories_sscat-iphones_dmd-5E6451A9-E400-455D-BD3C-E97ED67972E9_dcs-y0;tile=5;ord=1217077779398[1].js not found!
File\Folder C:\Users\WeissFamily\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\6BGMOX2G\s;ugc=0;lvl=4;tyn=0;sz=249x77;dcopt=ist;;u=cat-electronics_scat-cellphonesaccessories_sscat-iphones_dmd-5E6451A9-E400-455D-BD3C-E97ED67972E9;tile=1;ord=1217077779398[1].js not found!
File\Folder C:\Users\WeissFamily\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\6BGMOX2G\s;ugc=0;lvl=4;tyn=0;sz=990x90,728x90;dx=10481;u=cat-electronics_scat-telephones_sscat-phones_dmd-5E6451A9-E400-455D-BD3C-E97ED67972E9_dcs-y1;tile=2;ord=1339767361006[1].js not found!
C:\Users\WeissfamilyAd\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\WeissfamilyAd\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{CF84333E-9151-47B5-B419-D9E402F4F9D6}.tmp not found!
File\Folder C:\Users\WeissfamilyAd\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{3AD255BB-F073-4BB9-BE5D-9768F91B2E45}.tmp not found!
File\Folder C:\Users\WeissfamilyAd\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{7985990C-3BBD-41C8-BB87-7519C723E6C0}.tmp not found!
File\Folder C:\Users\WeissfamilyAd\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{B55A8ED1-D8EF-4A70-8035-09CD50F9EE52}.tmp not found!
C:\Users\WeissfamilyAd\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#6
emeraldnzl
Posted 16 June 2013 - 03:18 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello wisesilver,

  • Close all windows and open OTL again.
  • Click Run Scan and let the program run uninterrupted
  • It will produce a log for you. Post the log here.
Note: If the log doesn't appear where you saved OTL when you downloaded it, then a copy of the OTL log is saved in a text file at C:\_OTL\MovedFiles.

Next

Please download Security Check by screen317 from here .

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
When you return please post
  • OTL.txt
  • checkup.txt
  • 0

#7
wisesilver
Posted 16 June 2013 - 07:24 PM

wisesilver

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 501 posts
Hi emeraldnzl :)

The OTL and Security Check scan logs are below. :)

Here is the OTL Log
OTL logfile created on: 6/16/2013 9:04:27 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Anti Virus & Spyware
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.98 Gb Total Physical Memory | 6.52 Gb Available Physical Memory | 81.62% Memory free
13.84 Gb Paging File | 10.88 Gb Available in Paging File | 78.62% Paging File free
Paging file location(s): c:\pagefile.sys 6000 8000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.22 Gb Total Space | 632.87 Gb Free Space | 68.85% Space Free | Partition Type: NTFS
Drive K: | 2794.51 Gb Total Space | 1906.77 Gb Free Space | 68.23% Space Free | Partition Type: NTFS

Computer Name: WEISSFAMILY-PC | User Name: WeissfamilyAd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/16 12:06:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Anti Virus & Spyware\OTL.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/02/11 18:30:54 | 000,185,176 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2013/02/05 11:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2012/04/02 09:38:46 | 048,367,104 | ---- | M] (CompanionLink Software, Inc.) -- C:\Program Files (x86)\CompanionLink\CompanionLink.exe
PRC - [2012/02/01 17:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2012/02/01 17:55:58 | 000,214,896 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2012/02/01 12:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
PRC - [2012/02/01 12:50:04 | 001,850,224 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
PRC - [2012/02/01 12:50:02 | 002,195,824 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
PRC - [2011/11/21 08:50:14 | 000,161,792 | ---- | M] () -- c:\Program Files (x86)\CompanionLink\Android\adb.exe
PRC - [2011/07/22 19:13:10 | 000,030,568 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
PRC - [2011/07/22 19:12:04 | 000,138,600 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2011/07/15 01:03:00 | 000,021,488 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
PRC - [2011/07/08 12:31:22 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe
PRC - [2011/07/01 01:07:24 | 000,607,592 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\PdfPro7Hook.exe
PRC - [2011/06/29 08:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
PRC - [2011/06/28 08:18:36 | 000,605,032 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDFCreate\PdfCreate7Hook.exe
PRC - [2011/06/27 19:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
PRC - [2011/06/12 19:07:24 | 000,506,352 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2011/06/01 12:42:28 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 12:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/03/21 14:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/02/09 17:36:58 | 000,457,200 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
PRC - [2010/09/13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/09/13 19:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/23 09:56:18 | 000,466,712 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe
PRC - [2010/03/10 17:26:30 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
PRC - [2009/08/25 12:27:26 | 000,142,200 | ---- | M] (Ilium Software, Inc.) -- C:\Program Files (x86)\Ilium Software\ListPro\ListProAlarms.exe
PRC - [2005/08/26 14:11:14 | 000,169,552 | ---- | M] (PKWARE, Inc.) -- C:\Program Files (x86)\PKWARE\PKZIPM\9.00.0010\PKTray.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/16 03:21:37 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013/05/16 03:21:27 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll
MOD - [2013/05/16 03:21:23 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013/02/13 04:23:25 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
MOD - [2013/02/13 04:23:20 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013/01/10 04:44:15 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ceda881f46083cfb6356ed39e6bf9dcb\IAStorUtil.ni.dll
MOD - [2013/01/10 04:44:15 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\85a17526c326bfb377b5c2124dce39f2\IAStorCommon.ni.dll
MOD - [2013/01/10 04:29:22 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/10 04:29:20 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll
MOD - [2013/01/10 04:29:17 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/01/10 04:29:11 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/10 04:29:09 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/10 04:29:05 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/02/01 17:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2012/02/01 12:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
MOD - [2012/02/01 12:50:04 | 001,850,224 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
MOD - [2012/02/01 12:50:02 | 002,195,824 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
MOD - [2012/02/01 12:44:34 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
MOD - [2012/02/01 12:44:34 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
MOD - [2012/02/01 12:44:34 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
MOD - [2012/02/01 12:44:34 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
MOD - [2011/11/21 08:50:14 | 000,161,792 | ---- | M] () -- c:\Program Files (x86)\CompanionLink\Android\adb.exe
MOD - [2011/07/08 12:31:22 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe
MOD - [2011/06/29 08:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
MOD - [2011/06/28 01:25:20 | 000,413,544 | ---- | M] () -- C:\Program Files (x86)\Nuance\PDFCreate\PDFCOffice2007Addin.dll
MOD - [2011/06/27 19:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
MOD - [2011/06/27 19:25:30 | 000,058,944 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
MOD - [2011/06/24 23:21:46 | 000,322,624 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
MOD - [2011/06/24 23:20:26 | 000,565,968 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/12 19:07:24 | 000,506,352 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2011/06/01 12:46:02 | 000,030,984 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 12:42:24 | 000,108,296 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 12:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 12:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2011/03/21 14:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 14:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/03/23 09:56:40 | 000,223,016 | ---- | M] () -- C:\Windows\libactivboardex.dll
MOD - [2010/03/23 09:56:32 | 000,342,808 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\QtXml4.dll
MOD - [2010/03/23 09:56:28 | 000,880,928 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\QtNetwork4.dll
MOD - [2010/03/23 09:56:26 | 007,469,848 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\QtGui4.dll
MOD - [2010/03/23 09:56:24 | 002,018,584 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\QtCore4.dll
MOD - [2010/03/23 09:56:18 | 000,466,712 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe
MOD - [2010/03/22 15:52:42 | 006,776,832 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
MOD - [2010/03/16 20:28:28 | 000,326,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
MOD - [2010/03/16 20:28:16 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
MOD - [2010/03/16 20:28:04 | 001,926,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
MOD - [2010/03/11 19:52:34 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
MOD - [2010/03/11 19:52:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
MOD - [2010/03/05 15:07:58 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
MOD - [2010/03/05 15:07:58 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/02/19 14:56:14 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013/02/19 14:53:32 | 000,218,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013/02/19 14:51:54 | 000,241,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2012/11/16 22:10:22 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2011/08/05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2011/08/05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2011/08/05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2010/11/10 08:55:50 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/08/30 15:42:00 | 000,220,528 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2013/06/12 14:42:27 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/02/11 18:30:54 | 000,185,176 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2013/02/05 11:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/01 17:55:58 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/10/28 19:20:16 | 000,286,736 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/07/22 19:12:04 | 000,138,600 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2011/07/15 01:03:00 | 000,021,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)
SRV - [2011/07/13 07:41:52 | 000,340,976 | ---- | M] (Rovi Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12)
SRV - [2011/07/13 07:41:30 | 001,095,664 | ---- | M] (Rovi Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13)
SRV - [2011/06/02 17:39:00 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/05/04 17:10:32 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2011/02/09 17:36:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)
SRV - [2010/11/25 06:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/10/22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/09/13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/02/19 14:59:06 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2013/02/19 14:56:26 | 000,340,216 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013/02/19 14:55:14 | 000,106,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2013/02/19 14:54:32 | 000,771,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013/02/19 14:53:42 | 000,515,968 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2013/02/19 14:53:02 | 000,309,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2013/02/19 14:52:44 | 000,179,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2013/02/12 00:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/04/20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/04/18 16:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2012/04/10 15:04:32 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/25 13:58:02 | 000,027,136 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2012/01/25 13:57:50 | 000,030,720 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2012/01/25 13:57:46 | 000,009,728 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2012/01/25 13:57:38 | 000,022,016 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011/05/24 03:00:00 | 000,055,952 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/09 01:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)
DRV:64bit: - [2011/02/09 01:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)
DRV:64bit: - [2011/02/09 01:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/10 09:34:04 | 008,013,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/11/10 08:18:54 | 000,287,232 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 21:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/24 19:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/09/14 08:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/06/08 08:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010/02/27 11:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/10/05 16:56:58 | 000,008,152 | ---- | M] (Promethean Technologies Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\activmouse.sys -- (prmvmouse)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/10 13:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motoandroid.sys -- (motandroidusb)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/05 16:26:00 | 000,065,152 | ---- | M] (Promethean Technologies Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\activhidsermini.sys -- (ActivHidSerMini)
DRV:64bit: - [2009/01/29 17:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2007/11/02 15:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{AE993A48-012D-423D-B232-EDFD2EED78FC}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\nppdf.dll (Zeon Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/29 23:22:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/10/07 15:04:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/06/07 21:40:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013/03/07 17:20:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/16 09:59:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/17 16:01:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2012/10/25 10:23:08 | 000,000,000 | ---D | M]

[2013/06/10 20:07:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WeissfamilyAd\AppData\Roaming\Mozilla\Extensions
[2012/03/21 18:49:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/21 18:49:10 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 15:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012/02/25 10:57:24 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/11 14:04:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/05/22 09:21:17 | 000,002,021 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/02/11 14:04:00 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Delta Search (Enabled)
CHR - default_search_provider: search_url = http://www.delta-sea...0B4782BCBA599E9
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.delta-sea...0B4782BCBA599E9
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: McAfee Virtual Technician (Enabled) = C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: DocuCom PDF Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\nppdf.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL
CHR - Extension: Docs = C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Drive = C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Delta Toolbar = C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\
CHR - Extension: SiteAdvisor = C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0\
CHR - Extension: DivX Plus Web Player HTML5 video = C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\
CHR - Extension: Gmail = C:\Users\WeissfamilyAd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/06/16 12:08:18 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120629002612.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120629002612.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (ZeonIEEventHelper Class) - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files (x86)\Nuance\PDFCreate\bin\ZeonIEFavClient.dll (Zeon Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (DocuCom PDF) - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDFCreate\bin\ZeonIEFavClient.dll (Zeon Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ActivControl] C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe (Promethean Technologies Group Ltd)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\SysNative\EptMon64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe (Flexera Software, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF3 Registry Controller] C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\RegistryController.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PDF7 Registry Controller] C:\Program Files (x86)\Nuance\PDFCreate\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFCreHook] C:\Program Files (x86)\Nuance\PDFCreate\PdfCreate7Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFProHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\PdfPro7Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort14reminder] C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe (Rovi Corporation)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKCU..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Open with PDF Viewer 7 - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O8 - Extra context menu item: Open with PDF Viewer 7 - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...xControl_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.252.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1AEED542-308E-4CE5-8480-A6A649D8F7F3}: DhcpNameServer = 192.168.1.1 71.252.0.12
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/14 23:53:50 | 000,000,027 | ---- | M] () - K:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/16 12:08:16 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/06/16 11:50:38 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/06/16 11:50:26 | 000,000,000 | ---D | C] -- C:\JRT
[2013/06/16 11:45:44 | 000,000,000 | ---D | C] -- C:\Anti Virus & Spyware
[2013/06/15 22:16:03 | 000,000,000 | ---D | C] -- C:\FRST
[2013/06/15 14:52:44 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/06/15 14:52:44 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/06/12 21:22:50 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/06/12 21:22:50 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/06/12 21:22:50 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/06/12 21:22:50 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/06/12 21:22:50 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/06/12 21:22:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/06/12 21:22:50 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/06/12 21:22:50 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/06/12 21:22:50 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/06/12 21:22:50 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/06/12 21:22:49 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/06/12 21:22:49 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/06/12 21:22:49 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/06/12 20:11:24 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/06/12 20:11:24 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/06/12 20:11:13 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013/06/12 20:11:13 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013/06/12 20:10:41 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/06/12 20:10:27 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013/06/12 20:10:26 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013/06/12 20:10:25 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/06/12 20:10:22 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/06/12 20:10:20 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013/06/12 20:10:19 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013/06/12 20:09:41 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/06/12 20:09:41 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/06/10 20:08:39 | 000,000,000 | ---D | C] -- C:\Users\WeissfamilyAd\AppData\Local\Macromedia
[2013/06/10 20:07:02 | 000,000,000 | ---D | C] -- C:\Users\WeissfamilyAd\AppData\Local\Mozilla
[2013/06/08 15:05:46 | 000,000,000 | ---D | C] -- C:\Users\WeissfamilyAd\AppData\Roaming\Mozilla
[2013/06/08 13:40:57 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/06/08 13:40:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/06/08 13:40:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/06/08 13:40:56 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/06/08 13:40:56 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/06/08 13:40:55 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/06/08 13:40:55 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/06/08 13:40:55 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/06/08 13:40:55 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/06/08 13:40:55 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/06/08 13:40:55 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/06/08 13:40:55 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/06/08 13:40:55 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/06/08 13:40:55 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/06/08 13:40:55 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/06/08 13:40:55 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/06/08 13:40:55 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/06/08 13:40:55 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/06/08 13:40:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/06/08 13:40:55 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/06/08 13:40:55 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/06/08 13:40:55 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/06/08 13:40:55 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/06/08 13:40:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/06/08 13:34:54 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/06/08 13:34:54 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/06/08 13:34:50 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/06/08 12:15:03 | 000,000,000 | ---D | C] -- C:\Users\WeissfamilyAd\AppData\Roaming\McAfee
[2013/06/08 11:42:02 | 000,000,000 | ---D | C] -- C:\Users\WeissfamilyAd\Desktop\rkill
[2013/06/08 11:16:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/06/08 11:12:26 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\WeissfamilyAd\Desktop\mbam-setup-1.75.0.1300.exe

========== Files - Modified Within 30 Days ==========

[2013/06/16 21:04:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2013/06/16 20:59:00 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2013/06/16 20:42:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/16 20:29:27 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/16 20:29:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/16 13:34:54 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/16 13:34:54 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/16 13:27:19 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/16 13:27:03 | 2133,676,031 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/16 12:11:16 | 000,003,021 | ---- | M] () -- C:\Users\WeissfamilyAd\Desktop\Microsoft Word 2010.lnk
[2013/06/16 12:08:18 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013/06/12 20:15:12 | 000,797,204 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/06/12 20:15:12 | 000,671,612 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/06/12 20:15:12 | 000,126,558 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/06/12 14:42:24 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/06/12 14:42:24 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/06/10 21:00:10 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013/06/10 20:22:20 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/08 10:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/06/08 08:50:59 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\WeissfamilyAd\Desktop\mbam-setup-1.75.0.1300.exe
[2013/06/08 07:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

========== Files Created - No Company Name ==========

[2013/06/16 12:11:16 | 000,003,021 | ---- | C] () -- C:\Users\WeissfamilyAd\Desktop\Microsoft Word 2010.lnk
[2013/03/12 09:27:24 | 000,007,609 | ---- | C] () -- C:\Users\WeissfamilyAd\AppData\Local\Resmon.ResmonCfg
[2012/12/30 16:21:02 | 000,001,415 | ---- | C] () -- C:\Users\WeissfamilyAd\AppData\Roaming\csv2qif.ini
[2012/08/19 16:41:45 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/05/31 16:07:49 | 000,103,272 | ---- | C] () -- C:\Users\WeissfamilyAd\GoToAssistDownloadHelper.exe
[2011/09/29 23:02:53 | 000,212,852 | ---- | C] () -- C:\Windows\hpoins52.dat
[2011/07/22 18:32:34 | 000,034,326 | ---- | C] () -- C:\Windows\MAXLINK.INI

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 242 bytes -> C:\ProgramData\Temp:FD9CE1F3

< End of report >

Her is the Security Check Log
Results of screen317's Security Check version 0.99.64
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
McAfee Anti-Virus and Anti-Spyware
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java™ 6 Update 31
Java version out of Date!
Adobe Flash Player 11.7.700.224
Adobe Reader 10.1.7 Adobe Reader out of Date!
Mozilla Firefox 11.0 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
OTL.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
  • 0

#8
emeraldnzl
Posted 16 June 2013 - 07:59 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Okay so Google Chrome is still there... back with the Babylon/Delta (don't think that ever went away) one and all extensions, plug ins etc.

Go to Control Panel > Uninstall a program and see if it is there.

If it is, start in Safe Mode and try an uninstall from there.

Boot into Safe Mode:

1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, tap F8 continually.
3) If you are asked what mode to bootup in press Esc to boot in the default settings
4) Instead of Windows loading as normal, a menu should appear
5) Select the option to run Windows in Safe Mode.

If Google Chrome does not appear in your uninstall list, reinstall it and then follow the instructions above.

If you still have difficulty come back and tell me.

Assuming you do manage to uninstall it then do this:

Download ComboFix from this location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

  • Double click on ComboFix.exe & follow the prompts.
  • If you have an older Operating System you may be asked whether you want to install the Recovery Console. Click yes and follow any prompts.
  • Your desktop may go blank. This is normal.
  • ComboFix may appear to be doing nothing for quite long periods, this is normal, just leave it to do it's job.
  • ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#9
wisesilver
Posted 16 June 2013 - 09:34 PM

wisesilver

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 501 posts
Hi emeraldnzl :)

Google Chrome did not appear in my uninstall list, so I reinstalled it and then followed your instructions to uninstall it in safe mode. I then booted in regular mode and ran Combofix.

Below find the Combofix log.
ComboFix 13-06-15.01 - WeissfamilyAd 06/16/2013 23:24:06.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8174.6102 [GMT -4:00]
Running from: c:\users\WeissfamilyAd\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\WeissFamily\Documents\~WRL0001.tmp
c:\users\WeissFamily\Documents\~WRL0002.tmp
c:\users\WeissFamily\Documents\~WRL3989.tmp
c:\users\WeissFamily\GoToAssistDownloadHelper.exe
c:\users\WeissfamilyAd\GoToAssistDownloadHelper.exe
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
K:\Autorun.inf
K:\Setup.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-05-17 to 2013-06-17 )))))))))))))))))))))))))))))))
.
.
2013-06-16 16:08 . 2013-06-16 16:08 -------- d-----w- C:\_OTL
2013-06-16 15:50 . 2013-06-16 15:50 -------- d-----w- c:\windows\ERUNT
2013-06-16 15:50 . 2013-06-16 15:50 -------- d-----w- C:\JRT
2013-06-16 15:45 . 2013-06-17 03:17 -------- d-----w- C:\Anti Virus & Spyware
2013-06-16 02:16 . 2013-06-16 02:16 -------- d-----w- C:\FRST
2013-06-13 01:22 . 2013-05-17 01:25 257536 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2013-06-13 00:11 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-13 00:11 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-06-13 00:11 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-06-13 00:11 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-13 00:11 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-06-13 00:10 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-06-13 00:10 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-06-13 00:10 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-06-13 00:10 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-06-13 00:10 . 2013-05-13 05:51 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-06-13 00:10 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-06-13 00:10 . 2013-05-13 05:51 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-13 00:10 . 2013-05-13 05:51 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-13 00:10 . 2013-05-13 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-06-13 00:10 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2013-06-13 00:10 . 2013-05-13 04:45 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-06-13 00:10 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-06-13 00:09 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-06-13 00:09 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-06-11 00:08 . 2013-06-11 00:08 -------- d-----w- c:\users\WeissfamilyAd\AppData\Local\Macromedia
2013-06-11 00:07 . 2013-06-11 00:07 -------- d-----w- c:\users\WeissfamilyAd\AppData\Local\Mozilla
2013-06-08 19:05 . 2013-06-08 19:05 -------- d-----w- c:\users\WeissFamily\AppData\Roaming\DSite
2013-06-08 17:50 . 2013-06-08 17:50 -------- d-----w- c:\users\Default\AppData\Roaming\Apple Computer
2013-06-08 17:34 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-06-08 17:34 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-06-08 17:34 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
2013-06-08 17:34 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-06-08 17:34 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-06-08 17:34 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-06-08 17:34 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-06-08 17:34 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-06-08 17:34 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-06-08 16:15 . 2013-06-08 16:15 -------- d-----w- c:\users\WeissfamilyAd\AppData\Roaming\McAfee
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-13 01:23 . 2011-06-11 15:18 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-12 18:42 . 2012-04-19 21:20 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-12 18:42 . 2011-06-16 01:05 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 10:48 . 2010-06-24 16:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-10 07:03 . 2013-05-10 07:03 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-10 07:03 . 2013-05-10 07:03 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-10 07:03 . 2013-05-10 07:03 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-10 07:03 . 2013-05-10 07:03 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-10 07:03 . 2013-05-10 07:03 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-10 07:03 . 2013-05-10 07:03 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-10 07:03 . 2013-05-10 07:03 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-10 07:03 . 2013-05-10 07:03 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-10 07:03 . 2013-05-10 07:03 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-10 07:03 . 2013-05-10 07:03 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-10 07:03 . 2013-05-10 07:03 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-10 07:03 . 2013-05-10 07:03 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-10 07:03 . 2013-05-10 07:03 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-10 07:03 . 2013-05-10 07:03 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-10 07:03 . 2013-05-10 07:03 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-10 07:03 . 2013-05-10 07:03 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-10 07:03 . 2013-05-10 07:03 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-10 07:03 . 2013-05-10 07:03 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-10 07:03 . 2013-05-10 07:03 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-10 07:03 . 2013-05-10 07:03 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-10 07:03 . 2013-05-10 07:03 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-10 07:03 . 2013-05-10 07:03 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-10 07:03 . 2013-05-10 07:03 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-10 07:03 . 2013-05-10 07:03 441856 ----a-w- c:\windows\system32\html.iec
2013-05-10 07:03 . 2013-05-10 07:03 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-10 07:03 . 2013-05-10 07:03 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-10 07:03 . 2013-05-10 07:03 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-10 07:03 . 2013-05-10 07:03 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-10 07:03 . 2013-05-10 07:03 235008 ----a-w- c:\windows\system32\url.dll
2013-05-10 07:03 . 2013-05-10 07:03 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-10 07:03 . 2013-05-10 07:03 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-10 07:03 . 2013-05-10 07:03 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-10 07:03 . 2013-05-10 07:03 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-10 07:03 . 2013-05-10 07:03 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-10 07:03 . 2013-05-10 07:03 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-10 07:03 . 2013-05-10 07:03 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-10 07:03 . 2013-05-10 07:03 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-10 07:03 . 2013-05-10 07:03 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-10 07:03 . 2013-05-10 07:03 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-10 07:03 . 2013-05-10 07:03 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-10 07:03 . 2013-05-10 07:03 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-10 07:03 . 2013-05-10 07:03 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-10 07:03 . 2013-05-10 07:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-10 07:03 . 2013-05-10 07:03 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-10 07:03 . 2013-05-10 07:03 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-10 07:03 . 2013-05-10 07:03 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-10 07:03 . 2013-05-10 07:03 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-10 07:03 . 2013-05-10 07:03 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-10 07:03 . 2013-05-10 07:03 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-04-13 05:49 . 2013-05-15 10:55 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 10:55 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 10:55 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 10:55 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 10:55 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 10:55 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 13:21 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 10:55 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 10:55 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 10:54 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-04-04 18:50 . 2011-06-11 04:57 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-19 06:04 . 2013-04-10 03:11 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:53 . 2013-05-15 10:54 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-03-19 05:53 . 2013-05-15 10:54 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-03-19 05:46 . 2013-04-10 03:11 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 03:11 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 03:11 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 03:11 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MyTomTomSA.exe"="c:\program files (x86)\MyTomTom 3\MyTomTomSA.exe" [2013-01-07 451656]
"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2013-02-11 1099608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-10 98304]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ShwiconXP9106"="c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe" [2010-03-10 237568]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-03-13 1532992]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-05-10 37960]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" [2011-07-13 293360]
"Desktop Disc Tool"="c:\program files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" [2011-06-12 506352]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"PDF3 Registry Controller"="c:\program files (x86)\ScanSoft\PDF Converter 3.0\\RegistryController.exe" [2005-04-12 106496]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\\isuspm.exe" [2010-05-21 324976]
"PaperPort PTD"="c:\program files (x86)\Nuance\PaperPort\pptd40nt.exe" [2011-07-22 30568]
"IndexSearch"="c:\program files (x86)\Nuance\PaperPort\IndexSearch.exe" [2011-07-22 46952]
"PPort14reminder"="c:\program files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" [2011-05-16 333088]
"PDFProHook"="c:\program files (x86)\Nuance\PDF Viewer Plus\pdfpro7hook.exe" [2011-07-01 607592]
"PDFCreHook"="c:\program files (x86)\Nuance\PDFCreate\pdfcreate7hook.exe" [2011-06-28 605032]
"PDF7 Registry Controller"="c:\program files (x86)\Nuance\PDFCreate\RegistryController.exe" [2011-06-28 140136]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"CPMonitor"="c:\program files (x86)\Roxio 2012\5.0\CPMonitor.exe" [2011-07-08 84464]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048]
"Memeo Instant Backup"="c:\program files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe" [2012-04-14 131072]
"Seagate Dashboard"="c:\program files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
c:\users\WeissFamily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Monitor Ink Alerts - HP Photosmart 7510 series (Network).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Photosmart 7510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN24D352NK05T5;CONNECTION=NW;MONITOR=1; [2009-7-13 45568]
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-1-8 228448]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Event Reminder.lnk - c:\program files (x86)\The Print Shop 23.1\Remind.exe [2010-6-21 344064]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
ListProAlarms.lnk - c:\program files (x86)\Ilium Software\ListPro\ListProAlarms.exe [2011-7-1 142200]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
PKZIP Attachments Status.lnk - c:\program files (x86)\PKWARE\PKZIPM\9.00.0010\PKTray.exe -tray [2011-6-11 169552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe;c:\progra~1\mcafee\msc\mcawfwk.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms;c:\program files\dell support center\pcdsrvc_x64.pkms [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 RoxMediaDB13;RoxMediaDB13;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 Sahdad64;HDD Filter Driver;c:\windows\System32\Drivers\Sahdad64.sys;c:\windows\SYSNATIVE\Drivers\Sahdad64.sys [x]
S0 Saibad64;Volume Filter Driver;c:\windows\System32\Drivers\Saibad64.sys;c:\windows\SYSNATIVE\Drivers\Saibad64.sys [x]
S1 SaibVdAd64;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVdAd64.sys;c:\windows\SYSNATIVE\Drivers\SaibVdAd64.sys [x]
S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe;c:\program files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 BOT4Service;BOT4Service;c:\program files (x86)\Roxio\BackOnTrack\App\BService.exe;c:\program files (x86)\Roxio\BackOnTrack\App\BService.exe [x]
S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IHA_MessageCenter;IHA_MessageCenter;c:\program files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe;c:\program files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [x]
S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [x]
S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [x]
S3 ActivHidSerMini;Promethean Serial Board Driver;c:\windows\system32\DRIVERS\activhidsermini.sys;c:\windows\SYSNATIVE\DRIVERS\activhidsermini.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 prmvmouse;Promethean HID Mouse Service;c:\windows\system32\DRIVERS\activmouse.sys;c:\windows\SYSNATIVE\DRIVERS\activmouse.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-19 18:42]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-26 15:45]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-26 15:45]
.
2013-06-17 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
.
2013-06-17 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-23 10920552]
"RunDLLEntry_THXCfg"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"RunDLLEntry_EptMon"="c:\windows\system32\EptMon64.dll" [2009-10-15 21504]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"Stage Remote"="c:\program files (x86)\Dell\Stage Remote\StageRemote.exe" [2011-06-27 2022976]
"ActivControl"="c:\program files\Activ Software\ActivDriver\ActivControl2x64.exe" [2010-03-23 1233704]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Open with PDF Viewer 7 - c:\program files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1 71.252.0.12
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
FF - ProfilePath - c:\users\WeissfamilyAd\AppData\Roaming\Mozilla\Firefox\Profiles\sfdnnxh7.default\
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-06-10 15:07; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; c:\program files (x86)\McAfee\SiteAdvisor
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-RunOnce-c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe - c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Coupon Printer for Windows5.0.0.0 - c:\program files (x86)\Coupons\uninstall.exe
AddRemove-Delta Chrome Toolbar - c:\users\WeissfamilyAd\AppData\Roaming\BabSolution\Shared\GUninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-06-16 23:32:07
ComboFix-quarantined-files.txt 2013-06-17 03:32
.
Pre-Run: 680,355,102,720 bytes free
Post-Run: 679,952,613,376 bytes free
.
- - End Of File - - 9BE98A616F3753C925092E5FBBF55E61
D41D8CD98F00B204E9800998ECF8427E
  • 0

#10
emeraldnzl
Posted 16 June 2013 - 09:42 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Let's have another look.

  • Close all windows and open OTL again.
  • Click Run Scan and let the program run uninterrupted
  • It will produce a log for you. Post the log here.

  • 0

Advertisements

#11
wisesilver
Posted 16 June 2013 - 10:22 PM

wisesilver

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 501 posts
Hi emeraldnzl :)

This has absolutely been the most cycles I have ever done in one day on a Malware removal. :) Below find the new OTL log.

OTL logfile created on: 6/17/2013 12:02:40 AM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Anti Virus & Spyware
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.98 Gb Total Physical Memory | 5.60 Gb Available Physical Memory | 70.10% Memory free
13.84 Gb Paging File | 11.04 Gb Available in Paging File | 79.75% Paging File free
Paging file location(s): c:\pagefile.sys 6000 8000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.22 Gb Total Space | 633.37 Gb Free Space | 68.90% Space Free | Partition Type: NTFS
Drive K: | 2794.51 Gb Total Space | 1906.77 Gb Free Space | 68.23% Space Free | Partition Type: NTFS

Computer Name: WEISSFAMILY-PC | User Name: WeissfamilyAd | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/16 12:06:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Anti Virus & Spyware\OTL.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/02/11 18:30:54 | 000,185,176 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2013/02/05 11:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2012/04/02 09:38:46 | 048,367,104 | ---- | M] (CompanionLink Software, Inc.) -- C:\Program Files (x86)\CompanionLink\CompanionLink.exe
PRC - [2012/02/01 17:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2012/02/01 17:55:58 | 000,214,896 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2012/02/01 12:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
PRC - [2012/02/01 12:50:04 | 001,850,224 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
PRC - [2012/02/01 12:50:02 | 002,195,824 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
PRC - [2011/07/22 19:13:10 | 000,030,568 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
PRC - [2011/07/22 19:12:04 | 000,138,600 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2011/07/15 01:03:00 | 000,021,488 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
PRC - [2011/07/08 12:31:22 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe
PRC - [2011/07/01 01:07:24 | 000,607,592 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\PdfPro7Hook.exe
PRC - [2011/06/29 08:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
PRC - [2011/06/28 08:18:36 | 000,605,032 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDFCreate\PdfCreate7Hook.exe
PRC - [2011/06/27 19:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
PRC - [2011/06/12 19:07:24 | 000,506,352 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2011/06/01 12:42:28 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 12:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/03/21 14:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/02/09 17:36:58 | 000,457,200 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
PRC - [2010/09/13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/09/13 19:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/23 09:56:18 | 000,466,712 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe
PRC - [2010/03/10 17:26:30 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
PRC - [2009/08/25 12:27:26 | 000,142,200 | ---- | M] (Ilium Software, Inc.) -- C:\Program Files (x86)\Ilium Software\ListPro\ListProAlarms.exe
PRC - [2005/08/26 14:11:14 | 000,169,552 | ---- | M] (PKWARE, Inc.) -- C:\Program Files (x86)\PKWARE\PKZIPM\9.00.0010\PKTray.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/16 03:21:37 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013/05/16 03:21:27 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll
MOD - [2013/05/16 03:21:23 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013/02/13 04:23:25 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
MOD - [2013/02/13 04:23:20 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013/01/10 04:44:15 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ceda881f46083cfb6356ed39e6bf9dcb\IAStorUtil.ni.dll
MOD - [2013/01/10 04:44:15 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\85a17526c326bfb377b5c2124dce39f2\IAStorCommon.ni.dll
MOD - [2013/01/10 04:29:22 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/10 04:29:20 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll
MOD - [2013/01/10 04:29:17 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/01/10 04:29:11 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/10 04:29:09 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/10 04:29:05 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/02/01 17:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2012/02/01 12:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
MOD - [2012/02/01 12:50:04 | 001,850,224 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
MOD - [2012/02/01 12:50:02 | 002,195,824 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
MOD - [2012/02/01 12:44:34 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll
MOD - [2012/02/01 12:44:34 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
MOD - [2012/02/01 12:44:34 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll
MOD - [2012/02/01 12:44:34 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
MOD - [2011/07/08 12:31:22 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe
MOD - [2011/06/29 08:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
MOD - [2011/06/28 01:25:20 | 000,413,544 | ---- | M] () -- C:\Program Files (x86)\Nuance\PDFCreate\PDFCOffice2007Addin.dll
MOD - [2011/06/27 19:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
MOD - [2011/06/27 19:25:30 | 000,058,944 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
MOD - [2011/06/24 23:21:46 | 000,322,624 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
MOD - [2011/06/24 23:20:26 | 000,565,968 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/12 19:07:24 | 000,506,352 | ---- | M] () -- C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2011/06/01 12:46:02 | 000,030,984 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 12:42:24 | 000,108,296 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 12:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 12:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2011/03/21 14:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 14:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/03/23 09:56:40 | 000,223,016 | ---- | M] () -- C:\Windows\libactivboardex.dll
MOD - [2010/03/23 09:56:32 | 000,342,808 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\QtXml4.dll
MOD - [2010/03/23 09:56:28 | 000,880,928 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\QtNetwork4.dll
MOD - [2010/03/23 09:56:26 | 007,469,848 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\QtGui4.dll
MOD - [2010/03/23 09:56:24 | 002,018,584 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\QtCore4.dll
MOD - [2010/03/23 09:56:18 | 000,466,712 | ---- | M] () -- C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe
MOD - [2010/03/22 15:52:42 | 006,776,832 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
MOD - [2010/03/16 20:28:28 | 000,326,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
MOD - [2010/03/16 20:28:16 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
MOD - [2010/03/16 20:28:04 | 001,926,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
MOD - [2010/03/11 19:52:34 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
MOD - [2010/03/11 19:52:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
MOD - [2010/03/05 15:07:58 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
MOD - [2010/03/05 15:07:58 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/02/19 14:56:14 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013/02/19 14:53:32 | 000,218,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013/02/19 14:51:54 | 000,241,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2012/11/16 22:10:22 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2011/08/05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2011/08/05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2011/08/05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2010/11/10 08:55:50 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/08/30 15:42:00 | 000,220,528 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2013/06/12 14:42:27 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/02/11 18:30:54 | 000,185,176 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2013/02/05 11:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/01 17:55:58 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/10/28 19:20:16 | 000,286,736 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/07/22 19:12:04 | 000,138,600 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2011/07/15 01:03:00 | 000,021,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)
SRV - [2011/07/13 07:41:52 | 000,340,976 | ---- | M] (Rovi Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12)
SRV - [2011/07/13 07:41:30 | 001,095,664 | ---- | M] (Rovi Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13)
SRV - [2011/06/02 17:39:00 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/05/04 17:10:32 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2011/02/09 17:36:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)
SRV - [2010/11/25 06:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/10/22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/09/13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/02/19 14:59:06 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2013/02/19 14:56:26 | 000,340,216 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013/02/19 14:55:14 | 000,106,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2013/02/19 14:54:32 | 000,771,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013/02/19 14:53:42 | 000,515,968 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2013/02/19 14:53:02 | 000,309,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2013/02/19 14:52:44 | 000,179,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2013/02/12 00:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/04/20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/04/18 16:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2012/04/10 15:04:32 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/25 13:58:02 | 000,027,136 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2012/01/25 13:57:50 | 000,030,720 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2012/01/25 13:57:46 | 000,009,728 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2012/01/25 13:57:38 | 000,022,016 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011/05/24 03:00:00 | 000,055,952 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/09 01:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)
DRV:64bit: - [2011/02/09 01:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)
DRV:64bit: - [2011/02/09 01:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/10 09:34:04 | 008,013,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/11/10 08:18:54 | 000,287,232 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 21:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/24 19:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/09/14 08:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/06/08 08:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010/02/27 11:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/10/05 16:56:58 | 000,008,152 | ---- | M] (Promethean Technologies Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\activmouse.sys -- (prmvmouse)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/10 13:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motoandroid.sys -- (motandroidusb)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/05 16:26:00 | 000,065,152 | ---- | M] (Promethean Technologies Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\activhidsermini.sys -- (ActivHidSerMini)
DRV:64bit: - [2009/01/29 17:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2007/11/02 15:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{AE993A48-012D-423D-B232-EDFD2EED78FC}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\nppdf.dll (Zeon Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/29 23:22:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/10/07 15:04:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/06/07 21:40:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013/03/07 17:20:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/16 09:59:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/17 16:01:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2012/10/25 10:23:08 | 000,000,000 | ---D | M]

[2013/06/10 20:07:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WeissfamilyAd\AppData\Roaming\Mozilla\Extensions
[2012/03/21 18:49:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/21 18:49:10 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 15:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012/02/25 10:57:24 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/11 14:04:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/05/22 09:21:17 | 000,002,021 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/02/11 14:04:00 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2013/06/16 23:30:01 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120629002612.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120629002612.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (ZeonIEEventHelper Class) - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files (x86)\Nuance\PDFCreate\bin\ZeonIEFavClient.dll (Zeon Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (DocuCom PDF) - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDFCreate\bin\ZeonIEFavClient.dll (Zeon Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ActivControl] C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe (Promethean Technologies Group Ltd)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\SysNative\EptMon64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe (Flexera Software, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF3 Registry Controller] C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\RegistryController.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PDF7 Registry Controller] C:\Program Files (x86)\Nuance\PDFCreate\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFCreHook] C:\Program Files (x86)\Nuance\PDFCreate\PdfCreate7Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFProHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\PdfPro7Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort14reminder] C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe (Rovi Corporation)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKCU..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Open with PDF Viewer 7 - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O8 - Extra context menu item: Open with PDF Viewer 7 - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...xControl_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.252.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1AEED542-308E-4CE5-8480-A6A649D8F7F3}: DhcpNameServer = 192.168.1.1 71.252.0.12
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/17 00:00:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/06/16 23:22:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/06/16 23:22:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/06/16 23:22:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/06/16 23:22:45 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013/06/16 23:22:42 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/06/16 23:22:31 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/06/16 23:18:40 | 005,080,151 | R--- | C] (Swearware) -- C:\Users\WeissfamilyAd\Desktop\ComboFix.exe
[2013/06/16 12:08:16 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/06/16 11:50:38 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/06/16 11:50:26 | 000,000,000 | ---D | C] -- C:\JRT
[2013/06/16 11:45:44 | 000,000,000 | ---D | C] -- C:\Anti Virus & Spyware
[2013/06/15 22:16:03 | 000,000,000 | ---D | C] -- C:\FRST
[2013/06/15 14:52:44 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/06/15 14:52:44 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/06/12 21:22:50 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/06/12 21:22:50 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/06/12 21:22:50 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/06/12 21:22:50 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/06/12 21:22:50 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/06/12 21:22:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/06/12 21:22:50 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/06/12 21:22:50 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/06/12 21:22:50 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/06/12 21:22:50 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/06/12 21:22:49 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/06/12 21:22:49 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/06/12 21:22:49 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/06/12 20:11:24 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/06/12 20:11:24 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/06/12 20:11:13 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013/06/12 20:11:13 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013/06/12 20:10:41 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/06/12 20:10:27 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013/06/12 20:10:26 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013/06/12 20:10:25 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/06/12 20:10:22 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/06/12 20:10:20 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013/06/12 20:10:19 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013/06/12 20:09:41 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/06/12 20:09:41 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/06/10 20:08:39 | 000,000,000 | ---D | C] -- C:\Users\WeissfamilyAd\AppData\Local\Macromedia
[2013/06/10 20:07:02 | 000,000,000 | ---D | C] -- C:\Users\WeissfamilyAd\AppData\Local\Mozilla
[2013/06/08 15:05:46 | 000,000,000 | ---D | C] -- C:\Users\WeissfamilyAd\AppData\Roaming\Mozilla
[2013/06/08 13:40:57 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/06/08 13:40:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/06/08 13:40:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/06/08 13:40:56 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/06/08 13:40:56 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/06/08 13:40:55 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/06/08 13:40:55 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/06/08 13:40:55 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/06/08 13:40:55 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/06/08 13:40:55 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/06/08 13:40:55 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/06/08 13:40:55 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/06/08 13:40:55 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/06/08 13:40:55 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/06/08 13:40:55 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/06/08 13:40:55 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/06/08 13:40:55 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/06/08 13:40:55 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/06/08 13:40:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/06/08 13:40:55 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/06/08 13:40:55 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/06/08 13:40:55 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/06/08 13:40:55 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/06/08 13:40:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/06/08 13:34:54 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/06/08 13:34:54 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/06/08 13:34:50 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/06/08 12:15:03 | 000,000,000 | ---D | C] -- C:\Users\WeissfamilyAd\AppData\Roaming\McAfee
[2013/06/08 11:42:02 | 000,000,000 | ---D | C] -- C:\Users\WeissfamilyAd\Desktop\rkill
[2013/06/08 11:16:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/06/08 11:12:26 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\WeissfamilyAd\Desktop\mbam-setup-1.75.0.1300.exe

========== Files - Modified Within 30 Days ==========

[2013/06/17 00:01:00 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2013/06/17 00:00:02 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/17 00:00:00 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2013/06/16 23:42:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/16 23:30:01 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/06/16 23:22:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/16 23:21:22 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/16 23:21:22 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/16 23:18:40 | 005,080,151 | R--- | M] (Swearware) -- C:\Users\WeissfamilyAd\Desktop\ComboFix.exe
[2013/06/16 23:14:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/16 23:13:57 | 2133,676,031 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/16 12:11:16 | 000,003,021 | ---- | M] () -- C:\Users\WeissfamilyAd\Desktop\Microsoft Word 2010.lnk
[2013/06/12 20:15:12 | 000,797,204 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/06/12 20:15:12 | 000,671,612 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/06/12 20:15:12 | 000,126,558 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/06/12 14:42:24 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/06/12 14:42:24 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/06/10 21:00:10 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013/06/10 20:22:20 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/08 10:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/06/08 08:50:59 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\WeissfamilyAd\Desktop\mbam-setup-1.75.0.1300.exe
[2013/06/08 07:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

========== Files Created - No Company Name ==========

[2013/06/16 23:22:47 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/06/16 23:22:47 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/06/16 23:22:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/06/16 23:22:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/06/16 23:22:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/06/16 12:11:16 | 000,003,021 | ---- | C] () -- C:\Users\WeissfamilyAd\Desktop\Microsoft Word 2010.lnk
[2013/03/12 09:27:24 | 000,007,609 | ---- | C] () -- C:\Users\WeissfamilyAd\AppData\Local\Resmon.ResmonCfg
[2012/12/30 16:21:02 | 000,001,415 | ---- | C] () -- C:\Users\WeissfamilyAd\AppData\Roaming\csv2qif.ini
[2012/08/19 16:41:45 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011/09/29 23:02:53 | 000,212,852 | ---- | C] () -- C:\Windows\hpoins52.dat
[2011/07/22 18:32:34 | 000,034,326 | ---- | C] () -- C:\Windows\MAXLINK.INI

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 242 bytes -> C:\ProgramData\Temp:FD9CE1F3

< End of report >
  • 0

#12
emeraldnzl
Posted 17 June 2013 - 02:07 AM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello wisesilver,

Security Check found that your machines Java and Adobe Reader are out of date.

Java warning

Java is a popular point of entry to your computer for malicous programs. The United States Department of Homeland Security recommends that computer users disable Java, see here. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.
  • Click Start > Control Panel > Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.
Your Adobe Acrobat Reader is out of date. Older versions are vunerable to attack.

Please go to the link below to update.

Note: Before you download ensure you uncheck the "Yes install Chrome as default browser and Google Toolbar for Internet Explorer" or any other third party software option. That is foistware.

http://www.adobe.com.../readstep2.html

Security Check also found that your Firefox was out of date. It is good security practice to update your browsers. To update go to Firefox > Help and click on About Firefox.

Next

Please download Farbar Service Scanner and run.

  • Make sure the following options are checked:


  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Other Services

[*]Press Scan
[*]A log (FSS.txt) will be created in the same directory the tool is run.
[*]Copy and paste the log back here.
[/list]
  • 0

#13
wisesilver
Posted 17 June 2013 - 06:17 PM

wisesilver

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 501 posts
Hi emeraldnzl :)

Internet Exployer was going to some Security Web Page today. I closed it and did not click on anything.

Java: I went into Control Panel and uninstalled all Java items. If I need it I will use your link to install the latest and look at "How to disable Java in your web browser" and "How to unplug Java from the browser". Interestingly, prior to all this and for some time, every time I booted up Java requested an update and all attempts failed to update. I do not recall the specific message.

I updated Adobe & FireFox.

Below please fine the Log from Farbar Service Scanner
Farbar Service Scanner Version: 16-06-2013
Ran by WeissFamily (ATTENTION: The logged in user is not administrator) on 17-06-2013 at 20:12:12
Running from "C:\Anti Virus & Spyware"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-06-12 20:11] - [2013-05-08 02:39] - 1910632 ____A (Microsoft Corporation) 9849EA3843A2ADBDD1497E97A85D8CAE

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2013-06-12 20:10] - [2013-05-13 01:51] - 0184320 ____A (Microsoft Corporation) D8129C49798CBBFB2E4351D4B7B8EF9C

C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
  • 0

#14
emeraldnzl
Posted 17 June 2013 - 11:31 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Internet Exployer was going to some Security Web Page today.


It would be interesting to know what?

For example it wasn't just your anti-virus running an update or referencing something. Also you have McAfee Site Advisor and numerous McAfee Add-ons.

Just in case run this one:

Please download AdwCleaner from here to your desktop
  • Click on the green downward facing arrow on the right to commence download.
  • Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this.

On reboot a log will be produced please post that back here.
  • 0

#15
wisesilver
Posted 18 June 2013 - 05:12 AM

wisesilver

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 501 posts
Hi emeraldnzl :)

I should have written the name “Security Web Page” of the web page down.

Also you have McAfee Site Advisor and numerous McAfee Add-ons

McAfee Security Scan Plus may have been from a former Adobe update – didn’t uncheck the additional item before installing the Adobe update.
McAfee virtual Technician was an install from a recent attempt to work on the McAfee site to solve the current problem.

FYI: My Backup software, Memeo Instant Backup, stopped working about a week ago.

AdwCleaner: Didn’t see a green downward facing arrow on the right, I selected the Bleeping Computer.Com blue download arrow pointing down.

After reboot no log poped up nor was I able to find the log on the desktop. I looked in a few other places to no avail.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP