I ran FRST again as instructed. Both logs are below. I think this shows up in the logs, but just in case it doesn't, I still have a folder on my hard drive called C:\Program Files\Web Protect - I haven't deleted it b/c I don't know if that would help or do more damage.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-10-2014 01
Ran by Angie (administrator) on ANGIE-PC on 16-10-2014 21:14:50
Running from C:\Users\Angie\Desktop
Loaded Profile: Angie (Available profiles: Angie)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
(Malwarebytes Corporation) C:\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
(Malwarebytes Corporation) C:\Malwarebytes Anti-Malware\mbam.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\System32\IgrsSvcs.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Digital Delivery Networks, Inc.) C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
(Lenovo) C:\Program Files\Lenovo\VeriFace\PManage.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(StrikeForce Technologies Inc.) C:\Program Files\SFT\GuardedID\GIDD.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(White Sky, Inc.) C:\Program Files\ID Vault\IDVaultSvc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AT&T Inc.) C:\Users\Angie\AppData\Local\ATT Connect\Participant\pull.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(White Sky, Inc.) C:\Program Files\ID Vault\IDVault.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Digital Delivery Networks, Inc.) C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
(Digital Delivery Networks, Inc.) C:\Program Files\DDNI\DIBS\DDNIService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\saUI.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsMap.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcupdate.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [163840 2008-03-26] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IdeaNotesUser] => C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe [221872 2009-08-24] (Digital Delivery Networks, Inc.)
HKLM\...\Run: [snp2uvc] => C:\windows\vsnp2uvc.exe
HKLM\...\Run: [PLFSetL] => C:\windows\PLFSetL.exe
HKLM\...\Run: [VeriFaceManager] => C:\Program Files\Lenovo\VeriFace\PManage.exe [3122440 2009-10-22] (Lenovo)
HKLM\...\Run: [UpdateP2GShortCut] => C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\utility.exe [4081480 2009-07-15] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [5064520 2009-06-25] (Lenovo (Beijing) Limited)
HKLM\...\Run: [GIDDesktop] => C:\Program Files\SFT\GuardedID\gidd.exe [391944 2010-09-20] (StrikeForce Technologies Inc.)
HKLM\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [517392 2014-04-25] (McAfee, Inc.)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [517392 2014-04-25] (McAfee, Inc.)
HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3861706144-2676772620-90763643-1004\...\Run: [MobileDocuments] => C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-3861706144-2676772620-90763643-1004\...\Run: [Push Client] => C:\Users\Angie\AppData\Local\ATT Connect\Participant\pull.exe [966944 2011-04-27] (AT&T Inc.)
HKU\S-1-5-21-3861706144-2676772620-90763643-1004\...\Run: [Google Update] => C:\Users\Angie\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-10] (Google Inc.)
HKU\S-1-5-21-3861706144-2676772620-90763643-1004\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3861706144-2676772620-90763643-1004\...\MountPoints2: {0a8be379-9c51-11e2-a999-002622cd26d2} - F:\DT4000_Launcher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ID Vault.lnk
ShortcutTarget: ID Vault.lnk -> C:\Program Files\ID Vault\IDVault.exe (White Sky, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Angie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: GuardId.MSIEBrowser.BHO -> {5b0a01d2-b8a0-4e56-9e6b-cba0ef4b4eb5} -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Windows Live Toolbar Helper -> {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -> C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
Toolbar: HKCU - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\windows\system32\MyOSProtect.dll [304776] ()
Winsock: Catalog9 02 C:\windows\system32\MyOSProtect.dll [304776] ()
Winsock: Catalog9 03 C:\windows\system32\MyOSProtect.dll [304776] ()
Winsock: Catalog9 04 C:\windows\system32\MyOSProtect.dll [304776] ()
Winsock: Catalog9 34 C:\windows\system32\MyOSProtect.dll [304776] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @mcafee.com/MVT -> C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher -> C:\Users\Angie\AppData\Local\Roblox\Versions\version-a730860d440c4e6c\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @nsroblox.roblox.com/launcher64 -> C:\Users\Angie\AppData\Local\Roblox\Versions\version-a730860d440c4e6c\\NPRobloxProxy64.dll ( ROBLOX Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Angie\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Angie\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: google.com/WidevineMediaOptimizer -> C:\Users\Angie\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2009-08-25]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Angie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Angie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-20]
CHR Extension: (Google Drive) - C:\Users\Angie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Angie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\Angie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-20]
CHR Extension: (Google Search) - C:\Users\Angie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-20]
CHR Extension: (SiteAdvisor) - C:\Users\Angie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-09-20]
CHR Extension: (Google Wallet) - C:\Users\Angie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-20]
CHR Extension: (Gmail) - C:\Users\Angie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 DDNIMSGService; C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe [171872 2010-07-20] (Digital Delivery Networks, Inc.) [File not signed]
R2 DDNIService; C:\Program Files\DDNI\DIBS\DDNIService.exe [163680 2010-07-23] (Digital Delivery Networks, Inc.) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 IDVaultSvc; C:\Program Files\ID Vault\IDVaultSvc.exe [42312 2010-12-04] (White Sky, Inc.)
R2 IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [414984 2009-07-28] (Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [472328 2009-07-28] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [133696 2014-09-23] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145568 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [472072 2014-06-12] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [655936 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [179600 2014-06-20] (McAfee, Inc.)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S3 PS_MDP; C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-15] (Lenovo Group Limited)
R2 ReadyComm.DirectRouter; C:\Program Files\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [558480 2013-10-10] (Cisco Systems, Inc.)
S2 UpdaterSvcKlipPal; "C:\Program Files\Klip Pal\updater.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ACPIVPC; C:\windows\System32\DRIVERS\AcpiVpc.sys [23136 2010-01-20] (Lenovo Corporation)
S3 acsock; C:\windows\System32\DRIVERS\acsock.sys [92528 2013-10-10] (Cisco Systems, Inc.)
S3 Bridge0; C:\windows\System32\drivers\WDBridge.sys [63240 2009-07-28] (Lenovo)
R3 cfwids; C:\windows\System32\drivers\cfwids.sys [62832 2014-06-20] (McAfee, Inc.)
R1 funfrm; C:\windows\system32\Drivers\funfrm.sys [54800 2009-10-22] ()
R1 GIDv2; C:\windows\system32\Drivers\GIDv2.sys [25360 2010-09-20] (StrikeForce Technologies, Inc.)
S3 HipShieldK; C:\windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-10-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2014-10-01] (Malwarebytes Corporation)
R3 mfeapfk; C:\windows\System32\drivers\mfeapfk.sys [135968 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\windows\System32\drivers\mfeavfk.sys [238176 2014-06-20] (McAfee, Inc.)
S3 mfebopk; C:\windows\System32\drivers\mfebopk.sys [67816 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\windows\System32\drivers\mfefirek.sys [369248 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\windows\System32\drivers\mfehidk.sys [576048 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\windows\System32\DRIVERS\mfencbdc.sys [349192 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\windows\System32\DRIVERS\mfencrk.sys [81296 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\windows\System32\drivers\mfewfpk.sys [217224 2014-06-20] (McAfee, Inc.)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1759616 2009-03-13] ()
S3 vpnva; C:\windows\System32\DRIVERS\vpnva-6.sys [43376 2013-10-10] (Cisco Systems, Inc.)
R3 wdmirror; C:\windows\System32\DRIVERS\WDMirror.sys [11792 2009-07-16] (Windows ® Codename Longhorn DDK provider)
S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-15 19:46 - 2014-10-16 20:05 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 19:46 - 2014-10-15 19:46 - 00000701 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-15 19:46 - 2014-10-15 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-15 19:46 - 2014-10-15 19:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-15 19:46 - 2014-10-15 19:46 - 00000000 ____D () C:\Malwarebytes Anti-Malware
2014-10-15 19:46 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-10-15 19:46 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-10-15 19:46 - 2014-10-01 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-10-15 19:41 - 2014-10-15 19:43 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Angie\Desktop\mbam-setup-2.0.3.1025.exe
2014-10-15 18:17 - 2014-10-15 18:19 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Angie\Desktop\mbam-clean-2.1.1.1001.exe
2014-10-14 21:16 - 2014-10-14 21:16 - 00001057 _____ () C:\Users\Angie\Desktop\mbam.txt
2014-10-14 20:53 - 2014-10-06 22:04 - 00331448 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-14 20:53 - 2014-09-25 18:46 - 00365056 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-14 20:53 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-14 20:53 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-14 20:53 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-14 20:53 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-14 20:53 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-14 20:53 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-14 20:53 - 2014-09-18 21:14 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-14 20:53 - 2014-09-18 21:14 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-10-14 20:53 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-10-14 20:53 - 2014-09-18 21:01 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-14 20:53 - 2014-09-18 21:01 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-10-14 20:53 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-10-14 20:53 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-14 20:53 - 2014-09-18 20:54 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-14 20:53 - 2014-09-18 20:53 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-14 20:53 - 2014-09-18 20:51 - 00440320 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-10-14 20:53 - 2014-09-18 20:50 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-10-14 20:53 - 2014-09-18 20:50 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-10-14 20:53 - 2014-09-18 20:49 - 00597504 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-10-14 20:53 - 2014-09-18 20:44 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-14 20:53 - 2014-09-18 20:36 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-14 20:53 - 2014-09-18 20:32 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-14 20:53 - 2014-09-18 20:20 - 00677888 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-14 20:53 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-14 20:53 - 2014-09-18 20:18 - 01068032 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-10-14 20:53 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-14 20:53 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-14 20:53 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-10-14 20:43 - 2014-10-09 21:44 - 00230912 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-14 20:42 - 2014-10-09 21:44 - 00396288 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-14 20:42 - 2014-10-09 21:39 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-14 20:42 - 2014-09-28 20:41 - 02379264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-14 20:41 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-14 19:49 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2014-10-14 19:49 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2014-10-14 19:49 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2014-10-14 19:45 - 2014-10-14 19:45 - 00000755 _____ () C:\Users\Angie\Desktop\JRT.txt
2014-10-14 19:41 - 2014-10-14 19:41 - 00000000 ____D () C:\windows\ERUNT
2014-10-14 19:04 - 2014-09-17 21:32 - 02363904 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-14 19:04 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-14 19:04 - 2014-07-16 21:39 - 03221504 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-14 19:04 - 2014-07-16 21:39 - 01051136 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-14 19:04 - 2014-07-16 21:39 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-14 19:04 - 2014-07-16 21:39 - 00304128 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-10-14 19:04 - 2014-07-16 21:39 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2014-10-14 19:04 - 2014-07-16 21:39 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2014-10-14 19:04 - 2014-07-16 21:39 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-10-14 19:04 - 2014-07-16 21:39 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-10-14 19:04 - 2014-07-16 21:03 - 00184320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2014-10-14 19:04 - 2014-07-16 21:02 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2014-10-14 19:03 - 2014-09-12 21:40 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-14 19:03 - 2014-08-18 22:41 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2014-10-14 19:03 - 2014-08-18 22:41 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2014-10-14 19:03 - 2014-08-18 22:41 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2014-10-14 19:03 - 2014-08-18 22:40 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2014-10-14 19:03 - 2014-08-18 22:40 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2014-10-14 19:03 - 2014-08-18 21:48 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2014-10-14 19:03 - 2014-07-06 21:40 - 11411456 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 03208704 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 01329664 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 01174528 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 01005056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00988160 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00744960 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00617984 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00473600 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00442880 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00406016 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00354816 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00179200 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00157184 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2014-10-14 19:03 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2014-10-14 19:03 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2014-10-14 19:03 - 2014-07-06 21:39 - 12625408 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2014-10-14 19:03 - 2014-07-06 21:39 - 03970488 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2014-10-14 19:03 - 2014-07-06 21:39 - 03914680 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-10-14 19:03 - 2014-07-06 21:39 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2014-10-14 19:03 - 2014-07-06 21:39 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2014-10-14 19:03 - 2014-07-06 21:39 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2014-10-14 19:03 - 2014-07-06 21:37 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2014-10-14 19:03 - 2014-07-06 21:28 - 00593920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2014-10-14 19:03 - 2014-06-27 20:21 - 00521384 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-10-14 19:03 - 2014-06-27 20:21 - 00455752 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2014-10-14 19:03 - 2014-06-27 20:21 - 00409272 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2014-10-14 18:53 - 2014-10-14 18:53 - 00006465 _____ () C:\Users\Angie\Desktop\AdwCleaner[S0].txt
2014-10-14 18:42 - 2014-10-14 18:49 - 00000000 ____D () C:\AdwCleaner
2014-10-14 18:39 - 2014-10-14 18:41 - 01705698 _____ (Thisisu) C:\Users\Angie\Desktop\JRT.exe
2014-10-14 18:37 - 2014-10-14 18:39 - 01976320 _____ () C:\Users\Angie\Desktop\AdwCleaner.exe
2014-10-13 11:14 - 2014-10-13 11:16 - 00045287 _____ () C:\Users\Angie\Desktop\Addition.txt
2014-10-13 11:13 - 2014-10-16 21:15 - 00022350 _____ () C:\Users\Angie\Desktop\FRST.txt
2014-10-13 11:11 - 2014-10-16 21:14 - 00000000 ____D () C:\FRST
2014-10-13 11:09 - 2014-10-13 11:10 - 01101824 _____ (Farbar) C:\Users\Angie\Desktop\FRST.exe
2014-10-13 11:06 - 2014-10-13 11:06 - 00002014 _____ () C:\Users\Angie\Desktop\aswMBR.txt
2014-10-13 11:06 - 2014-10-13 11:06 - 00000512 _____ () C:\Users\Angie\Desktop\MBR.dat
2014-10-13 10:58 - 2014-10-13 10:58 - 00149912 _____ () C:\windows\Minidump\101314-23197-01.dmp
2014-10-13 10:45 - 2014-10-13 10:53 - 05185536 _____ (AVAST Software) C:\Users\Angie\Desktop\aswMBR.exe
2014-10-12 18:22 - 2014-10-12 18:22 - 00000000 ____D () C:\Users\Angie\AppData\Local\VS Revo Group
2014-10-12 18:21 - 2014-10-12 18:21 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-10-12 18:21 - 2014-10-12 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-10-12 18:21 - 2014-10-12 18:21 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-10-12 18:21 - 2009-12-30 11:21 - 00027192 _____ (VS Revo Group) C:\windows\system32\Drivers\revoflt.sys
2014-10-12 18:17 - 2014-10-12 18:20 - 10691640 _____ (VS Revo Group ) C:\Users\Angie\Downloads\RevoUninProSetup.exe
2014-10-12 17:15 - 2014-10-12 17:15 - 00000000 ____D () C:\Users\Angie\Desktop\Malwarebytes Anti-Malware
2014-10-12 17:10 - 2014-10-12 17:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Angie\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-10-12 08:53 - 2014-10-12 08:53 - 00096680 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2014-10-12 08:53 - 2014-10-12 08:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-12 08:53 - 2014-10-12 08:53 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-10-12 08:53 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2014-10-12 08:53 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2014-10-12 08:53 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\windows\system32\java.exe
2014-10-12 08:52 - 2014-10-12 08:53 - 00004477 _____ () C:\windows\system32\jupdate-1.7.0_67-b01.log
2014-10-12 00:06 - 2014-10-12 00:21 - 30856384 _____ (Microsoft Corporation) C:\Users\Angie\Downloads\Windows-KB890830-V5.16 (1).exe
2014-10-11 23:34 - 2014-10-11 23:42 - 30856384 _____ (Microsoft Corporation) C:\Users\Angie\Downloads\Windows-KB890830-V5.16.exe
2014-09-30 19:57 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2014-09-24 21:23 - 2014-10-16 20:04 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-09-24 16:55 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-09-19 22:02 - 2014-09-19 22:02 - 00000000 ____D () C:\ProgramData\boost_interprocess
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-16 21:10 - 2012-04-12 07:19 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-10-16 21:09 - 2014-05-09 18:47 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3861706144-2676772620-90763643-1004UA1cf6bd8b226d12a.job
2014-10-16 21:09 - 2014-04-03 20:42 - 00000886 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf4f9ebbfa075c.job
2014-10-16 21:09 - 2009-10-22 04:37 - 01246242 _____ () C:\windows\WindowsUpdate.log
2014-10-16 21:09 - 2009-07-14 00:39 - 00214820 _____ () C:\windows\setupact.log
2014-10-16 21:08 - 2009-10-22 04:48 - 10821467 _____ () C:\FaceProv.log
2014-10-16 21:08 - 2009-10-22 04:46 - 00000000 ____D () C:\ProgramData\VeriFace
2014-10-16 21:08 - 2009-08-25 04:19 - 00000270 _____ () C:\windows\Tasks\Check Updates for Windows Live Toolbar.job
2014-10-16 20:13 - 2014-04-16 07:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-10-16 20:13 - 2010-08-15 18:59 - 00001844 _____ () C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
2014-10-16 20:13 - 2009-07-14 00:34 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-16 20:13 - 2009-07-14 00:34 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-16 20:04 - 2012-02-02 20:34 - 00000880 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-16 20:04 - 2009-07-14 00:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-16 19:36 - 2014-02-17 21:38 - 00000856 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3861706144-2676772620-90763643-1004Core1cf2c4a16b9c432.job
2014-10-16 19:04 - 2009-08-25 04:17 - 00922074 _____ () C:\windows\PFRO.log
2014-10-15 20:19 - 2009-07-13 22:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-10-15 20:07 - 2014-09-13 12:01 - 00000000 ____D () C:\Program Files\Web Protect
2014-10-15 20:07 - 2009-07-13 22:37 - 00000000 ____D () C:\windows\registration
2014-10-15 18:44 - 2009-07-14 00:33 - 00406136 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-15 18:42 - 2014-05-09 17:54 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-15 18:26 - 2009-08-25 04:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-14 21:37 - 2009-07-13 22:37 - 00000000 ____D () C:\windows\system32\NDF
2014-10-14 20:02 - 2013-07-18 08:12 - 00000000 ____D () C:\windows\system32\MRT
2014-10-14 19:53 - 2010-07-08 08:35 - 100290944 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-13 10:58 - 2013-12-11 19:20 - 326823133 _____ () C:\windows\MEMORY.DMP
2014-10-13 10:58 - 2013-12-11 19:20 - 00000000 ____D () C:\windows\Minidump
2014-10-12 08:53 - 2013-11-02 13:11 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-12 08:53 - 2010-08-31 15:39 - 00000000 ____D () C:\Program Files\Java
2014-10-12 04:51 - 2009-07-13 22:37 - 00000000 ____D () C:\windows\rescache
2014-09-27 08:13 - 2012-04-12 07:19 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-09-27 08:13 - 2011-06-29 09:00 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-24 17:32 - 2009-07-13 22:37 - 00000000 ____D () C:\windows\system32\GroupPolicy
2014-09-24 15:18 - 2009-07-13 22:04 - 00000612 _____ () C:\windows\win.ini
2014-09-19 21:40 - 2014-08-30 17:44 - 00001348 _____ () C:\Users\Angie\Desktop\ROBLOX Player.lnk
2014-09-19 21:40 - 2014-08-30 17:33 - 00001167 _____ () C:\Users\Angie\Desktop\ROBLOX Studio 2013.lnk
2014-09-19 21:40 - 2014-08-30 17:33 - 00000000 ____D () C:\Users\Angie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-09-16 19:09 - 2011-09-07 11:55 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-16 19:09 - 2011-09-07 11:54 - 00000000 ____D () C:\Program Files\Common Files\Adobe
Some content of TEMP:
====================
C:\Users\Angie\AppData\Local\Temp\20130227082026762jniverify.dll
C:\Users\Angie\AppData\Local\Temp\contentDATs.exe
C:\Users\Angie\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Angie\AppData\Local\Temp\FreeConverter_stub.exe
C:\Users\Angie\AppData\Local\Temp\G2MInstallerExtractor.exe
C:\Users\Angie\AppData\Local\Temp\installhelper.dll
C:\Users\Angie\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Angie\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Angie\AppData\Local\Temp\jre-6u25-windows-i586-iftw-rv.exe
C:\Users\Angie\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Angie\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Angie\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Angie\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Angie\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Angie\AppData\Local\Temp\Quarantine.exe
C:\Users\Angie\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Angie\AppData\Local\Temp\SpOrder.dll
C:\Users\Angie\AppData\Local\Temp\sqlite3.dll
C:\Users\Angie\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Angie\AppData\Local\Temp\{01A2BC51-FC48-43A7-BB95-EE2B18358669}-35.0.1916.114_34.0.1847.137_chrome_updater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-11 13:14
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-10-2014 01
Ran by Angie at 2014-10-16 21:16:00
Running from C:\Users\Angie\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Connect 9 Add-in (HKCU\...\Adobe Connect 9 Add-in) (Version: 11,2,385,0 - Adobe Systems Incorporated)
Adobe Connect Add-in (HKCU\...\Adobe Connect Add-in) (Version: - )
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
AT&T Connect Participant Application v9.0.82 (HKLM\...\{1F3A6960-8470-4C84-820C-EBFFAF4DA580}) (Version: 9.0.82 - AT&T Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless Driver (HKLM\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - )
Broadcom Gigabit Integrated Controller (HKLM\...\{49F3D04B-B849-4C89-AB31-2366A004EA28}) (Version: 12.24.01 - Broadcom Corporation)
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Cisco AnyConnect Secure Mobility Client (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.4.0 - Conexant)
DIBS (Version: 1.7.0 - DDNI) Hidden
EasyCapture (HKLM\...\EasyCapture4.0) (Version: V4.0.09.0731 - Lenovo)
Energy Management (HKLM\...\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}) (Version: 4.3.1.1 - Lenovo)
Git version 1.9.2-preview20140411 (HKLM\...\Git_is1) (Version: 1.9.2-preview20140411 - The Git Development Community)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GoToMeeting 5.9.0.1207 (HKCU\...\GoToMeeting) (Version: 5.9.0.1207 - CitrixOnline)
GuardedID (HKLM\...\{9191979D-821C-4EA8-B021-2DA1D859A7C5}) (Version: 0.03.1026 - StrikeForce Technologies, Inc)
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
ID Vault (HKLM\...\ID Vault) (Version: 5.8.1111.0 - White Sky, Inc.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel® TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{C8EBB0DE-5655-4D32-99E1-9447E702A89F}) (Version: 11.1.2.32 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
Lenovo EasyCamera (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50.6 - Suyin Optronics Corp.)
Lenovo First Boot (HKLM\...\{F2602F16-02D1-4F1C-99A5-E246C522A59D}) (Version: 1.7.2.2 - DDNI)
Lenovo Idea Central (HKLM\...\Lenovo Idea Central) (Version: 1.7.2.3 - DDNI)
Lenovo Idea Notes (HKLM\...\{A06E1854-1580-4157-AD70-72734D324DEA}) (Version: 1.5.1 - DDNI)
Lenovo OneKey Recovery (HKLM\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0723 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.0723 - CyberLink Corp.) Hidden
Lenovo ReadyComm 5 (HKLM\...\{17542DBF-E17C-4562-BC4D-FA3EF3076C45}) (Version: 5.1.1.17 - Lenovo)
Lenovo ReadyComm 5.0 Service (HKLM\...\{76C66170-C538-4E77-B54D-48E136B5B533}) (Version: 5.0.0.1 - Lenovo Group Limited)
Lights Out (HKLM\...\Lights Out) (Version: - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee AntiVirus Plus (HKLM\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.143 - McAfee, Inc.)
McAfee Virtual Technician (HKLM\...\McAfee Virtual Technician) (Version: 7.5.0.3093 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Meeting 2007 (HKLM\...\{E30E7561-A466-4393-B8BF-FD93E733EF3C}) (Version: 8.0.6362.202 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Store Download Manager (HKLM\...\{A3D88A98-506E-4CFC-B294-E256C679B0EE}) (Version: 2.5.2219.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{5A9AA2C0-972F-4239-AA41-E409434194D5}) (Version: 3.1.8.0 - Apple Inc.)
My Photo Adventure (HKLM\...\My Photo Adventure) (Version: 4.0 - Inter-State Studio)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OverDrive Media Console (HKLM\...\{7A9AB748-A66C-46C2-84CA-D3185727C9B0}) (Version: 3.3.1 - OverDrive, Inc.)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.4809d1 - CyberLink Corp.)
PrimoPDF -- brought to you by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
R for Windows 3.1.0 (HKLM\...\R for Windows 3.1.0_is1) (Version: 3.1.0 - R Core Team)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
ROBLOX Player for Angie (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
RStudio (HKLM\...\RStudio) (Version: 0.98.507 - RStudio)
Safari (HKLM\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Symantec Enterprise Vault Outlook Add-In (HKLM\...\{F8E222C8-A19E-4E77-BA75-38815A39B999}) (Version: 10.0.1316 - Symantec Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2899475) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{23AE87D8-AB2F-4539-935C-442BC976F469}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
VeriFace (HKLM\...\VeriFace) (Version: 3.6.0.0730 - Lenovo)
WebEx (HKLM\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Widevine Media Optimizer IE 6.0.0 (HKCU\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
Windows Live Toolbar (HKLM\...\Windows Live Toolbar) (Version: 03.01.0130 - Microsoft Corporation)
Windows Live Toolbar (Version: 03.01.0130 - Microsoft Corporation) Hidden
Wizard101 (HKLM\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{01E0A80A-97FD-4FC2-B75D-C754396CD255}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Participant\ScheduleEvent.dll (AT&T Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Angie\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{156B30E4-2D3D-4257-A340-9BDD2E972E2E}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Participant\Video2ActiveXWnd.OCX ()
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{2087C2F4-2CEF-4953-A8AB-66779B670495}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Utilities\winhttp.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{2115F58A-CE09-47CC-A0B1-A8A2EC0C5423}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Participant\ScheduleEvent.dll (AT&T Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Angie\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Angie\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\ProgramData\WebEx\webex\1226\atucfobj.dll (Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Angie\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{48A60FE8-C446-4371-95EB-258B14DCC5AC}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Participant\ScheduleEvent.dll (AT&T Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Angie\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{5A31DC2C-BC50-4F71-93B8-2EC648404AF3}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Participant\Video2ActiveXWnd.OCX ()
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{76D50904-6780-4c8b-8986-1A7EE0B1716D}\InprocServer32 -> C:\Users\Angie\AppData\Local\Roblox\Versions\version-a730860d440c4e6c\RobloxProxy.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{7949C823-54C6-40F0-8D85-2348247E6820}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Utilities\IWMaterials.OCX (AT&T Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{795B06EA-58E8-482C-AF11-A7E4E34DA16F}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Participant\InstallDetect8557.OCX (Interwise)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{7A162288-DE78-473C-A6BA-23FF17F768E9}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Participant\AxWebInstaller8750.ocx (Interwise)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{83730EE4-6C46-11CF-A524-0080C77A7786}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Participant\MSMASK32.OCX (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1207\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{88BE9158-3A40-4907-B2F0-7E72496A9596}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Participant\ScheduleEvent.dll (AT&T Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{8A3C5585-D1ED-4EC0-B3C4-94998094E5BB}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Participant\ScheduleEvent.dll (AT&T Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{8CC82228-2200-4D22-9859-B762582F6D31}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Participant\InstallDetect8557.OCX (Interwise)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Angie\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Angie\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Angie\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Angie\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{C932BA85-4374-101B-A56C-00AA003668DC}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Participant\MSMASK32.OCX (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files\Git\git-cheetah\git_shell_ext.dll ()
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{CC9F903E-1C4B-4596-B410-982107EC4899}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Participant\ScheduleEvent.dll (AT&T Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> C:\windows\system32\MSVBVM60.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{DE471660-5535-47A8-949A-9DA95A72951F}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Utilities\IWMaterials.OCX (AT&T Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Angie\AppData\Local\Roblox\Versions\version-a730860d440c4e6c\RobloxProxy64.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{defa762b-ebc6-4ce2-a48c-32b232aac64d}\InprocServer32 -> C:\Users\Angie\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{E169D2B5-9411-47B9-A473-345A3FB57090}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Participant\AxWebInstaller8750.ocx (Interwise)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Angie\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Angie\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Angie\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{F4A2332C-B453-4424-A142-AB9C51BAE2AF}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Participant\ScheduleEvent.dll (AT&T Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{F8ACB9F2-2A7D-4261-AA37-A39448C23CAE}\InprocServer32 -> C:\Users\Angie\AppData\Local\ATT Connect\Participant\dsoframer.ocx (AT&T Inc.)
CustomCLSID: HKU\S-1-5-21-3861706144-2676772620-90763643-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Angie\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
==================== Restore Points =========================
24-09-2014 20:55:11 Windows Update
25-09-2014 01:11:26 Windows Backup
25-09-2014 07:00:15 Windows Update
29-09-2014 12:15:10 Windows Backup
30-09-2014 23:57:48 Windows Update
02-10-2014 00:01:57 Windows Update
06-10-2014 21:14:57 Windows Backup
08-10-2014 01:23:16 Windows Update
12-10-2014 12:51:02 Installed Java 7 Update 67
12-10-2014 22:25:03 Revo Uninstaller Pro's restore point - Web Protect for Windows
12-10-2014 23:02:44 Windows Backup
14-10-2014 23:01:50 Windows Update
14-10-2014 23:49:44 Windows Update
15-10-2014 22:18:46 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:04 - 2013-12-19 10:49 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {229F8523-B27B-4BC3-84D5-B0EB3D406E57} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3861706144-2676772620-90763643-1004Core1cf2c4a16b9c432 => C:\Users\Angie\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-10] (Google Inc.)
Task: {23D2B41E-22AF-4C5A-B248-D8463F4A89F0} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {46C23D4D-DAEB-462C-A0CE-A4042D9D5CB2} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-27] (Adobe Systems Incorporated)
Task: {4E76C36C-97F0-430A-ADB7-EB1CAB5CA9D0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6FA06986-0883-40A8-86CD-1C18A05BC695} - System32\Tasks\GoogleUpdateTaskMachineUA1cf4f9ebbfa075c => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-02] (Google Inc.)
Task: {A0906B02-D0E8-485C-BBF1-679FDF255A1D} - System32\Tasks\Check Updates for Windows Live Toolbar => C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12] (Microsoft Corporation)
Task: {A58FA3DB-B21A-4A56-AF02-A02CD0365B91} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-02] (Google Inc.)
Task: {B04D33F7-D032-4780-A262-94A1EF9F7700} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3861706144-2676772620-90763643-1004UA1cf6bd8b226d12a => C:\Users\Angie\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-10] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Check Updates for Windows Live Toolbar.job => C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf4f9ebbfa075c.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3861706144-2676772620-90763643-1004Core1cf2c4a16b9c432.job => C:\Users\Angie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3861706144-2676772620-90763643-1004UA1cf6bd8b226d12a.job => C:\Users\Angie\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-09-13 12:02 - 2014-09-01 14:28 - 00304776 _____ () C:\windows\system32\MyOSProtect.dll
2013-10-10 17:48 - 2013-10-10 17:48 - 00063376 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2011-02-11 21:29 - 2009-12-20 21:42 - 00176235 _____ () C:\windows\System32\Primomonnt.dll
2009-06-12 16:32 - 2009-06-12 16:32 - 00104456 _____ () C:\windows\system32\EasyHook32.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-10-22 04:46 - 2009-10-22 04:45 - 01410312 _____ () C:\windows\system32\IcnOvrly.dll
2009-10-22 04:46 - 2009-10-22 04:45 - 00513288 _____ () C:\windows\system32\SimpleExt.dll
2014-05-23 20:27 - 2014-04-11 14:40 - 00334464 _____ () C:\Program Files\Git\git-cheetah\git_shell_ext.dll
2009-08-25 04:14 - 2009-01-29 08:26 - 00117264 _____ () c:\Program Files\McAfee\SiteAdvisor\apengine.dll
2009-08-25 04:14 - 2009-01-29 08:27 - 00071696 _____ () c:\Program Files\McAfee\SiteAdvisor\mcfrmwk.dll
2009-08-25 04:14 - 2009-01-29 08:27 - 00207376 _____ () c:\Program Files\McAfee\SiteAdvisor\cntscan.dll
2009-10-22 04:45 - 2009-10-22 04:45 - 00492808 _____ () C:\Program Files\Lenovo\VeriFace\ChooseLang.dll
2009-10-22 04:46 - 2008-12-19 23:20 - 00063304 _____ () C:\Program Files\Lenovo\Energy Management\kbdhook.dll
2009-10-22 04:46 - 2008-12-19 23:20 - 00051016 _____ () C:\Program Files\Lenovo\Energy Management\HookLib.dll
2011-04-27 13:22 - 2011-04-27 13:22 - 00031744 _____ () C:\Users\Angie\AppData\Local\ATT Connect\Participant\IwRegVC90.dll
2011-04-21 11:10 - 2011-04-21 11:10 - 00418304 _____ () C:\Users\Angie\AppData\Local\ATT Connect\Participant\exchndl.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
2010-12-04 15:00 - 2010-12-04 15:00 - 00067400 _____ () C:\Program Files\ID Vault\IdVaultCore.XmlSerializers.dll
2014-09-12 11:42 - 2014-09-03 23:01 - 01098056 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-12 11:42 - 2014-09-03 23:01 - 00174408 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-12 11:42 - 2014-09-03 23:01 - 08577864 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-12 11:42 - 2014-09-03 23:01 - 00331592 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-12 11:42 - 2014-09-03 23:01 - 01660232 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:6017A808
AlternateDataStreams: C:\ProgramData\Temp:E51234A9
AlternateDataStreams: C:\Users\Angie\Documents\3rd party auth.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Angie\Documents\3rd party auth.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pcwatch.sys => ""="Driver" <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\pcwatch.sys => ""="Driver" <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3861706144-2676772620-90763643-500 - Administrator - Disabled)
Angie (S-1-5-21-3861706144-2676772620-90763643-1004 - Administrator - Enabled) => C:\Users\Angie
Guest (S-1-5-21-3861706144-2676772620-90763643-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3861706144-2676772620-90763643-1005 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/16/2014 09:08:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3102501
Error: (10/16/2014 09:08:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3102501
Error: (10/16/2014 09:08:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/16/2014 09:08:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3097197
Error: (10/16/2014 09:08:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3097197
Error: (10/16/2014 09:08:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/16/2014 07:00:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 78263642
Error: (10/16/2014 07:00:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 78263642
Error: (10/16/2014 07:00:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/15/2014 09:16:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9828
System errors:
=============
Error: (10/16/2014 08:05:13 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (10/16/2014 08:04:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The UpdaterSvcKlipPal service failed to start due to the following error:
%%2
Error: (10/16/2014 07:05:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (10/16/2014 07:04:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The UpdaterSvcKlipPal service failed to start due to the following error:
%%2
Error: (10/16/2014 07:00:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Name Resolution Protocol service depends on the Peer Networking Identity Manager service which failed to start because of the following error:
%%1053
Error: (10/16/2014 07:00:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Networking Identity Manager service which failed to start because of the following error:
%%1053
Error: (10/16/2014 07:00:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Peer Networking Identity Manager service failed to start due to the following error:
%%1053
Error: (10/16/2014 07:00:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Peer Networking Identity Manager service to connect.
Error: (10/15/2014 08:09:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (10/15/2014 08:08:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The UpdaterSvcKlipPal service failed to start due to the following error:
%%2
Microsoft Office Sessions:
=========================
Error: (12/11/2013 07:17:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7376 seconds with 3420 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2013-09-06 20:49:34.219
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\GIDHook.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-09-06 20:49:33.899
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\GIDHook.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-09-06 20:49:33.559
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\GIDHook.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-09-06 20:49:33.249
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\GIDHook.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-09-06 20:49:32.955
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~1\McAfee\SITEAD~1\sahook.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-09-06 20:49:32.940
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\GIDHook.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-09-06 20:49:32.597
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\GIDHook.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-09-06 20:49:32.193
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\GIDHook.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-09-06 20:49:31.543
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\GIDHook.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-09-06 20:49:31.223
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\GIDHook.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Pentium® Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 48%
Total physical RAM: 3032.6 MB
Available physical RAM: 1555.43 MB
Total Pagefile: 6063.49 MB
Available Pagefile: 4129.61 MB
Total Virtual: 2047.88 MB
Available Virtual: 1927.53 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:187.67 GB) (Free:77.41 GB) NTFS
Drive d: (Lenovo) (Fixed) (Total:30.25 GB) (Free:0.01 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 3FC4B4DF)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=187.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30.2 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== End Of Log ============================