Sign in to follow this  
Followers 0
CathyS

Tatanga virus impacting HKLM

10 posts in this topic

Dear all, having run Malware software I am still left with this trojan agent:

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|59288 (Trojan.Agent) -> Data: C:\PROGRA~3\LOCALS~1\Temp\msuowjvp.com -> 
 
Any ideas on how to remove this pest gatefully received
CathyS

Share this post


Link to post
Share on other sites

Hello! Welcome to Malwarebytes Forums! welcome.gif
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

 

The malware found look like worm.Gamerue.

 

 

STEP 1


Please download and run the following tool and follow the prompts to disable Autorun.

 

STEP 2

 

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

 

Regards,

Georgi

Share this post


Link to post
Share on other sites

Regarding Step 1, I ran Microsoft Fix It 50471 but it did not give me any prompts to disable Autorun or anything else ?

Share this post


Link to post
Share on other sites

Hi,

 

The tool disable Autorun automatically. Simple start it, agree with EULA and when done you will be prompted to restart the computer. Click YES and after restart please continue with step 2 and attach the log from FRST to your next reply.

 

 

Regards,

Georgi

Share this post


Link to post
Share on other sites
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-09-2013 04

Ran by In Tandem (administrator) on INTANDEM-VAIO on 14-09-2013 17:10:59

Running from C:\Users\In Tandem\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 9

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE

(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

(ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

(Nike) C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe

(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Seagate LLC) C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe

(Dropbox, Inc.) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe

(Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe

(Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe

(Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

(McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saui.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe

(Microsoft Corporation) C:\Windows\System32\vds.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\SeaPort.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

(Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9645088 2010-02-05] (Realtek Semiconductor)

HKLM\...\Policies\Explorer\Run: [59288] - C:\PROGRA~3\LOCALS~1\Temp\msuowjvp.com No File

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-27] (Google Inc.)

HKCU\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)

HKCU\...\Run: [Google Update] - C:\Users\In Tandem\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-19] (Google Inc.)

HKCU\...\Run: [ooVoo.exe] - C:\Program Files (x86)\ooVoo\oovoo.exe [28469312 2013-02-06] (ooVoo LLC)

HKCU\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)

HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)

HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)

HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59720 2013-04-05] (Apple Inc.)

HKCU\...\Run: [qyragcanisvu] - C:\Users\In Tandem\qyragcanisvu.exe

HKCU\...\Run: [myzolawoqoph] - C:\Users\In Tandem\myzolawoqoph.exe

HKCU\...\Run: [hakluzforilg] - C:\Users\In Tandem\hakluzforilg.exe

HKCU\...\Run: [ulbar] - "C:\Users\In Tandem\AppData\Roaming\Kyjel\ulbar.exe"

HKCU\...\Run: [laspeamidpux] - C:\Users\In Tandem\laspeamidpux.exe

HKCU\...\Policies\Explorer: [HideSCAHealth] 1

HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.)

HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2010-01-21] (Sony Corporation)

HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-06-14] (Citrix Systems, Inc.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [Nike+ Connect] - C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe [299008 2010-10-01] (Nike)

HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216 2013-01-24] (Ask)

HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)

HKLM-x32\...\Run: [] -  [x]

HKLM-x32\...\Run: [MaxMenuMgr] - C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [177448 2008-07-17] (Seagate LLC)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

HKLM-x32\...\Run: [CitrixReceiver] - "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" [x]

HKLM-x32\...\Run: [Redirector] - C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-06-14] (Citrix Systems, Inc.)

Startup: C:\Users\In Tandem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\In Tandem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510 series.lnk

ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5510 series.lnk -> C:\Program Files\HP\HP Photosmart 5510 series\bin\HPStatusBL.dll (Hewlett-Packard Co.)

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SVED&bmod=EU01

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File

URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {1E2777D2-E151-4D41-9C5E-93E9B30DD85F} URL = http://websearch.ask.com/redirect?client=ie&tb=OVO2&o=APN10379&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABE&apn_dtid=^YYYYYY^YY^GB&apn_uid=10299ffb-da5d-4dd7-9b87-1f40736e875e&apn_sauid=93A98009-E123-4DFD-9FA2-BB3BE38A2FC2

SearchScopes: HKCU - {865AC131-20CC-48FE-8F6C-296ADA1D8120} URL = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices

SearchScopes: HKCU - {947774F4-F8EA-4BBB-B3C6-66978E9629A7} URL = http://rover.ebay.com/rover/1/710-42480-16445-5/4?satitle={searchTerms}

SearchScopes: HKCU - {C392E2F3-B73D-4A4A-BDD2-6ABEECD267D7} URL = http://uk.shopping.com/?linkin_id=8056359

BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files\mcafee\msk\mskapbho.dll ()

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)

BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)


Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)

Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File

Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)

Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

 

Chrome: 

=======


CHR DefaultSuggestURL: (Ask) - http://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}

CHR Plugin: (Shockwave Flash) - C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()

CHR Plugin: (Skype Click to Call) - C:\Users\In Tandem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.4.0.11328_0\npSkypeChromePlugin.dll No File

CHR Plugin: (registryAccess) - C:\Users\In Tandem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaanijiojpcccpkjdjjmjghddcgcbfj\7.15.2.0_0\background/registryAccess.dll No File

CHR Plugin: (McAfee SiteAdvisor) - C:\Users\In Tandem\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)

CHR Plugin: (Java Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File

CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)

CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File

CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll ()

CHR Extension: (SiteAdvisor) - C:\Users\INTAND~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_1

CHR Extension: (Skype Click to Call) - C:\Users\INTAND~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_0

CHR Extension: (Chrome In-App Payments service) - C:\Users\INTAND~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

CHR StartMenuInternet: Google Chrome - C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Services (Whitelisted) =================

 

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)

S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)

R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)

R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)

R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4233088 2013-04-29] (Symantec Corporation)

S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-11-25] (Sonic Solutions)

S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-11-25] (Sonic Solutions)

S4 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)

R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)

S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2010-04-08] (Sony Corporation)

S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [852336 2010-03-18] (Sony Corporation)

R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)

S2 LowVXF; C:\Windows\system32\LowVXF.exe [x]

 

==================== Drivers (Whitelisted) ====================

 

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)

R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)

R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)

S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)

R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)

R3 NW1950; C:\Windows\system32\drivers\NW1950.sys [26104 2010-03-01] ()

U3 mfeavfk01; No ImagePath

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-09-14 17:10 - 2013-09-14 17:10 - 00000000 ____D C:\FRST

2013-09-14 17:09 - 2013-09-14 17:09 - 01950312 _____ (Farbar) C:\Users\In Tandem\Downloads\FRST64.exe

2013-09-14 16:05 - 2013-09-14 16:05 - 00655360 _____ C:\Users\In Tandem\Downloads\MicrosoftFixit50471 (1).msi

2013-09-14 15:58 - 2013-09-14 15:58 - 00655360 _____ C:\Users\In Tandem\Downloads\MicrosoftFixit50471.msi

2013-09-14 11:57 - 2013-09-14 11:58 - 93491472 _____ (Microsoft Corporation) C:\Users\In Tandem\Downloads\msert.exe

2013-09-13 09:04 - 2013-09-14 09:04 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{DEC2B2E4-0B26-4197-B6A8-17ADBC4D1CE3}

2013-09-12 20:05 - 2013-09-12 20:05 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{1B6C34D3-5DF0-4FE6-954A-D7969A29440C}

2013-09-11 10:31 - 2013-09-11 10:31 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300 (2).exe

2013-09-11 07:09 - 2013-09-11 22:57 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{D419E848-59DF-4D6B-B77C-523EB5B4908D}

2013-09-10 23:15 - 2013-09-11 10:34 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-09-10 23:15 - 2013-09-11 10:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-09-10 23:15 - 2013-09-10 23:15 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Malwarebytes

2013-09-10 23:15 - 2013-09-10 23:15 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-09-10 23:15 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2013-09-10 23:14 - 2013-09-10 23:14 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300 (1).exe

2013-09-10 23:10 - 2013-09-10 23:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300.exe

2013-09-10 19:08 - 2013-09-10 19:08 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{9F5CF4F2-6E8A-4CBE-9F6C-4FB16644BB04}

2013-09-10 07:08 - 2013-09-10 07:08 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{E16CA6A5-B8F7-4FF0-92E0-A663828DC1F1}

2013-09-09 22:01 - 2013-09-09 22:01 - 00531968 _____ C:\Users\In Tandem\Downloads\Frameworks (6).ppt

2013-09-09 21:59 - 2013-09-09 21:59 - 01656320 _____ C:\Users\In Tandem\Downloads\SUPERVISION in Practice  (5).ppt

2013-09-09 21:55 - 2013-09-09 21:55 - 00240128 _____ C:\Users\In Tandem\Downloads\PERSONAL SUPERVISION - your beliefs (4).ppt

2013-09-09 21:55 - 2013-09-09 21:55 - 00150016 _____ C:\Users\In Tandem\Downloads\YOUR SUPERVISION JOURNEY (3) handout.ppt

2013-09-09 21:50 - 2013-09-09 21:50 - 00840192 _____ C:\Users\In Tandem\Downloads\DEFINING SUPERVISION (2)-2.ppt

2013-09-09 21:43 - 2013-09-09 21:43 - 00719360 _____ C:\Users\In Tandem\Downloads\INTRO (1) handout.ppt

2013-09-09 21:30 - 2013-09-09 21:30 - 00205824 _____ C:\Users\In Tandem\Downloads\Master Client Invoices 2013.xls

2013-09-09 21:15 - 2013-09-09 21:15 - 00660480 _____ C:\Users\In Tandem\Downloads\COLCHESTER 2012 Counselling continuum 2.ppt

2013-09-09 21:02 - 2013-09-10 06:48 - 00000000 ____D C:\Users\In Tandem\AppData\Local\LogMeIn Rescue Applet

2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (3).exe

2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (2).exe

2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (1).exe

2013-09-09 20:31 - 2013-09-09 20:31 - 00910752 _____ (Symantec Corporation) C:\Users\In Tandem\Downloads\AutoDetectPkg (1).exe

2013-09-09 19:07 - 2013-09-09 19:08 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{39C201EE-154A-47C3-BF3E-081C0E158727}

2013-09-09 16:07 - 2013-09-09 16:07 - 00003006 _____ C:\Windows\System32\Tasks\{A4BB19BE-27F1-436E-8086-39911A6ACDC3}

2013-09-09 16:07 - 2013-09-09 16:07 - 00003006 _____ C:\Windows\System32\Tasks\{51A4D075-AC3F-468B-A148-A06FC3429F82}

2013-09-08 01:54 - 2013-09-09 07:07 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{7BE9099B-FFDB-429F-B1AE-6E6BB71CAF9F}

2013-09-07 12:32 - 2013-09-07 12:33 - 53565824 _____ (Citrix Systems, Inc.) C:\Users\In Tandem\Downloads\CitrixReceiverWeb.exe

2013-09-06 17:59 - 2013-09-06 17:59 - 00903080 _____ (Oracle Corporation) C:\Users\In Tandem\Downloads\chromeinstall-7u25 (4).exe

2013-09-06 17:58 - 2013-09-06 17:57 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll

2013-09-06 17:58 - 2013-09-06 17:57 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-09-06 17:58 - 2013-09-06 17:57 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-09-06 17:58 - 2013-09-06 17:57 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-09-06 17:58 - 2013-09-06 17:57 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-09-06 17:53 - 2013-09-06 17:54 - 00903080 _____ (Oracle Corporation) C:\Users\In Tandem\Downloads\chromeinstall-7u25 (3).exe

2013-09-05 07:00 - 2013-09-07 12:30 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{DDAEFBDB-9CFB-42CA-96F6-5774B1D42550}

2013-08-27 09:04 - 2013-08-27 09:05 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{61E2F8D5-C66D-465F-A3B8-7B552288881B}

2013-08-22 10:58 - 2013-08-26 16:33 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{593E1343-10F5-4346-8126-054423A2A4DC}

2013-08-21 09:25 - 2013-08-21 09:25 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-08-21 09:23 - 2013-08-21 09:24 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-08-21 09:23 - 2013-08-21 09:24 - 00000000 ____D C:\Program Files\iTunes

2013-08-21 09:23 - 2013-08-21 09:24 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-08-21 09:23 - 2013-08-21 09:23 - 00000000 ____D C:\Program Files\iPod

 

==================== One Month Modified Files and Folders =======

 

2013-09-14 17:10 - 2013-09-14 17:10 - 00000000 ____D C:\FRST

2013-09-14 17:09 - 2013-09-14 17:09 - 01950312 _____ (Farbar) C:\Users\In Tandem\Downloads\FRST64.exe

2013-09-14 17:09 - 2010-04-27 04:14 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-09-14 17:07 - 2011-09-05 21:15 - 02575413 _____ C:\Windows\WindowsUpdate.log

2013-09-14 17:02 - 2011-11-17 11:44 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Skype

2013-09-14 17:01 - 2011-11-09 17:29 - 00000264 _____ C:\Windows\Tasks\HP Photo Creations Messager.job

2013-09-14 16:43 - 2012-05-19 13:35 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001UA.job

2013-09-14 16:09 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-09-14 16:09 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-09-14 16:05 - 2013-09-14 16:05 - 00655360 _____ C:\Users\In Tandem\Downloads\MicrosoftFixit50471 (1).msi

2013-09-14 16:04 - 2012-11-11 09:28 - 00000000 ____D C:\ProgramData\boost_interprocess

2013-09-14 16:03 - 2011-11-01 21:11 - 00000000 ___RD C:\Users\In Tandem\Dropbox

2013-09-14 16:03 - 2011-11-01 21:07 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Dropbox

2013-09-14 16:02 - 2011-10-22 22:37 - 00000000 ____D C:\Users\In Tandem\Tracing

2013-09-14 16:02 - 2010-04-27 04:14 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-09-14 16:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-09-14 16:01 - 2009-07-14 05:51 - 00067634 _____ C:\Windows\setupact.log

2013-09-14 15:58 - 2013-09-14 15:58 - 00655360 _____ C:\Users\In Tandem\Downloads\MicrosoftFixit50471.msi

2013-09-14 14:25 - 2011-09-19 20:48 - 00000000 ____D C:\Users\In Tandem\Documents\Matt

2013-09-14 11:58 - 2013-09-14 11:57 - 93491472 _____ (Microsoft Corporation) C:\Users\In Tandem\Downloads\msert.exe

2013-09-14 09:04 - 2013-09-13 09:04 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{DEC2B2E4-0B26-4197-B6A8-17ADBC4D1CE3}

2013-09-14 08:43 - 2012-05-19 13:35 - 00000872 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001Core.job

2013-09-14 01:11 - 2011-09-05 21:18 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0A4322B-F1F8-46F1-A3EE-E84762B3CF71}

2013-09-13 09:38 - 2011-09-27 11:26 - 00000000 ____D C:\Users\In Tandem\Documents\OLIVER

2013-09-12 20:05 - 2013-09-12 20:05 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{1B6C34D3-5DF0-4FE6-954A-D7969A29440C}

2013-09-12 06:28 - 2010-03-25 12:00 - 00622084 _____ C:\Windows\PFRO.log

2013-09-12 06:26 - 2012-11-11 09:28 - 00000000 ____D C:\Program Files (x86)\Search Results Toolbar

2013-09-11 22:57 - 2013-09-11 07:09 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{D419E848-59DF-4D6B-B77C-523EB5B4908D}

2013-09-11 10:34 - 2013-09-10 23:15 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-09-11 10:34 - 2013-09-10 23:15 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-09-11 10:31 - 2013-09-11 10:31 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300 (2).exe

2013-09-11 06:40 - 2011-09-07 11:03 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Kyjel

2013-09-11 06:38 - 2011-09-05 21:15 - 00000000 ____D C:\Users\In Tandem

2013-09-10 23:15 - 2013-09-10 23:15 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Malwarebytes

2013-09-10 23:15 - 2013-09-10 23:15 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-09-10 23:14 - 2013-09-10 23:14 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300 (1).exe

2013-09-10 23:10 - 2013-09-10 23:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\In Tandem\Downloads\mbam-setup-1.75.0.1300.exe

2013-09-10 19:08 - 2013-09-10 19:08 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{9F5CF4F2-6E8A-4CBE-9F6C-4FB16644BB04}

2013-09-10 07:08 - 2013-09-10 07:08 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{E16CA6A5-B8F7-4FF0-92E0-A663828DC1F1}

2013-09-10 06:48 - 2013-09-09 21:02 - 00000000 ____D C:\Users\In Tandem\AppData\Local\LogMeIn Rescue Applet

2013-09-09 22:01 - 2013-09-09 22:01 - 00531968 _____ C:\Users\In Tandem\Downloads\Frameworks (6).ppt

2013-09-09 21:59 - 2013-09-09 21:59 - 01656320 _____ C:\Users\In Tandem\Downloads\SUPERVISION in Practice  (5).ppt

2013-09-09 21:55 - 2013-09-09 21:55 - 00240128 _____ C:\Users\In Tandem\Downloads\PERSONAL SUPERVISION - your beliefs (4).ppt

2013-09-09 21:55 - 2013-09-09 21:55 - 00150016 _____ C:\Users\In Tandem\Downloads\YOUR SUPERVISION JOURNEY (3) handout.ppt

2013-09-09 21:50 - 2013-09-09 21:50 - 00840192 _____ C:\Users\In Tandem\Downloads\DEFINING SUPERVISION (2)-2.ppt

2013-09-09 21:43 - 2013-09-09 21:43 - 00719360 _____ C:\Users\In Tandem\Downloads\INTRO (1) handout.ppt

2013-09-09 21:30 - 2013-09-09 21:30 - 00205824 _____ C:\Users\In Tandem\Downloads\Master Client Invoices 2013.xls

2013-09-09 21:15 - 2013-09-09 21:15 - 00660480 _____ C:\Users\In Tandem\Downloads\COLCHESTER 2012 Counselling continuum 2.ppt

2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (3).exe

2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (2).exe

2013-09-09 21:02 - 2013-09-09 21:02 - 01291104 _____ (LogMeIn, Inc.) C:\Users\In Tandem\Downloads\Support-LogMeInRescue (1).exe

2013-09-09 20:35 - 2011-09-05 21:22 - 00000000 ____D C:\Users\In Tandem\AppData\Local\Google

2013-09-09 20:31 - 2013-09-09 20:31 - 00910752 _____ (Symantec Corporation) C:\Users\In Tandem\Downloads\AutoDetectPkg (1).exe

2013-09-09 19:43 - 2011-09-05 21:16 - 00104744 _____ C:\Users\In Tandem\AppData\Local\GDIPFONTCACHEV1.DAT

2013-09-09 19:42 - 2009-07-14 05:45 - 00407432 _____ C:\Windows\system32\FNTCACHE.DAT

2013-09-09 19:38 - 2010-04-27 04:20 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-09-09 19:33 - 2009-07-14 08:45 - 00000000 ____D C:\Windows\ShellNew

2013-09-09 19:08 - 2013-09-09 19:07 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{39C201EE-154A-47C3-BF3E-081C0E158727}

2013-09-09 16:21 - 2012-02-07 20:26 - 00000000 ____D C:\Users\In Tandem\Documents\CATHY PERSONAL

2013-09-09 16:15 - 2012-05-19 15:26 - 00000000 ____D C:\Users\Guest

2013-09-09 16:15 - 2011-11-17 11:44 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-09-09 16:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration

2013-09-09 16:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\IME

2013-09-09 16:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Cursors

2013-09-09 16:07 - 2013-09-09 16:07 - 00003006 _____ C:\Windows\System32\Tasks\{A4BB19BE-27F1-436E-8086-39911A6ACDC3}

2013-09-09 16:07 - 2013-09-09 16:07 - 00003006 _____ C:\Windows\System32\Tasks\{51A4D075-AC3F-468B-A148-A06FC3429F82}

2013-09-09 14:52 - 2009-07-14 06:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI

2013-09-09 14:30 - 2011-09-26 21:29 - 00000000 ____D C:\Users\In Tandem\Documents\TAFC

2013-09-09 07:07 - 2013-09-08 01:54 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{7BE9099B-FFDB-429F-B1AE-6E6BB71CAF9F}

2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY

2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY

2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY

2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY

2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY

2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY

2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY

2013-09-08 19:13 - 2011-12-29 09:53 - 00000000 ____D C:\Users\Public\Documents\CATHY

2013-09-08 18:08 - 2013-05-21 14:08 - 00000000 ___SD C:\Users\In Tandem\Documents\My Data Sources

2013-09-08 18:07 - 2012-04-20 14:41 - 00000000 ____D C:\Users\In Tandem\Documents\LIFE CHANGES

2013-09-08 17:40 - 2013-04-21 16:21 - 00000000 ____D C:\Users\In Tandem\Documents\Biology EA project

2013-09-08 17:40 - 2011-09-10 20:41 - 00000000 ____D C:\TAFC

2013-09-08 17:40 - 2011-09-10 15:19 - 00000000 ____D C:\Users\In Tandem\Documents\In tandem

2013-09-08 17:37 - 2011-09-10 16:55 - 00000000 ____D C:\Old In Tandem Invoices

2013-09-07 12:38 - 2011-09-26 19:19 - 00000000 ____D C:\ProgramData\Citrix

2013-09-07 12:38 - 2011-09-26 19:18 - 00000000 ____D C:\Users\In Tandem\AppData\Local\Citrix

2013-09-07 12:38 - 2011-09-26 19:18 - 00000000 ____D C:\Program Files (x86)\Citrix

2013-09-07 12:33 - 2013-09-07 12:32 - 53565824 _____ (Citrix Systems, Inc.) C:\Users\In Tandem\Downloads\CitrixReceiverWeb.exe

2013-09-07 12:30 - 2013-09-05 07:00 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{DDAEFBDB-9CFB-42CA-96F6-5774B1D42550}

2013-09-06 17:59 - 2013-09-06 17:59 - 00903080 _____ (Oracle Corporation) C:\Users\In Tandem\Downloads\chromeinstall-7u25 (4).exe

2013-09-06 17:57 - 2013-09-06 17:58 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll

2013-09-06 17:57 - 2013-09-06 17:58 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-09-06 17:57 - 2013-09-06 17:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-09-06 17:57 - 2013-09-06 17:58 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-09-06 17:57 - 2013-09-06 17:58 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-09-06 17:57 - 2011-09-06 23:15 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll

2013-09-06 17:57 - 2010-04-27 04:39 - 00000000 ____D C:\Program Files (x86)\Java

2013-09-06 17:54 - 2013-09-06 17:53 - 00903080 _____ (Oracle Corporation) C:\Users\In Tandem\Downloads\chromeinstall-7u25 (3).exe

2013-08-27 09:11 - 2010-04-27 04:15 - 00000000 ____D C:\Program Files\mcafee

2013-08-27 09:05 - 2013-08-27 09:04 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{61E2F8D5-C66D-465F-A3B8-7B552288881B}

2013-08-26 16:33 - 2013-08-22 10:58 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{593E1343-10F5-4346-8126-054423A2A4DC}

2013-08-23 09:50 - 2011-09-12 20:40 - 00000000 ____D C:\Users\In Tandem\AppData\Roaming\Suhe

2013-08-22 10:12 - 2012-02-25 10:31 - 00005607 _____ C:\test.xml

2013-08-22 08:57 - 2010-04-27 04:37 - 00000000 ____D C:\ProgramData\Skype

2013-08-22 08:54 - 2012-10-18 23:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2013-08-21 22:57 - 2013-08-10 17:03 - 00000000 ____D C:\Users\In Tandem\AppData\Local\{53C90829-FE5B-4455-A75B-DA8ABB7C4D42}

2013-08-21 09:25 - 2013-08-21 09:25 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-08-21 09:24 - 2013-08-21 09:23 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-08-21 09:24 - 2013-08-21 09:23 - 00000000 ____D C:\Program Files\iTunes

2013-08-21 09:24 - 2013-08-21 09:23 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-08-21 09:23 - 2013-08-21 09:23 - 00000000 ____D C:\Program Files\iPod

 

Files to move or delete:

====================

C:\Users\In Tandem\CTX.DAT

 

 

Some content of TEMP:

====================

C:\Users\In Tandem\AppData\Local\Temp\586B.exe

C:\Users\In Tandem\AppData\Local\Temp\7EB5.exe

C:\Users\In Tandem\AppData\Local\Temp\ApnStub.exe

C:\Users\In Tandem\AppData\Local\Temp\AskSLib.dll

C:\Users\In Tandem\AppData\Local\Temp\DealsPluginROW.exe

C:\Users\In Tandem\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe

C:\Users\In Tandem\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe

C:\Users\In Tandem\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe

C:\Users\In Tandem\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\In Tandem\AppData\Local\Temp\setup.exe

C:\Users\In Tandem\AppData\Local\Temp\SkypeSetup.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2013-09-11 00:14

 

==================== End Of Log ============================

Share this post


Link to post
Share on other sites
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2013 04

Ran by In Tandem at 2013-09-14 17:12:26

Running from C:\Users\In Tandem\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Installed Programs =======================

 

Adobe Flash Player 10 ActiveX (x32 Version: 10.0.42.34)

Adobe Flash Player 10 Plugin (x32 Version: 10.0.42.34)

Adobe Reader X (10.1.8) (x32 Version: 10.1.8)

Apple Application Support (x32 Version: 2.3.4)

Apple Mobile Device Support (Version: 6.1.0.13)

Apple Software Update (x32 Version: 2.1.3.127)

ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.98)

ArcSoft WebCam Companion 3 (x32 Version: 3.0.21.278)

ArcSoft WebCam Message Board (x32 Version: 1.0.1.58)

Bing Bar (x32 Version: 7.2.233.0)

Bing Maps 3D (Version: 4.0.903.16005)

Bonjour (Version: 3.0.0.10)

Citrix Authentication Manager (x32 Version: 5.0.0.60597)

Citrix online plug-in (Web) (x32 Version: 11.2.0.31560)

Citrix Receiver (HDX Flash Redirection) (x32 Version: 14.0.0.91)

Citrix Receiver (x32 Version: 14.0.0.91)

Citrix Receiver Inside (x32 Version: 3.4.0.45902)

Citrix Receiver Updater (x32 Version: 4.0.0.45893)

Citrix Receiver(Aero) (x32 Version: 14.0.0.91)

Citrix Receiver(DV) (x32 Version: 14.0.0.91)

Citrix Receiver(USB) (x32 Version: 14.0.0.91)

Click to Disc MergeModules x64 (Version: 1.0.14230)

CyberLink YouPaint (x32 Version: 1.2.0.1518)

D3DX10 (x32 Version: 15.4.2368.0902)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)

Dropbox (HKCU Version: 2.0.22)

Evernote (x32 Version: 3.5.2.1525)

Google Chrome (HKCU Version: 29.0.1547.66)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0)

Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752)

Google Update Helper (x32 Version: 1.3.21.153)

GoToMeeting 5.4.0.1083 (HKCU Version: 5.4.0.1083)

HP FWUpdateEDO2 (x32 Version: 1.2.0.0)

HP Photo Creations (x32 Version: 1.0.0.5192)

HP Photosmart 5510 series Basic Device Software (Version: 24.0.342.0)

HP Photosmart 5510 series Help (x32 Version: 140.0.2.2)

HP Photosmart 5510 series Product Improvement Study (Version: 24.0.342.0)

HP Update (x32 Version: 5.005.000.002)

HPDiagnosticAlert (x32 Version: 1.00.0000)

iCloud (Version: 2.1.2.8)

Intel® Management Engine Interface

iTunes (Version: 11.0.5.5)

Java 7 Update 25 (x32 Version: 7.0.250)

Java Auto Updater (x32 Version: 2.1.9.5)

Java 6 Update 18 (64-bit) (Version: 6.0.180)

Java 6 Update 26 (x32 Version: 6.0.260)

Junk Mail filter update (x32 Version: 15.4.3502.0922)

Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)

McAfee Internet Security (x32 Version: 11.6.511)

McAfee Security Scan Plus (x32 Version: 3.0.318.3)

Media Gallery (x32 Version: 1.2.0.15040)

Media Gallery MergeModules x64 (Version: 1.0.14250)

Mesh Runtime (x32 Version: 15.4.5722.2)

Messenger Companion (x32 Version: 15.4.3502.0922)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Easy Assist v2 (x32 Version: 8.1.6416.0)

Microsoft Office 2010 Service Pack 1 (SP1) (x32)

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)

Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Live Add-in 1.3 (x32 Version: 2.0.2313.0)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Suite Activation Assistant (x32 Version: 2.9)

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Silverlight (Version: 5.1.20513.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)

Microsoft SQL Server Compact 3.5 SP1 English (x32 Version: 3.5.5692.0)

Microsoft SQL Server Compact 3.5 SP1 x64 English (Version: 3.5.5692.0)

Microsoft Touch Pack for Windows 7 (x32 Version: 1.0.40517.00)

Microsoft Works (x32 Version: 9.7.0621)

Microsoft XNA Framework Redistributable 3.0 (x32 Version: 3.0.11010.0)

Mozilla Maintenance Service (x32 Version: 17.0.8)

Mozilla Thunderbird 17.0.8 (x86 en-US) (x32 Version: 17.0.8)

MSI_SPF_x64 (Version: 1.0.0)

MSVCRT (x32 Version: 15.4.2862.0708)

MSVCRT_amd64 (x32 Version: 15.4.2862.0708)

MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)

MusicStation (x32 Version: 2.0.4.1199)

Nike+ Connect (x32 Version: 2.0)

Norton Online Backup (x32 Version: 2.7.2.25)

NVIDIA Drivers (Version: 1.10.57.35)

Online Plug-in (x32 Version: 14.0.0.91)

ooVoo (x32 Version: 3.5.6046)

ooVoo toolbar, powered by Ask.com (x32 Version: 1.15.15.0)

ooVoo toolbar, powered by Ask.com Updater (HKCU Version: 1.2.4.35882)

Picasa 3 (x32 Version: 3.9)

PMB (x32 Version: 5.1.02.03310)

PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.1.00.15080)

PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.1.00.15040)

PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.1.00.15080)

PS5510FWUpdateAlert (x32 Version: 2.00.0000)

PVSonyDll (Version: 1.00.0001)

QuickTime (x32 Version: 7.74.80.86)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6005)

Remote Keyboard with PlayStation 3 (x32 Version: 1.0.0.15190)

Remote Play with PlayStation 3 (x32 Version: 1.0.0.15090)

Remote Play with PlayStation®3 (x32 Version: 1.0.0.15090)

Roxio Central Audio (x32 Version: 3.8.0)

Roxio Central Copy (x32 Version: 3.8.0)

Roxio Central Core (x32 Version: 3.8.0)

Roxio Central Data (x32 Version: 3.8.0)

Roxio Central Tools (x32 Version: 3.8.0)

Roxio Easy Media Creator 10 LJ (x32 Version: 10.3)

Roxio Easy Media Creator Home (x32 Version: 10.3.263)

Seagate Manager Installer (x32 Version: 2.01.0013)

Self-service Plug-in (x32 Version: 4.0.0.40674)

Setting Utility Series (x32 Version: 5.2.0.14250)

Shared C Run-time for x64 (Version: 10.0.0)

Skype Click to Call (x32 Version: 6.11.13348)

Skype™ 6.6 (x32 Version: 6.6.106)

Sony Home Network Library (x32 Version: 2.1.0.14240)

TrueCrypt (x32 Version: 7.1a)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)

Update for Microsoft Office 2010 (KB2494150) (x32)

Update for Microsoft Office 2010 (KB2553065) (x32)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2566458) (x32)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)

VAIO - PMB VAIO Edition Guide (x32 Version: 1.5.00.03020)

VAIO Care (x32 Version: 6.4.2.11150)

VAIO Content Monitoring Settings (x32 Version: 2.5.0.13220)

VAIO Control Center (x32 Version: 4.2.0.15020)

VAIO Data Restore Tool (x32 Version: 1.3.0.13150)

VAIO DVD Menu Data (x32 Version: 2.1.00.13210)

VAIO Entertainment Platform (x32 Version: 3.7.0.16080)

VAIO Event Service (x32 Version: 5.2.0.15020)

VAIO Gate (x32 Version: 2.4.0.06210)

VAIO Gate Default (x32 Version: 2.0.0.04160)

VAIO Hardware Diagnostics (x32 Version: 3.9.1)

VAIO Media plus (x32 Version: 2.1.0.15040)

VAIO Media plus Opening Movie (x32 Version: 2.1.0.13220)

VAIO Movie Story MergeModules x64 (Version: 1.0.14240)

VAIO Movie Story Template Data (x32 Version: 2.1.00.14040)

VAIO Original Function Settings (x32 Version: 2.1.0.13120)

VAIO Power Management (x32 Version: 5.1.0.13200)

VAIO Premium Partners (x32 Version: 1.0)

VAIO screensaver (x32 Version: 1.0.0.0)

VAIO Smart Network (x32 Version: 3.3.1.08110)

VAIO Transfer Support (x32 Version: 1.1.2.06030)

VAIO Update (x32 Version: 6.1.1.10250)

VAIO Wallpaper Contents (x32 Version: 2.1.0.14090)

VMp MergeModule x64 (Version: 1.0.0)

VU5x64 (Version: 1.1.0)

VU5x86 (x32 Version: 1.0.0)

VU5x86 (x32 Version: 1.1.0)

WIDCOMM Bluetooth Software (Version: 6.3.0.3950)

Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (02/12/2010 6.3.0.3820) (Version: 02/12/2010 6.3.0.3820)

Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (02/28/2010 6.3.0.3850) (Version: 02/28/2010 6.3.0.3850)

Windows Driver Package - Broadcom HIDClass  (09/11/2009 6.3.0.1500) (Version: 09/11/2009 6.3.0.1500)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3555.0308)

Windows Live Family Safety (Version: 15.4.3555.0308)

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)

Windows Live Installer (x32 Version: 15.4.3502.0922)

Windows Live Language Selector (Version: 15.4.3555.0308)

Windows Live Mail (x32 Version: 15.4.3502.0922)

Windows Live Mesh (x32 Version: 15.4.3502.0922)

Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)

Windows Live Messenger (x32 Version: 15.4.3538.0513)

Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)

Windows Live MIME IFilter (Version: 15.4.3502.0922)

Windows Live Movie Maker (x32 Version: 15.4.3502.0922)

Windows Live Photo Common (x32 Version: 15.4.3502.0922)

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)

Windows Live Remote Client (Version: 15.4.5722.2)

Windows Live Remote Client Resources (Version: 15.4.5722.2)

Windows Live Remote Service (Version: 15.4.5722.2)

Windows Live Remote Service Resources (Version: 15.4.5722.2)

Windows Live SOXE (x32 Version: 15.4.3502.0922)

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)

Windows Live UX Platform (x32 Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)

Windows Live Writer (x32 Version: 15.4.3502.0922)

Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

 

==================== Restore Points  =========================

 

11-09-2013 06:35:22 Scheduled Checkpoint

14-09-2013 14:58:46 Installed Microsoft Fix it 50471

 

==================== Hosts content: ==========================

 

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {0101172D-7110-4477-BA28-D6114BDEBE66} - System32\Tasks\smBKeeB => C:\Windows\system32\smBKeeB.exe

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started

Task: {05FFE003-DD11-48DB-93EB-2016C4B1B0AB} - System32\Tasks\MMMWJrW => C:\Windows\system32\MMMWJrW.exe

Task: {0DDC5F01-987F-4134-8BA9-A035C78F6D98} - System32\Tasks\hpUrlLauncher.exe_{372B553A-4EE1-4D06-93A6-EA70093E4868} => C:\Program Files\HP\HP Photosmart 5510 series\Bin\utils\hpUrlLauncher.exe [2011-05-25] (Hewlett-Packard Co.)

Task: {134169B2-602C-4388-9CAD-DFAD8AEB5AA5} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)

Task: {24D0424B-F379-4D8E-90E7-292DC99BEC8B} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-26] (Sony Corporation)

Task: {257F3453-6F20-42DB-BE8F-9678223F364B} - System32\Tasks\KFgzUZN => C:\Windows\system32\KFgzUZN.exe

Task: {26D916C8-DAB8-4372-B44C-DE07A006B09C} - System32\Tasks\{51A4D075-AC3F-468B-A148-A06FC3429F82} => C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE [2010-10-22] (Microsoft Corporation)

Task: {2B245DF5-E0DE-42B8-9CE3-4BA54EA91662} - System32\Tasks\dWuvTbM => C:\Windows\system32\dWuvTbM.exe

Task: {31621CEA-5AC9-4914-85C6-04C4C3F4A62A} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-04-05] (Apple Inc.)

Task: {35582AA7-F0D9-4B2B-860E-08B5AE701A42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-27] (Google Inc.)

Task: {35A85565-AA43-48F1-AD7A-3F818BE5F748} - System32\Tasks\VAIO Care Support => C:\Program Files\Sony\VAIO Care\VCSpt.exe

Task: {36468EC4-581D-4A14-BBCA-BC3C629B55F5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-27] (Google Inc.)

Task: {46F3A6C3-4DD9-4A05-94FD-7B8CD671F132} - System32\Tasks\fnxVoOU => C:\Windows\system32\fnxVoOU.exe

Task: {510527C7-0659-470B-8061-3651194E4694} - System32\Tasks\BiObFXB => C:\Windows\system32\BiObFXB.exe

Task: {57055AC2-6AF8-40DE-91CF-24E765C975DB} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-01-24] ()

Task: {5990FCE1-0903-4FBD-81A9-63EA8A410E8F} - System32\Tasks\NBKrLiC => C:\Windows\system32\NBKrLiC.exe

Task: {5DE17001-251C-4435-834E-E53D10758D4E} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)

Task: {6C0A95A9-C9DE-4A02-B9D6-2694E862D03D} - System32\Tasks\XYExEuY => C:\Windows\system32\XYExEuY.exe

Task: {78573D73-042E-4F4F-B861-3523D32FAE08} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-03-21] (Sony Corporation)

Task: {7FFFDAAB-84A9-4DE8-91E9-28B01A09AB76} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001UA => C:\Users\In Tandem\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-19] (Google Inc.)

Task: {81637E04-779A-4E83-AB51-2AE1EE9ABD21} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {88FE4836-DA5A-40E8-AD00-34CC8E5C6621} - System32\Tasks\User_Feed_Synchronization-{C0A4322B-F1F8-46F1-A3EE-E84762B3CF71} => C:\Windows\system32\msfeedssync.exe [2011-09-29] (Microsoft Corporation)

Task: {966C884D-3DE6-4B0A-AB8A-76D8ED18A771} - System32\Tasks\sfWCIYU => C:\Windows\system32\sfWCIYU.exe

Task: {96CF9470-8A28-46D1-BDF2-8A68F454B294} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)

Task: {9C1F6E6B-32EC-4968-B1EA-09100FAA3248} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {9D67C226-CCB3-4AC0-8763-BD1B68184B4C} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2012-10-26] (Sony Corporation)

Task: {AA1718DB-0D2F-414C-B81B-8B662BA863E8} - System32\Tasks\yOGiMLg => C:\Windows\system32\yOGiMLg.exe

Task: {B4147543-9998-4B7C-9A3F-A191B9BBFF87} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001Core => C:\Users\In Tandem\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-19] (Google Inc.)

Task: {C48CC719-93DB-490F-8E7A-8503F3485591} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)

Task: {C96CB590-1879-469B-8264-369032F91286} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-05-25] (Hewlett-Packard Co.)

Task: {E6C4BC19-4154-4736-A5B2-CBE4F66C470D} - System32\Tasks\XuWUEvG => C:\Windows\system32\XuWUEvG.exe

Task: {EA2A512B-DB70-4E1E-BF8D-B36E16E80CD9} - System32\Tasks\{A4BB19BE-27F1-436E-8086-39911A6ACDC3} => C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE [2010-10-22] (Microsoft Corporation)

Task: {EBC52348-21FE-4B2B-A9CA-04230844F8A7} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()

Task: {FC109FD5-D1D3-4CE9-863B-069250E91C26} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task

Task: {FDC5042A-7731-40B1-BEA3-C95CE1D7A584} - System32\Tasks\LkbdJcQ => C:\Windows\system32\LkbdJcQ.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001Core.job => C:\Users\In Tandem\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2426265055-1500479104-1041650072-1001UA.job => C:\Users\In Tandem\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-07-21 16:34 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe

2011-09-07 21:17 - 2010-11-20 14:25 - 00405504 _____ (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE

2009-07-14 00:37 - 2009-07-14 02:39 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Dwm.exe

2010-03-25 12:35 - 2010-03-24 23:36 - 04452456 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2011-09-06 07:38 - 2011-02-25 07:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\Explorer.EXE

2013-05-25 01:36 - 2013-05-25 01:36 - 00164016 _____ (Dropbox, Inc.) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

2010-04-27 04:52 - 2010-08-11 09:46 - 02367376 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe

2011-09-07 21:18 - 2010-11-20 14:25 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe

2010-04-27 04:44 - 2011-06-21 11:55 - 04733384 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

2010-04-27 04:44 - 2011-06-21 11:55 - 00546816 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\NotificationWrapper.dll

2011-12-15 23:47 - 2011-06-21 11:55 - 00010752 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\MouseHook.dll

2010-04-27 04:44 - 2011-06-21 11:55 - 02358784 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\TapTrigger.dll

2011-12-15 23:47 - 2011-06-21 11:55 - 00757760 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VGDam.dll

2013-01-07 18:06 - 2012-10-26 10:44 - 00029856 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgentPS64.dll

2010-04-27 04:09 - 2010-02-05 07:28 - 09645088 _____ (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

2010-04-27 04:09 - 2010-02-05 07:28 - 00149536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll

2010-04-27 04:09 - 2010-02-05 07:28 - 01638944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll

2013-02-06 11:09 - 2013-02-06 11:09 - 28469312 _____ (ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe

2013-06-21 09:58 - 2013-06-21 09:58 - 19875432 ____R (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

2010-01-21 20:31 - 2010-01-21 20:31 - 00597792 _____ (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

2013-06-14 16:43 - 2013-06-14 16:43 - 00395656 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe

2010-10-01 16:26 - 2010-10-01 16:26 - 00299008 _____ (Nike) C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe

2013-01-24 15:18 - 2013-01-24 15:18 - 01646216 _____ (Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe

2013-05-25 01:47 - 2013-05-25 01:47 - 27776968 _____ (Dropbox, Inc.) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\Dropbox.exe

2009-07-14 00:41 - 2009-07-14 02:14 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RunDll32.exe

2013-06-14 16:44 - 2013-06-14 16:44 - 00153992 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe

2009-07-14 00:57 - 2009-07-14 02:39 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\RunDll32.exe

2013-01-07 18:06 - 2012-10-26 11:33 - 01157280 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

2013-01-07 18:06 - 2012-10-26 10:44 - 00017056 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Update\InternetWrapperPS.dll

2011-09-07 21:18 - 2010-11-20 14:27 - 01435648 _____ (Microsoft Corporation) C:\Windows\System32\Speech\Common\sapi.dll

2012-05-19 13:36 - 2013-09-02 21:35 - 00829392 _____ (Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\chrome.exe

2013-06-13 21:00 - 2013-06-13 21:00 - 01505608 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe

2013-06-09 19:55 - 2013-06-09 19:55 - 00054152 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe

2013-06-14 16:45 - 2013-06-14 16:45 - 00924040 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe

2013-04-29 12:47 - 2013-04-29 12:47 - 03314560 _____ (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

2011-11-28 08:39 - 2011-02-16 15:08 - 01165504 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe

2011-11-28 08:39 - 2011-11-15 11:27 - 00083104 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCUtility.dll

2011-11-28 08:39 - 2011-11-02 16:40 - 00059528 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\KeyUtilities.dll

2011-11-28 08:39 - 2011-02-14 14:23 - 00022720 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Metrics.dll

2011-12-15 23:47 - 2011-06-21 11:55 - 00080896 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\x64\VAIOGateNotifications.dll

2011-11-28 08:39 - 2011-02-14 17:20 - 00012992 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe

2013-09-14 17:09 - 2013-09-14 17:09 - 01950312 _____ (Farbar) C:\Users\In Tandem\Downloads\FRST64.exe

2013-05-25 01:36 - 2013-05-25 01:36 - 00130736 _____ (Dropbox, Inc.) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

2013-06-21 09:53 - 2013-06-21 09:53 - 00088680 ____R (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.dll

2011-11-02 00:26 - 2011-11-02 00:26 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll

2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2009-10-24 02:22 - 2009-10-24 02:22 - 00013312 _____ (Sony Corporation) C:\Program Files (x86)\Sony\PMB\XpStorageDevice_WinXp2k.dll

2009-10-24 02:55 - 2009-10-24 02:55 - 00303616 _____ (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcherLOC.DLL

2013-06-14 16:32 - 2013-06-14 16:32 - 00395656 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ctxmui.dll

2013-06-14 16:31 - 2013-06-14 16:31 - 00129416 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\CCMSDK.dll

2013-06-14 16:26 - 2013-06-14 16:26 - 00011656 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\ctxmuiUI.DLL

2013-06-14 16:28 - 2013-06-14 16:28 - 00428424 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\concenUI.DLL

2013-09-07 12:43 - 2013-06-13 21:00 - 00248136 _____ (Citrix Systems, Inc.) C:\Users\In Tandem\AppData\Local\Citrix\Receiver\WindowsAppRHelper_concentr.exe.dll

2013-06-14 16:31 - 2013-06-14 16:31 - 00025480 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\CCMProxy.dll

2012-11-14 00:32 - 2012-11-14 00:32 - 03558400 _____ (wxWidgets development team) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll

2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\libcef.dll

2013-03-13 21:48 - 2013-03-13 21:48 - 09956864 _____ (The ICU Project) C:\Users\In Tandem\AppData\Roaming\Dropbox\bin\icudt.dll

2011-08-31 00:05 - 2011-08-31 00:05 - 00085864 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll

2013-09-04 04:47 - 2013-09-02 21:34 - 47074256 _____ (Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\chrome.dll

2013-09-04 04:47 - 2013-09-02 21:35 - 09962960 _____ (The ICU Project) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\icudt.dll

2013-06-13 21:00 - 2013-06-13 21:00 - 00620872 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\ResourceKeeper.dll

2013-06-13 21:00 - 2013-06-13 21:00 - 00055624 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\nativemessagebox.dll

2013-06-13 21:00 - 2013-06-13 21:00 - 00915784 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\nativesystrayue.dll

2013-06-13 21:00 - 2013-06-13 21:00 - 00104776 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\progressnotification.dll

2013-06-13 21:00 - 2013-06-13 21:00 - 00088392 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\toaster.dll

2013-06-09 19:50 - 2013-06-09 19:50 - 00117640 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\DazzleConfig.dll

2013-06-09 19:52 - 2013-06-09 19:52 - 00252296 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\ReceiverShim.dll

2013-09-07 12:38 - 2013-06-13 21:02 - 00322888 _____ (Citrix Systems, Inc.) C:\Users\In Tandem\AppData\Local\Citrix\Receiver\WindowsAppRHelper_SelfServicePlugin.exe.dll

2013-06-09 19:52 - 2013-06-09 19:52 - 00014216 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\PreLaunchConfig.dll

2013-06-09 19:50 - 2013-06-09 19:50 - 00039304 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\BaseClassLibrary.dll

2013-09-04 04:47 - 2013-09-02 19:46 - 03231688 _____ (Microsoft Corporation) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\D3DCompiler_46.dll

2013-09-04 04:47 - 2013-09-02 21:35 - 00709584 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\libglesv2.dll

2013-09-04 04:47 - 2013-09-02 21:35 - 00099792 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\libegl.dll

2013-09-04 04:47 - 2013-09-02 21:35 - 04053456 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll

2013-09-04 04:47 - 2013-09-02 21:35 - 00410576 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll

2013-09-04 04:47 - 2013-09-02 21:35 - 02110928 _____ (Google Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\libpeerconnection.dll

2013-09-04 04:47 - 2013-09-02 21:35 - 01604560 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll

2013-06-14 16:39 - 2013-06-14 16:39 - 00088456 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ProgressNotificationCommon.dll

2013-06-14 16:41 - 2013-06-14 16:41 - 00076168 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\WFCWINN.dll

2013-06-14 16:39 - 2013-06-14 16:39 - 00117128 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\acrdlg.dll

2013-06-14 16:35 - 2013-06-14 16:35 - 00096648 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\statuin.dll

2013-06-14 16:32 - 2013-06-14 16:32 - 00092552 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\confmgr.dll

2013-06-14 16:32 - 2013-06-14 16:32 - 00023432 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\ctxlogging.dll

2013-06-14 16:32 - 2013-06-14 16:32 - 00032648 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\icafile.dll

2013-06-14 16:43 - 2013-06-14 16:43 - 00493960 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\RSManager.dll

2013-06-14 16:42 - 2013-06-14 16:42 - 00029576 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\RSMHook.dll

2013-06-14 16:40 - 2013-06-14 16:40 - 00510344 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\CST.dll

2013-06-14 16:27 - 2013-06-14 16:27 - 00020872 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\ProgressNotificationCommonUI.dll

2013-06-14 16:27 - 2013-06-14 16:27 - 00571784 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\statuiUI.DLL

2013-06-14 16:27 - 2013-06-14 16:27 - 00113032 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\CSTUI.DLL

2013-06-14 16:29 - 2013-06-14 16:29 - 00117128 _____ (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\resource\en\wfcrunUI.DLL

2013-09-07 12:36 - 2013-06-13 21:00 - 00248136 _____ (Citrix Systems, Inc.) C:\Users\In Tandem\AppData\Local\Citrix\Receiver\WindowsAppRHelper_wfcrun32.exe.dll

2013-09-05 07:26 - 2013-09-05 07:26 - 00141752 _____ (McAfee, Inc.) C:\Users\In Tandem\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_1\McChPlg.dll

2013-08-10 17:52 - 2013-08-10 17:52 - 02244504 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll

2013-08-10 17:52 - 2013-08-10 17:52 - 00158104 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll

2013-08-10 17:52 - 2013-08-10 17:52 - 00022424 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

2013-08-10 17:52 - 2013-08-10 17:52 - 00579480 _____ (sqlite.org) C:\Program Files (x86)\Mozilla Thunderbird\mozsqlite3.dll

2013-09-04 04:47 - 2013-09-02 21:35 - 13599184 _____ () C:\Users\In Tandem\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll

 

==================== Alternate Data Streams (whitelisted) ==========

 

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 15585

 

Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 15585

 

Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 15631

 

Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 15631

 

Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 17613

 

Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 17613

 

Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (09/11/2013 01:38:16 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 16318

 

 

System errors:

=============

Error: (09/14/2013 04:04:06 PM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

 

Error: (09/14/2013 00:38:37 PM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

 

Error: (09/14/2013 00:34:51 PM) (Source: DCOM) (User: )

Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}

 

Error: (09/13/2013 07:19:22 AM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

 

Error: (09/13/2013 07:17:03 AM) (Source: EventLog) (User: )

Description: The previous system shutdown at 00:25:20 on ‎13/‎09/‎2013 was unexpected.

 

Error: (09/13/2013 00:20:56 AM) (Source: Server) (User: )

Description: The server could not bind to the transport \Device\NetBT_Tcpip_{38936D5E-AF80-4F9F-9E9C-F21FA582C303} because another computer on the network has the same name.  The server could not start.

 

Error: (09/12/2013 08:05:19 PM) (Source: Server) (User: )

Description: The server could not bind to the transport \Device\NetBT_Tcpip_{38936D5E-AF80-4F9F-9E9C-F21FA582C303} because another computer on the network has the same name.  The server could not start.

 

Error: (09/12/2013 06:31:06 AM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

 

Error: (09/11/2013 11:06:05 PM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

 

Error: (09/11/2013 11:02:51 PM) (Source: DCOM) (User: )

Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}

 

 

Microsoft Office Sessions:

=========================

Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 15585

 

Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 15585

 

Error: (09/12/2013 09:09:59 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 15631

 

Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 15631

 

Error: (09/12/2013 01:38:15 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 17613

 

Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 17613

 

Error: (09/11/2013 01:38:17 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (09/11/2013 01:38:16 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 16318

 

 

CodeIntegrity Errors:

===================================

  Date: 2013-09-12 06:38:26.572

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-09-12 06:38:26.572

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-09-12 06:38:26.572

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-09-11 23:11:34.974

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-09-11 23:11:34.974

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-09-11 23:11:34.974

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-09-11 10:39:43.750

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-09-11 10:39:43.748

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-09-11 10:39:43.746

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-03-08 07:30:48.429

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\SET2BE9.tmp because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 44%

Total physical RAM: 4031.18 MB

Available physical RAM: 2253.25 MB

Total Pagefile: 8060.54 MB

Available Pagefile: 5001.58 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:921.3 GB) (Free:782.29 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E67D126D)

Partition 1: (Not Active) - (Size=10 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=921 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Share this post


Link to post
Share on other sites

Hi,

 

 

 

I am sorry for the delay but we have different timezone. :)

 

Please go ahead and uninstall this toolbar:

 

ooVoo toolbar, powered by Ask.com (x32 Version: 1.15.15.0)
ooVoo toolbar, powered by Ask.com Updater (HKCU Version: 1.2.4.35882)

 

 

Now please download the following file => fixlist.txt and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

Regards,

Georgi

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.