I uninstalled McAfee from my computer. The Bad Image pop up is now gone. But I am now receiving a RunDll:Error in C:\Program~2\39UNIN~1.DLL Missing Entry: O error message when booting computer. I click enter and it goes away and the system boots up. The Bad Image pop up is not there anymore. I am also receiving Malware Bytes pop ups showing malware being blocked.
The FRST.txt log is below:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Jana (administrator) on BRIANALMEJO1-PC (25-03-2016 11:48:50)
Running from C:\Users\Jana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G1HL5U42
Loaded Profiles: brianalmejo1 & Jana (Available Profiles: brianalmejo1 & Jana)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe
() C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.6.1008.0\McCSPServiceHost.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SmithMicro Inc.) C:\Program Files (x86)\Sprint\Sprint SmartView\RcAppSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\MSM\McSmtFwk.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(C-motech Co.,Ltd) C:\Program Files (x86)\Sprint\Sprint SmartView\RDVCHG.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Dropbox, Inc.) C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_21_0_0_182_ActiveX.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamresearch.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2122536 2010-05-07] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-13] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3203440 2010-04-06] (Dell Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680 2010-02-09] ()
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-10-15] ()
HKLM-x32\...\Run: [DellSupportCenter] => "c:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
HKLM-x32\...\Run: [Sprint SmartView] => C:\Program Files (x86)\Sprint\Sprint SmartView\SprintSV.exe [75072 2010-05-16] (Sprint)
HKLM-x32\...\Run: [RDVCHG] => C:\Program Files (x86)\Sprint\Sprint SmartView\RDVCHG.exe [316736 2010-05-16] (C-motech Co.,Ltd)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1699400 2016-01-04] (APN)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [MapsGalaxy_39 Browser Plugin Loader 64] => C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon64.exe [71752 2014-07-05] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [641504 2015-08-21] (McAfee, Inc.)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-11] (Softthinks)
HKLM-x32\...\RunOnce: [MapsGalaxy_39bar Uninstall] => rundll32 C:\PROGRA~2\39UNIN~1.DLL,O -3 uninstalltype=IE
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3529422162-276151246-1532304501-1000\...\Run: [swg] => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3529422162-276151246-1532304501-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3883856 2009-07-26] (Microsoft Corporation)
HKU\S-1-5-21-3529422162-276151246-1532304501-1000\...\Run: [GameXN GO] => C:\ProgramData\GameXN\GameXNGO.exe [347008 2012-06-09] (EasyBits Software AS)
HKU\S-1-5-21-3529422162-276151246-1532304501-1000\...\Run: [EPSON Artisan 800 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEMA.EXE [221696 2008-04-06] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3529422162-276151246-1532304501-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil64_20_0_0_306_ActiveX.exe -update activex
HKU\S-1-5-21-3529422162-276151246-1532304501-1000\...\MountPoints2: {ebb63540-22db-11e0-a92d-806e6f6e6963} - D:\Setup.exe
HKU\S-1-5-21-3529422162-276151246-1532304501-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-3529422162-276151246-1532304501-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-03-28] (Google Inc.)
HKU\S-1-5-21-3529422162-276151246-1532304501-1001\...\Run: [Dropbox Update] => C:\Users\Jana\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-15] (Dropbox, Inc.)
HKU\S-1-5-21-3529422162-276151246-1532304501-1001\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil64_21_0_0_182_ActiveX.exe [881344 2016-03-25] (Adobe Systems Incorporated)
HKU\S-1-5-21-3529422162-276151246-1532304501-1001\...\MountPoints2: {ebb63540-22db-11e0-a92d-806e6f6e6963} - D:\Setup.exe
HKU\S-1-5-21-3529422162-276151246-1532304501-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2016-03-25]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-01-18]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\brianalmejo1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2011-03-16]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2011-01-18]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2011-01-18]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2011-03-19]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-03-25]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2015-07-06]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 208.180.42.68 208.180.42.100 192.168.1.1
Tcpip\..\Interfaces\{B2699FC9-276A-4139-BB39-29798F7A2CF5}: [DhcpNameServer] 208.180.42.68 208.180.42.100 192.168.1.1
Tcpip\..\Interfaces\{D3A9E42D-D97B-4719-931D-1EE5EE25D4F1}: [DhcpNameServer] 13.36.0.1 13.36.0.2
Internet Explorer:
==================
HKU\S-1-5-21-3529422162-276151246-1532304501-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.msn.com/?pc=U141&ocid=U141DHP
HKU\S-1-5-21-3529422162-276151246-1532304501-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = g.msn.com/USCON/1
HKU\S-1-5-21-3529422162-276151246-1532304501-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://
www.google.com/?gws_rd=ssl
URLSearchHook: HKU\S-1-5-21-3529422162-276151246-1532304501-1000 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {065E7EF9-E9B7-4ED1-A685-4CEF444969D2} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {7BBAF097-921D-431E-BC80-C011D5A2EA55} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm423^YYA^us&si=250652_maps-d-optimized&ptb=BCBEAA0B-7CCA-407B-B54F-613A7FE93193&ind=2014070517&n=780c46f5&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-3529422162-276151246-1532304501-1000 -> DefaultScope {E07284D3-9AF9-4D2C-939A-4F7E10C961ED} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US105D20150520&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3529422162-276151246-1532304501-1000 -> {7BBAF097-921D-431E-BC80-C011D5A2EA55} URL = hxxp://
www.bing.com/search?FORM=U348DF&PC=U348&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3529422162-276151246-1532304501-1000 -> {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm423^YYA^us&si=250652_maps-d-optimized&ptb=BCBEAA0B-7CCA-407B-B54F-613A7FE93193&ind=2014070517&n=780c46f5&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-3529422162-276151246-1532304501-1000 -> {E07284D3-9AF9-4D2C-939A-4F7E10C961ED} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US105D20150520&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3529422162-276151246-1532304501-1000 -> {E6566239-E7AB-4DA4-A47A-F2BEFFE41A4A} URL = hxxp://
www.search.ask.com/web?tpid=ORJ-V7-SAT&o=APN11466&pf=V7&p2=%5EBEC%5EOSJ000%5EYY%5EUS&gct=&itbv=12.10.6.53&apn_uid=6FC208CD-C990-45A7-B7CE-45AE3EC88340&apn_ptnrs=BEC&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=cr_29.0.1547.66&doi=2014-04-23&trgb=IE&q={searchTerms}&psv=
SearchScopes: HKU\S-1-5-21-3529422162-276151246-1532304501-1001 -> DefaultScope {D7A448A5-C5FD-4A8E-BD00-7C785DDBFED1} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US105D20150520&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3529422162-276151246-1532304501-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3529422162-276151246-1532304501-1001 -> {065E7EF9-E9B7-4ED1-A685-4CEF444969D2} URL =
SearchScopes: HKU\S-1-5-21-3529422162-276151246-1532304501-1001 -> {D7A448A5-C5FD-4A8E-BD00-7C785DDBFED1} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US105D20150520&p={searchTerms}
BHO: No Name -> {4F524A2D-5637-2D53-4154-7A786E7484D7} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-26] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Ask Shopping Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll [2016-01-04] (APN LLC.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-18] (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Ask Shopping Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport.dll [2016-01-04] (APN LLC.)
Toolbar: HKLM - Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll [2016-01-04] (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-26] (Google Inc.)
Toolbar: HKLM-x32 - Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport.dll [2016-01-04] (APN LLC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-3529422162-276151246-1532304501-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-3529422162-276151246-1532304501-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-3529422162-276151246-1532304501-1000 -> Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll [2016-01-04] (APN LLC.)
Toolbar: HKU\S-1-5-21-3529422162-276151246-1532304501-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-3529422162-276151246-1532304501-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-3529422162-276151246-1532304501-1001 -> Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll [2016-01-04] (APN LLC.)
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll [2010-01-13] (Cozi Group, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-08-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-08-21] (McAfee, Inc.)
FireFox:
========
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-01-18] (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-25] (Google Inc.)
FF Plugin HKU\S-1-5-21-3529422162-276151246-1532304501-1000: @nsroblox.roblox.com/launcher -> C:\Users\brianalmejo1\AppData\Local\Roblox\Versions\version-4bc75dd7e05f4feb\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3529422162-276151246-1532304501-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\brianalmejo1\AppData\Local\Roblox\Versions\version-4bc75dd7e05f4feb\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
Chrome:
=======
CHR HomePage: Default -> hxxp://
www.google.com/
CHR StartupUrls: Default -> "hxxp://
www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (McAfee Virtual Technician) - C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll => No File
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll => No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll => No File
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll => No File
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-01]
CHR Extension: (Google Drive) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-01]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-01]
CHR Extension: (Google Search) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-01]
CHR Extension: (SiteAdvisor) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-01]
CHR Extension: (Google Wallet) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-01]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-01]
CHR HKU\S-1-5-21-3529422162-276151246-1532304501-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\brianalmejo1\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 0162351456452286mcinstcleanup; C:\Windows\TEMP\016235~1.EXE [882000 2015-06-18] (McAfee, Inc.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [198216 2016-01-04] (APN LLC.)
S3 CASprint; C:\Program Files (x86)\Sprint\Sprint SmartView\ConAppsSvc.exe [124224 2010-05-16] (SmithMicro Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201560 2015-09-11] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-08-21] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
R2 NvtlService; C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe [82944 2010-01-11] () [File not signed]
R3 SprintRcAppSvc; C:\Program Files (x86)\Sprint\Sprint SmartView\RcAppSvc.exe [120128 2010-05-16] (SmithMicro Inc.)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [21160 2015-09-30] (Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 bcm; C:\Windows\System32\DRIVERS\drxvi314_64.sys [359040 2010-02-11] (Beceem communications pvt ltd.)
S3 bcmbusctr; C:\Windows\System32\DRIVERS\BcmBusCtr_64.sys [62976 2010-02-11] (Beceem communications pvt ltd.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE2500w764.sys [1254464 2011-03-30] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-25] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
S3 PCTINDIS5X64; C:\Windows\system32\PCTINDIS5X64.SYS [43032 2010-05-16] (Smith Micro Inc.)
S3 SWNC5E00; C:\Windows\System32\DRIVERS\SWNC5E00.sys [285696 2010-05-16] (Sierra Wireless Inc.)
R4 mfesapsn; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [X]
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-25 11:48 - 2016-03-25 11:48 - 00000000 ____D C:\FRST
2016-03-25 11:38 - 2016-03-25 11:39 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-25 11:35 - 2016-03-25 11:35 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-25 11:35 - 2016-03-25 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-25 11:35 - 2016-03-25 11:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-25 11:35 - 2016-03-25 11:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-25 11:35 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-25 11:35 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-25 11:35 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-25 11:05 - 2016-03-25 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-03-25 11:03 - 2014-07-05 16:40 - 00872008 _____ (Mindspark) C:\Program Files (x86)\39Uninstall MapsGalaxy.dll
2016-03-25 11:03 - 2014-07-05 16:40 - 00196992 _____ () C:\Program Files (x86)\39res.dll
2016-03-25 10:42 - 2016-03-25 10:42 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-25 11:42 - 2011-01-18 02:01 - 00000000 ____D C:\ProgramData\McAfee
2016-03-25 11:42 - 2011-01-18 02:01 - 00000000 ____D C:\Program Files\mcafee
2016-03-25 11:42 - 2011-01-18 02:01 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-03-25 11:38 - 2014-04-22 20:23 - 00002157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-25 11:38 - 2014-04-22 20:23 - 00002145 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-25 11:25 - 2009-07-13 23:45 - 00022240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-25 11:25 - 2009-07-13 23:45 - 00022240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-25 11:10 - 2014-11-03 17:35 - 00000000 ____D C:\Users\Jana\Documents\Outlook Files
2016-03-25 11:02 - 2013-12-02 04:10 - 00000000 ____D C:\Windows\system32\MRT
2016-03-25 11:02 - 2012-09-02 10:24 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-25 11:02 - 2012-09-02 10:24 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-25 11:02 - 2012-09-02 10:24 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-25 11:02 - 2011-12-11 18:28 - 00000000 ____D C:\Users\Jana\AppData\Roaming\WildTangent
2016-03-25 11:02 - 2011-06-22 19:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-25 11:02 - 2011-04-25 20:36 - 00000000 ____D C:\Users\brianalmejo1\AppData\Roaming\WildTangent
2016-03-25 11:02 - 2011-01-18 02:05 - 00000000 ____D C:\ProgramData\WildTangent
2016-03-25 11:02 - 2009-07-14 00:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-03-25 11:00 - 2011-01-18 02:15 - 00000000 ____D C:\ProgramData\Skype
2016-03-25 10:57 - 2015-07-15 17:28 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3529422162-276151246-1532304501-1001UA.job
2016-03-25 10:48 - 2015-09-12 14:07 - 00001185 _____ C:\Users\brianalmejo1\Desktop\ROBLOX Studio.lnk
2016-03-25 10:48 - 2015-09-12 14:07 - 00000000 ____D C:\Users\brianalmejo1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2016-03-25 10:47 - 2011-12-03 11:02 - 00000000 ____D C:\ProgramData\GameXN
2016-03-25 10:44 - 2013-12-06 10:46 - 00000000 ___RD C:\Users\Jana\Dropbox
2016-03-25 10:44 - 2013-12-06 10:44 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Dropbox
2016-03-25 10:38 - 2012-06-09 19:26 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-25 10:37 - 2011-03-29 19:35 - 00000000 ____D C:\Users\Jana\AppData\Local\Google
2016-03-25 10:37 - 2009-07-14 00:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-25 10:37 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-03-25 10:36 - 2011-03-28 21:28 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-25 10:32 - 2015-07-15 17:28 - 00000862 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3529422162-276151246-1532304501-1001Core.job
2016-03-05 17:13 - 2009-07-13 21:34 - 00000478 _____ C:\Windows\win.ini
2016-03-05 17:10 - 2013-06-13 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-03-05 17:09 - 2013-06-13 18:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-03-05 17:09 - 2013-06-13 18:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-03-05 17:05 - 2011-06-22 19:42 - 00000000 ____D C:\Users\brianalmejo1\AppData\Roaming\go
2016-03-05 16:28 - 2015-05-25 20:11 - 00000442 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-02-25 21:01 - 2011-03-28 21:28 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-25 21:01 - 2011-03-28 21:28 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-25 21:01 - 2011-03-28 21:28 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-25 20:55 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-02-25 20:51 - 2011-11-14 08:49 - 00000000 ____D C:\Users\brianalmejo1\Tracing
2016-02-25 20:49 - 2011-03-16 19:26 - 00000000 ____D C:\Users\brianalmejo1\AppData\Local\SoftThinks
==================== Files in the root of some directories =======
2016-03-25 11:03 - 2014-07-05 16:40 - 0196992 _____ () C:\Program Files (x86)\39res.dll
2016-03-25 11:03 - 2014-07-05 16:40 - 0872008 _____ (Mindspark) C:\Program Files (x86)\39Uninstall MapsGalaxy.dll
2011-03-28 21:28 - 2011-03-28 21:28 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Some files in TEMP:
====================
C:\Users\brianalmejo1\AppData\Local\Temp\APNStub.exe
C:\Users\brianalmejo1\AppData\Local\Temp\GoogleToolbarInstaller.exe
C:\Users\brianalmejo1\AppData\Local\Temp\hcbarpx_.dll
C:\Users\brianalmejo1\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\brianalmejo1\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\brianalmejo1\AppData\Local\Temp\Refresh.exe
C:\Users\brianalmejo1\AppData\Local\Temp\setup.exe
C:\Users\brianalmejo1\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jana\AppData\Local\Temp\APNSetup.exe
C:\Users\Jana\AppData\Local\Temp\contentDATs.exe
C:\Users\Jana\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpts9fod.dll
C:\Users\Jana\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Jana\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Jana\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Jana\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Jana\AppData\Local\Temp\mssinstaller.exe
C:\Users\Jana\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Jana\AppData\Local\Temp\SecurityScan_Release.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-01-08 10:54
==================== End of FRST.txt ============================