Jump to content


Photo
- - - - -

Tatanga virus impacting HKLM


  • This topic is locked This topic is locked
9 replies to this topic

#1 CathyS

CathyS

    New Member

  • Members
  • Pip
  • 5 posts

Posted 14 September 2013 - 07:56 AM

Dear all, having run Malware software I am still left with this trojan agent:

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|59288 (Trojan.Agent) -> Data: C:\PROGRA~3\LOCALS~1\Temp\msuowjvp.com -> 
 
Any ideas on how to remove this pest gatefully received
CathyS


#2 B-boy/StyLe/

B-boy/StyLe/

    FFreestyleRR

  • Experts
  • PipPipPipPipPip
  • 1,127 posts
  • Gender:Male
  • Location:Bulgaria

Posted 14 September 2013 - 08:13 AM

Hello! Welcome to Malwarebytes Forums! welcome.gif
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

 

The malware found look like worm.Gamerue.

 

 

STEP 1


Please download and run the following tool and follow the prompts to disable Autorun.

 

STEP 2

 

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

 

Regards,

Georgi


Posted Image
My help is always free of charge. If you appreciate my work, you can buy me a beer or two by clicking here - Posted Image

#3 CathyS

CathyS

    New Member

  • Members
  • Pip
  • 5 posts

Posted 14 September 2013 - 10:08 AM

Regarding Step 1, I ran Microsoft Fix It 50471 but it did not give me any prompts to disable Autorun or anything else ?



#4 B-boy/StyLe/

B-boy/StyLe/

    FFreestyleRR

  • Experts
  • PipPipPipPipPip
  • 1,127 posts
  • Gender:Male
  • Location:Bulgaria

Posted 14 September 2013 - 10:44 AM

Hi,

 

The tool disable Autorun automatically. Simple start it, agree with EULA and when done you will be prompted to restart the computer. Click YES and after restart please continue with step 2 and attach the log from FRST to your next reply.

 

 

Regards,

Georgi


Posted Image
My help is always free of charge. If you appreciate my work, you can buy me a beer or two by clicking here - Posted Image

#5 CathyS

CathyS

    New Member

  • Members
  • Pip
  • 5 posts

Posted 14 September 2013 - 11:18 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-09-2013 04
Ran by In Tandem (administrator) on INTANDEM-VAIO on 14-09-2013 17:10:59
Running from C:\Users\In Tandem\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Nike) C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Seagate LLC) C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
(Dropbox, Inc.) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\SeaPort.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9645088 2010-02-05] (Realtek Semiconductor)
HKLM\...\Policies\Explorer\Run: [59288] - C:\PROGRA~3\LOCALS~1\Temp\msuowjvp.com No File
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-27] (Google Inc.)
HKCU\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKCU\...\Run: [Google Update] - C:\Users\In Tandem\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-19] (Google Inc.)
HKCU\...\Run: [ooVoo.exe] - C:\Program Files (x86)\ooVoo\oovoo.exe [28469312 2013-02-06] (ooVoo LLC)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [qyragcanisvu] - C:\Users\In Tandem\qyragcanisvu.exe
HKCU\...\Run: [myzolawoqoph] - C:\Users\In Tandem\myzolawoqoph.exe
HKCU\...\Run: [hakluzforilg] - C:\Users\In Tandem\hakluzforilg.exe
HKCU\...\Run: [Ulbar] - "C:\Users\In Tandem\AppData\Roaming\Kyjel\ulbar.exe"
HKCU\...\Run: [laspeamidpux] - C:\Users\In Tandem\laspeamidpux.exe
HKCU\...\Policies\Explorer: [HideSCAHealth] 1
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2010-01-21] (Sony Corporation)
HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-06-14] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Nike+ Connect] - C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe [299008 2010-10-01] (Nike)
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216 2013-01-24] (Ask)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [MaxMenuMgr] - C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [177448 2008-07-17] (Seagate LLC)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [CitrixReceiver] - "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" [x]
HKLM-x32\...\Run: [Redirector] - C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-06-14] (Citrix Systems, Inc.)
Startup: C:\Users\In Tandem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\In Tandem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5510 series.lnk -> C:\Program Files\HP\HP Photosmart 5510 series\bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=SVED&bmod=EU01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File
URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {1E2777D2-E151-4D41-9C5E-93E9B30DD85F} URL = http://websearch.ask...10379&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABE&apn_dtid=^YYYYYY^YY^GB&apn_uid=10299ffb-da5d-4dd7-9b87-1f40736e875e&apn_sauid=93A98009-E123-4DFD-9FA2-BB3BE38A2FC2
SearchScopes: HKCU - {865AC131-20CC-48FE-8F6C-296ADA1D8120} URL = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {947774F4-F8EA-4BBB-B3C6-66978E9629A7} URL = http://rover.ebay.co...45-5/4?satitle={searchTerms}
SearchScopes: HKCU - {C392E2F3-B73D-4A4A-BDD2-6ABEECD267D7} URL = http://uk.shopping.c...nkin_id=8056359
BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files\mcafee\msk\mskapbho.dll ()
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
Chrome: 
=======
CHR DefaultSearchURL: (Ask) - http://websearch.ask...YYYYYY^YY^GB&q={searchTerms}
CHR DefaultSuggestURL: (Ask) - http://ss.websearch....stype=prefix&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Skype Click to Call) - C:\Users\In Tandem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.4.0.11328_0\npSkypeChromePlugin.dll No File
CHR Plugin: (registryAccess) - C:\Users\In Tandem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaanijiojpcccpkjdjjmjghddcgcbfj\7.15.2.0_0\background/registryAccess.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\In Tandem\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll ()
CHR Extension: (SiteAdvisor) - C:\Users\INTAND~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_1
CHR Extension: (Skype Click to Call) - C:\Users\INTAND~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\INTAND~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR StartMenuInternet: Google Chrome - C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4233088 2013-04-29] (Symantec Corporation)
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-11-25] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-11-25] (Sonic Solutions)
S4 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2010-04-08] (Sony Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [852336 2010-03-18] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)
S2 LowVXF; C:\Windows\system32\LowVXF.exe [x]
 
==================== Drivers (Whitelisted) ====================
 
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
R3 NW1950; C:\Windows\system32\drivers\NW1950.sys [26104 2010-03-01] ()
U3 mfeavfk01; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-09-14 17:10 - 2013-09-14 17:10 - 00000000 ____D C:\FRST
2013-09-14 17:09 - 2013-09-14 17:09 - 01950312 _____ (Farbar) C:\Users\In Tandem\Downloads\FRST64.exe
2013-09-14 16:05 - 2013-09-14 16:05 - 00655360 _____ C:\Users\In Tandem\Downloads\MicrosoftFixit50471 (1).msi
2013-09-14 15:58 - 2013-09-14 15:58 - 00655360 _____ C:\Users\In Tandem\Downloads\MicrosoftFixit50471.msi
2013-09-14 11:57 - 2013-09-14 11:58 - 93491472 _____ (Microsoft Corporation) C:\Users\In Tandem\Downloads\msert.exe
2013-09-13 09:04 - 2013-09-14 09:04 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{DEC2B2E4-0B26-4197-B6A8-17ADBC4D1CE3}
2013-09-12 20:05 - 2013-09-12 20:05 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{1B6C34D3-5DF0-4FE6-954A-D7969A29440C}
2013-09-11 10:31 - 2013-09-11 10:31 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300 (2).exe
2013-09-11 07:09 - 2013-09-11 22:57 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{D419E848-59DF-4D6B-B77C-523EB5B4908D}
2013-09-10 23:15 - 2013-09-11 10:34 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-10 23:15 - 2013-09-11 10:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-10 23:15 - 2013-09-10 23:15 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Malwarebytes
2013-09-10 23:15 - 2013-09-10 23:15 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-10 23:15 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-10 23:14 - 2013-09-10 23:14 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-09-10 23:10 - 2013-09-10 23:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-10 19:08 - 2013-09-10 19:08 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{9F5CF4F2-6E8A-4CBE-9F6C-4FB16644BB04}
2013-09-10 07:08 - 2013-09-10 07:08 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{E16CA6A5-B8F7-4FF0-92E0-A663828DC1F1}
2013-09-09 22:01 - 2013-09-09 22:01 - 00531968 _____ C:\Users\In Tandem\Downloads\Frameworks (6).ppt
2013-09-09 21:59 - 2013-09-09 21:59 - 01656320 _____ C:\Users\In Tandem\Downloads\SUPERVISION in Practice  (5).ppt
2013-09-09 21:55 - 2013-09-09 21:55 - 00240128 _____ C:\Users\In Tandem\Downloads\PERSONAL SUPERVISION - your beliefs (4).ppt
2013-09-09 21:55 - 2013-09-09 21:55 - 00150016 _____ C:\Users\In Tandem\Downloads\YOUR SUPERVISION JOURNEY (3) handout.ppt
2013-09-09 21:50 - 2013-09-09 21:50 - 00840192 _____ C:\Users\In Tandem\Downloads\DEFINING SUPERVISION (2)-2.ppt
2013-09-09 21:43 - 2013-09-09 21:43 - 00719360 _____ C:\Users\In Tandem\Downloads\INTRO (1) handout.ppt
2013-09-09 21:30 - 2013-09-09 21:30 - 00205824 _____ C:\Users\In Tandem\Downloads\Master Client Invoices 2013.xls
2013-09-09 21:15 - 2013-09-09 21:15 - 00660480 _____ C:\Users\In Tandem\Downloads\COLCHESTER 2012 Counselling continuum 2.ppt
2013-09-09 21:02 - 2013-09-10 06:48 - 00000000 ____D C:\Users\In Tandem\AppData\Local\LogMeIn Rescue Applet
2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (3).exe
2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (2).exe
2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (1).exe
2013-09-09 20:31 - 2013-09-09 20:31 - 00910752 _____ (Symantec Corporation) C:\Users\In Tandem\Downloads\AutoDetectPkg (1).exe
2013-09-09 19:07 - 2013-09-09 19:08 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{39C201EE-154A-47C3-BF3E-081C0E158727}
2013-09-09 16:07 - 2013-09-09 16:07 - 00003006 _____ C:\Windows\System32\Tasks\{A4BB19BE-27F1-436E-8086-39911A6ACDC3}
2013-09-09 16:07 - 2013-09-09 16:07 - 00003006 _____ C:\Windows\System32\Tasks\{51A4D075-AC3F-468B-A148-A06FC3429F82}
2013-09-08 01:54 - 2013-09-09 07:07 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{7BE9099B-FFDB-429F-B1AE-6E6BB71CAF9F}
2013-09-07 12:32 - 2013-09-07 12:33 - 53565824 _____ (Citrix Systems, Inc.) C:\Users\In Tandem\Downloads\CitrixReceiverWeb.exe
2013-09-06 17:59 - 2013-09-06 17:59 - 00903080 _____ (Oracle Corporation) C:\Users\In Tandem\Downloads\chromeinstall-7u25 (4).exe
2013-09-06 17:58 - 2013-09-06 17:57 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-06 17:58 - 2013-09-06 17:57 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-06 17:58 - 2013-09-06 17:57 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-06 17:58 - 2013-09-06 17:57 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-06 17:58 - 2013-09-06 17:57 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-06 17:53 - 2013-09-06 17:54 - 00903080 _____ (Oracle Corporation) C:\Users\In Tandem\Downloads\chromeinstall-7u25 (3).exe
2013-09-05 07:00 - 2013-09-07 12:30 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{DDAEFBDB-9CFB-42CA-96F6-5774B1D42550}
2013-08-27 09:04 - 2013-08-27 09:05 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{61E2F8D5-C66D-465F-A3B8-7B552288881B}
2013-08-22 10:58 - 2013-08-26 16:33 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{593E1343-10F5-4346-8126-054423A2A4DC}
2013-08-21 09:25 - 2013-08-21 09:25 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-21 09:23 - 2013-08-21 09:24 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-21 09:23 - 2013-08-21 09:24 - 00000000 ____D C:\Program Files\iTunes
2013-08-21 09:23 - 2013-08-21 09:24 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-21 09:23 - 2013-08-21 09:23 - 00000000 ____D C:\Program Files\iPod
 
==================== One Month Modified Files and Folders =======
 
2013-09-14 17:10 - 2013-09-14 17:10 - 00000000 ____D C:\FRST
2013-09-14 17:09 - 2013-09-14 17:09 - 01950312 _____ (Farbar) C:\Users\In Tandem\Downloads\FRST64.exe
2013-09-14 17:09 - 2010-04-27 04:14 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-14 17:07 - 2011-09-05 21:15 - 02575413 _____ C:\Windows\WindowsUpdate.log
2013-09-14 17:02 - 2011-11-17 11:44 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Skype
2013-09-14 17:01 - 2011-11-09 17:29 - 00000264 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2013-09-14 16:43 - 2012-05-19 13:35 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001UA.job
2013-09-14 16:09 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-14 16:09 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-14 16:05 - 2013-09-14 16:05 - 00655360 _____ C:\Users\In Tandem\Downloads\MicrosoftFixit50471 (1).msi
2013-09-14 16:04 - 2012-11-11 09:28 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-09-14 16:03 - 2011-11-01 21:11 - 00000000 ___RD C:\Users\In Tandem\Dropbox
2013-09-14 16:03 - 2011-11-01 21:07 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Dropbox
2013-09-14 16:02 - 2011-10-22 22:37 - 00000000 ____D C:\Users\In Tandem\Tracing
2013-09-14 16:02 - 2010-04-27 04:14 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-14 16:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-14 16:01 - 2009-07-14 05:51 - 00067634 _____ C:\Windows\setupact.log
2013-09-14 15:58 - 2013-09-14 15:58 - 00655360 _____ C:\Users\In Tandem\Downloads\MicrosoftFixit50471.msi
2013-09-14 14:25 - 2011-09-19 20:48 - 00000000 ____D C:\Users\In Tandem\Documents\Matt
2013-09-14 11:58 - 2013-09-14 11:57 - 93491472 _____ (Microsoft Corporation) C:\Users\In Tandem\Downloads\msert.exe
2013-09-14 09:04 - 2013-09-13 09:04 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{DEC2B2E4-0B26-4197-B6A8-17ADBC4D1CE3}
2013-09-14 08:43 - 2012-05-19 13:35 - 00000872 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001Core.job
2013-09-14 01:11 - 2011-09-05 21:18 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0A4322B-F1F8-46F1-A3EE-E84762B3CF71}
2013-09-13 09:38 - 2011-09-27 11:26 - 00000000 ____D C:\Users\In Tandem\Documents\OLIVER
2013-09-12 20:05 - 2013-09-12 20:05 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{1B6C34D3-5DF0-4FE6-954A-D7969A29440C}
2013-09-12 06:28 - 2010-03-25 12:00 - 00622084 _____ C:\Windows\PFRO.log
2013-09-12 06:26 - 2012-11-11 09:28 - 00000000 ____D C:\Program Files (x86)\Search Results Toolbar
2013-09-11 22:57 - 2013-09-11 07:09 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{D419E848-59DF-4D6B-B77C-523EB5B4908D}
2013-09-11 10:34 - 2013-09-10 23:15 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-11 10:34 - 2013-09-10 23:15 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-11 10:31 - 2013-09-11 10:31 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300 (2).exe
2013-09-11 06:40 - 2011-09-07 11:03 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Kyjel
2013-09-11 06:38 - 2011-09-05 21:15 - 00000000 ____D C:\Users\In Tandem
2013-09-10 23:15 - 2013-09-10 23:15 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Malwarebytes
2013-09-10 23:15 - 2013-09-10 23:15 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-10 23:14 - 2013-09-10 23:14 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-09-10 23:10 - 2013-09-10 23:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-10 19:08 - 2013-09-10 19:08 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{9F5CF4F2-6E8A-4CBE-9F6C-4FB16644BB04}
2013-09-10 07:08 - 2013-09-10 07:08 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{E16CA6A5-B8F7-4FF0-92E0-A663828DC1F1}
2013-09-10 06:48 - 2013-09-09 21:02 - 00000000 ____D C:\Users\In Tandem\AppData\Local\LogMeIn Rescue Applet
2013-09-09 22:01 - 2013-09-09 22:01 - 00531968 _____ C:\Users\In Tandem\Downloads\Frameworks (6).ppt
2013-09-09 21:59 - 2013-09-09 21:59 - 01656320 _____ C:\Users\In Tandem\Downloads\SUPERVISION in Practice  (5).ppt
2013-09-09 21:55 - 2013-09-09 21:55 - 00240128 _____ C:\Users\In Tandem\Downloads\PERSONAL SUPERVISION - your beliefs (4).ppt
2013-09-09 21:55 - 2013-09-09 21:55 - 00150016 _____ C:\Users\In Tandem\Downloads\YOUR SUPERVISION JOURNEY (3) handout.ppt
2013-09-09 21:50 - 2013-09-09 21:50 - 00840192 _____ C:\Users\In Tandem\Downloads\DEFINING SUPERVISION (2)-2.ppt
2013-09-09 21:43 - 2013-09-09 21:43 - 00719360 _____ C:\Users\In Tandem\Downloads\INTRO (1) handout.ppt
2013-09-09 21:30 - 2013-09-09 21:30 - 00205824 _____ C:\Users\In Tandem\Downloads\Master Client Invoices 2013.xls
2013-09-09 21:15 - 2013-09-09 21:15 - 00660480 _____ C:\Users\In Tandem\Downloads\COLCHESTER 2012 Counselling continuum 2.ppt
2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (3).exe
2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (2).exe
2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (1).exe
2013-09-09 20:35 - 2011-09-05 21:22 - 00000000 ____D C:\Users\In Tandem\AppData\Local\Google
2013-09-09 20:31 - 2013-09-09 20:31 - 00910752 _____ (Symantec Corporation) C:\Users\In Tandem\Downloads\AutoDetectPkg (1).exe
2013-09-09 19:43 - 2011-09-05 21:16 - 00104744 _____ C:\Users\In Tandem\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-09 19:42 - 2009-07-14 05:45 - 00407432 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-09 19:38 - 2010-04-27 04:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-09 19:33 - 2009-07-14 08:45 - 00000000 ____D C:\Windows\ShellNew
2013-09-09 19:08 - 2013-09-09 19:07 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{39C201EE-154A-47C3-BF3E-081C0E158727}
2013-09-09 16:21 - 2012-02-07 20:26 - 00000000 ____D C:\Users\In Tandem\Documents\CATHY PERSONAL
2013-09-09 16:15 - 2012-05-19 15:26 - 00000000 ____D C:\Users\Guest
2013-09-09 16:15 - 2011-11-17 11:44 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-09 16:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-09-09 16:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\IME
2013-09-09 16:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Cursors
2013-09-09 16:07 - 2013-09-09 16:07 - 00003006 _____ C:\Windows\System32\Tasks\{A4BB19BE-27F1-436E-8086-39911A6ACDC3}
2013-09-09 16:07 - 2013-09-09 16:07 - 00003006 _____ C:\Windows\System32\Tasks\{51A4D075-AC3F-468B-A148-A06FC3429F82}
2013-09-09 14:52 - 2009-07-14 06:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-09 14:30 - 2011-09-26 21:29 - 00000000 ____D C:\Users\In Tandem\Documents\TAFC
2013-09-09 07:07 - 2013-09-08 01:54 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{7BE9099B-FFDB-429F-B1AE-6E6BB71CAF9F}
2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY
2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY
2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY
2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY
2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY
2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY
2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY
2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY
2013-09-08 18:08 - 2013-05-21 14:08 - 00000000 ___SD C:\Users\In Tandem\Documents\My Data Sources
2013-09-08 18:07 - 2012-04-20 14:41 - 00000000 ____D C:\Users\In Tandem\Documents\LIFE CHANGES
2013-09-08 17:40 - 2013-04-21 16:21 - 00000000 ____D C:\Users\In Tandem\Documents\Biology EA project
2013-09-08 17:40 - 2011-09-10 20:41 - 00000000 ____D C:\TAFC
2013-09-08 17:40 - 2011-09-10 15:19 - 00000000 ____D C:\Users\In Tandem\Documents\In tandem
2013-09-08 17:37 - 2011-09-10 16:55 - 00000000 ____D C:\Old In Tandem Invoices
2013-09-07 12:38 - 2011-09-26 19:19 - 00000000 ____D C:\ProgramData\Citrix
2013-09-07 12:38 - 2011-09-26 19:18 - 00000000 ____D C:\Users\In Tandem\AppData\Local\Citrix
2013-09-07 12:38 - 2011-09-26 19:18 - 00000000 ____D C:\Program Files (x86)\Citrix
2013-09-07 12:33 - 2013-09-07 12:32 - 53565824 _____ (Citrix Systems, Inc.) C:\Users\In Tandem\Downloads\CitrixReceiverWeb.exe
2013-09-07 12:30 - 2013-09-05 07:00 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{DDAEFBDB-9CFB-42CA-96F6-5774B1D42550}
2013-09-06 17:59 - 2013-09-06 17:59 - 00903080 _____ (Oracle Corporation) C:\Users\In Tandem\Downloads\chromeinstall-7u25 (4).exe
2013-09-06 17:57 - 2013-09-06 17:58 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-06 17:57 - 2013-09-06 17:58 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-06 17:57 - 2013-09-06 17:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-06 17:57 - 2013-09-06 17:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-06 17:57 - 2013-09-06 17:58 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-06 17:57 - 2011-09-06 23:15 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-06 17:57 - 2010-04-27 04:39 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-06 17:54 - 2013-09-06 17:53 - 00903080 _____ (Oracle Corporation) C:\Users\In Tandem\Downloads\chromeinstall-7u25 (3).exe
2013-08-27 09:11 - 2010-04-27 04:15 - 00000000 ____D C:\Program Files\mcafee
2013-08-27 09:05 - 2013-08-27 09:04 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{61E2F8D5-C66D-465F-A3B8-7B552288881B}
2013-08-26 16:33 - 2013-08-22 10:58 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{593E1343-10F5-4346-8126-054423A2A4DC}
2013-08-23 09:50 - 2011-09-12 20:40 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Suhe
2013-08-22 10:12 - 2012-02-25 10:31 - 00005607 _____ C:\test.xml
2013-08-22 08:57 - 2010-04-27 04:37 - 00000000 ____D C:\ProgramData\Skype
2013-08-22 08:54 - 2012-10-18 23:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-21 22:57 - 2013-08-10 17:03 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{53C90829-FE5B-4455-A75B-DA8ABB7C4D42}
2013-08-21 09:25 - 2013-08-21 09:25 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-21 09:24 - 2013-08-21 09:23 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-21 09:24 - 2013-08-21 09:23 - 00000000 ____D C:\Program Files\iTunes
2013-08-21 09:24 - 2013-08-21 09:23 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-21 09:23 - 2013-08-21 09:23 - 00000000 ____D C:\Program Files\iPod
 
Files to move or delete:
====================
C:\Users\In Tandem\CTX.DAT
 
 
Some content of TEMP:
====================
C:\Users\In Tandem\AppData\Local\Temp\586B.exe
C:\Users\In Tandem\AppData\Local\Temp\7EB5.exe
C:\Users\In Tandem\AppData\Local\Temp\ApnStub.exe
C:\Users\In Tandem\AppData\Local\Temp\AskSLib.dll
C:\Users\In Tandem\AppData\Local\Temp\DealsPluginROW.exe
C:\Users\In Tandem\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\In Tandem\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\In Tandem\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\In Tandem\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\In Tandem\AppData\Local\Temp\setup.exe
C:\Users\In Tandem\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-09-11 00:14
 
==================== End Of Log ============================


#6 CathyS

CathyS

    New Member

  • Members
  • Pip
  • 5 posts

Posted 14 September 2013 - 11:21 AM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2013 04
Ran by In Tandem at 2013-09-14 17:12:26
Running from C:\Users\In Tandem\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs =======================
 
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.42.34)
Adobe Flash Player 10 Plugin (x32 Version: 10.0.42.34)
Adobe Reader X (10.1.8) (x32 Version: 10.1.8)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.98)
ArcSoft WebCam Companion 3 (x32 Version: 3.0.21.278)
ArcSoft WebCam Message Board (x32 Version: 1.0.1.58)
Bing Bar (x32 Version: 7.2.233.0)
Bing Maps 3D (Version: 4.0.903.16005)
Bonjour (Version: 3.0.0.10)
Citrix Authentication Manager (x32 Version: 5.0.0.60597)
Citrix online plug-in (Web) (x32 Version: 11.2.0.31560)
Citrix Receiver (HDX Flash Redirection) (x32 Version: 14.0.0.91)
Citrix Receiver (x32 Version: 14.0.0.91)
Citrix Receiver Inside (x32 Version: 3.4.0.45902)
Citrix Receiver Updater (x32 Version: 4.0.0.45893)
Citrix Receiver(Aero) (x32 Version: 14.0.0.91)
Citrix Receiver(DV) (x32 Version: 14.0.0.91)
Citrix Receiver(USB) (x32 Version: 14.0.0.91)
Click to Disc MergeModules x64 (Version: 1.0.14230)
CyberLink YouPaint (x32 Version: 1.2.0.1518)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dropbox (HKCU Version: 2.0.22)
Evernote (x32 Version: 3.5.2.1525)
Google Chrome (HKCU Version: 29.0.1547.66)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752)
Google Update Helper (x32 Version: 1.3.21.153)
GoToMeeting 5.4.0.1083 (HKCU Version: 5.4.0.1083)
HP FWUpdateEDO2 (x32 Version: 1.2.0.0)
HP Photo Creations (x32 Version: 1.0.0.5192)
HP Photosmart 5510 series Basic Device Software (Version: 24.0.342.0)
HP Photosmart 5510 series Help (x32 Version: 140.0.2.2)
HP Photosmart 5510 series Product Improvement Study (Version: 24.0.342.0)
HP Update (x32 Version: 5.005.000.002)
HPDiagnosticAlert (x32 Version: 1.00.0000)
iCloud (Version: 2.1.2.8)
Intel® Management Engine Interface
iTunes (Version: 11.0.5.5)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java™ 6 Update 18 (64-bit) (Version: 6.0.180)
Java™ 6 Update 26 (x32 Version: 6.0.260)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Internet Security (x32 Version: 11.6.511)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Media Gallery (x32 Version: 1.2.0.15040)
Media Gallery MergeModules x64 (Version: 1.0.14250)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Companion (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Easy Assist v2 (x32 Version: 8.1.6416.0)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Live Add-in 1.3 (x32 Version: 2.0.2313.0)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Suite Activation Assistant (x32 Version: 2.9)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP1 English (x32 Version: 3.5.5692.0)
Microsoft SQL Server Compact 3.5 SP1 x64 English (Version: 3.5.5692.0)
Microsoft Touch Pack for Windows 7 (x32 Version: 1.0.40517.00)
Microsoft Works (x32 Version: 9.7.0621)
Microsoft XNA Framework Redistributable 3.0 (x32 Version: 3.0.11010.0)
Mozilla Maintenance Service (x32 Version: 17.0.8)
Mozilla Thunderbird 17.0.8 (x86 en-US) (x32 Version: 17.0.8)
MSI_SPF_x64 (Version: 1.0.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MusicStation (x32 Version: 2.0.4.1199)
Nike+ Connect (x32 Version: 2.0)
Norton Online Backup (x32 Version: 2.7.2.25)
NVIDIA Drivers (Version: 1.10.57.35)
Online Plug-in (x32 Version: 14.0.0.91)
ooVoo (x32 Version: 3.5.6046)
ooVoo toolbar, powered by Ask.com (x32 Version: 1.15.15.0)
ooVoo toolbar, powered by Ask.com Updater (HKCU Version: 1.2.4.35882)
Picasa 3 (x32 Version: 3.9)
PMB (x32 Version: 5.1.02.03310)
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.1.00.15080)
PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.1.00.15040)
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.1.00.15080)
PS5510FWUpdateAlert (x32 Version: 2.00.0000)
PVSonyDll (Version: 1.00.0001)
QuickTime (x32 Version: 7.74.80.86)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6005)
Remote Keyboard with PlayStation 3 (x32 Version: 1.0.0.15190)
Remote Play with PlayStation 3 (x32 Version: 1.0.0.15090)
Remote Play with PlayStation®3 (x32 Version: 1.0.0.15090)
Roxio Central Audio (x32 Version: 3.8.0)
Roxio Central Copy (x32 Version: 3.8.0)
Roxio Central Core (x32 Version: 3.8.0)
Roxio Central Data (x32 Version: 3.8.0)
Roxio Central Tools (x32 Version: 3.8.0)
Roxio Easy Media Creator 10 LJ (x32 Version: 10.3)
Roxio Easy Media Creator Home (x32 Version: 10.3.263)
Seagate Manager Installer (x32 Version: 2.01.0013)
Self-service Plug-in (x32 Version: 4.0.0.40674)
Setting Utility Series (x32 Version: 5.2.0.14250)
Shared C Run-time for x64 (Version: 10.0.0)
Skype Click to Call (x32 Version: 6.11.13348)
Skype™ 6.6 (x32 Version: 6.6.106)
Sony Home Network Library (x32 Version: 2.1.0.14240)
TrueCrypt (x32 Version: 7.1a)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
VAIO - PMB VAIO Edition Guide (x32 Version: 1.5.00.03020)
VAIO Care (x32 Version: 6.4.2.11150)
VAIO Content Monitoring Settings (x32 Version: 2.5.0.13220)
VAIO Control Center (x32 Version: 4.2.0.15020)
VAIO Data Restore Tool (x32 Version: 1.3.0.13150)
VAIO DVD Menu Data (x32 Version: 2.1.00.13210)
VAIO Entertainment Platform (x32 Version: 3.7.0.16080)
VAIO Event Service (x32 Version: 5.2.0.15020)
VAIO Gate (x32 Version: 2.4.0.06210)
VAIO Gate Default (x32 Version: 2.0.0.04160)
VAIO Hardware Diagnostics (x32 Version: 3.9.1)
VAIO Media plus (x32 Version: 2.1.0.15040)
VAIO Media plus Opening Movie (x32 Version: 2.1.0.13220)
VAIO Movie Story MergeModules x64 (Version: 1.0.14240)
VAIO Movie Story Template Data (x32 Version: 2.1.00.14040)
VAIO Original Function Settings (x32 Version: 2.1.0.13120)
VAIO Power Management (x32 Version: 5.1.0.13200)
VAIO Premium Partners (x32 Version: 1.0)
VAIO screensaver (x32 Version: 1.0.0.0)
VAIO Smart Network (x32 Version: 3.3.1.08110)
VAIO Transfer Support (x32 Version: 1.1.2.06030)
VAIO Update (x32 Version: 6.1.1.10250)
VAIO Wallpaper Contents (x32 Version: 2.1.0.14090)
VMp MergeModule x64 (Version: 1.0.0)
VU5x64 (Version: 1.1.0)
VU5x86 (x32 Version: 1.0.0)
VU5x86 (x32 Version: 1.1.0)
WIDCOMM Bluetooth Software (Version: 6.3.0.3950)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (02/12/2010 6.3.0.3820) (Version: 02/12/2010 6.3.0.3820)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (02/28/2010 6.3.0.3850) (Version: 02/28/2010 6.3.0.3850)
Windows Driver Package - Broadcom HIDClass  (09/11/2009 6.3.0.1500) (Version: 09/11/2009 6.3.0.1500)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
 
==================== Restore Points  =========================
 
11-09-2013 06:35:22 Scheduled Checkpoint
14-09-2013 14:58:46 Installed Microsoft Fix it 50471
 
==================== Hosts content: ==========================
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0101172D-7110-4477-BA28-D6114BDEBE66} - System32\Tasks\smBKeeB => C:\Windows\system32\smBKeeB.exe
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {05FFE003-DD11-48DB-93EB-2016C4B1B0AB} - System32\Tasks\MMMWJrW => C:\Windows\system32\MMMWJrW.exe
Task: {0DDC5F01-987F-4134-8BA9-A035C78F6D98} - System32\Tasks\hpUrlLauncher.exe_{372B553A-4EE1-4D06-93A6-EA70093E4868} => C:\Program Files\HP\HP Photosmart 5510 series\Bin\utils\hpUrlLauncher.exe [2011-05-25] (Hewlett-Packard Co.)
Task: {134169B2-602C-4388-9CAD-DFAD8AEB5AA5} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {24D0424B-F379-4D8E-90E7-292DC99BEC8B} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-26] (Sony Corporation)
Task: {257F3453-6F20-42DB-BE8F-9678223F364B} - System32\Tasks\KFgzUZN => C:\Windows\system32\KFgzUZN.exe
Task: {26D916C8-DAB8-4372-B44C-DE07A006B09C} - System32\Tasks\{51A4D075-AC3F-468B-A148-A06FC3429F82} => C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE [2010-10-22] (Microsoft Corporation)
Task: {2B245DF5-E0DE-42B8-9CE3-4BA54EA91662} - System32\Tasks\dWuvTbM => C:\Windows\system32\dWuvTbM.exe
Task: {31621CEA-5AC9-4914-85C6-04C4C3F4A62A} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-04-05] (Apple Inc.)
Task: {35582AA7-F0D9-4B2B-860E-08B5AE701A42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-27] (Google Inc.)
Task: {35A85565-AA43-48F1-AD7A-3F818BE5F748} - System32\Tasks\VAIO Care Support => C:\Program Files\Sony\VAIO Care\VCSpt.exe
Task: {36468EC4-581D-4A14-BBCA-BC3C629B55F5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-27] (Google Inc.)
Task: {46F3A6C3-4DD9-4A05-94FD-7B8CD671F132} - System32\Tasks\fnxVoOU => C:\Windows\system32\fnxVoOU.exe
Task: {510527C7-0659-470B-8061-3651194E4694} - System32\Tasks\BiObFXB => C:\Windows\system32\BiObFXB.exe
Task: {57055AC2-6AF8-40DE-91CF-24E765C975DB} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-01-24] ()
Task: {5990FCE1-0903-4FBD-81A9-63EA8A410E8F} - System32\Tasks\NBKrLiC => C:\Windows\system32\NBKrLiC.exe
Task: {5DE17001-251C-4435-834E-E53D10758D4E} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)
Task: {6C0A95A9-C9DE-4A02-B9D6-2694E862D03D} - System32\Tasks\XYExEuY => C:\Windows\system32\XYExEuY.exe
Task: {78573D73-042E-4F4F-B861-3523D32FAE08} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-03-21] (Sony Corporation)
Task: {7FFFDAAB-84A9-4DE8-91E9-28B01A09AB76} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001UA => C:\Users\In Tandem\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-19] (Google Inc.)
Task: {81637E04-779A-4E83-AB51-2AE1EE9ABD21} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {88FE4836-DA5A-40E8-AD00-34CC8E5C6621} - System32\Tasks\User_Feed_Synchronization-{C0A4322B-F1F8-46F1-A3EE-E84762B3CF71} => C:\Windows\system32\msfeedssync.exe [2011-09-29] (Microsoft Corporation)
Task: {966C884D-3DE6-4B0A-AB8A-76D8ED18A771} - System32\Tasks\sfWCIYU => C:\Windows\system32\sfWCIYU.exe
Task: {96CF9470-8A28-46D1-BDF2-8A68F454B294} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {9C1F6E6B-32EC-4968-B1EA-09100FAA3248} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9D67C226-CCB3-4AC0-8763-BD1B68184B4C} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2012-10-26] (Sony Corporation)
Task: {AA1718DB-0D2F-414C-B81B-8B662BA863E8} - System32\Tasks\yOGiMLg => C:\Windows\system32\yOGiMLg.exe
Task: {B4147543-9998-4B7C-9A3F-A191B9BBFF87} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001Core => C:\Users\In Tandem\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-19] (Google Inc.)
Task: {C48CC719-93DB-490F-8E7A-8503F3485591} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {C96CB590-1879-469B-8264-369032F91286} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-05-25] (Hewlett-Packard Co.)
Task: {E6C4BC19-4154-4736-A5B2-CBE4F66C470D} - System32\Tasks\XuWUEvG => C:\Windows\system32\XuWUEvG.exe
Task: {EA2A512B-DB70-4E1E-BF8D-B36E16E80CD9} - System32\Tasks\{A4BB19BE-27F1-436E-8086-39911A6ACDC3} => C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE [2010-10-22] (Microsoft Corporation)
Task: {EBC52348-21FE-4B2B-A9CA-04230844F8A7} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {FC109FD5-D1D3-4CE9-863B-069250E91C26} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {FDC5042A-7731-40B1-BEA3-C95CE1D7A584} - System32\Tasks\LkbdJcQ => C:\Windows\system32\LkbdJcQ.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001Core.job => C:\Users\In Tandem\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001UA.job => C:\Users\In Tandem\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-07-21 16:34 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2011-09-07 21:17 - 2010-11-20 14:25 - 00405504 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
2009-07-14 00:37 - 2009-07-14 02:39 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Dwm.exe
2010-03-25 12:35 - 2010-03-24 23:36 - 04452456 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2011-09-06 07:38 - 2011-02-25 07:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\Explorer.EXE
2013-05-25 01:36 - 2013-05-25 01:36 - 00164016 _____ (Dropbox, Inc.) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
2010-04-27 04:52 - 2010-08-11 09:46 - 02367376 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
2011-09-07 21:18 - 2010-11-20 14:25 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2010-04-27 04:44 - 2011-06-21 11:55 - 04733384 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
2010-04-27 04:44 - 2011-06-21 11:55 - 00546816 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\NotificationWrapper.dll
2011-12-15 23:47 - 2011-06-21 11:55 - 00010752 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\MouseHook.dll
2010-04-27 04:44 - 2011-06-21 11:55 - 02358784 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\TapTrigger.dll
2011-12-15 23:47 - 2011-06-21 11:55 - 00757760 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VGDam.dll
2013-01-07 18:06 - 2012-10-26 10:44 - 00029856 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgentPS64.dll
2010-04-27 04:09 - 2010-02-05 07:28 - 09645088 _____ (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2010-04-27 04:09 - 2010-02-05 07:28 - 00149536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2010-04-27 04:09 - 2010-02-05 07:28 - 01638944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-02-06 11:09 - 2013-02-06 11:09 - 28469312 _____ (ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe
2013-06-21 09:58 - 2013-06-21 09:58 - 19875432 ____R (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
2010-01-21 20:31 - 2010-01-21 20:31 - 00597792 _____ (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
2013-06-14 16:43 - 2013-06-14 16:43 - 00395656 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
2010-10-01 16:26 - 2010-10-01 16:26 - 00299008 _____ (Nike) C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe
2013-01-24 15:18 - 2013-01-24 15:18 - 01646216 _____ (Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
2013-05-25 01:47 - 2013-05-25 01:47 - 27776968 _____ (Dropbox, Inc.) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\Dropbox.exe
2009-07-14 00:41 - 2009-07-14 02:14 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RunDll32.exe
2013-06-14 16:44 - 2013-06-14 16:44 - 00153992 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
2009-07-14 00:57 - 2009-07-14 02:39 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\RunDll32.exe
2013-01-07 18:06 - 2012-10-26 11:33 - 01157280 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
2013-01-07 18:06 - 2012-10-26 10:44 - 00017056 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Update\InternetWrapperPS.dll
2011-09-07 21:18 - 2010-11-20 14:27 - 01435648 _____ (Microsoft Corporation) C:\Windows\System32\Speech\Common\sapi.dll
2012-05-19 13:36 - 2013-09-02 21:35 - 00829392 _____ (Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe
2013-06-13 21:00 - 2013-06-13 21:00 - 01505608 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
2013-06-09 19:55 - 2013-06-09 19:55 - 00054152 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
2013-06-14 16:45 - 2013-06-14 16:45 - 00924040 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
2013-04-29 12:47 - 2013-04-29 12:47 - 03314560 _____ (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
2011-11-28 08:39 - 2011-02-16 15:08 - 01165504 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
2011-11-28 08:39 - 2011-11-15 11:27 - 00083104 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCUtility.dll
2011-11-28 08:39 - 2011-11-02 16:40 - 00059528 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\KeyUtilities.dll
2011-11-28 08:39 - 2011-02-14 14:23 - 00022720 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Metrics.dll
2011-12-15 23:47 - 2011-06-21 11:55 - 00080896 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\x64\VAIOGateNotifications.dll
2011-11-28 08:39 - 2011-02-14 17:20 - 00012992 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe
2013-09-14 17:09 - 2013-09-14 17:09 - 01950312 _____ (Farbar) C:\Users\In Tandem\Downloads\FRST64.exe
2013-05-25 01:36 - 2013-05-25 01:36 - 00130736 _____ (Dropbox, Inc.) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
2013-06-21 09:53 - 2013-06-21 09:53 - 00088680 ____R (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-10-24 02:22 - 2009-10-24 02:22 - 00013312 _____ (Sony Corporation) C:\Program Files (x86)\Sony\PMB\XpStorageDevice_WinXp2k.dll
2009-10-24 02:55 - 2009-10-24 02:55 - 00303616 _____ (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcherLOC.DLL
2013-06-14 16:32 - 2013-06-14 16:32 - 00395656 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ctxmui.dll
2013-06-14 16:31 - 2013-06-14 16:31 - 00129416 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\CCMSDK.dll
2013-06-14 16:26 - 2013-06-14 16:26 - 00011656 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\ctxmuiUI.DLL
2013-06-14 16:28 - 2013-06-14 16:28 - 00428424 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\concenUI.DLL
2013-09-07 12:43 - 2013-06-13 21:00 - 00248136 _____ (Citrix Systems, Inc.) C:\Users\In Tandem\AppData\Local\Citrix\Receiver\WindowsAppRHelper_concentr.exe.dll
2013-06-14 16:31 - 2013-06-14 16:31 - 00025480 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\CCMProxy.dll
2012-11-14 00:32 - 2012-11-14 00:32 - 03558400 _____ (wxWidgets development team) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\libcef.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 09956864 _____ (The ICU Project) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\icudt.dll
2011-08-31 00:05 - 2011-08-31 00:05 - 00085864 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll
2013-09-04 04:47 - 2013-09-02 21:34 - 47074256 _____ (Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\chrome.dll
2013-09-04 04:47 - 2013-09-02 21:35 - 09962960 _____ (The ICU Project) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\icudt.dll
2013-06-13 21:00 - 2013-06-13 21:00 - 00620872 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\ResourceKeeper.dll
2013-06-13 21:00 - 2013-06-13 21:00 - 00055624 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\nativemessagebox.dll
2013-06-13 21:00 - 2013-06-13 21:00 - 00915784 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\nativesystrayue.dll
2013-06-13 21:00 - 2013-06-13 21:00 - 00104776 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\progressnotification.dll
2013-06-13 21:00 - 2013-06-13 21:00 - 00088392 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\toaster.dll
2013-06-09 19:50 - 2013-06-09 19:50 - 00117640 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\DazzleConfig.dll
2013-06-09 19:52 - 2013-06-09 19:52 - 00252296 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\ReceiverShim.dll
2013-09-07 12:38 - 2013-06-13 21:02 - 00322888 _____ (Citrix Systems, Inc.) C:\Users\In Tandem\AppData\Local\Citrix\Receiver\WindowsAppRHelper_SelfServicePlugin.exe.dll
2013-06-09 19:52 - 2013-06-09 19:52 - 00014216 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\PreLaunchConfig.dll
2013-06-09 19:50 - 2013-06-09 19:50 - 00039304 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\BaseClassLibrary.dll
2013-09-04 04:47 - 2013-09-02 19:46 - 03231688 _____ (Microsoft Corporation) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\D3DCompiler_46.dll
2013-09-04 04:47 - 2013-09-02 21:35 - 00709584 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
2013-09-04 04:47 - 2013-09-02 21:35 - 00099792 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\libegl.dll
2013-09-04 04:47 - 2013-09-02 21:35 - 04053456 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll
2013-09-04 04:47 - 2013-09-02 21:35 - 00410576 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
2013-09-04 04:47 - 2013-09-02 21:35 - 02110928 _____ (Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\libpeerconnection.dll
2013-09-04 04:47 - 2013-09-02 21:35 - 01604560 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
2013-06-14 16:39 - 2013-06-14 16:39 - 00088456 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ProgressNotificationCommon.dll
2013-06-14 16:41 - 2013-06-14 16:41 - 00076168 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\WFCWINN.dll
2013-06-14 16:39 - 2013-06-14 16:39 - 00117128 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\acrdlg.dll
2013-06-14 16:35 - 2013-06-14 16:35 - 00096648 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\statuin.dll
2013-06-14 16:32 - 2013-06-14 16:32 - 00092552 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\confmgr.dll
2013-06-14 16:32 - 2013-06-14 16:32 - 00023432 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ctxlogging.dll
2013-06-14 16:32 - 2013-06-14 16:32 - 00032648 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\icafile.dll
2013-06-14 16:43 - 2013-06-14 16:43 - 00493960 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\RSManager.dll
2013-06-14 16:42 - 2013-06-14 16:42 - 00029576 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\RSMHook.dll
2013-06-14 16:40 - 2013-06-14 16:40 - 00510344 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\CST.dll
2013-06-14 16:27 - 2013-06-14 16:27 - 00020872 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\ProgressNotificationCommonUI.dll
2013-06-14 16:27 - 2013-06-14 16:27 - 00571784 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\statuiUI.DLL
2013-06-14 16:27 - 2013-06-14 16:27 - 00113032 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\CSTUI.DLL
2013-06-14 16:29 - 2013-06-14 16:29 - 00117128 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\wfcrunUI.DLL
2013-09-07 12:36 - 2013-06-13 21:00 - 00248136 _____ (Citrix Systems, Inc.) C:\Users\In Tandem\AppData\Local\Citrix\Receiver\WindowsAppRHelper_wfcrun32.exe.dll
2013-09-05 07:26 - 2013-09-05 07:26 - 00141752 _____ (McAfee, Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_1\McChPlg.dll
2013-08-10 17:52 - 2013-08-10 17:52 - 02244504 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-08-10 17:52 - 2013-08-10 17:52 - 00158104 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-08-10 17:52 - 2013-08-10 17:52 - 00022424 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-08-10 17:52 - 2013-08-10 17:52 - 00579480 _____ (sqlite.org) C:\Program Files (x86)\Mozilla Thunderbird\mozsqlite3.dll
2013-09-04 04:47 - 2013-09-02 21:35 - 13599184 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) ==========
 
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15585
 
Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15585
 
Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15631
 
Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15631
 
Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17613
 
Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17613
 
Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/11/2013 01:38:16 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16318
 
 
System errors:
=============
Error: (09/14/2013 04:04:06 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
 
Error: (09/14/2013 00:38:37 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
 
Error: (09/14/2013 00:34:51 PM) (Source: DCOM) (User: )
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}
 
Error: (09/13/2013 07:19:22 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
 
Error: (09/13/2013 07:17:03 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 00:25:20 on ‎13/‎09/‎2013 was unexpected.
 
Error: (09/13/2013 00:20:56 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{38936D5E-AF80-4F9F-9E9C-F21FA582C303} because another computer on the network has the same name.  The server could not start.
 
Error: (09/12/2013 08:05:19 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{38936D5E-AF80-4F9F-9E9C-F21FA582C303} because another computer on the network has the same name.  The server could not start.
 
Error: (09/12/2013 06:31:06 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
 
Error: (09/11/2013 11:06:05 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
 
Error: (09/11/2013 11:02:51 PM) (Source: DCOM) (User: )
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}
 
 
Microsoft Office Sessions:
=========================
Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15585
 
Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15585
 
Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15631
 
Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15631
 
Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17613
 
Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17613
 
Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/11/2013 01:38:16 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16318
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-09-12 06:38:26.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-12 06:38:26.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-12 06:38:26.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-11 23:11:34.974
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-11 23:11:34.974
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-11 23:11:34.974
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-11 10:39:43.750
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-11 10:39:43.748
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-09-11 10:39:43.746
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-03-08 07:30:48.429
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\SET2BE9.tmp because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 44%
Total physical RAM: 4031.18 MB
Available physical RAM: 2253.25 MB
Total Pagefile: 8060.54 MB
Available Pagefile: 5001.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:921.3 GB) (Free:782.29 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E67D126D)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=921 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#7 CathyS

CathyS

    New Member

  • Members
  • Pip
  • 5 posts

Posted 15 September 2013 - 03:36 AM

Hello - any more thoughts on my possible gamerue problem ?



#8 B-boy/StyLe/

B-boy/StyLe/

    FFreestyleRR

  • Experts
  • PipPipPipPipPip
  • 1,127 posts
  • Gender:Male
  • Location:Bulgaria

Posted 15 September 2013 - 06:12 AM

Hi,

 

 

 

I am sorry for the delay but we have different timezone. :)

 

Please go ahead and uninstall this toolbar:

 

ooVoo toolbar, powered by Ask.com (x32 Version: 1.15.15.0)
ooVoo toolbar, powered by Ask.com Updater (HKCU Version: 1.2.4.35882)

 

 

Now please download the following file => Attached File  fixlist.txt   11.69KB   10 downloads and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

Regards,

Georgi


Posted Image
My help is always free of charge. If you appreciate my work, you can buy me a beer or two by clicking here - Posted Image

#9 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 40,928 posts
  • Gender:Male
  • Location:US

Posted 17 September 2013 - 11:58 PM

Are you still with us?


Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#10 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 40,928 posts
  • Gender:Male
  • Location:US

Posted 21 September 2013 - 12:34 AM

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users