CathyS

Hello - any more thoughts on my possible gamerue problem ?

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2013 04 Ran by In Tandem at 2013-09-14 17:12:26 Running from C:\Users\In Tandem\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe Flash Player 10 ActiveX (x32 Version: 10.0.42.34) Adobe Flash Player 10 Plugin (x32 Version: 10.0.42.34) Adobe Reader X (10.1.8) (x32 Version: 10.1.8) Apple Application Support (x32 Version: 2.3.4) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.98) ArcSoft WebCam Companion 3 (x32 Version: 3.0.21.278) ArcSoft WebCam Message Board (x32 Version: 1.0.1.58) Bing Bar (x32 Version: 7.2.233.0) Bing Maps 3D (Version: 4.0.903.16005) Bonjour (Version: 3.0.0.10) Citrix Authentication Manager (x32 Version: 5.0.0.60597) Citrix online plug-in (Web) (x32 Version: 11.2.0.31560) Citrix Receiver (HDX Flash Redirection) (x32 Version: 14.0.0.91) Citrix Receiver (x32 Version: 14.0.0.91) Citrix Receiver Inside (x32 Version: 3.4.0.45902) Citrix Receiver Updater (x32 Version: 4.0.0.45893) Citrix Receiver(Aero) (x32 Version: 14.0.0.91) Citrix Receiver(DV) (x32 Version: 14.0.0.91) Citrix Receiver(USB) (x32 Version: 14.0.0.91) Click to Disc MergeModules x64 (Version: 1.0.14230) CyberLink YouPaint (x32 Version: 1.2.0.1518) D3DX10 (x32 Version: 15.4.2368.0902) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) Dropbox (HKCU Version: 2.0.22) Evernote (x32 Version: 3.5.2.1525) Google Chrome (HKCU Version: 29.0.1547.66) Google Toolbar for Internet Explorer (x32 Version: 1.0.0) Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752) Google Update Helper (x32 Version: 1.3.21.153) GoToMeeting 5.4.0.1083 (HKCU Version: 5.4.0.1083) HP FWUpdateEDO2 (x32 Version: 1.2.0.0) HP Photo Creations (x32 Version: 1.0.0.5192) HP Photosmart 5510 series Basic Device Software (Version: 24.0.342.0) HP Photosmart 5510 series Help (x32 Version: 140.0.2.2) HP Photosmart 5510 series Product Improvement Study (Version: 24.0.342.0) HP Update (x32 Version: 5.005.000.002) HPDiagnosticAlert (x32 Version: 1.00.0000) iCloud (Version: 2.1.2.8) Intel® Management Engine Interface iTunes (Version: 11.0.5.5) Java 7 Update 25 (x32 Version: 7.0.250) Java Auto Updater (x32 Version: 2.1.9.5) Java 6 Update 18 (64-bit) (Version: 6.0.180) Java 6 Update 26 (x32 Version: 6.0.260) Junk Mail filter update (x32 Version: 15.4.3502.0922) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) McAfee Internet Security (x32 Version: 11.6.511) McAfee Security Scan Plus (x32 Version: 3.0.318.3) Media Gallery (x32 Version: 1.2.0.15040) Media Gallery MergeModules x64 (Version: 1.0.14250) Mesh Runtime (x32 Version: 15.4.5722.2) Messenger Companion (x32 Version: 15.4.3502.0922) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Easy Assist v2 (x32 Version: 8.1.6416.0) Microsoft Office 2010 Service Pack 1 (SP1) (x32) Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Live Add-in 1.3 (x32 Version: 2.0.2313.0) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.6612.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Suite Activation Assistant (x32 Version: 2.9) Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft SQL Server Compact 3.5 SP1 English (x32 Version: 3.5.5692.0) Microsoft SQL Server Compact 3.5 SP1 x64 English (Version: 3.5.5692.0) Microsoft Touch Pack for Windows 7 (x32 Version: 1.0.40517.00) Microsoft Works (x32 Version: 9.7.0621) Microsoft XNA Framework Redistributable 3.0 (x32 Version: 3.0.11010.0) Mozilla Maintenance Service (x32 Version: 17.0.8) Mozilla Thunderbird 17.0.8 (x86 en-US) (x32 Version: 17.0.8) MSI_SPF_x64 (Version: 1.0.0) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) MusicStation (x32 Version: 2.0.4.1199) Nike+ Connect (x32 Version: 2.0) Norton Online Backup (x32 Version: 2.7.2.25) NVIDIA Drivers (Version: 1.10.57.35) Online Plug-in (x32 Version: 14.0.0.91) ooVoo (x32 Version: 3.5.6046) ooVoo toolbar, powered by Ask.com (x32 Version: 1.15.15.0) ooVoo toolbar, powered by Ask.com Updater (HKCU Version: 1.2.4.35882) Picasa 3 (x32 Version: 3.9) PMB (x32 Version: 5.1.02.03310) PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.1.00.15080) PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.1.00.15040) PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.1.00.15080) PS5510FWUpdateAlert (x32 Version: 2.00.0000) PVSonyDll (Version: 1.00.0001) QuickTime (x32 Version: 7.74.80.86) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6005) Remote Keyboard with PlayStation 3 (x32 Version: 1.0.0.15190) Remote Play with PlayStation 3 (x32 Version: 1.0.0.15090) Remote Play with PlayStation®3 (x32 Version: 1.0.0.15090) Roxio Central Audio (x32 Version: 3.8.0) Roxio Central Copy (x32 Version: 3.8.0) Roxio Central Core (x32 Version: 3.8.0) Roxio Central Data (x32 Version: 3.8.0) Roxio Central Tools (x32 Version: 3.8.0) Roxio Easy Media Creator 10 LJ (x32 Version: 10.3) Roxio Easy Media Creator Home (x32 Version: 10.3.263) Seagate Manager Installer (x32 Version: 2.01.0013) Self-service Plug-in (x32 Version: 4.0.0.40674) Setting Utility Series (x32 Version: 5.2.0.14250) Shared C Run-time for x64 (Version: 10.0.0) Skype Click to Call (x32 Version: 6.11.13348) Skype™ 6.6 (x32 Version: 6.6.106) Sony Home Network Library (x32 Version: 2.1.0.14240) TrueCrypt (x32 Version: 7.1a) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft Office 2010 (KB2494150) (x32) Update for Microsoft Office 2010 (KB2553065) (x32) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2566458) (x32) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32) Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32) Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32) Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32) Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32) Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32) VAIO - PMB VAIO Edition Guide (x32 Version: 1.5.00.03020) VAIO Care (x32 Version: 6.4.2.11150) VAIO Content Monitoring Settings (x32 Version: 2.5.0.13220) VAIO Control Center (x32 Version: 4.2.0.15020) VAIO Data Restore Tool (x32 Version: 1.3.0.13150) VAIO DVD Menu Data (x32 Version: 2.1.00.13210) VAIO Entertainment Platform (x32 Version: 3.7.0.16080) VAIO Event Service (x32 Version: 5.2.0.15020) VAIO Gate (x32 Version: 2.4.0.06210) VAIO Gate Default (x32 Version: 2.0.0.04160) VAIO Hardware Diagnostics (x32 Version: 3.9.1) VAIO Media plus (x32 Version: 2.1.0.15040) VAIO Media plus Opening Movie (x32 Version: 2.1.0.13220) VAIO Movie Story MergeModules x64 (Version: 1.0.14240) VAIO Movie Story Template Data (x32 Version: 2.1.00.14040) VAIO Original Function Settings (x32 Version: 2.1.0.13120) VAIO Power Management (x32 Version: 5.1.0.13200) VAIO Premium Partners (x32 Version: 1.0) VAIO screensaver (x32 Version: 1.0.0.0) VAIO Smart Network (x32 Version: 3.3.1.08110) VAIO Transfer Support (x32 Version: 1.1.2.06030) VAIO Update (x32 Version: 6.1.1.10250) VAIO Wallpaper Contents (x32 Version: 2.1.0.14090) VMp MergeModule x64 (Version: 1.0.0) VU5x64 (Version: 1.1.0) VU5x86 (x32 Version: 1.0.0) VU5x86 (x32 Version: 1.1.0) WIDCOMM Bluetooth Software (Version: 6.3.0.3950) Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (02/12/2010 6.3.0.3820) (Version: 02/12/2010 6.3.0.3820) Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (02/28/2010 6.3.0.3850) (Version: 02/28/2010 6.3.0.3850) Windows Driver Package - Broadcom HIDClass (09/11/2009 6.3.0.1500) (Version: 09/11/2009 6.3.0.1500) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3555.0308) Windows Live Family Safety (Version: 15.4.3555.0308) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3555.0308) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Mesh (x32 Version: 15.4.3502.0922) Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2) Windows Live Messenger (x32 Version: 15.4.3538.0513) Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) ==================== Restore Points ========================= 11-09-2013 06:35:22 Scheduled Checkpoint 14-09-2013 14:58:46 Installed Microsoft Fix it 50471 ==================== Hosts content: ========================== 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0101172D-7110-4477-BA28-D6114BDEBE66} - System32\Tasks\smBKeeB => C:\Windows\system32\smBKeeB.exe Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {05FFE003-DD11-48DB-93EB-2016C4B1B0AB} - System32\Tasks\MMMWJrW => C:\Windows\system32\MMMWJrW.exe Task: {0DDC5F01-987F-4134-8BA9-A035C78F6D98} - System32\Tasks\hpUrlLauncher.exe_{372B553A-4EE1-4D06-93A6-EA70093E4868} => C:\Program Files\HP\HP Photosmart 5510 series\Bin\utils\hpUrlLauncher.exe [2011-05-25] (Hewlett-Packard Co.) Task: {134169B2-602C-4388-9CAD-DFAD8AEB5AA5} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation) Task: {24D0424B-F379-4D8E-90E7-292DC99BEC8B} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-26] (Sony Corporation) Task: {257F3453-6F20-42DB-BE8F-9678223F364B} - System32\Tasks\KFgzUZN => C:\Windows\system32\KFgzUZN.exe Task: {26D916C8-DAB8-4372-B44C-DE07A006B09C} - System32\Tasks\{51A4D075-AC3F-468B-A148-A06FC3429F82} => C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE [2010-10-22] (Microsoft Corporation) Task: {2B245DF5-E0DE-42B8-9CE3-4BA54EA91662} - System32\Tasks\dWuvTbM => C:\Windows\system32\dWuvTbM.exe Task: {31621CEA-5AC9-4914-85C6-04C4C3F4A62A} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-04-05] (Apple Inc.) Task: {35582AA7-F0D9-4B2B-860E-08B5AE701A42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-27] (Google Inc.) Task: {35A85565-AA43-48F1-AD7A-3F818BE5F748} - System32\Tasks\VAIO Care Support => C:\Program Files\Sony\VAIO Care\VCSpt.exe Task: {36468EC4-581D-4A14-BBCA-BC3C629B55F5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-27] (Google Inc.) Task: {46F3A6C3-4DD9-4A05-94FD-7B8CD671F132} - System32\Tasks\fnxVoOU => C:\Windows\system32\fnxVoOU.exe Task: {510527C7-0659-470B-8061-3651194E4694} - System32\Tasks\BiObFXB => C:\Windows\system32\BiObFXB.exe Task: {57055AC2-6AF8-40DE-91CF-24E765C975DB} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-01-24] () Task: {5990FCE1-0903-4FBD-81A9-63EA8A410E8F} - System32\Tasks\NBKrLiC => C:\Windows\system32\NBKrLiC.exe Task: {5DE17001-251C-4435-834E-E53D10758D4E} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation) Task: {6C0A95A9-C9DE-4A02-B9D6-2694E862D03D} - System32\Tasks\XYExEuY => C:\Windows\system32\XYExEuY.exe Task: {78573D73-042E-4F4F-B861-3523D32FAE08} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-03-21] (Sony Corporation) Task: {7FFFDAAB-84A9-4DE8-91E9-28B01A09AB76} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001UA => C:\Users\In Tandem\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-19] (Google Inc.) Task: {81637E04-779A-4E83-AB51-2AE1EE9ABD21} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {88FE4836-DA5A-40E8-AD00-34CC8E5C6621} - System32\Tasks\User_Feed_Synchronization-{C0A4322B-F1F8-46F1-A3EE-E84762B3CF71} => C:\Windows\system32\msfeedssync.exe [2011-09-29] (Microsoft Corporation) Task: {966C884D-3DE6-4B0A-AB8A-76D8ED18A771} - System32\Tasks\sfWCIYU => C:\Windows\system32\sfWCIYU.exe Task: {96CF9470-8A28-46D1-BDF2-8A68F454B294} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation) Task: {9C1F6E6B-32EC-4968-B1EA-09100FAA3248} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {9D67C226-CCB3-4AC0-8763-BD1B68184B4C} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2012-10-26] (Sony Corporation) Task: {AA1718DB-0D2F-414C-B81B-8B662BA863E8} - System32\Tasks\yOGiMLg => C:\Windows\system32\yOGiMLg.exe Task: {B4147543-9998-4B7C-9A3F-A191B9BBFF87} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001Core => C:\Users\In Tandem\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-19] (Google Inc.) Task: {C48CC719-93DB-490F-8E7A-8503F3485591} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation) Task: {C96CB590-1879-469B-8264-369032F91286} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-05-25] (Hewlett-Packard Co.) Task: {E6C4BC19-4154-4736-A5B2-CBE4F66C470D} - System32\Tasks\XuWUEvG => C:\Windows\system32\XuWUEvG.exe Task: {EA2A512B-DB70-4E1E-BF8D-B36E16E80CD9} - System32\Tasks\{A4BB19BE-27F1-436E-8086-39911A6ACDC3} => C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE [2010-10-22] (Microsoft Corporation) Task: {EBC52348-21FE-4B2B-A9CA-04230844F8A7} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] () Task: {FC109FD5-D1D3-4CE9-863B-069250E91C26} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {FDC5042A-7731-40B1-BEA3-C95CE1D7A584} - System32\Tasks\LkbdJcQ => C:\Windows\system32\LkbdJcQ.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001Core.job => C:\Users\In Tandem\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001UA.job => C:\Users\In Tandem\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe ==================== Loaded Modules (whitelisted) ============= 2013-07-21 16:34 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2011-09-07 21:17 - 2010-11-20 14:25 - 00405504 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE 2009-07-14 00:37 - 2009-07-14 02:39 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Dwm.exe 2010-03-25 12:35 - 2010-03-24 23:36 - 04452456 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2011-09-06 07:38 - 2011-02-25 07:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\Explorer.EXE 2013-05-25 01:36 - 2013-05-25 01:36 - 00164016 _____ (Dropbox, Inc.) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll 2010-04-27 04:52 - 2010-08-11 09:46 - 02367376 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe 2011-09-07 21:18 - 2010-11-20 14:25 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe 2010-04-27 04:44 - 2011-06-21 11:55 - 04733384 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe 2010-04-27 04:44 - 2011-06-21 11:55 - 00546816 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\NotificationWrapper.dll 2011-12-15 23:47 - 2011-06-21 11:55 - 00010752 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\MouseHook.dll 2010-04-27 04:44 - 2011-06-21 11:55 - 02358784 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\TapTrigger.dll 2011-12-15 23:47 - 2011-06-21 11:55 - 00757760 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VGDam.dll 2013-01-07 18:06 - 2012-10-26 10:44 - 00029856 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgentPS64.dll 2010-04-27 04:09 - 2010-02-05 07:28 - 09645088 _____ (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 2010-04-27 04:09 - 2010-02-05 07:28 - 00149536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2010-04-27 04:09 - 2010-02-05 07:28 - 01638944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2013-02-06 11:09 - 2013-02-06 11:09 - 28469312 _____ (ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe 2013-06-21 09:58 - 2013-06-21 09:58 - 19875432 ____R (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe 2010-01-21 20:31 - 2010-01-21 20:31 - 00597792 _____ (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe 2013-06-14 16:43 - 2013-06-14 16:43 - 00395656 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe 2010-10-01 16:26 - 2010-10-01 16:26 - 00299008 _____ (Nike) C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe 2013-01-24 15:18 - 2013-01-24 15:18 - 01646216 _____ (Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe 2013-05-25 01:47 - 2013-05-25 01:47 - 27776968 _____ (Dropbox, Inc.) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\Dropbox.exe 2009-07-14 00:41 - 2009-07-14 02:14 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RunDll32.exe 2013-06-14 16:44 - 2013-06-14 16:44 - 00153992 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe 2009-07-14 00:57 - 2009-07-14 02:39 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\RunDll32.exe 2013-01-07 18:06 - 2012-10-26 11:33 - 01157280 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe 2013-01-07 18:06 - 2012-10-26 10:44 - 00017056 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Update\InternetWrapperPS.dll 2011-09-07 21:18 - 2010-11-20 14:27 - 01435648 _____ (Microsoft Corporation) C:\Windows\System32\Speech\Common\sapi.dll 2012-05-19 13:36 - 2013-09-02 21:35 - 00829392 _____ (Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe 2013-06-13 21:00 - 2013-06-13 21:00 - 01505608 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe 2013-06-09 19:55 - 2013-06-09 19:55 - 00054152 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe 2013-06-14 16:45 - 2013-06-14 16:45 - 00924040 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe 2013-04-29 12:47 - 2013-04-29 12:47 - 03314560 _____ (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe 2011-11-28 08:39 - 2011-02-16 15:08 - 01165504 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe 2011-11-28 08:39 - 2011-11-15 11:27 - 00083104 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCUtility.dll 2011-11-28 08:39 - 2011-11-02 16:40 - 00059528 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\KeyUtilities.dll 2011-11-28 08:39 - 2011-02-14 14:23 - 00022720 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Metrics.dll 2011-12-15 23:47 - 2011-06-21 11:55 - 00080896 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\x64\VAIOGateNotifications.dll 2011-11-28 08:39 - 2011-02-14 17:20 - 00012992 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe 2013-09-14 17:09 - 2013-09-14 17:09 - 01950312 _____ (Farbar) C:\Users\In Tandem\Downloads\FRST64.exe 2013-05-25 01:36 - 2013-05-25 01:36 - 00130736 _____ (Dropbox, Inc.) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll 2013-06-21 09:53 - 2013-06-21 09:53 - 00088680 ____R (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.dll 2011-11-02 00:26 - 2011-11-02 00:26 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll 2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2009-10-24 02:22 - 2009-10-24 02:22 - 00013312 _____ (Sony Corporation) C:\Program Files (x86)\Sony\PMB\XpStorageDevice_WinXp2k.dll 2009-10-24 02:55 - 2009-10-24 02:55 - 00303616 _____ (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcherLOC.DLL 2013-06-14 16:32 - 2013-06-14 16:32 - 00395656 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ctxmui.dll 2013-06-14 16:31 - 2013-06-14 16:31 - 00129416 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\CCMSDK.dll 2013-06-14 16:26 - 2013-06-14 16:26 - 00011656 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\ctxmuiUI.DLL 2013-06-14 16:28 - 2013-06-14 16:28 - 00428424 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\concenUI.DLL 2013-09-07 12:43 - 2013-06-13 21:00 - 00248136 _____ (Citrix Systems, Inc.) C:\Users\In Tandem\AppData\Local\Citrix\Receiver\WindowsAppRHelper_concentr.exe.dll 2013-06-14 16:31 - 2013-06-14 16:31 - 00025480 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\CCMProxy.dll 2012-11-14 00:32 - 2012-11-14 00:32 - 03558400 _____ (wxWidgets development team) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll 2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\libcef.dll 2013-03-13 21:48 - 2013-03-13 21:48 - 09956864 _____ (The ICU Project) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\icudt.dll 2011-08-31 00:05 - 2011-08-31 00:05 - 00085864 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll 2013-09-04 04:47 - 2013-09-02 21:34 - 47074256 _____ (Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\chrome.dll 2013-09-04 04:47 - 2013-09-02 21:35 - 09962960 _____ (The ICU Project) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\icudt.dll 2013-06-13 21:00 - 2013-06-13 21:00 - 00620872 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\ResourceKeeper.dll 2013-06-13 21:00 - 2013-06-13 21:00 - 00055624 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\nativemessagebox.dll 2013-06-13 21:00 - 2013-06-13 21:00 - 00915784 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\nativesystrayue.dll 2013-06-13 21:00 - 2013-06-13 21:00 - 00104776 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\progressnotification.dll 2013-06-13 21:00 - 2013-06-13 21:00 - 00088392 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\toaster.dll 2013-06-09 19:50 - 2013-06-09 19:50 - 00117640 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\DazzleConfig.dll 2013-06-09 19:52 - 2013-06-09 19:52 - 00252296 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\ReceiverShim.dll 2013-09-07 12:38 - 2013-06-13 21:02 - 00322888 _____ (Citrix Systems, Inc.) C:\Users\In Tandem\AppData\Local\Citrix\Receiver\WindowsAppRHelper_SelfServicePlugin.exe.dll 2013-06-09 19:52 - 2013-06-09 19:52 - 00014216 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\PreLaunchConfig.dll 2013-06-09 19:50 - 2013-06-09 19:50 - 00039304 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\BaseClassLibrary.dll 2013-09-04 04:47 - 2013-09-02 19:46 - 03231688 _____ (Microsoft Corporation) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\D3DCompiler_46.dll 2013-09-04 04:47 - 2013-09-02 21:35 - 00709584 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\libglesv2.dll 2013-09-04 04:47 - 2013-09-02 21:35 - 00099792 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\libegl.dll 2013-09-04 04:47 - 2013-09-02 21:35 - 04053456 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll 2013-09-04 04:47 - 2013-09-02 21:35 - 00410576 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll 2013-09-04 04:47 - 2013-09-02 21:35 - 02110928 _____ (Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\libpeerconnection.dll 2013-09-04 04:47 - 2013-09-02 21:35 - 01604560 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll 2013-06-14 16:39 - 2013-06-14 16:39 - 00088456 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ProgressNotificationCommon.dll 2013-06-14 16:41 - 2013-06-14 16:41 - 00076168 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\WFCWINN.dll 2013-06-14 16:39 - 2013-06-14 16:39 - 00117128 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\acrdlg.dll 2013-06-14 16:35 - 2013-06-14 16:35 - 00096648 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\statuin.dll 2013-06-14 16:32 - 2013-06-14 16:32 - 00092552 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\confmgr.dll 2013-06-14 16:32 - 2013-06-14 16:32 - 00023432 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ctxlogging.dll 2013-06-14 16:32 - 2013-06-14 16:32 - 00032648 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\icafile.dll 2013-06-14 16:43 - 2013-06-14 16:43 - 00493960 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\RSManager.dll 2013-06-14 16:42 - 2013-06-14 16:42 - 00029576 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\RSMHook.dll 2013-06-14 16:40 - 2013-06-14 16:40 - 00510344 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\CST.dll 2013-06-14 16:27 - 2013-06-14 16:27 - 00020872 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\ProgressNotificationCommonUI.dll 2013-06-14 16:27 - 2013-06-14 16:27 - 00571784 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\statuiUI.DLL 2013-06-14 16:27 - 2013-06-14 16:27 - 00113032 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\CSTUI.DLL 2013-06-14 16:29 - 2013-06-14 16:29 - 00117128 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\wfcrunUI.DLL 2013-09-07 12:36 - 2013-06-13 21:00 - 00248136 _____ (Citrix Systems, Inc.) C:\Users\In Tandem\AppData\Local\Citrix\Receiver\WindowsAppRHelper_wfcrun32.exe.dll 2013-09-05 07:26 - 2013-09-05 07:26 - 00141752 _____ (McAfee, Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_1\McChPlg.dll 2013-08-10 17:52 - 2013-08-10 17:52 - 02244504 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll 2013-08-10 17:52 - 2013-08-10 17:52 - 00158104 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll 2013-08-10 17:52 - 2013-08-10 17:52 - 00022424 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll 2013-08-10 17:52 - 2013-08-10 17:52 - 00579480 _____ (sqlite.org) C:\Program Files (x86)\Mozilla Thunderbird\mozsqlite3.dll 2013-09-04 04:47 - 2013-09-02 21:35 - 13599184 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15585 Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15585 Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15631 Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15631 Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 17613 Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 17613 Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/11/2013 01:38:16 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 16318 System errors: ============= Error: (09/14/2013 04:04:06 PM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect. Error: (09/14/2013 00:38:37 PM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect. Error: (09/14/2013 00:34:51 PM) (Source: DCOM) (User: ) Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4} Error: (09/13/2013 07:19:22 AM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect. Error: (09/13/2013 07:17:03 AM) (Source: EventLog) (User: ) Description: The previous system shutdown at 00:25:20 on ‎13/‎09/‎2013 was unexpected. Error: (09/13/2013 00:20:56 AM) (Source: Server) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{38936D5E-AF80-4F9F-9E9C-F21FA582C303} because another computer on the network has the same name. The server could not start. Error: (09/12/2013 08:05:19 PM) (Source: Server) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{38936D5E-AF80-4F9F-9E9C-F21FA582C303} because another computer on the network has the same name. The server could not start. Error: (09/12/2013 06:31:06 AM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect. Error: (09/11/2013 11:06:05 PM) (Source: Service Control Manager) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect. Error: (09/11/2013 11:02:51 PM) (Source: DCOM) (User: ) Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4} Microsoft Office Sessions: ========================= Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15585 Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15585 Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15631 Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15631 Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 17613 Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 17613 Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/11/2013 01:38:16 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 16318 CodeIntegrity Errors: =================================== Date: 2013-09-12 06:38:26.572 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-12 06:38:26.572 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-12 06:38:26.572 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-11 23:11:34.974 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-11 23:11:34.974 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-11 23:11:34.974 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-11 10:39:43.750 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-11 10:39:43.748 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-11 10:39:43.746 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2013-03-08 07:30:48.429 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\SET2BE9.tmp because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 44% Total physical RAM: 4031.18 MB Available physical RAM: 2253.25 MB Total Pagefile: 8060.54 MB Available Pagefile: 5001.58 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:921.3 GB) (Free:782.29 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E67D126D) Partition 1: (Not Active) - (Size=10 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=921 GB) - (Type=07 NTFS) ==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-09-2013 04 Ran by In Tandem (administrator) on INTANDEM-VAIO on 14-09-2013 17:10:59 Running from C:\Users\In Tandem\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Nike) C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe (Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Seagate LLC) C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe (Dropbox, Inc.) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\Dropbox.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe (Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saui.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\SeaPort.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9645088 2010-02-05] (Realtek Semiconductor) HKLM\...\Policies\Explorer\Run: [59288] - C:\PROGRA~3\LOCALS~1\Temp\msuowjvp.com No File HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-27] (Google Inc.) HKCU\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation) HKCU\...\Run: [Google Update] - C:\Users\In Tandem\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-19] (Google Inc.) HKCU\...\Run: [ooVoo.exe] - C:\Program Files (x86)\ooVoo\oovoo.exe [28469312 2013-02-06] (ooVoo LLC) HKCU\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.) HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.) HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.) HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59720 2013-04-05] (Apple Inc.) HKCU\...\Run: [qyragcanisvu] - C:\Users\In Tandem\qyragcanisvu.exe HKCU\...\Run: [myzolawoqoph] - C:\Users\In Tandem\myzolawoqoph.exe HKCU\...\Run: [hakluzforilg] - C:\Users\In Tandem\hakluzforilg.exe HKCU\...\Run: [ulbar] - "C:\Users\In Tandem\AppData\Roaming\Kyjel\ulbar.exe" HKCU\...\Run: [laspeamidpux] - C:\Users\In Tandem\laspeamidpux.exe HKCU\...\Policies\Explorer: [HideSCAHealth] 1 HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.) HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2010-01-21] (Sony Corporation) HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-06-14] (Citrix Systems, Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [Nike+ Connect] - C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe [299008 2010-10-01] (Nike) HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216 2013-01-24] (Ask) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [MaxMenuMgr] - C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [177448 2008-07-17] (Seagate LLC) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [CitrixReceiver] - "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" [x] HKLM-x32\...\Run: [Redirector] - C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-06-14] (Citrix Systems, Inc.) Startup: C:\Users\In Tandem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\In Tandem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510 series.lnk ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5510 series.lnk -> C:\Program Files\HP\HP Photosmart 5510 series\bin\HPStatusBL.dll (Hewlett-Packard Co.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SVED&bmod=EU01 HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {1E2777D2-E151-4D41-9C5E-93E9B30DD85F} URL = http://websearch.ask.com/redirect?client=ie&tb=OVO2&o=APN10379&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABE&apn_dtid=^YYYYYY^YY^GB&apn_uid=10299ffb-da5d-4dd7-9b87-1f40736e875e&apn_sauid=93A98009-E123-4DFD-9FA2-BB3BE38A2FC2 SearchScopes: HKCU - {865AC131-20CC-48FE-8F6C-296ADA1D8120} URL = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices SearchScopes: HKCU - {947774F4-F8EA-4BBB-B3C6-66978E9629A7} URL = http://rover.ebay.com/rover/1/710-42480-16445-5/4?satitle={searchTerms} SearchScopes: HKCU - {C392E2F3-B73D-4A4A-BDD2-6ABEECD267D7} URL = http://uk.shopping.com/?linkin_id=8056359 BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files\mcafee\msk\mskapbho.dll () BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.) BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.) Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Chrome: ======= CHR DefaultSearchURL: (Ask) - http://websearch.ask.com/redirect?client=cr&src=kw&tb=OVO2&o=APN10379&locale=en_UK&apn_uid=10299ffb-da5d-4dd7-9b87-1f40736e875e&apn_ptnrs=%5EABE&apn_sauid=93A98009-E123-4DFD-9FA2-BB3BE38A2FC2&apn_dtid=%5EYYYYYY%5EYY%5EGB&q={searchTerms} CHR DefaultSuggestURL: (Ask) - http://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms} CHR Plugin: (Shockwave Flash) - C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll () CHR Plugin: (Skype Click to Call) - C:\Users\In Tandem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.4.0.11328_0\npSkypeChromePlugin.dll No File CHR Plugin: (registryAccess) - C:\Users\In Tandem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaanijiojpcccpkjdjjmjghddcgcbfj\7.15.2.0_0\background/registryAccess.dll No File CHR Plugin: (McAfee SiteAdvisor) - C:\Users\In Tandem\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.) CHR Plugin: (Java Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll () CHR Extension: (SiteAdvisor) - C:\Users\INTAND~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_1 CHR Extension: (Skype Click to Call) - C:\Users\INTAND~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\INTAND~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0 CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx CHR StartMenuInternet: Google Chrome - C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.) S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.) R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4233088 2013-04-29] (Symantec Corporation) S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-11-25] (Sonic Solutions) S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-11-25] (Sonic Solutions) S4 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.) S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2010-04-08] (Sony Corporation) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [852336 2010-03-18] (Sony Corporation) R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation) S2 LowVXF; C:\Windows\system32\LowVXF.exe [x] ==================== Drivers (Whitelisted) ==================== R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.) S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.) R3 NW1950; C:\Windows\system32\drivers\NW1950.sys [26104 2010-03-01] () U3 mfeavfk01; No ImagePath ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-14 17:10 - 2013-09-14 17:10 - 00000000 ____D C:\FRST 2013-09-14 17:09 - 2013-09-14 17:09 - 01950312 _____ (Farbar) C:\Users\In Tandem\Downloads\FRST64.exe 2013-09-14 16:05 - 2013-09-14 16:05 - 00655360 _____ C:\Users\In Tandem\Downloads\MicrosoftFixit50471 (1).msi 2013-09-14 15:58 - 2013-09-14 15:58 - 00655360 _____ C:\Users\In Tandem\Downloads\MicrosoftFixit50471.msi 2013-09-14 11:57 - 2013-09-14 11:58 - 93491472 _____ (Microsoft Corporation) C:\Users\In Tandem\Downloads\msert.exe 2013-09-13 09:04 - 2013-09-14 09:04 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{DEC2B2E4-0B26-4197-B6A8-17ADBC4D1CE3} 2013-09-12 20:05 - 2013-09-12 20:05 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{1B6C34D3-5DF0-4FE6-954A-D7969A29440C} 2013-09-11 10:31 - 2013-09-11 10:31 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300 (2).exe 2013-09-11 07:09 - 2013-09-11 22:57 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{D419E848-59DF-4D6B-B77C-523EB5B4908D} 2013-09-10 23:15 - 2013-09-11 10:34 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-09-10 23:15 - 2013-09-11 10:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-10 23:15 - 2013-09-10 23:15 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Malwarebytes 2013-09-10 23:15 - 2013-09-10 23:15 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-10 23:15 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-09-10 23:14 - 2013-09-10 23:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300 (1).exe 2013-09-10 23:10 - 2013-09-10 23:10 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-10 19:08 - 2013-09-10 19:08 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{9F5CF4F2-6E8A-4CBE-9F6C-4FB16644BB04} 2013-09-10 07:08 - 2013-09-10 07:08 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{E16CA6A5-B8F7-4FF0-92E0-A663828DC1F1} 2013-09-09 22:01 - 2013-09-09 22:01 - 00531968 _____ C:\Users\In Tandem\Downloads\Frameworks (6).ppt 2013-09-09 21:59 - 2013-09-09 21:59 - 01656320 _____ C:\Users\In Tandem\Downloads\SUPERVISION in Practice (5).ppt 2013-09-09 21:55 - 2013-09-09 21:55 - 00240128 _____ C:\Users\In Tandem\Downloads\PERSONAL SUPERVISION - your beliefs (4).ppt 2013-09-09 21:55 - 2013-09-09 21:55 - 00150016 _____ C:\Users\In Tandem\Downloads\YOUR SUPERVISION JOURNEY (3) handout.ppt 2013-09-09 21:50 - 2013-09-09 21:50 - 00840192 _____ C:\Users\In Tandem\Downloads\DEFINING SUPERVISION (2)-2.ppt 2013-09-09 21:43 - 2013-09-09 21:43 - 00719360 _____ C:\Users\In Tandem\Downloads\INTRO (1) handout.ppt 2013-09-09 21:30 - 2013-09-09 21:30 - 00205824 _____ C:\Users\In Tandem\Downloads\Master Client Invoices 2013.xls 2013-09-09 21:15 - 2013-09-09 21:15 - 00660480 _____ C:\Users\In Tandem\Downloads\COLCHESTER 2012 Counselling continuum 2.ppt 2013-09-09 21:02 - 2013-09-10 06:48 - 00000000 ____D C:\Users\In Tandem\AppData\Local\LogMeIn Rescue Applet 2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (3).exe 2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (2).exe 2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (1).exe 2013-09-09 20:31 - 2013-09-09 20:31 - 00910752 _____ (Symantec Corporation) C:\Users\In Tandem\Downloads\AutoDetectPkg (1).exe 2013-09-09 19:07 - 2013-09-09 19:08 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{39C201EE-154A-47C3-BF3E-081C0E158727} 2013-09-09 16:07 - 2013-09-09 16:07 - 00003006 _____ C:\Windows\System32\Tasks\{A4BB19BE-27F1-436E-8086-39911A6ACDC3} 2013-09-09 16:07 - 2013-09-09 16:07 - 00003006 _____ C:\Windows\System32\Tasks\{51A4D075-AC3F-468B-A148-A06FC3429F82} 2013-09-08 01:54 - 2013-09-09 07:07 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{7BE9099B-FFDB-429F-B1AE-6E6BB71CAF9F} 2013-09-07 12:32 - 2013-09-07 12:33 - 53565824 _____ (Citrix Systems, Inc.) C:\Users\In Tandem\Downloads\CitrixReceiverWeb.exe 2013-09-06 17:59 - 2013-09-06 17:59 - 00903080 _____ (Oracle Corporation) C:\Users\In Tandem\Downloads\chromeinstall-7u25 (4).exe 2013-09-06 17:58 - 2013-09-06 17:57 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2013-09-06 17:58 - 2013-09-06 17:57 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-09-06 17:58 - 2013-09-06 17:57 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-09-06 17:58 - 2013-09-06 17:57 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-09-06 17:58 - 2013-09-06 17:57 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-09-06 17:53 - 2013-09-06 17:54 - 00903080 _____ (Oracle Corporation) C:\Users\In Tandem\Downloads\chromeinstall-7u25 (3).exe 2013-09-05 07:00 - 2013-09-07 12:30 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{DDAEFBDB-9CFB-42CA-96F6-5774B1D42550} 2013-08-27 09:04 - 2013-08-27 09:05 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{61E2F8D5-C66D-465F-A3B8-7B552288881B} 2013-08-22 10:58 - 2013-08-26 16:33 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{593E1343-10F5-4346-8126-054423A2A4DC} 2013-08-21 09:25 - 2013-08-21 09:25 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk 2013-08-21 09:23 - 2013-08-21 09:24 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-08-21 09:23 - 2013-08-21 09:24 - 00000000 ____D C:\Program Files\iTunes 2013-08-21 09:23 - 2013-08-21 09:24 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-08-21 09:23 - 2013-08-21 09:23 - 00000000 ____D C:\Program Files\iPod ==================== One Month Modified Files and Folders ======= 2013-09-14 17:10 - 2013-09-14 17:10 - 00000000 ____D C:\FRST 2013-09-14 17:09 - 2013-09-14 17:09 - 01950312 _____ (Farbar) C:\Users\In Tandem\Downloads\FRST64.exe 2013-09-14 17:09 - 2010-04-27 04:14 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-14 17:07 - 2011-09-05 21:15 - 02575413 _____ C:\Windows\WindowsUpdate.log 2013-09-14 17:02 - 2011-11-17 11:44 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Skype 2013-09-14 17:01 - 2011-11-09 17:29 - 00000264 _____ C:\Windows\Tasks\HP Photo Creations Messager.job 2013-09-14 16:43 - 2012-05-19 13:35 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001UA.job 2013-09-14 16:09 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-14 16:09 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-14 16:05 - 2013-09-14 16:05 - 00655360 _____ C:\Users\In Tandem\Downloads\MicrosoftFixit50471 (1).msi 2013-09-14 16:04 - 2012-11-11 09:28 - 00000000 ____D C:\ProgramData\boost_interprocess 2013-09-14 16:03 - 2011-11-01 21:11 - 00000000 ___RD C:\Users\In Tandem\Dropbox 2013-09-14 16:03 - 2011-11-01 21:07 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Dropbox 2013-09-14 16:02 - 2011-10-22 22:37 - 00000000 ____D C:\Users\In Tandem\Tracing 2013-09-14 16:02 - 2010-04-27 04:14 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-14 16:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-14 16:01 - 2009-07-14 05:51 - 00067634 _____ C:\Windows\setupact.log 2013-09-14 15:58 - 2013-09-14 15:58 - 00655360 _____ C:\Users\In Tandem\Downloads\MicrosoftFixit50471.msi 2013-09-14 14:25 - 2011-09-19 20:48 - 00000000 ____D C:\Users\In Tandem\Documents\Matt 2013-09-14 11:58 - 2013-09-14 11:57 - 93491472 _____ (Microsoft Corporation) C:\Users\In Tandem\Downloads\msert.exe 2013-09-14 09:04 - 2013-09-13 09:04 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{DEC2B2E4-0B26-4197-B6A8-17ADBC4D1CE3} 2013-09-14 08:43 - 2012-05-19 13:35 - 00000872 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001Core.job 2013-09-14 01:11 - 2011-09-05 21:18 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0A4322B-F1F8-46F1-A3EE-E84762B3CF71} 2013-09-13 09:38 - 2011-09-27 11:26 - 00000000 ____D C:\Users\In Tandem\Documents\OLIVER 2013-09-12 20:05 - 2013-09-12 20:05 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{1B6C34D3-5DF0-4FE6-954A-D7969A29440C} 2013-09-12 06:28 - 2010-03-25 12:00 - 00622084 _____ C:\Windows\PFRO.log 2013-09-12 06:26 - 2012-11-11 09:28 - 00000000 ____D C:\Program Files (x86)\Search Results Toolbar 2013-09-11 22:57 - 2013-09-11 07:09 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{D419E848-59DF-4D6B-B77C-523EB5B4908D} 2013-09-11 10:34 - 2013-09-10 23:15 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-09-11 10:34 - 2013-09-10 23:15 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-11 10:31 - 2013-09-11 10:31 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300 (2).exe 2013-09-11 06:40 - 2011-09-07 11:03 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Kyjel 2013-09-11 06:38 - 2011-09-05 21:15 - 00000000 ____D C:\Users\In Tandem 2013-09-10 23:15 - 2013-09-10 23:15 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Malwarebytes 2013-09-10 23:15 - 2013-09-10 23:15 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-10 23:14 - 2013-09-10 23:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300 (1).exe 2013-09-10 23:10 - 2013-09-10 23:10 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300.exe 2013-09-10 19:08 - 2013-09-10 19:08 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{9F5CF4F2-6E8A-4CBE-9F6C-4FB16644BB04} 2013-09-10 07:08 - 2013-09-10 07:08 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{E16CA6A5-B8F7-4FF0-92E0-A663828DC1F1} 2013-09-10 06:48 - 2013-09-09 21:02 - 00000000 ____D C:\Users\In Tandem\AppData\Local\LogMeIn Rescue Applet 2013-09-09 22:01 - 2013-09-09 22:01 - 00531968 _____ C:\Users\In Tandem\Downloads\Frameworks (6).ppt 2013-09-09 21:59 - 2013-09-09 21:59 - 01656320 _____ C:\Users\In Tandem\Downloads\SUPERVISION in Practice (5).ppt 2013-09-09 21:55 - 2013-09-09 21:55 - 00240128 _____ C:\Users\In Tandem\Downloads\PERSONAL SUPERVISION - your beliefs (4).ppt 2013-09-09 21:55 - 2013-09-09 21:55 - 00150016 _____ C:\Users\In Tandem\Downloads\YOUR SUPERVISION JOURNEY (3) handout.ppt 2013-09-09 21:50 - 2013-09-09 21:50 - 00840192 _____ C:\Users\In Tandem\Downloads\DEFINING SUPERVISION (2)-2.ppt 2013-09-09 21:43 - 2013-09-09 21:43 - 00719360 _____ C:\Users\In Tandem\Downloads\INTRO (1) handout.ppt 2013-09-09 21:30 - 2013-09-09 21:30 - 00205824 _____ C:\Users\In Tandem\Downloads\Master Client Invoices 2013.xls 2013-09-09 21:15 - 2013-09-09 21:15 - 00660480 _____ C:\Users\In Tandem\Downloads\COLCHESTER 2012 Counselling continuum 2.ppt 2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (3).exe 2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (2).exe 2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (1).exe 2013-09-09 20:35 - 2011-09-05 21:22 - 00000000 ____D C:\Users\In Tandem\AppData\Local\Google 2013-09-09 20:31 - 2013-09-09 20:31 - 00910752 _____ (Symantec Corporation) C:\Users\In Tandem\Downloads\AutoDetectPkg (1).exe 2013-09-09 19:43 - 2011-09-05 21:16 - 00104744 _____ C:\Users\In Tandem\AppData\Local\GDIPFONTCACHEV1.DAT 2013-09-09 19:42 - 2009-07-14 05:45 - 00407432 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-09 19:38 - 2010-04-27 04:20 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-09-09 19:33 - 2009-07-14 08:45 - 00000000 ____D C:\Windows\ShellNew 2013-09-09 19:08 - 2013-09-09 19:07 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{39C201EE-154A-47C3-BF3E-081C0E158727} 2013-09-09 16:21 - 2012-02-07 20:26 - 00000000 ____D C:\Users\In Tandem\Documents\CATHY PERSONAL 2013-09-09 16:15 - 2012-05-19 15:26 - 00000000 ____D C:\Users\Guest 2013-09-09 16:15 - 2011-11-17 11:44 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-09-09 16:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2013-09-09 16:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\IME 2013-09-09 16:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Cursors 2013-09-09 16:07 - 2013-09-09 16:07 - 00003006 _____ C:\Windows\System32\Tasks\{A4BB19BE-27F1-436E-8086-39911A6ACDC3} 2013-09-09 16:07 - 2013-09-09 16:07 - 00003006 _____ C:\Windows\System32\Tasks\{51A4D075-AC3F-468B-A148-A06FC3429F82} 2013-09-09 14:52 - 2009-07-14 06:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-09 14:30 - 2011-09-26 21:29 - 00000000 ____D C:\Users\In Tandem\Documents\TAFC 2013-09-09 07:07 - 2013-09-08 01:54 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{7BE9099B-FFDB-429F-B1AE-6E6BB71CAF9F} 2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY 2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY 2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY 2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY 2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY 2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY 2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY 2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY 2013-09-08 18:08 - 2013-05-21 14:08 - 00000000 ___SD C:\Users\In Tandem\Documents\My Data Sources 2013-09-08 18:07 - 2012-04-20 14:41 - 00000000 ____D C:\Users\In Tandem\Documents\LIFE CHANGES 2013-09-08 17:40 - 2013-04-21 16:21 - 00000000 ____D C:\Users\In Tandem\Documents\Biology EA project 2013-09-08 17:40 - 2011-09-10 20:41 - 00000000 ____D C:\TAFC 2013-09-08 17:40 - 2011-09-10 15:19 - 00000000 ____D C:\Users\In Tandem\Documents\In tandem 2013-09-08 17:37 - 2011-09-10 16:55 - 00000000 ____D C:\Old In Tandem Invoices 2013-09-07 12:38 - 2011-09-26 19:19 - 00000000 ____D C:\ProgramData\Citrix 2013-09-07 12:38 - 2011-09-26 19:18 - 00000000 ____D C:\Users\In Tandem\AppData\Local\Citrix 2013-09-07 12:38 - 2011-09-26 19:18 - 00000000 ____D C:\Program Files (x86)\Citrix 2013-09-07 12:33 - 2013-09-07 12:32 - 53565824 _____ (Citrix Systems, Inc.) C:\Users\In Tandem\Downloads\CitrixReceiverWeb.exe 2013-09-07 12:30 - 2013-09-05 07:00 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{DDAEFBDB-9CFB-42CA-96F6-5774B1D42550} 2013-09-06 17:59 - 2013-09-06 17:59 - 00903080 _____ (Oracle Corporation) C:\Users\In Tandem\Downloads\chromeinstall-7u25 (4).exe 2013-09-06 17:57 - 2013-09-06 17:58 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2013-09-06 17:57 - 2013-09-06 17:58 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-09-06 17:57 - 2013-09-06 17:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-09-06 17:57 - 2013-09-06 17:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-09-06 17:57 - 2013-09-06 17:58 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-09-06 17:57 - 2011-09-06 23:15 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2013-09-06 17:57 - 2010-04-27 04:39 - 00000000 ____D C:\Program Files (x86)\Java 2013-09-06 17:54 - 2013-09-06 17:53 - 00903080 _____ (Oracle Corporation) C:\Users\In Tandem\Downloads\chromeinstall-7u25 (3).exe 2013-08-27 09:11 - 2010-04-27 04:15 - 00000000 ____D C:\Program Files\mcafee 2013-08-27 09:05 - 2013-08-27 09:04 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{61E2F8D5-C66D-465F-A3B8-7B552288881B} 2013-08-26 16:33 - 2013-08-22 10:58 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{593E1343-10F5-4346-8126-054423A2A4DC} 2013-08-23 09:50 - 2011-09-12 20:40 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Suhe 2013-08-22 10:12 - 2012-02-25 10:31 - 00005607 _____ C:\test.xml 2013-08-22 08:57 - 2010-04-27 04:37 - 00000000 ____D C:\ProgramData\Skype 2013-08-22 08:54 - 2012-10-18 23:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-21 22:57 - 2013-08-10 17:03 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{53C90829-FE5B-4455-A75B-DA8ABB7C4D42} 2013-08-21 09:25 - 2013-08-21 09:25 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk 2013-08-21 09:24 - 2013-08-21 09:23 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-08-21 09:24 - 2013-08-21 09:23 - 00000000 ____D C:\Program Files\iTunes 2013-08-21 09:24 - 2013-08-21 09:23 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-08-21 09:23 - 2013-08-21 09:23 - 00000000 ____D C:\Program Files\iPod Files to move or delete: ==================== C:\Users\In Tandem\CTX.DAT Some content of TEMP: ==================== C:\Users\In Tandem\AppData\Local\Temp\586B.exe C:\Users\In Tandem\AppData\Local\Temp\7EB5.exe C:\Users\In Tandem\AppData\Local\Temp\ApnStub.exe C:\Users\In Tandem\AppData\Local\Temp\AskSLib.dll C:\Users\In Tandem\AppData\Local\Temp\DealsPluginROW.exe C:\Users\In Tandem\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe C:\Users\In Tandem\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe C:\Users\In Tandem\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe C:\Users\In Tandem\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\In Tandem\AppData\Local\Temp\setup.exe C:\Users\In Tandem\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-11 00:14 ==================== End Of Log ============================

Regarding Step 1, I ran Microsoft Fix It 50471 but it did not give me any prompts to disable Autorun or anything else ?

Dear all, having run Malware software I am still left with this trojan agent: Registry Values Detected: 1HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|59288 (Trojan.Agent) -> Data: C:\PROGRA~3\LOCALS~1\Temp\msuowjvp.com -> Any ideas on how to remove this pest gatefully receivedCathyS