I do not have a boot cd/windows install disc. The computer keeps telling me it was not shutdown properly no matter how its shutdown. The person who gave it to me had taken it to Best Buy, was told it had trojan. Altho he did have AVG he visited a lot of porn sites, AVG did not pick up any viruses. When I 1st turned it on all of these different windows would open. Mostly windows offering a download to check for viruses, that was before restore to factory settings. I'm afraid it may have the trojan still hiding. Thanks for your help, I hope I got all of the data you need.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660
Run by DionneTanna at 17:49:46 on 2013-09-09
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3989.1771 [GMT -6:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\WebConnect\updateWebConnect.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe
C:\Windows\system32\taskhost.exe
C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files (x86)\HP SimplePass\BioMonitor.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\McAfee\VirusScan\mcods.exe
C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com/?ctid=CT3311835&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPB97F267F-13DC-43C8-855C-A38FA1213241
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
mWinlogon: Userinit = userinit.exe
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
BHO: VisualBee: {11111111-1111-1111-1111-110311391106} - C:\Program Files (x86)\VisualBee\VisualBee-bho.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: WebConnect: {2316c625-b487-4410-a1a5-ff040b65245f} - C:\Program Files (x86)\WebConnect\WebConnectbho.dll
BHO: HP SimplePass Browser Helper Object: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
TB: HP SimplePass Toolbar: {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: NameServer = 24.116.0.53 24.116.2.50
TCP: Interfaces\{D5475005-B095-43B7-8EA0-CA2BE4DFDA75} : DHCPNameServer = 24.116.0.53 24.116.2.50
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
SSODL: WebCheck - <orphaned>
mASetup: {438363A8-F486-4C37-834C-4955773CB3D3} - msiexec /fu {438363A8-F486-4C37-834C-4955773CB3D3} /qn
x64-BHO: HP SimplePass Browser Helper Object: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: HP SimplePass Toolbar: {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {0CE7EBAF-157D-4111-9146-057CB2A4023E} - msiexec /fu {0CE7EBAF-157D-4111-9146-057CB2A4023E} /qn
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\DionneTanna\AppData\Roaming\Mozilla\Firefox\Profiles\x7m6myiu.default\
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - ExtSQL: 2013-09-04 21:22; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; C:\Program Files (x86)\McAfee\SiteAdvisor
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2013-9-4 776168]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2013-9-4 343568]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2013-1-23 98208]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 CltMngSvc;Search Protect by Conduit Service;C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2013-8-27 1735512]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2011-12-11 260424]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-9-8 328928]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-16 682040]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-1-23 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-8 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-1-23 161560]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-9-4 201304]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2013-9-8 178048]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-9-8 328928]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-9-8 328928]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-9-8 328928]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-9-8 328928]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-9-8 1017016]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-9-4 219272]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-4-13 182752]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-1-23 363800]
R2 Update WebConnect;Update WebConnect;C:\Program Files (x86)\WebConnect\updateWebConnect.exe [2013-8-29 206632]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE [2012-2-13 240408]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2013-9-4 70112]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2013-9-4 310224]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2013-9-4 519064]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-7-9 377040]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-9-5 726160]
R3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2012-2-24 21264]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE [2012-2-13 193816]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2013-9-8 197264]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2013-9-4 225216]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-7-9 95984]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2013-1-23 260712]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2011-12-9 269640]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-9-7 1255736]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-9-4 201304]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-09-08 23:29:43 197264 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
2013-09-08 21:15:58 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-09-08 21:15:54 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{413FA9AD-5B36-417B-846B-6DD46AD31DF8}\mpengine.dll
2013-09-08 01:20:47 -------- d-----w- C:\Users\DionneTanna\AppData\Local\Macromedia
2013-09-08 01:12:54 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-09-08 01:12:54 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-09-08 00:59:29 -------- d-----w- C:\Windows\SysWow64\Wat
2013-09-08 00:59:29 -------- d-----w- C:\Windows\System32\Wat
2013-09-07 16:19:32 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-07 16:17:57 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-09-07 16:17:57 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-09-07 16:05:38 -------- d-----w- C:\ProgramData\McAfee Security Scan
2013-09-07 16:05:36 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
2013-09-07 16:04:43 -------- d-----w- C:\Users\DionneTanna\AppData\Local\Adobe
2013-09-07 15:57:15 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-09-07 15:57:15 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-09-07 15:57:15 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-09-07 15:57:15 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-09-07 15:48:03 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-09-07 15:48:03 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-09-07 15:48:03 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-09-07 15:48:02 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-09-07 15:48:02 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-09-06 01:31:41 1714688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com\components\FFXPCOM6.dll
2013-09-06 01:31:41 1714688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com\components\FFXPCOM5.dll
2013-09-06 01:31:41 1714176 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com\components\FFXPCOM4.dll
2013-09-06 01:31:41 1712640 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com\components\FFXPCOM9.dll
2013-09-06 01:31:41 1712640 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com\components\FFXPCOM7.dll
2013-09-06 01:31:41 1712640 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com\components\FFXPCOM10.dll
2013-09-06 01:31:41 1712128 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com\components\FFXPCOM8.dll
2013-09-06 01:06:25 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2013-09-06 01:06:25 726160 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2013-09-06 01:04:46 439296 ----a-w- C:\Windows\System32\athihvs.dll
2013-09-06 01:04:23 -------- d-----w- C:\ProgramData\Qualcomm Atheros
2013-09-06 01:03:06 60416 ------w- C:\Windows\System32\athihvui.dll
2013-09-06 01:03:06 -------- d-----w- C:\Windows\System32\nn-NO
2013-09-06 01:02:55 -------- d-----w- C:\Program Files (x86)\Cisco
2013-09-06 00:43:11 983912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-09-06 00:43:11 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-09-06 00:41:48 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-09-06 00:40:04 478208 ----a-w- C:\Windows\System32\dpnet.dll
2013-09-06 00:40:04 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2013-09-06 00:40:03 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-09-06 00:40:03 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-09-06 00:40:02 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-06 00:40:02 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-06 00:38:54 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2013-09-06 00:37:58 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-09-05 04:30:35 425345024 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\Office14\Updates\OFFICESUITEWWSP1-X-NONE.MSP
2013-09-05 04:03:35 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-09-05 04:03:30 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-09-05 04:03:24 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-09-05 04:03:24 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-09-05 03:57:39 -------- d-----w- C:\Users\DionneTanna\AppData\Roaming\Intel Corporation
2013-09-05 03:57:38 -------- d-----w- C:\Users\DionneTanna\AppData\Roaming\Synaptics
2013-09-05 03:54:18 -------- d-----w- C:\Users\DionneTanna\AppData\Roaming\hpqlog
2013-09-05 03:54:14 -------- d-----w- C:\Users\DionneTanna\AppData\Local\Hewlett-Packard
2013-09-05 03:53:47 -------- d-----w- C:\Users\DionneTanna\AppData\Local\RemEngine
2013-09-05 03:53:45 -------- d-----w- C:\Users\DionneTanna\AppData\Local\Hewlett-Packard_Company
2013-09-05 03:53:36 -------- d-----w- C:\Users\DionneTanna\AppData\Local\VirtualStore
2013-09-05 03:32:46 -------- d-----w- C:\Program Files (x86)\VisualBee
2013-09-05 03:32:33 -------- d-----w- C:\Users\DionneTanna\AppData\Local\Mozilla
2013-09-05 03:32:01 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-05 03:31:58 20616088 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xul.dll
2013-09-05 03:31:57 3551640 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 03:31:11 -------- d-----w- C:\Program Files (x86)\SearchProtect
2013-09-05 03:31:00 -------- d-----w- C:\Users\DionneTanna\AppData\Local\SearchProtect
2013-09-05 03:30:46 -------- d-----w- C:\Users\DionneTanna\AppData\Local\VisualBeeClient
2013-09-05 03:30:40 -------- d-----w- C:\Users\DionneTanna\AppData\Local\VisualBeeExe
2013-09-05 03:30:26 -------- d-----w- C:\ProgramData\VisualBee
2013-09-05 03:30:22 -------- d-----w- C:\Users\DionneTanna\AppData\Local\emaze
2013-09-05 03:30:18 -------- d-----w- C:\Program Files (x86)\WebConnect
2013-09-05 03:30:12 -------- d-----w- C:\AuthLog
2013-09-05 03:10:22 -------- d-----w- C:\ProgramData\TrueSuite
2013-09-05 03:08:27 -------- d-----w- C:\Program Files (x86)\McAfee.com
2013-09-05 03:08:22 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2013-09-05 03:08:17 776168 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2013-09-05 03:08:17 70112 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2013-09-05 03:08:17 519064 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2013-09-05 03:08:17 343568 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2013-09-05 03:08:17 310224 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2013-09-05 03:08:17 179664 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2013-09-05 03:08:16 -------- d-----w- C:\Program Files\Common Files\McAfee
2013-09-05 03:08:09 -------- d-----w- C:\Program Files\McAfee.com
2013-09-05 03:08:09 -------- d-----w- C:\Program Files\McAfee
2013-09-05 03:08:08 -------- d-----w- C:\Program Files (x86)\McAfee
2013-09-05 03:07:20 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-09-05 03:07:20 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-09-05 03:07:20 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
.
==================== Find3M ====================
.
2013-09-07 16:38:40 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-07 16:38:40 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-09-07 16:19:32 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-06 01:05:41 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2013-08-07 18:40:08 182752 ----a-w- C:\Windows\System32\mfevtps.exe
2013-08-07 10:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-09 13:34:48 10856 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys
2013-07-09 13:34:38 95984 ----a-w- C:\Windows\System32\drivers\mfencrk.sys
2013-07-09 13:34:30 377040 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys
2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
.
============= FINISH: 17:50:18.42 ===============
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660
Run by DionneTanna at 17:49:46 on 2013-09-09
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3989.1771 [GMT -6:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\WebConnect\updateWebConnect.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe
C:\Windows\system32\taskhost.exe
C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files (x86)\HP SimplePass\BioMonitor.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\McAfee\VirusScan\mcods.exe
C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com/?ctid=CT3311835&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPB97F267F-13DC-43C8-855C-A38FA1213241
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
mWinlogon: Userinit = userinit.exe
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
BHO: VisualBee: {11111111-1111-1111-1111-110311391106} - C:\Program Files (x86)\VisualBee\VisualBee-bho.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: WebConnect: {2316c625-b487-4410-a1a5-ff040b65245f} - C:\Program Files (x86)\WebConnect\WebConnectbho.dll
BHO: HP SimplePass Browser Helper Object: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
TB: HP SimplePass Toolbar: {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: NameServer = 24.116.0.53 24.116.2.50
TCP: Interfaces\{D5475005-B095-43B7-8EA0-CA2BE4DFDA75} : DHCPNameServer = 24.116.0.53 24.116.2.50
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
SSODL: WebCheck - <orphaned>
mASetup: {438363A8-F486-4C37-834C-4955773CB3D3} - msiexec /fu {438363A8-F486-4C37-834C-4955773CB3D3} /qn
x64-BHO: HP SimplePass Browser Helper Object: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: HP SimplePass Toolbar: {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {0CE7EBAF-157D-4111-9146-057CB2A4023E} - msiexec /fu {0CE7EBAF-157D-4111-9146-057CB2A4023E} /qn
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\DionneTanna\AppData\Roaming\Mozilla\Firefox\Profiles\x7m6myiu.default\
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - ExtSQL: 2013-09-04 21:22; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; C:\Program Files (x86)\McAfee\SiteAdvisor
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2013-9-4 776168]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2013-9-4 343568]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2013-1-23 98208]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 CltMngSvc;Search Protect by Conduit Service;C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2013-8-27 1735512]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2011-12-11 260424]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-9-8 328928]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-16 682040]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-1-23 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-8 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-1-23 161560]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-9-4 201304]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2013-9-8 178048]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-9-8 328928]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-9-8 328928]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-9-8 328928]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-9-8 328928]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-9-8 1017016]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-9-4 219272]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-4-13 182752]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-1-23 363800]
R2 Update WebConnect;Update WebConnect;C:\Program Files (x86)\WebConnect\updateWebConnect.exe [2013-8-29 206632]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE [2012-2-13 240408]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2013-9-4 70112]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2013-9-4 310224]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2013-9-4 519064]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-7-9 377040]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-9-5 726160]
R3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2012-2-24 21264]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE [2012-2-13 193816]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2013-9-8 197264]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2013-9-4 225216]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-7-9 95984]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2013-1-23 260712]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2011-12-9 269640]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-9-7 1255736]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2013-9-4 201304]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-09-08 23:29:43 197264 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
2013-09-08 21:15:58 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-09-08 21:15:54 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{413FA9AD-5B36-417B-846B-6DD46AD31DF8}\mpengine.dll
2013-09-08 01:20:47 -------- d-----w- C:\Users\DionneTanna\AppData\Local\Macromedia
2013-09-08 01:12:54 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-09-08 01:12:54 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-09-08 00:59:29 -------- d-----w- C:\Windows\SysWow64\Wat
2013-09-08 00:59:29 -------- d-----w- C:\Windows\System32\Wat
2013-09-07 16:19:32 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-07 16:17:57 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-09-07 16:17:57 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-09-07 16:05:38 -------- d-----w- C:\ProgramData\McAfee Security Scan
2013-09-07 16:05:36 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
2013-09-07 16:04:43 -------- d-----w- C:\Users\DionneTanna\AppData\Local\Adobe
2013-09-07 15:57:15 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-09-07 15:57:15 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-09-07 15:57:15 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-09-07 15:57:15 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-09-07 15:48:03 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-09-07 15:48:03 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-09-07 15:48:03 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-09-07 15:48:02 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-09-07 15:48:02 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-09-06 01:31:41 1714688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com\components\FFXPCOM6.dll
2013-09-06 01:31:41 1714688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com\components\FFXPCOM5.dll
2013-09-06 01:31:41 1714176 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com\components\FFXPCOM4.dll
2013-09-06 01:31:41 1712640 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com\components\FFXPCOM9.dll
2013-09-06 01:31:41 1712640 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com\components\FFXPCOM7.dll
2013-09-06 01:31:41 1712640 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com\components\FFXPCOM10.dll
2013-09-06 01:31:41 1712128 ----a-w- C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com\components\FFXPCOM8.dll
2013-09-06 01:06:25 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2013-09-06 01:06:25 726160 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2013-09-06 01:04:46 439296 ----a-w- C:\Windows\System32\athihvs.dll
2013-09-06 01:04:23 -------- d-----w- C:\ProgramData\Qualcomm Atheros
2013-09-06 01:03:06 60416 ------w- C:\Windows\System32\athihvui.dll
2013-09-06 01:03:06 -------- d-----w- C:\Windows\System32\nn-NO
2013-09-06 01:02:55 -------- d-----w- C:\Program Files (x86)\Cisco
2013-09-06 00:43:11 983912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-09-06 00:43:11 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-09-06 00:41:48 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-09-06 00:40:04 478208 ----a-w- C:\Windows\System32\dpnet.dll
2013-09-06 00:40:04 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2013-09-06 00:40:03 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-09-06 00:40:03 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-09-06 00:40:02 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-06 00:40:02 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-06 00:38:54 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2013-09-06 00:37:58 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-09-05 04:30:35 425345024 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\Office14\Updates\OFFICESUITEWWSP1-X-NONE.MSP
2013-09-05 04:03:35 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-09-05 04:03:30 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-09-05 04:03:24 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-09-05 04:03:24 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-09-05 03:57:39 -------- d-----w- C:\Users\DionneTanna\AppData\Roaming\Intel Corporation
2013-09-05 03:57:38 -------- d-----w- C:\Users\DionneTanna\AppData\Roaming\Synaptics
2013-09-05 03:54:18 -------- d-----w- C:\Users\DionneTanna\AppData\Roaming\hpqlog
2013-09-05 03:54:14 -------- d-----w- C:\Users\DionneTanna\AppData\Local\Hewlett-Packard
2013-09-05 03:53:47 -------- d-----w- C:\Users\DionneTanna\AppData\Local\RemEngine
2013-09-05 03:53:45 -------- d-----w- C:\Users\DionneTanna\AppData\Local\Hewlett-Packard_Company
2013-09-05 03:53:36 -------- d-----w- C:\Users\DionneTanna\AppData\Local\VirtualStore
2013-09-05 03:32:46 -------- d-----w- C:\Program Files (x86)\VisualBee
2013-09-05 03:32:33 -------- d-----w- C:\Users\DionneTanna\AppData\Local\Mozilla
2013-09-05 03:32:01 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-05 03:31:58 20616088 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xul.dll
2013-09-05 03:31:57 3551640 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 03:31:11 -------- d-----w- C:\Program Files (x86)\SearchProtect
2013-09-05 03:31:00 -------- d-----w- C:\Users\DionneTanna\AppData\Local\SearchProtect
2013-09-05 03:30:46 -------- d-----w- C:\Users\DionneTanna\AppData\Local\VisualBeeClient
2013-09-05 03:30:40 -------- d-----w- C:\Users\DionneTanna\AppData\Local\VisualBeeExe
2013-09-05 03:30:26 -------- d-----w- C:\ProgramData\VisualBee
2013-09-05 03:30:22 -------- d-----w- C:\Users\DionneTanna\AppData\Local\emaze
2013-09-05 03:30:18 -------- d-----w- C:\Program Files (x86)\WebConnect
2013-09-05 03:30:12 -------- d-----w- C:\AuthLog
2013-09-05 03:10:22 -------- d-----w- C:\ProgramData\TrueSuite
2013-09-05 03:08:27 -------- d-----w- C:\Program Files (x86)\McAfee.com
2013-09-05 03:08:22 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2013-09-05 03:08:17 776168 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2013-09-05 03:08:17 70112 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2013-09-05 03:08:17 519064 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2013-09-05 03:08:17 343568 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2013-09-05 03:08:17 310224 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2013-09-05 03:08:17 179664 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2013-09-05 03:08:16 -------- d-----w- C:\Program Files\Common Files\McAfee
2013-09-05 03:08:09 -------- d-----w- C:\Program Files\McAfee.com
2013-09-05 03:08:09 -------- d-----w- C:\Program Files\McAfee
2013-09-05 03:08:08 -------- d-----w- C:\Program Files (x86)\McAfee
2013-09-05 03:07:20 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-09-05 03:07:20 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-09-05 03:07:20 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
.
==================== Find3M ====================
.
2013-09-07 16:38:40 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-07 16:38:40 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-09-07 16:19:32 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-06 01:05:41 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2013-08-07 18:40:08 182752 ----a-w- C:\Windows\System32\mfevtps.exe
2013-08-07 10:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-09 13:34:48 10856 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys
2013-07-09 13:34:38 95984 ----a-w- C:\Windows\System32\drivers\mfencrk.sys
2013-07-09 13:34:30 377040 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys
2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
.
============= FINISH: 17:50:18.42 ===============