Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop internet connect speed only 0.25Mbps [Solved]

Started by peter plus , Jun 10 2014 07:35 AM

  • This topic is locked This topic is locked

#1
peter plus
Posted 10 June 2014 - 07:35 AM

peter plus

    Member

  • Member
  • PipPipPip
  • 278 posts

All other devices running at near to 20Mbps

 

OTL log

 

OTL logfile created on: 10/06/2014 06:21:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sara\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.19 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 54.78% Memory free
6.32 Gb Paging File | 4.44 Gb Available in Paging File | 70.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 892.08 Gb Total Space | 863.81 Gb Free Space | 96.83% Space Free | Partition Type: NTFS
Drive D: | 25.00 Gb Total Space | 22.82 Gb Free Space | 91.30% Space Free | Partition Type: NTFS
 
Computer Name: SARA-PC | User Name: Sara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/06/10 06:21:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sara\Downloads\OTL.exe
PRC - [2014/05/13 16:40:56 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/01/24 23:18:32 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2012/12/13 22:18:54 | 000,070,152 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE
PRC - [2012/03/28 18:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
PRC - [2011/09/01 00:23:00 | 000,447,104 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysWOW64\SASrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/05/13 16:40:54 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppgooglenaclpluginchrome.dll
MOD - [2014/05/13 16:40:50 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
MOD - [2014/05/13 16:40:45 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
MOD - [2014/05/13 16:40:44 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
MOD - [2014/05/13 16:40:43 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013/08/30 07:49:21 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/30 07:49:21 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/08/30 07:45:50 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/04/24 17:10:28 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2013/04/24 13:23:08 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/04/08 21:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/01 19:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 19:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/02/24 23:18:40 | 000,092,160 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService)
SRV:64bit: - [2013/01/09 16:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/09 16:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/12/13 22:18:48 | 000,230,408 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe -- (NitroDriverReadSpool8)
SRV:64bit: - [2012/12/03 10:27:56 | 000,202,400 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2012/11/05 21:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/09/20 02:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/09/19 23:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/07/25 20:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 20:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/25 20:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 20:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 20:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 20:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 20:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 20:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 20:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 20:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/07/25 20:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 20:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/06/22 07:38:04 | 000,177,144 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/06/22 07:34:52 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/06/22 07:33:12 | 000,237,920 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2012/05/22 13:20:04 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2012/05/11 06:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012/05/11 06:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/05/11 06:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2012/05/11 06:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012/05/11 06:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/05/11 06:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012/05/11 06:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012/01/26 14:19:18 | 000,332,080 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV - [2013/08/30 07:38:39 | 000,068,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe -- (VeriFaceSrv)
SRV - [2013/01/25 00:12:12 | 000,227,456 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013/01/24 23:18:32 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2012/12/13 22:18:54 | 000,070,152 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2012/11/05 21:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/25 20:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2011/09/01 00:23:00 | 000,447,104 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\SASrv.exe -- (SAService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/08/30 07:49:21 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/08/30 07:49:21 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/08/30 07:49:21 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/08/30 07:49:21 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/30 07:49:21 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/08/30 07:45:50 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/08/30 07:45:50 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/08/30 07:38:56 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2013/08/30 07:38:56 | 000,033,560 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2013/04/24 14:15:42 | 011,645,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/04/24 12:55:42 | 000,581,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/04/23 04:38:22 | 000,098,744 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/04/18 07:04:28 | 000,219,360 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\appexDrv.sys -- (APXACC)
DRV:64bit: - [2013/04/10 06:52:22 | 008,243,272 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2013/03/24 22:24:22 | 003,776,000 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2013/03/18 00:21:52 | 000,327,752 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2013/03/03 17:42:06 | 000,128,592 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2013/03/02 03:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 03:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/03/02 03:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/02/26 23:44:24 | 000,355,664 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETD.sys -- (ETD)
DRV:64bit: - [2013/02/25 22:08:24 | 001,680,992 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2013/02/02 00:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/01/24 23:46:26 | 000,581,200 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/01/24 23:46:24 | 000,136,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/01/24 23:46:22 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/01/24 23:46:20 | 000,346,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/01/24 23:46:20 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/01/24 23:46:20 | 000,115,280 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/01/24 23:46:20 | 000,089,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/01/24 23:46:20 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/01/09 18:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/11/29 23:31:02 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/11/29 23:31:00 | 000,080,552 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012/11/26 20:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/19 21:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/05 20:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/12 01:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 00:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/11 00:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/09/20 00:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/09/20 00:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 00:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/08/28 05:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/07/25 22:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/25 22:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/25 22:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/25 22:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/25 22:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/25 22:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/25 22:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/25 22:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/25 22:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/25 22:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/25 22:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/25 22:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/25 22:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/25 22:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/25 22:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/25 22:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/25 22:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 21:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 21:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/07/25 21:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 20:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 19:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 19:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 19:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 19:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 19:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 19:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 19:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 19:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 19:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 19:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 19:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 19:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 19:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 19:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 19:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 19:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 19:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 19:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 19:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/25 19:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 19:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 19:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/06/23 16:24:52 | 015,283,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/06/22 07:40:58 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/06/22 07:38:16 | 000,335,784 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/06/22 07:36:54 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/06/22 07:36:12 | 000,752,672 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/06/22 07:35:02 | 000,513,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/06/22 07:34:22 | 000,300,392 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/06/22 07:34:00 | 000,169,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/06/18 12:29:12 | 000,066,712 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mfeelamk.sys -- (mfeelamk)
DRV:64bit: - [2012/06/13 17:10:32 | 000,102,376 | ---- | M] ("CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2012/06/02 07:31:50 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2012/06/02 07:31:38 | 000,333,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1i63x64.sys -- (e1iexpress)
DRV:64bit: - [2012/04/20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/04/09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV - [2012/08/02 15:57:30 | 000,056,136 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.sys -- (X5XSEx_Pr148)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {83889120-0C77-4505-9069-2E453EF015F9}
IE:64bit: - HKLM\..\SearchScopes\{83889120-0C77-4505-9069-2E453EF015F9}: "URL" = http://www.bing.com/...E10TR&pc=MALNJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {83889120-0C77-4505-9069-2E453EF015F9}
IE - HKLM\..\SearchScopes\{83889120-0C77-4505-9069-2E453EF015F9}: "URL" = http://www.bing.com/...E10TR&pc=MALNJS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com...rchTerms}&SSPV=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentControl,version=7.1.0.1: C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2014/06/10 02:59:09 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Google Drive = C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2012/07/25 22:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [RtsFT] C:\windows\RTFTrack.exe (Realtek semiconductor)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095}  (ExentInf1 Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01B3BD7F-CFA5-4958-BA21-897E34BCDC76}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/10 10:47:27 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/06/10 05:04:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/06/10 04:25:17 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/10 04:25:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/06/10 04:24:56 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014/06/10 04:24:56 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014/06/10 04:24:56 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014/06/10 04:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/06/10 04:24:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/06/10 04:24:32 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Programs
[2014/06/10 04:05:06 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Diagnostics
[2014/06/10 03:52:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/06/10 03:36:57 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Apps
[2014/06/10 03:36:56 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Deployment
[2014/06/10 03:20:10 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\SearchProtect
[2014/06/10 03:17:21 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Google
[2014/06/10 03:17:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/06/10 03:09:08 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\Nitro PDF
[2014/06/10 03:09:00 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\LSC
[2014/06/10 03:08:41 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Adobe
[2014/06/10 03:08:17 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\LSC
[2014/06/10 03:03:38 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\AMD
[2014/06/10 03:03:19 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\ATI
[2014/06/10 03:03:19 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\ATI
[2014/06/10 03:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014/06/10 03:01:33 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\BMExplorer
[2014/06/10 03:01:33 | 000,000,000 | ---D | C] -- C:\Users\Sara\Documents\Bluetooth Folder
[2014/06/10 03:01:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2014/06/10 03:01:16 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\Lenovo
[2014/06/10 03:01:10 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\Atheros
[2014/06/10 03:01:02 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/06/10 03:00:36 | 000,000,000 | R--D | C] -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/06/10 03:00:36 | 000,000,000 | R--D | C] -- C:\Users\Sara\Searches
[2014/06/10 03:00:36 | 000,000,000 | R--D | C] -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/06/10 03:00:35 | 000,000,000 | R--D | C] -- C:\Users\Sara\Contacts
[2014/06/10 03:00:35 | 000,000,000 | -H-D | C] -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/06/10 03:00:20 | 000,000,000 | ---D | C] -- C:\ProgramData\eBay
[2014/06/10 02:59:45 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\Adobe
[2014/06/10 02:59:04 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\VirtualStore
[2014/06/10 02:58:50 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Packages
[2014/06/10 02:57:10 | 000,000,000 | --SD | C] -- C:\Users\Sara\AppData\Roaming\Microsoft
[2014/06/10 02:57:10 | 000,000,000 | R--D | C] -- C:\Users\Sara\Videos
[2014/06/10 02:57:10 | 000,000,000 | R--D | C] -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/06/10 02:57:10 | 000,000,000 | R--D | C] -- C:\Users\Sara\Saved Games
[2014/06/10 02:57:10 | 000,000,000 | R--D | C] -- C:\Users\Sara\Pictures
[2014/06/10 02:57:10 | 000,000,000 | R--D | C] -- C:\Users\Sara\Music
[2014/06/10 02:57:10 | 000,000,000 | R--D | C] -- C:\Users\Sara\Links
[2014/06/10 02:57:10 | 000,000,000 | R--D | C] -- C:\Users\Sara\Favorites
[2014/06/10 02:57:10 | 000,000,000 | R--D | C] -- C:\Users\Sara\Downloads
[2014/06/10 02:57:10 | 000,000,000 | R--D | C] -- C:\Users\Sara\Documents
[2014/06/10 02:57:10 | 000,000,000 | R--D | C] -- C:\Users\Sara\Desktop
[2014/06/10 02:57:10 | 000,000,000 | R--D | C] -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/06/10 02:57:10 | 000,000,000 | R--D | C] -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/06/10 02:57:10 | 000,000,000 | -HSD | C] -- C:\Users\Sara\AppData\Local\Temporary Internet Files
[2014/06/10 02:57:10 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Templates
[2014/06/10 02:57:10 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Start Menu
[2014/06/10 02:57:10 | 000,000,000 | -HSD | C] -- C:\Users\Sara\SendTo
[2014/06/10 02:57:10 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Recent
[2014/06/10 02:57:10 | 000,000,000 | -HSD | C] -- C:\Users\Sara\PrintHood
[2014/06/10 02:57:10 | 000,000,000 | -HSD | C] -- C:\Users\Sara\NetHood
[2014/06/10 02:57:10 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Documents\My Videos
[2014/06/10 02:57:10 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Documents\My Pictures
[2014/06/10 02:57:10 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Documents\My Music
[2014/06/10 02:57:10 | 000,000,000 | -HSD | C] -- C:\Users\Sara\My Documents
[2014/06/10 02:57:10 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Local Settings
[2014/06/10 02:57:10 | 000,000,000 | -HSD | C] -- C:\Users\Sara\AppData\Local\History
[2014/06/10 02:57:10 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Cookies
[2014/06/10 02:57:10 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Application Data
[2014/06/10 02:57:10 | 000,000,000 | -HSD | C] -- C:\Users\Sara\AppData\Local\Application Data
[2014/06/10 02:57:10 | 000,000,000 | -H-D | C] -- C:\Users\Sara\AppData
[2014/06/10 02:57:10 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Temp
[2014/06/10 02:57:10 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Microsoft
[2014/06/10 02:57:10 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/06/10 02:57:10 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\Macromedia
[2014/06/10 02:57:10 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/10 06:25:19 | 000,848,230 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/06/10 06:25:19 | 000,723,700 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/06/10 06:25:19 | 000,136,838 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/06/10 06:02:27 | 000,000,036 | ---- | M] () -- C:\Users\Sara\AppData\Local\housecall.guid.cache
[2014/06/10 05:46:00 | 000,000,910 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/10 05:04:37 | 000,001,839 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk
[2014/06/10 05:03:37 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/10 05:00:52 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/06/10 04:59:21 | 000,000,906 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/10 04:58:45 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/06/10 04:58:40 | 2741,608,448 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/10 04:58:19 | 000,002,560 | ---- | M] () -- C:\windows\SysNative\VfService.trf
[2014/06/10 04:49:37 | 000,002,286 | ---- | M] () -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/06/10 04:49:00 | 000,281,088 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/06/10 04:25:06 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/10 03:56:04 | 000,002,262 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/10 03:07:34 | 000,001,431 | ---- | M] () -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/06/10 03:00:21 | 000,000,139 | ---- | M] () -- C:\Users\Public\Desktop\eBay.url
[2014/05/12 07:26:14 | 000,064,216 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014/05/12 07:26:00 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2014/06/10 10:47:29 | 2741,608,448 | -HS- | C] () -- C:\hiberfil.sys
[2014/06/10 10:47:29 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2014/06/10 06:02:27 | 000,000,036 | ---- | C] () -- C:\Users\Sara\AppData\Local\housecall.guid.cache
[2014/06/10 05:43:29 | 000,000,299 | ---- | C] () -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
[2014/06/10 04:25:06 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/10 03:52:02 | 000,002,286 | ---- | C] () -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/06/10 03:52:02 | 000,002,262 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/10 03:41:28 | 000,000,910 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/10 03:41:28 | 000,000,906 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/10 03:07:34 | 000,001,431 | ---- | C] () -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/06/10 03:00:30 | 000,001,437 | ---- | C] () -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/06/10 03:00:21 | 000,000,139 | ---- | C] () -- C:\Users\Public\Desktop\eBay.url
[2014/06/10 02:57:10 | 000,001,129 | ---- | C] () -- C:\Users\Sara\Desktop\Cyberlink Power2Go.lnk
[2014/06/10 02:57:10 | 000,000,352 | ---- | C] () -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/06/10 02:57:10 | 000,000,334 | ---- | C] () -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/06/10 02:57:10 | 000,000,189 | ---- | C] () -- C:\Users\Sara\Desktop\Lenovo Telephony Start Now.url
[2013/08/30 07:19:48 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/08/30 07:12:39 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2013/05/20 01:09:21 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2013/05/20 01:09:21 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2013/05/20 01:09:20 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2013/05/20 01:09:19 | 000,798,734 | ---- | C] () -- C:\windows\SysWow64\amdocl_ld32.exe
[2013/05/20 01:09:18 | 000,995,342 | ---- | C] () -- C:\windows\SysWow64\amdocl_as32.exe
[2013/03/25 14:10:34 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2012/11/27 01:18:46 | 000,038,912 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
[2012/07/26 01:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012/07/26 01:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012/07/26 00:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012/07/25 18:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012/07/25 13:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012/07/25 13:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012/07/25 13:22:56 | 000,267,284 | ---- | C] () -- C:\windows\SysWow64\igvpkrng600.bin
[2012/07/25 13:22:54 | 000,963,376 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng600.bin
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/08/30 07:46:35 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/08/30 07:46:34 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 20:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 20:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 20:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/06/10 03:01:16 | 000,000,000 | ---D | M] -- C:\Users\Sara\AppData\Roaming\Lenovo
[2014/06/10 03:08:17 | 000,000,000 | ---D | M] -- C:\Users\Sara\AppData\Roaming\LSC
[2014/06/10 05:09:59 | 000,000,000 | ---D | M] -- C:\Users\Sara\AppData\Roaming\Nitro PDF
 
========== Purity Check ==========
 
 
 
< End of report >
 

  • 0

Advertisements

#2
Machiavelli
Posted 17 June 2014 - 03:28 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts

Do you still need help?


  • 0

#3
peter plus
Posted 17 June 2014 - 07:00 AM

peter plus

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts

Hi there. Yes I still need help.

 

i've done a factory reset which I thought would solve the problem.

 

It is slightly better but I am still only getting between 1 and 3Mbps connection rates whilst other computers connect at 16Mbps +


  • 0

#4
peter plus
Posted 17 June 2014 - 07:20 AM

peter plus

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts

Here's the OTL log

 

OTL logfile created on: 17/06/2014 06:04:11 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sara\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16921)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.19 Gb Total Physical Memory | 1.77 Gb Available Physical Memory | 55.31% Memory free
6.32 Gb Paging File | 4.59 Gb Available in Paging File | 72.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 892.08 Gb Total Space | 857.41 Gb Free Space | 96.11% Space Free | Partition Type: NTFS
Drive D: | 25.00 Gb Total Space | 24.90 Gb Free Space | 99.61% Space Free | Partition Type: NTFS
Drive F: | 982.13 Mb Total Space | 920.42 Mb Free Space | 93.72% Space Free | Partition Type: FAT
 
Computer Name: SARA-PC | User Name: Sara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/06/10 14:16:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sara\Desktop\OTL.exe
PRC - [2013/01/24 23:18:32 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2012/12/13 22:18:54 | 000,070,152 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE
PRC - [2012/03/28 18:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
PRC - [2011/09/01 00:23:00 | 000,447,104 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysWOW64\SASrv.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/04/25 18:34:42 | 000,178,528 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\mcafee\msc\McAPExe.exe -- (McAPExe)
SRV:64bit: - [2014/04/12 02:08:17 | 000,439,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/04/03 17:15:34 | 000,189,912 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2014/04/03 17:07:34 | 000,219,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2014/03/29 01:05:59 | 000,016,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/18 08:39:34 | 001,041,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2013/08/30 07:49:21 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/30 07:49:21 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/08/15 22:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/08/02 17:52:58 | 000,602,944 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2013/06/24 15:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/04/24 17:10:28 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2013/04/24 13:23:08 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/04/08 21:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/01 19:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 19:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/02/24 23:18:40 | 000,092,160 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService)
SRV:64bit: - [2013/01/09 16:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2012/12/13 22:18:48 | 000,230,408 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe -- (NitroDriverReadSpool8)
SRV:64bit: - [2012/12/03 10:27:56 | 000,202,400 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2012/11/05 21:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/09/19 23:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/07/25 20:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 20:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 20:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 20:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 20:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 20:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 20:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 20:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 20:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/07/25 20:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 20:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 17:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/05/11 06:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2012/01/26 14:19:18 | 000,332,080 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV - [2014/03/13 11:42:00 | 000,836,168 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Windows\Temp\0296911402953195mcinst.exe -- (0296911402953195mcinstcleanup)
SRV - [2013/08/30 07:38:39 | 000,068,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe -- (VeriFaceSrv)
SRV - [2013/01/25 00:12:12 | 000,227,456 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013/01/24 23:18:32 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2012/12/13 22:18:54 | 000,070,152 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2012/11/05 21:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/25 20:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2011/09/01 00:23:00 | 000,447,104 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\SASrv.exe -- (SAService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/04/03 17:23:54 | 000,070,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2014/04/03 17:16:04 | 000,346,760 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2014/04/03 17:10:34 | 000,784,760 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2014/04/03 17:08:04 | 000,522,360 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2014/04/03 17:06:04 | 000,311,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2014/04/03 17:03:32 | 000,177,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2014/04/03 16:43:16 | 000,069,352 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mfeelamk.sys -- (mfeelamk)
DRV:64bit: - [2014/03/28 12:19:38 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/23 15:11:52 | 000,269,592 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/18 07:08:50 | 000,096,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2014/03/18 07:08:26 | 000,441,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2013/10/10 04:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/04 23:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/01 19:50:07 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/23 13:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2013/08/30 07:49:21 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/08/30 07:38:56 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2013/08/30 07:38:56 | 000,033,560 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2013/08/15 22:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/09 23:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/07/09 01:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/01 18:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/01 18:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/06/28 23:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/04/24 14:15:42 | 011,645,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/04/24 12:55:42 | 000,581,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/04/23 04:38:22 | 000,098,744 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/04/18 07:04:28 | 000,219,360 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\appexDrv.sys -- (APXACC)
DRV:64bit: - [2013/04/10 06:52:22 | 008,243,272 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2013/03/24 22:24:22 | 003,776,000 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2013/03/18 00:21:52 | 000,327,752 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2013/03/03 17:42:06 | 000,128,592 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2013/03/02 03:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/02/26 23:44:24 | 000,355,664 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETD.sys -- (ETD)
DRV:64bit: - [2013/02/25 22:08:24 | 001,680,992 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2013/02/02 00:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/01/24 23:46:26 | 000,581,200 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/01/24 23:46:24 | 000,136,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/01/24 23:46:22 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/01/24 23:46:20 | 000,346,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/01/24 23:46:20 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/01/24 23:46:20 | 000,115,280 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/01/24 23:46:20 | 000,089,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/01/24 23:46:20 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/01/09 18:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/11/29 23:31:02 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/11/29 23:31:00 | 000,080,552 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012/11/26 20:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/19 21:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/05 20:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/12 01:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 00:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/09/20 00:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 00:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/08/28 05:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/07/25 22:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/25 22:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/25 22:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/25 22:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/25 22:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/25 22:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/25 22:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/25 22:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/25 22:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/25 22:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/25 22:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/25 22:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/25 22:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/25 22:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/25 22:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/25 22:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/25 22:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 21:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 21:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 20:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 19:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 19:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 19:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 19:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 19:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 19:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 19:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 19:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 19:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 19:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 19:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 19:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 19:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 19:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 19:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 19:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 19:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 19:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 19:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/25 19:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 19:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 19:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/06/23 16:24:52 | 015,283,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/06/13 17:10:32 | 000,102,376 | ---- | M] ("CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2012/06/02 07:31:50 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2012/06/02 07:31:38 | 000,333,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1i63x64.sys -- (e1iexpress)
DRV:64bit: - [2012/04/09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV - [2012/08/02 15:57:30 | 000,056,136 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.sys -- (X5XSEx_Pr148)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {83889120-0C77-4505-9069-2E453EF015F9}
IE:64bit: - HKLM\..\SearchScopes\{83889120-0C77-4505-9069-2E453EF015F9}: "URL" = http://www.bing.com/...E10TR&pc=MALNJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {83889120-0C77-4505-9069-2E453EF015F9}
IE - HKLM\..\SearchScopes\{83889120-0C77-4505-9069-2E453EF015F9}: "URL" = http://www.bing.com/...E10TR&pc=MALNJS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {83889120-0C77-4505-9069-2E453EF015F9}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentControl,version=7.1.0.1: C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2014/06/16 14:02:36 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Google Drive = C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2012/07/25 22:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [RtsFT] C:\windows\RTFTrack.exe (Realtek semiconductor)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095}  (ExentInf1 Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01B3BD7F-CFA5-4958-BA21-897E34BCDC76}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/17 06:03:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Sara\Desktop\OTL.exe
[2014/06/16 14:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/06/16 14:04:39 | 000,105,464 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/06/16 14:04:38 | 000,703,992 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014/06/16 13:57:23 | 000,000,000 | R--D | C] -- C:\windows\BrowserChoice
[2014/06/16 13:47:09 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Diagnostics
[2014/06/13 03:15:49 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2014/06/12 14:47:36 | 002,371,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSService.dll
[2014/06/12 14:47:36 | 000,209,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NotificationUI.exe
[2014/06/12 14:47:35 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppobjs.dll
[2014/06/12 14:47:34 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSShared.dll
[2014/06/12 14:47:34 | 000,562,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSShared.dll
[2014/06/12 14:47:34 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSetupUI.dll
[2014/06/12 14:47:33 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppwinob.dll
[2014/06/12 14:47:33 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSSync.dll
[2014/06/12 14:47:33 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSSync.dll
[2014/06/12 14:47:33 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.Store.dll
[2014/06/12 14:47:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppc.dll
[2014/06/12 14:47:33 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sppc.dll
[2014/06/12 14:47:32 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSClient.dll
[2014/06/12 14:47:32 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.ApplicationModel.Store.dll
[2014/06/12 14:47:32 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSClient.dll
[2014/06/12 14:47:32 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/06/12 14:47:32 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/06/12 14:47:32 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupcln.dll
[2014/06/12 14:47:32 | 000,058,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dam.sys
[2014/06/12 14:47:31 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupcln.dll
[2014/06/12 14:47:18 | 001,301,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2014/06/12 14:47:02 | 000,096,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\wfplwfs.sys
[2014/06/12 14:46:50 | 000,652,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2014/06/12 14:46:45 | 003,246,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll
[2014/06/12 14:46:45 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpudd.dll
[2014/06/12 14:46:41 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll
[2014/06/12 14:46:37 | 000,328,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys
[2014/06/12 14:46:37 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wusa.exe
[2014/06/12 14:46:37 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wusa.exe
[2014/06/12 14:46:06 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2014/06/12 14:46:06 | 000,773,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2014/06/12 14:46:06 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\clusapi.dll
[2014/06/12 14:46:05 | 001,622,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2014/06/12 14:46:05 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2014/06/12 14:46:05 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\resutils.dll
[2014/06/12 14:46:05 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\resutils.dll
[2014/06/12 14:46:05 | 000,447,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBHUB3.SYS
[2014/06/12 14:46:05 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUSettingsProvider.dll
[2014/06/12 14:46:04 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\clusapi.dll
[2014/06/12 14:46:04 | 000,285,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\spaceport.sys
[2014/06/12 14:46:04 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\storewuauth.dll
[2014/06/12 14:46:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2014/06/12 14:46:04 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2014/06/12 14:46:04 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2014/06/12 14:46:04 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2014/06/12 14:46:04 | 000,059,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2014/06/12 14:46:04 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2014/06/12 14:46:04 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2014/06/12 14:45:54 | 000,054,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdfLdr.sys
[2014/06/12 14:45:37 | 013,661,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.UI.Xaml.dll
[2014/06/12 14:45:34 | 010,799,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.UI.Xaml.dll
[2014/06/12 14:45:32 | 001,173,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIAutomationCore.dll
[2014/06/12 14:45:32 | 000,914,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIAutomationCore.dll
[2014/06/12 14:45:31 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ubpm.dll
[2014/06/12 14:45:31 | 000,151,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tpm.sys
[2014/06/12 14:45:30 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ubpm.dll
[2014/06/12 14:45:30 | 000,061,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\crashdmp.sys
[2014/06/12 14:45:30 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2014/06/12 14:45:30 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2014/06/12 14:45:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2014/06/12 14:45:20 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/06/12 14:45:16 | 000,269,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdFilter.sys
[2014/06/12 14:45:16 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdBoot.sys
[2014/06/12 14:38:46 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/06/12 14:38:46 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2014/06/12 14:38:46 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/06/12 14:38:46 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/06/12 14:38:46 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/06/12 14:38:45 | 001,440,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/06/12 14:38:45 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/06/12 14:38:45 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2014/06/12 14:38:45 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UXInit.dll
[2014/06/12 14:38:45 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/06/12 14:38:45 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UXInit.dll
[2014/06/12 14:38:42 | 001,508,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/06/12 14:38:42 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll
[2014/06/12 14:38:41 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/06/12 14:38:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/06/12 14:38:39 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/06/12 14:38:35 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2014/06/12 14:38:34 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/06/12 14:38:32 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/06/12 14:38:12 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/06/12 14:38:12 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/06/12 14:38:11 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2014/06/12 14:33:05 | 002,839,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msftedit.dll
[2014/06/12 14:33:05 | 002,273,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msftedit.dll
[2014/06/12 14:33:04 | 001,025,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2014/06/12 14:33:04 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FWPUCLNT.DLL
[2014/06/12 14:33:03 | 000,439,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WerFault.exe
[2014/06/12 14:33:03 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanconn.dll
[2014/06/12 14:33:03 | 000,385,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WerFault.exe
[2014/06/12 14:33:03 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wwanadvui.dll
[2014/06/12 14:33:03 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2014/06/12 14:33:03 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wcmsvc.dll
[2014/06/12 14:33:03 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSCard.dll
[2014/06/12 14:33:03 | 000,195,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdbus.sys
[2014/06/12 14:33:03 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winmmbase.dll
[2014/06/12 14:33:03 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\winmmbase.dll
[2014/06/12 14:33:03 | 000,125,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dumpsd.sys
[2014/06/12 14:33:03 | 000,120,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\msgpioclx.sys
[2014/06/12 14:33:03 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winmm.dll
[2014/06/12 14:33:03 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wcmcsp.dll
[2014/06/12 14:33:02 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshwfp.dll
[2014/06/12 14:33:02 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll
[2014/06/12 14:33:02 | 000,543,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanmm.dll
[2014/06/12 14:33:02 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Networking.BackgroundTransfer.dll
[2014/06/12 14:33:02 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\LocationApi.dll
[2014/06/12 14:33:02 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\LocationApi.dll
[2014/06/12 14:33:02 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL
[2014/06/12 14:33:02 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\openfiles.exe
[2014/06/12 14:33:02 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\openfiles.exe
[2014/06/12 14:32:16 | 001,890,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2014/06/12 14:32:11 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2014/06/12 14:30:36 | 000,337,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBXHCI.SYS
[2014/06/12 14:30:36 | 000,213,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\UCX01000.SYS
[2014/06/12 14:30:35 | 000,498,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2014/06/12 14:30:35 | 000,021,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys
[2014/06/12 14:30:32 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2014/06/12 14:30:31 | 002,842,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2014/06/12 14:30:31 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2014/06/12 14:30:25 | 003,842,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2014/06/12 14:30:25 | 002,238,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2014/06/12 14:30:23 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/06/12 14:30:23 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/06/12 14:30:10 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2014/06/12 14:30:10 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apprepapi.dll
[2014/06/12 14:30:10 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apprepsync.dll
[2014/06/12 14:30:10 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apprepapi.dll
[2014/06/12 14:30:10 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apprepsync.dll
[2014/06/12 14:30:03 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2014/06/12 14:30:03 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2014/06/12 14:30:03 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2014/06/12 14:30:03 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2014/06/12 14:29:49 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scrobj.dll
[2014/06/12 14:29:49 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scrrun.dll
[2014/06/12 14:29:49 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scrobj.dll
[2014/06/12 14:29:49 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scrrun.dll
[2014/06/12 14:29:49 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscript.exe
[2014/06/12 14:29:49 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wshom.ocx
[2014/06/12 14:29:49 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cscript.exe
[2014/06/12 14:29:47 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FirewallAPI.dll
[2014/06/12 14:29:46 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2014/06/12 14:29:42 | 002,062,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2014/06/12 14:29:42 | 001,711,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2014/06/12 14:29:38 | 006,987,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2014/06/12 14:29:35 | 001,281,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2014/06/12 14:29:35 | 000,982,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2014/06/12 14:29:34 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\objsel.dll
[2014/06/12 14:29:34 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SHCore.dll
[2014/06/12 14:29:34 | 000,578,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2014/06/12 14:29:34 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SHCore.dll
[2014/06/12 14:29:34 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2014/06/12 14:29:33 | 001,043,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usercpl.dll
[2014/06/12 14:29:33 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\objsel.dll
[2014/06/12 14:29:33 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsm.dll
[2014/06/12 14:29:33 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpapisrv.dll
[2014/06/12 14:29:32 | 000,961,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\usercpl.dll
[2014/06/12 14:29:32 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dimsroam.dll
[2014/06/12 14:29:32 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dimsroam.dll
[2014/06/12 14:29:32 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2014/06/12 14:29:32 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\workerdd.dll
[2014/06/12 14:29:23 | 000,583,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdrm.dll
[2014/06/12 14:29:20 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\esent.dll
[2014/06/12 14:29:20 | 002,382,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\esent.dll
[2014/06/12 14:29:13 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tssdisai.dll
[2014/06/12 14:29:03 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2014/06/12 14:29:03 | 000,496,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2014/06/12 14:29:00 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\portcls.sys
[2014/06/12 14:28:42 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2014/06/12 14:28:42 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2014/06/12 14:28:42 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msieftp.dll
[2014/06/12 14:28:42 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msieftp.dll
[2014/06/12 14:28:34 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twinui.dll
[2014/06/12 14:28:33 | 008,858,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twinui.dll
[2014/06/12 14:28:33 | 002,304,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2014/06/12 14:28:32 | 002,035,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2014/06/12 14:28:31 | 001,628,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2014/06/12 14:27:01 | 001,258,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2014/06/12 14:27:00 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gpedit.dll
[2014/06/12 14:27:00 | 001,075,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gpedit.dll
[2014/06/12 14:27:00 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys
[2014/06/12 14:27:00 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidparse.sys
[2014/06/12 14:16:41 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\HipShieldK.sys
[2014/06/12 13:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/06/12 13:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/06/12 13:56:07 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Google
[2014/06/12 13:55:54 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Deployment
[2014/06/12 13:55:54 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Apps
[2014/06/12 13:48:58 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\Nitro PDF
[2014/06/12 13:48:53 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Adobe
[2014/06/12 13:48:46 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\LSC
[2014/06/12 13:48:25 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\LSC
[2014/06/12 13:43:40 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\AMD
[2014/06/12 13:43:05 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\ATI
[2014/06/12 13:43:05 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\ATI
[2014/06/12 13:43:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014/06/12 13:41:12 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\BMExplorer
[2014/06/12 13:41:11 | 000,000,000 | ---D | C] -- C:\Users\Sara\Documents\Bluetooth Folder
[2014/06/12 13:41:01 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\Lenovo
[2014/06/12 13:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2014/06/12 13:40:54 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\Atheros
[2014/06/12 13:40:51 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/06/12 13:40:19 | 000,000,000 | R--D | C] -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/06/12 13:40:19 | 000,000,000 | R--D | C] -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/06/12 13:40:18 | 000,000,000 | R--D | C] -- C:\Users\Sara\Searches
[2014/06/12 13:40:18 | 000,000,000 | R--D | C] -- C:\Users\Sara\Contacts
[2014/06/12 13:40:18 | 000,000,000 | -H-D | C] -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/06/12 13:40:12 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\Adobe
[2014/06/12 13:40:05 | 000,000,000 | ---D | C] -- C:\ProgramData\eBay
[2014/06/12 13:38:45 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\VirtualStore
[2014/06/12 13:38:29 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Packages
[2014/06/12 13:36:48 | 000,000,000 | --SD | C] -- C:\Users\Sara\AppData\Roaming\Microsoft
[2014/06/12 13:36:48 | 000,000,000 | R--D | C] -- C:\Users\Sara\Videos
[2014/06/12 13:36:48 | 000,000,000 | R--D | C] -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/06/12 13:36:48 | 000,000,000 | R--D | C] -- C:\Users\Sara\Saved Games
[2014/06/12 13:36:48 | 000,000,000 | R--D | C] -- C:\Users\Sara\Pictures
[2014/06/12 13:36:48 | 000,000,000 | R--D | C] -- C:\Users\Sara\Music
[2014/06/12 13:36:48 | 000,000,000 | R--D | C] -- C:\Users\Sara\Links
[2014/06/12 13:36:48 | 000,000,000 | R--D | C] -- C:\Users\Sara\Favorites
[2014/06/12 13:36:48 | 000,000,000 | R--D | C] -- C:\Users\Sara\Downloads
[2014/06/12 13:36:48 | 000,000,000 | R--D | C] -- C:\Users\Sara\Documents
[2014/06/12 13:36:48 | 000,000,000 | R--D | C] -- C:\Users\Sara\Desktop
[2014/06/12 13:36:48 | 000,000,000 | R--D | C] -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/06/12 13:36:48 | 000,000,000 | R--D | C] -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/06/12 13:36:48 | 000,000,000 | -HSD | C] -- C:\Users\Sara\AppData\Local\Temporary Internet Files
[2014/06/12 13:36:48 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Templates
[2014/06/12 13:36:48 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Start Menu
[2014/06/12 13:36:48 | 000,000,000 | -HSD | C] -- C:\Users\Sara\SendTo
[2014/06/12 13:36:48 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Recent
[2014/06/12 13:36:48 | 000,000,000 | -HSD | C] -- C:\Users\Sara\PrintHood
[2014/06/12 13:36:48 | 000,000,000 | -HSD | C] -- C:\Users\Sara\NetHood
[2014/06/12 13:36:48 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Documents\My Videos
[2014/06/12 13:36:48 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Documents\My Pictures
[2014/06/12 13:36:48 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Documents\My Music
[2014/06/12 13:36:48 | 000,000,000 | -HSD | C] -- C:\Users\Sara\My Documents
[2014/06/12 13:36:48 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Local Settings
[2014/06/12 13:36:48 | 000,000,000 | -HSD | C] -- C:\Users\Sara\AppData\Local\History
[2014/06/12 13:36:48 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Cookies
[2014/06/12 13:36:48 | 000,000,000 | -HSD | C] -- C:\Users\Sara\Application Data
[2014/06/12 13:36:48 | 000,000,000 | -HSD | C] -- C:\Users\Sara\AppData\Local\Application Data
[2014/06/12 13:36:48 | 000,000,000 | -H-D | C] -- C:\Users\Sara\AppData
[2014/06/12 13:36:48 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Temp
[2014/06/12 13:36:48 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Microsoft
[2014/06/12 13:36:48 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/06/12 13:36:48 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\Macromedia
[2014/06/12 13:36:48 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
[2014/06/12 12:24:29 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/17 06:05:30 | 000,848,230 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/06/17 06:05:30 | 000,723,700 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/06/17 06:05:30 | 000,136,838 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/06/17 06:01:19 | 000,000,910 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/17 05:58:06 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/06/16 14:13:20 | 000,001,855 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk
[2014/06/16 14:07:09 | 000,000,906 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/16 14:02:40 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/06/16 14:02:38 | 2741,608,448 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/16 14:01:39 | 000,002,560 | ---- | M] () -- C:\windows\SysNative\VfService.trf
[2014/06/13 02:53:58 | 000,002,286 | ---- | M] () -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/06/12 13:57:32 | 000,002,262 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/12 13:42:53 | 000,001,431 | ---- | M] () -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/06/12 13:40:05 | 000,000,139 | ---- | M] () -- C:\Users\Public\Desktop\eBay.url
[2014/06/10 14:16:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sara\Desktop\OTL.exe
[2014/05/30 22:16:07 | 000,703,992 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014/05/30 22:16:07 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/23 19:48:10 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/05/23 19:47:45 | 000,915,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll
[2014/05/23 19:47:44 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\UXInit.dll
[2014/05/23 19:46:45 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/05/23 19:46:42 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/05/23 19:46:36 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/05/23 19:46:15 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/05/23 19:46:15 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2014/05/23 19:46:07 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2014/05/23 19:46:07 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/05/23 19:46:07 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/05/23 19:45:46 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/05/23 19:45:46 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/05/23 19:45:26 | 001,508,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/05/23 18:26:46 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\UXInit.dll
[2014/05/23 18:26:06 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/05/23 18:26:04 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/05/23 18:25:52 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2014/05/23 18:25:49 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2014/05/23 18:25:49 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/05/23 18:25:49 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/05/23 18:25:25 | 001,440,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
 
========== Files Created - No Company Name ==========
 
[2014/06/12 14:47:31 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2014/06/12 14:46:37 | 000,387,268 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2014/06/12 14:16:22 | 000,005,442 | ---- | C] () -- C:\windows\SysNative\drivers\mfencbdc.inf
[2014/06/12 14:16:22 | 000,002,641 | ---- | C] () -- C:\windows\SysNative\drivers\mfencrk.inf
[2014/06/12 13:57:32 | 000,002,286 | ---- | C] () -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/06/12 13:57:32 | 000,002,262 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/12 13:56:19 | 000,000,910 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/12 13:56:18 | 000,000,906 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/12 13:42:53 | 000,001,431 | ---- | C] () -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/06/12 13:40:12 | 000,001,437 | ---- | C] () -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/06/12 13:40:05 | 000,000,139 | ---- | C] () -- C:\Users\Public\Desktop\eBay.url
[2014/06/12 13:36:48 | 000,001,129 | ---- | C] () -- C:\Users\Sara\Desktop\Cyberlink Power2Go.lnk
[2014/06/12 13:36:48 | 000,000,352 | ---- | C] () -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/06/12 13:36:48 | 000,000,334 | ---- | C] () -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/06/12 13:36:48 | 000,000,189 | ---- | C] () -- C:\Users\Sara\Desktop\Lenovo Telephony Start Now.url
[2014/06/12 12:24:31 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2014/06/12 12:24:30 | 2741,608,448 | -HS- | C] () -- C:\hiberfil.sys
[2013/08/30 07:19:48 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/08/30 07:12:39 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2013/05/20 01:09:21 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2013/05/20 01:09:21 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2013/05/20 01:09:20 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2013/05/20 01:09:19 | 000,798,734 | ---- | C] () -- C:\windows\SysWow64\amdocl_ld32.exe
[2013/05/20 01:09:18 | 000,995,342 | ---- | C] () -- C:\windows\SysWow64\amdocl_as32.exe
[2012/11/27 01:18:46 | 000,038,912 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
[2012/07/26 01:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012/07/26 01:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012/07/26 00:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012/07/25 18:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012/07/25 13:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012/07/25 13:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012/07/25 13:22:56 | 000,267,284 | ---- | C] () -- C:\windows\SysWow64\igvpkrng600.bin
[2012/07/25 13:22:54 | 000,963,376 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng600.bin
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/28 01:23:06 | 019,759,104 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/27 23:18:26 | 017,562,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 20:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 20:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 20:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
< End of report >

  • 0

#5
Machiavelli
Posted 17 June 2014 - 08:08 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts
Hello and Welcome on board peter plus :welcome:,

my Name is Machiavelli and I will assist you with your problem.
If you booted into safe mode on your computer then print my instructions!
I'm in the 'Malware Staff Team' and will provide you with advice:

To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.

Below are a few tips:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
 

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

  • 0

#6
peter plus
Posted 17 June 2014 - 10:10 AM

peter plus

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014
Ran by Sara (administrator) on SARA-PC on 17-06-2014 09:05:30
Running from F:\
Platform: Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\mcafee\msm\McSmtFwk.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [899680 2013-02-04] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-12] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876816 2013-03-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6339656 2013-04-10] (Realtek semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17097200 2013-08-30] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-08-30] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-04-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Qualcomm Atheros Commnucations))
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKLM - DefaultScope {83889120-0C77-4505-9069-2E453EF015F9} URL = http://www.bing.com/...E10TR&pc=MALNJS
SearchScopes: HKLM - {83889120-0C77-4505-9069-2E453EF015F9} URL = http://www.bing.com/...E10TR&pc=MALNJS
SearchScopes: HKLM-x32 - DefaultScope {83889120-0C77-4505-9069-2E453EF015F9} URL = http://www.bing.com/...E10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {83889120-0C77-4505-9069-2E453EF015F9} URL = http://www.bing.com/...E10TR&pc=MALNJS
SearchScopes: HKCU - DefaultScope {83889120-0C77-4505-9069-2E453EF015F9} URL = 
SearchScopes: HKCU - {83889120-0C77-4505-9069-2E453EF015F9} URL = 
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 - C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-08-30]
 
Chrome: 
=======
CHR StartupUrls: "https://www.google.co.uk/", "chrome://chrome-signin/?source=0"
CHR DefaultSearchKeyword: google.co.uk
CHR Extension: (Google Docs) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-12]
CHR Extension: (Google Drive) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-12]
CHR Extension: (YouTube) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-12]
CHR Extension: (Google Search) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-12]
CHR Extension: (Google Wallet) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-12]
CHR Extension: (Gmail) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-12]
 
==================== Services (Whitelisted) =================
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-24] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92160 2013-02-24] (ELAN Microelectronics Corp.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-08-30] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-01-24] (Atheros) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-23] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243272 2013-04-10] (Realtek Semiconductor Corp.)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-17 09:05 - 2014-06-17 09:05 - 00000000 ____D () C:\FRST
2014-06-17 08:55 - 2014-06-17 08:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-06-17 08:40 - 2014-06-17 08:40 - 00281088 _____ () C:\windows\system32\FNTCACHE.DAT
2014-06-17 06:16 - 2014-06-17 06:16 - 00148786 _____ () C:\Users\Sara\Desktop\OTL.Txt
2014-06-17 06:16 - 2014-06-17 06:16 - 00048798 _____ () C:\Users\Sara\Desktop\Extras.Txt
2014-06-17 06:03 - 2014-06-10 14:16 - 00602112 _____ (OldTimer Tools) C:\Users\Sara\Desktop\OTL.exe
2014-06-16 14:37 - 2014-01-26 20:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-06-16 14:36 - 2014-02-03 16:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-06-16 14:36 - 2014-02-03 16:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-06-16 14:36 - 2014-01-30 20:55 - 00209712 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-06-16 14:36 - 2014-01-30 17:48 - 00564736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-06-16 14:36 - 2014-01-30 17:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-06-16 14:36 - 2014-01-30 17:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-06-16 14:36 - 2014-01-30 17:48 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-16 14:36 - 2014-01-30 17:06 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-06-16 14:36 - 2014-01-30 17:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-06-16 14:36 - 2014-01-30 17:06 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-16 14:36 - 2014-01-15 16:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-06-16 14:36 - 2014-01-10 23:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-06-16 14:36 - 2014-01-10 22:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-06-16 14:36 - 2014-01-02 16:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-06-16 14:36 - 2014-01-02 16:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-06-16 14:36 - 2013-06-16 15:41 - 00997632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2014-06-16 14:36 - 2013-06-01 04:34 - 02391280 _____ (Microsoft Corporation) C:\windows\explorer.exe
2014-06-16 14:36 - 2013-06-01 04:26 - 00327936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2014-06-16 14:36 - 2013-06-01 03:24 - 02106176 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2014-06-16 14:36 - 2013-06-01 02:25 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2014-06-16 14:36 - 2013-06-01 02:24 - 01453568 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2014-06-16 14:36 - 2013-06-01 02:24 - 00850944 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2014-06-16 14:36 - 2013-06-01 02:24 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
2014-06-16 14:36 - 2013-06-01 02:23 - 01842176 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2014-06-16 14:36 - 2013-06-01 02:23 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\vds.exe
2014-06-16 14:36 - 2013-06-01 02:22 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\vdsutil.dll
2014-06-16 14:36 - 2013-06-01 02:22 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\MbaeParserTask.exe
2014-06-16 14:36 - 2013-06-01 02:21 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2014-06-16 14:36 - 2013-06-01 02:21 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2014-06-16 14:36 - 2013-06-01 02:20 - 02219520 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2014-06-16 14:36 - 2013-06-01 02:20 - 01527808 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2014-06-16 14:36 - 2013-06-01 02:20 - 01048576 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2014-06-16 14:36 - 2013-06-01 02:20 - 00583168 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2014-06-16 14:36 - 2013-06-01 02:19 - 00785408 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-06-16 14:36 - 2013-06-01 02:19 - 00207872 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupManager.dll
2014-06-16 14:36 - 2013-05-31 20:08 - 00037632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthAvrcpTg.sys
2014-06-16 14:36 - 2013-05-24 15:09 - 01403296 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-06-16 14:36 - 2013-05-24 15:09 - 01271584 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-06-16 14:36 - 2013-05-24 15:09 - 01217352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2014-06-16 14:36 - 2013-05-24 15:09 - 01093904 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2014-06-16 14:33 - 2013-08-09 22:21 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2014-06-16 14:33 - 2013-08-09 22:21 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncInfo.dll
2014-06-16 14:33 - 2013-08-09 20:58 - 00356352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2014-06-16 14:33 - 2013-08-01 23:28 - 00222208 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2014-06-16 14:33 - 2013-08-01 22:08 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2014-06-16 14:33 - 2013-07-24 16:10 - 00158208 _____ (Microsoft Corporation) C:\windows\SysWOW64\mbsmsapi.dll
2014-06-16 14:33 - 2013-07-24 16:06 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\mbsmsapi.dll
2014-06-16 14:33 - 2013-04-09 16:17 - 01125888 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2014-06-16 14:33 - 2013-04-09 15:29 - 00893952 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2014-06-16 14:32 - 2013-08-02 23:40 - 01374208 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll
2014-06-16 14:32 - 2013-08-02 23:40 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll
2014-06-16 14:32 - 2013-08-02 23:40 - 00462336 _____ (Microsoft Corporation) C:\windows\system32\sysmon.ocx
2014-06-16 14:32 - 2013-08-02 22:14 - 00399360 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx
2014-06-16 14:32 - 2013-08-02 22:13 - 01245696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll
2014-06-16 14:32 - 2013-08-02 22:13 - 00437248 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll
2014-06-16 14:04 - 2014-05-30 22:16 - 00703992 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-06-16 14:04 - 2014-05-30 22:16 - 00105464 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-16 13:57 - 2014-06-16 14:07 - 00000000 ___RD () C:\windows\BrowserChoice
2014-06-13 03:15 - 2014-06-13 03:17 - 00000000 ____D () C:\windows\system32\MRT
2014-06-13 03:15 - 2014-06-01 17:17 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-13 02:54 - 2014-06-17 08:49 - 00150856 _____ () C:\Users\Public\CAFADEBUG.log
2014-06-12 14:47 - 2014-04-29 15:32 - 01301504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-06-12 14:47 - 2014-04-29 15:22 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-06-12 14:47 - 2013-10-10 04:53 - 00096600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2014-06-12 14:47 - 2013-10-10 02:21 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2014-06-12 14:47 - 2013-10-10 02:20 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2014-06-12 14:47 - 2013-09-03 20:11 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-06-12 14:47 - 2013-08-15 22:41 - 00058200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys
2014-06-12 14:47 - 2013-08-15 22:39 - 02371728 _____ (Microsoft Corporation) C:\windows\system32\WSService.dll
2014-06-12 14:47 - 2013-08-15 22:22 - 04917760 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2014-06-12 14:47 - 2013-08-15 22:21 - 01164288 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2014-06-12 14:47 - 2013-08-15 22:21 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2014-06-12 14:47 - 2013-08-15 22:21 - 00204800 _____ (Microsoft Corporation) C:\windows\system32\WSClient.dll
2014-06-12 14:47 - 2013-08-15 22:21 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2014-06-12 14:47 - 2013-08-15 22:21 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\WSSync.dll
2014-06-12 14:47 - 2013-08-15 22:21 - 00120320 _____ (Microsoft Corporation) C:\windows\system32\sppc.dll
2014-06-12 14:47 - 2013-08-15 22:21 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\setupcln.dll
2014-06-12 14:47 - 2013-08-15 22:20 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2014-06-12 14:47 - 2013-08-15 15:43 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSClient.dll
2014-06-12 14:47 - 2013-08-15 15:43 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSSync.dll
2014-06-12 14:47 - 2013-08-15 15:43 - 00083968 _____ () C:\windows\SysWOW64\OEMLicense.dll
2014-06-12 14:47 - 2013-08-15 15:42 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppc.dll
2014-06-12 14:47 - 2013-08-15 15:42 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
2014-06-12 14:46 - 2014-05-02 22:47 - 03246592 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-12 14:46 - 2014-05-02 20:34 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-06-12 14:46 - 2014-04-03 04:19 - 00328024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2014-06-12 14:46 - 2014-04-02 20:44 - 00619008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-06-12 14:46 - 2014-03-31 15:08 - 00387268 _____ () C:\windows\system32\ApnDatabase.xml
2014-06-12 14:46 - 2014-03-28 01:23 - 19759104 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-06-12 14:46 - 2014-03-27 23:18 - 17562112 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-06-12 14:46 - 2014-03-24 16:42 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe
2014-06-12 14:46 - 2014-03-24 15:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe
2014-06-12 14:46 - 2013-10-18 22:45 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2014-06-12 14:46 - 2013-10-18 21:04 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll
2014-06-12 14:46 - 2013-10-08 18:33 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-06-12 14:46 - 2013-10-08 15:30 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-06-12 14:46 - 2013-10-08 15:30 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-06-12 14:46 - 2013-10-08 15:30 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-06-12 14:46 - 2013-10-08 15:30 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-06-12 14:46 - 2013-10-08 15:28 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-06-12 14:46 - 2013-10-08 15:27 - 03279872 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-06-12 14:46 - 2013-10-08 15:27 - 01622016 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-06-12 14:46 - 2013-10-08 15:27 - 00773120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-06-12 14:46 - 2013-10-08 15:27 - 00252928 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-06-12 14:46 - 2013-10-08 15:27 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2014-06-12 14:46 - 2013-10-08 15:27 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-06-12 14:46 - 2013-10-08 15:27 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-06-12 14:46 - 2013-10-04 23:10 - 00285016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2014-06-12 14:46 - 2013-10-01 19:50 - 00447320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-06-12 14:46 - 2013-09-27 22:48 - 00778752 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-06-12 14:46 - 2013-09-27 20:58 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-06-12 14:46 - 2013-09-19 00:32 - 01455448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-06-12 14:46 - 2013-08-29 22:19 - 00626688 _____ (Microsoft Corporation) C:\windows\system32\resutils.dll
2014-06-12 14:46 - 2013-08-29 22:18 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll
2014-06-12 14:46 - 2013-08-29 16:48 - 00488960 _____ (Microsoft Corporation) C:\windows\SysWOW64\resutils.dll
2014-06-12 14:46 - 2013-08-29 16:47 - 00302080 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll
2014-06-12 14:46 - 2013-07-05 17:15 - 00652288 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2014-06-12 14:46 - 2013-07-03 19:13 - 00541696 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2014-06-12 14:45 - 2014-03-28 12:19 - 00035856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2014-06-12 14:45 - 2014-03-23 15:11 - 00269592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2014-06-12 14:45 - 2013-12-08 17:45 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-06-12 14:45 - 2013-12-08 16:59 - 00600064 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-12 14:45 - 2013-09-13 15:36 - 00247296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2014-06-12 14:45 - 2013-09-13 15:33 - 00328192 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2014-06-12 14:45 - 2013-08-29 22:43 - 00061784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\crashdmp.sys
2014-06-12 14:45 - 2013-08-29 22:20 - 01173504 _____ (Microsoft Corporation) C:\windows\system32\UIAutomationCore.dll
2014-06-12 14:45 - 2013-08-29 16:48 - 00914432 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAutomationCore.dll
2014-06-12 14:45 - 2013-08-20 23:39 - 00465240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2014-06-12 14:45 - 2013-08-15 22:21 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-06-12 14:45 - 2013-08-15 22:21 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-06-12 14:45 - 2013-08-15 15:43 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-06-12 14:45 - 2013-08-09 23:30 - 00151896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2014-06-12 14:45 - 2013-07-24 16:10 - 10799104 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2014-06-12 14:45 - 2013-07-24 16:07 - 13661696 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2014-06-12 14:45 - 2013-07-05 15:02 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2014-06-12 14:45 - 2013-07-05 15:01 - 00210560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2014-06-12 14:45 - 2013-07-01 15:14 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbprint.sys
2014-06-12 14:45 - 2013-06-21 22:45 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2014-06-12 14:45 - 2013-06-21 22:45 - 00054488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2014-06-12 14:38 - 2014-05-23 19:48 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-12 14:38 - 2014-05-23 19:47 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-12 14:38 - 2014-05-23 19:47 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-12 14:38 - 2014-05-23 19:47 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-06-12 14:38 - 2014-05-23 19:47 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-06-12 14:38 - 2014-05-23 19:46 - 19290112 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-12 14:38 - 2014-05-23 19:46 - 15368704 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-12 14:38 - 2014-05-23 19:46 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-12 14:38 - 2014-05-23 19:46 - 02650112 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-12 14:38 - 2014-05-23 19:46 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-06-12 14:38 - 2014-05-23 19:46 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-12 14:38 - 2014-05-23 19:46 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-12 14:38 - 2014-05-23 19:46 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-06-12 14:38 - 2014-05-23 19:46 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-12 14:38 - 2014-05-23 19:46 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-12 14:38 - 2014-05-23 19:46 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-12 14:38 - 2014-05-23 19:46 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-12 14:38 - 2014-05-23 19:45 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-12 14:38 - 2014-05-23 19:45 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-12 14:38 - 2014-05-23 19:45 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-12 14:38 - 2014-05-23 18:26 - 14365696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-12 14:38 - 2014-05-23 18:26 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-12 14:38 - 2014-05-23 18:26 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-12 14:38 - 2014-05-23 18:26 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-12 14:38 - 2014-05-23 18:26 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-12 14:38 - 2014-05-23 18:26 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-12 14:38 - 2014-05-23 18:26 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-06-12 14:38 - 2014-05-23 18:25 - 13731328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-12 14:38 - 2014-05-23 18:25 - 02862080 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-12 14:38 - 2014-05-23 18:25 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-12 14:38 - 2014-05-23 18:25 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-12 14:38 - 2014-05-23 18:25 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-06-12 14:38 - 2014-05-23 18:25 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-12 14:38 - 2014-05-23 18:25 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-12 14:38 - 2014-05-23 18:25 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-06-12 14:38 - 2014-05-23 18:25 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-12 14:38 - 2014-05-23 18:25 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-12 14:38 - 2014-05-23 18:25 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-12 14:38 - 2014-05-23 18:09 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-12 14:38 - 2014-05-23 18:03 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-12 14:38 - 2014-05-23 15:37 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-06-12 14:33 - 2013-07-09 01:04 - 00120144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msgpioclx.sys
2014-06-12 14:33 - 2013-07-08 23:18 - 00439488 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2014-06-12 14:33 - 2013-07-08 21:25 - 00385768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2014-06-12 14:33 - 2013-07-08 20:57 - 00245760 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationApi.dll
2014-06-12 14:33 - 2013-07-08 15:46 - 00543744 _____ (Microsoft Corporation) C:\windows\system32\wwanmm.dll
2014-06-12 14:33 - 2013-07-08 15:46 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll
2014-06-12 14:33 - 2013-07-08 15:46 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Wwanadvui.dll
2014-06-12 14:33 - 2013-07-08 15:45 - 00312832 _____ (Microsoft Corporation) C:\windows\system32\LocationApi.dll
2014-06-12 14:33 - 2013-07-05 17:16 - 01025024 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-06-12 14:33 - 2013-07-02 17:23 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2014-06-12 14:33 - 2013-07-02 17:22 - 02839552 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
2014-06-12 14:33 - 2013-07-02 17:11 - 00268800 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-06-12 14:33 - 2013-07-02 17:10 - 02273792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
2014-06-12 14:33 - 2013-06-30 15:30 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\openfiles.exe
2014-06-12 14:33 - 2013-06-30 15:29 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\openfiles.exe
2014-06-12 14:33 - 2013-06-28 23:15 - 00195416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2014-06-12 14:33 - 2013-06-28 23:15 - 00125784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2014-06-12 14:33 - 2013-06-25 20:01 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2014-06-12 14:33 - 2013-06-25 19:59 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys
2014-06-12 14:33 - 2013-06-24 15:54 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-06-12 14:33 - 2013-06-24 15:54 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2014-06-12 14:33 - 2013-06-24 15:54 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2014-06-12 14:33 - 2013-06-18 22:36 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\winmmbase.dll
2014-06-12 14:33 - 2013-06-18 22:36 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\winmm.dll
2014-06-12 14:33 - 2013-06-18 15:38 - 00160256 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmmbase.dll
2014-06-12 14:33 - 2013-06-18 15:38 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmm.dll
2014-06-12 14:33 - 2013-06-11 16:43 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll
2014-06-12 14:33 - 2013-06-11 16:26 - 00230912 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll
2014-06-12 14:33 - 2013-06-10 12:16 - 00888832 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2014-06-12 14:33 - 2013-06-10 12:15 - 00381952 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2014-06-12 14:33 - 2013-06-10 12:10 - 00702464 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2014-06-12 14:33 - 2013-06-10 12:10 - 00245248 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2014-06-12 14:33 - 2013-06-06 01:03 - 00119040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2014-06-12 14:32 - 2013-10-01 16:37 - 01569280 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2014-06-12 14:32 - 2013-10-01 16:26 - 01890816 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-06-12 14:32 - 2013-05-23 16:02 - 01314816 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-06-12 14:32 - 2013-05-23 15:25 - 00694272 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-06-12 14:31 - 2014-02-07 21:34 - 04036608 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-06-12 14:30 - 2014-01-12 16:30 - 02238976 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-06-12 14:30 - 2014-01-12 16:30 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-06-12 14:30 - 2013-11-19 17:15 - 03842560 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-06-12 14:30 - 2013-11-19 16:57 - 03288576 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-06-12 14:30 - 2013-07-19 15:13 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-12 14:30 - 2013-07-19 15:13 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-12 14:30 - 2013-07-12 23:18 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2014-06-12 14:30 - 2013-07-12 23:16 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2014-06-12 14:30 - 2013-07-12 23:15 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\apprepapi.dll
2014-06-12 14:30 - 2013-07-12 23:15 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\apprepsync.dll
2014-06-12 14:30 - 2013-07-12 21:24 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2014-06-12 14:30 - 2013-07-12 21:23 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepapi.dll
2014-06-12 14:30 - 2013-07-12 21:23 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepsync.dll
2014-06-12 14:30 - 2013-07-01 18:41 - 00337752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2014-06-12 14:30 - 2013-07-01 18:41 - 00213336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2014-06-12 14:30 - 2013-06-30 18:42 - 00623448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-06-12 14:30 - 2013-06-30 18:42 - 00498008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-06-12 14:30 - 2013-06-30 18:42 - 00079192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-06-12 14:30 - 2013-06-30 18:42 - 00021848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-06-12 14:30 - 2013-06-28 20:07 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-06-12 14:30 - 2013-06-28 20:06 - 00120832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-06-12 14:30 - 2013-05-26 16:17 - 00035328 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2014-06-12 14:30 - 2013-05-26 15:59 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2014-06-12 14:30 - 2013-05-24 20:15 - 00362496 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2014-06-12 14:30 - 2013-05-24 19:32 - 00300032 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2014-06-12 14:30 - 2013-05-03 23:59 - 02842112 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2014-06-12 14:30 - 2013-05-03 21:57 - 02620928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2014-06-12 14:30 - 2013-04-11 15:30 - 01421312 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2014-06-12 14:30 - 2013-04-11 15:22 - 01838080 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2014-06-12 14:29 - 2014-04-12 02:27 - 00172888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-06-12 14:29 - 2014-04-12 02:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-06-12 14:29 - 2014-04-12 02:09 - 01043968 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2014-06-12 14:29 - 2014-04-12 02:09 - 00588288 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-06-12 14:29 - 2014-04-12 02:09 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-06-12 14:29 - 2014-04-12 02:09 - 00094720 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-06-12 14:29 - 2014-04-12 02:08 - 01281536 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-06-12 14:29 - 2014-04-12 02:08 - 00827904 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-06-12 14:29 - 2014-04-12 02:08 - 00439808 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2014-06-12 14:29 - 2014-04-12 02:08 - 00318464 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-06-12 14:29 - 2014-04-12 02:07 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-06-12 14:29 - 2014-04-12 00:23 - 00961536 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2014-06-12 14:29 - 2014-04-12 00:23 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-06-12 14:29 - 2014-04-12 00:23 - 00273920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-06-12 14:29 - 2014-04-12 00:23 - 00178688 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-06-12 14:29 - 2014-04-12 00:23 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-06-12 14:29 - 2014-04-12 00:22 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-06-12 14:29 - 2014-04-12 00:22 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-06-12 14:29 - 2014-04-11 23:58 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\workerdd.dll
2014-06-12 14:29 - 2014-04-03 04:22 - 02233176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-12 14:29 - 2014-03-28 01:23 - 01287168 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-06-12 14:29 - 2014-03-10 20:32 - 06987096 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-06-12 14:29 - 2014-03-10 20:25 - 00100184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-06-12 14:29 - 2014-03-10 17:41 - 00559104 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-06-12 14:29 - 2014-03-10 17:41 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-06-12 14:29 - 2014-03-10 17:41 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-06-12 14:29 - 2014-03-10 17:39 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-06-12 14:29 - 2014-03-10 17:38 - 00982016 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-06-12 14:29 - 2014-03-10 17:38 - 00684032 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-06-12 14:29 - 2014-03-10 17:38 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-06-12 14:29 - 2014-03-10 17:38 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2014-06-12 14:29 - 2014-03-10 17:38 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-06-12 14:29 - 2014-03-10 17:38 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-06-12 14:29 - 2014-03-10 17:38 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-06-12 14:29 - 2014-03-09 20:05 - 00668160 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-06-12 14:29 - 2014-03-09 18:27 - 00099840 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-06-12 14:29 - 2014-03-06 17:47 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-12 14:29 - 2014-03-06 17:08 - 01845760 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-12 14:29 - 2014-03-03 16:07 - 00570216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2014-06-12 14:29 - 2014-02-05 16:41 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-06-12 14:29 - 2014-02-05 16:37 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-06-12 14:29 - 2013-12-04 16:43 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-06-12 14:29 - 2013-12-04 16:37 - 00451072 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-06-12 14:29 - 2013-10-30 22:56 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll
2014-06-12 14:29 - 2013-10-30 22:56 - 00758784 _____ (Microsoft Corporation) C:\windows\system32\FirewallAPI.dll
2014-06-12 14:29 - 2013-10-30 21:01 - 00550400 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallAPI.dll
2014-06-12 14:29 - 2013-10-30 20:42 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2014-06-12 14:29 - 2013-10-13 13:49 - 00100696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2014-06-12 14:29 - 2013-10-10 02:32 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2014-06-12 14:29 - 2013-10-10 02:30 - 00162304 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrobj.dll
2014-06-12 14:29 - 2013-10-10 02:30 - 00156160 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2014-06-12 14:29 - 2013-10-10 02:24 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2014-06-12 14:29 - 2013-10-10 02:23 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2014-06-12 14:29 - 2013-10-10 02:22 - 00222720 _____ (Microsoft Corporation) C:\windows\system32\scrobj.dll
2014-06-12 14:29 - 2013-10-10 02:22 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2014-06-12 14:29 - 2013-09-27 20:35 - 00288768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2014-06-12 14:29 - 2013-08-26 22:21 - 00227840 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2014-06-12 14:29 - 2013-08-26 22:19 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2014-06-12 14:29 - 2013-08-26 15:29 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2014-06-12 14:29 - 2013-08-26 15:28 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2014-06-12 14:29 - 2013-08-23 00:22 - 02062848 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2014-06-12 14:29 - 2013-08-22 18:44 - 01711616 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2014-06-12 14:29 - 2013-08-06 22:15 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2014-06-12 14:29 - 2013-03-21 20:49 - 02382336 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2014-06-12 14:29 - 2013-03-21 15:47 - 02851840 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2014-06-12 14:28 - 2014-01-30 17:48 - 01339392 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-06-12 14:28 - 2014-01-30 17:06 - 01628160 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-06-12 14:28 - 2013-11-22 23:43 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2014-06-12 14:28 - 2013-11-22 22:05 - 00368640 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2014-06-12 14:28 - 2013-10-31 22:38 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2014-06-12 14:28 - 2013-10-31 20:49 - 00273408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2014-06-12 14:28 - 2013-10-01 16:37 - 02035712 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-06-12 14:28 - 2013-10-01 16:26 - 02304512 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-06-12 14:28 - 2013-08-01 23:28 - 10116608 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-06-12 14:28 - 2013-08-01 22:08 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-06-12 14:27 - 2014-03-01 02:47 - 01258496 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-06-12 14:27 - 2014-03-01 02:47 - 01120768 _____ (Microsoft Corporation) C:\windows\system32\gpedit.dll
2014-06-12 14:27 - 2014-03-01 01:07 - 01075200 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpedit.dll
2014-06-12 14:27 - 2014-02-28 23:59 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-06-12 14:27 - 2014-02-26 16:18 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-06-12 14:27 - 2014-02-26 16:18 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-06-12 14:27 - 2014-02-26 16:18 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-06-12 14:27 - 2014-02-14 21:15 - 00078336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys
2014-06-12 14:27 - 2013-11-25 16:17 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2014-06-12 14:27 - 2013-06-28 20:08 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2014-06-12 14:16 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\windows\system32\Drivers\HipShieldK.sys
2014-06-12 13:57 - 2014-06-12 13:57 - 00002262 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-12 13:57 - 2014-06-12 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-12 13:56 - 2014-06-17 09:01 - 00000910 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-12 13:56 - 2014-06-17 08:51 - 00000906 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-12 13:56 - 2014-06-12 13:57 - 00000000 ____D () C:\Users\Sara\AppData\Local\Google
2014-06-12 13:56 - 2014-06-12 13:57 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-12 13:56 - 2014-06-12 13:56 - 00003882 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-12 13:56 - 2014-06-12 13:56 - 00003646 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-12 13:55 - 2014-06-12 13:56 - 00000000 ____D () C:\Users\Sara\AppData\Local\Deployment
2014-06-12 13:55 - 2014-06-12 13:55 - 00000000 ____D () C:\Users\Sara\AppData\Local\Apps\2.0
2014-06-12 13:48 - 2014-06-17 09:01 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Nitro PDF
2014-06-12 13:48 - 2014-06-12 14:14 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-164591774-2981398673-19476963-1002
2014-06-12 13:48 - 2014-06-12 13:49 - 00000000 ____D () C:\Users\Sara\AppData\Local\LSC
2014-06-12 13:48 - 2014-06-12 13:48 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\LSC
2014-06-12 13:48 - 2014-06-12 13:48 - 00000000 ____D () C:\Users\Sara\AppData\Local\Adobe
2014-06-12 13:43 - 2014-06-12 13:43 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\ATI
2014-06-12 13:43 - 2014-06-12 13:43 - 00000000 ____D () C:\Users\Sara\AppData\Local\ATI
2014-06-12 13:43 - 2014-06-12 13:43 - 00000000 ____D () C:\Users\Sara\AppData\Local\AMD
2014-06-12 13:43 - 2014-06-12 13:43 - 00000000 ____D () C:\ProgramData\ATI
2014-06-12 13:41 - 2014-06-12 13:41 - 00000000 ____D () C:\Users\Sara\Documents\Bluetooth Folder
2014-06-12 13:41 - 2014-06-12 13:41 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Lenovo
2014-06-12 13:41 - 2014-06-12 13:41 - 00000000 ____D () C:\Users\Sara\AppData\Local\BMExplorer
2014-06-12 13:41 - 2014-06-12 13:41 - 00000000 ____D () C:\ProgramData\Atheros
2014-06-12 13:40 - 2014-06-16 14:07 - 00000000 ___RD () C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-12 13:40 - 2014-06-16 14:07 - 00000000 ___RD () C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-12 13:40 - 2014-06-12 13:48 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Adobe
2014-06-12 13:40 - 2014-06-12 13:40 - 00001437 _____ () C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-12 13:40 - 2014-06-12 13:40 - 00000139 _____ () C:\Users\Public\Desktop\eBay.url
2014-06-12 13:40 - 2014-06-12 13:40 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-06-12 13:40 - 2014-06-12 13:40 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Atheros
2014-06-12 13:40 - 2014-06-12 13:40 - 00000000 ____D () C:\ProgramData\eBay
2014-06-12 13:38 - 2014-06-16 14:07 - 00000000 ____D () C:\Users\Sara\AppData\Local\Packages
2014-06-12 13:38 - 2014-06-12 13:38 - 00000000 ____D () C:\Users\Sara\AppData\Local\VirtualStore
2014-06-12 13:36 - 2014-06-17 09:05 - 00000000 ____D () C:\Users\Sara\AppData\Local\Temp
2014-06-12 13:36 - 2014-06-12 13:40 - 00000000 ____D () C:\Users\Sara
2014-06-12 13:36 - 2014-06-12 13:36 - 00000020 ___SH () C:\Users\Sara\ntuser.ini
2014-06-12 13:36 - 2013-08-30 07:49 - 00000000 ___RD () C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-12 13:36 - 2013-08-30 07:45 - 00000000 ___RD () C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-12 13:36 - 2013-08-30 07:32 - 00001129 _____ () C:\Users\Sara\Desktop\Cyberlink Power2Go.lnk
2014-06-12 13:36 - 2013-08-30 07:32 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-06-12 13:36 - 2013-08-30 07:29 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Macromedia
2014-06-12 13:36 - 2013-02-03 23:18 - 00000189 _____ () C:\Users\Sara\Desktop\Lenovo Telephony Start Now.url
2014-06-12 13:36 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-12 13:36 - 2012-07-26 01:13 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-12 13:24 - 2014-06-12 13:24 - 00000000 _____ () C:\Recovery.txt
 
==================== One Month Modified Files and Folders =======
 
2014-06-17 09:05 - 2014-06-17 09:05 - 00000000 ____D () C:\FRST
2014-06-17 09:05 - 2014-06-12 13:36 - 00000000 ____D () C:\Users\Sara\AppData\Local\Temp
2014-06-17 09:05 - 2013-08-30 06:55 - 01812978 _____ () C:\windows\WindowsUpdate.log
2014-06-17 09:05 - 2012-07-26 00:28 - 00848230 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-17 09:02 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\sru
2014-06-17 09:01 - 2014-06-12 13:56 - 00000910 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-17 09:01 - 2014-06-12 13:48 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Nitro PDF
2014-06-17 08:58 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\NDF
2014-06-17 08:55 - 2014-06-17 08:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-06-17 08:55 - 2013-08-30 07:38 - 00001855 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk
2014-06-17 08:51 - 2014-06-12 13:56 - 00000906 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-17 08:50 - 2012-07-26 00:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-17 08:49 - 2014-06-13 02:54 - 00150856 _____ () C:\Users\Public\CAFADEBUG.log
2014-06-17 08:49 - 2013-08-30 07:38 - 00002560 _____ () C:\windows\system32\VfService.trf
2014-06-17 08:49 - 2012-07-25 22:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-06-17 08:41 - 2013-08-30 07:36 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-06-17 08:40 - 2014-06-17 08:40 - 00281088 _____ () C:\windows\system32\FNTCACHE.DAT
2014-06-17 08:39 - 2012-07-26 01:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-17 08:39 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\WinStore
2014-06-17 06:54 - 2013-08-30 07:36 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-17 06:50 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\rescache
2014-06-17 06:33 - 2012-07-26 00:59 - 00000000 ____D () C:\windows\CbsTemp
2014-06-17 06:29 - 2012-07-25 22:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-06-17 06:16 - 2014-06-17 06:16 - 00148786 _____ () C:\Users\Sara\Desktop\OTL.Txt
2014-06-17 06:16 - 2014-06-17 06:16 - 00048798 _____ () C:\Users\Sara\Desktop\Extras.Txt
2014-06-17 06:03 - 2012-07-26 00:21 - 00023195 _____ () C:\windows\setupact.log
2014-06-16 14:07 - 2014-06-16 13:57 - 00000000 ___RD () C:\windows\BrowserChoice
2014-06-16 14:07 - 2014-06-12 13:40 - 00000000 ___RD () C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-16 14:07 - 2014-06-12 13:40 - 00000000 ___RD () C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-16 14:07 - 2014-06-12 13:38 - 00000000 ____D () C:\Users\Sara\AppData\Local\Packages
2014-06-16 14:07 - 2013-03-25 14:03 - 00000000 ____D () C:\ProgramData\PRICache
2014-06-16 14:03 - 2013-08-30 07:36 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-06-16 14:02 - 2013-03-25 14:02 - 00007202 _____ () C:\windows\PFRO.log
2014-06-16 13:58 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-06-16 13:58 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-16 13:57 - 2012-07-26 01:12 - 00000000 ___RD () C:\windows\ToastData
2014-06-16 13:57 - 2012-07-26 01:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-16 13:57 - 2012-07-26 01:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-16 13:57 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-16 13:57 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-16 13:57 - 2012-07-26 00:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-06-16 13:56 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\system32\SecureBootUpdates
2014-06-16 13:56 - 2012-07-25 22:38 - 00000000 ____D () C:\windows\system32\oobe
2014-06-13 03:17 - 2014-06-13 03:15 - 00000000 ____D () C:\windows\system32\MRT
2014-06-12 14:49 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-06-12 14:15 - 2012-07-26 01:12 - 00000000 ___HD () C:\windows\ELAMBKUP
2014-06-12 14:14 - 2014-06-12 13:48 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-164591774-2981398673-19476963-1002
2014-06-12 13:57 - 2014-06-12 13:57 - 00002262 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-12 13:57 - 2014-06-12 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-12 13:57 - 2014-06-12 13:56 - 00000000 ____D () C:\Users\Sara\AppData\Local\Google
2014-06-12 13:57 - 2014-06-12 13:56 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-12 13:56 - 2014-06-12 13:56 - 00003882 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-12 13:56 - 2014-06-12 13:56 - 00003646 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-12 13:56 - 2014-06-12 13:55 - 00000000 ____D () C:\Users\Sara\AppData\Local\Deployment
2014-06-12 13:55 - 2014-06-12 13:55 - 00000000 ____D () C:\Users\Sara\AppData\Local\Apps\2.0
2014-06-12 13:49 - 2014-06-12 13:48 - 00000000 ____D () C:\Users\Sara\AppData\Local\LSC
2014-06-12 13:48 - 2014-06-12 13:48 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\LSC
2014-06-12 13:48 - 2014-06-12 13:48 - 00000000 ____D () C:\Users\Sara\AppData\Local\Adobe
2014-06-12 13:48 - 2014-06-12 13:40 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Adobe
2014-06-12 13:43 - 2014-06-12 13:43 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\ATI
2014-06-12 13:43 - 2014-06-12 13:43 - 00000000 ____D () C:\Users\Sara\AppData\Local\ATI
2014-06-12 13:43 - 2014-06-12 13:43 - 00000000 ____D () C:\Users\Sara\AppData\Local\AMD
2014-06-12 13:43 - 2014-06-12 13:43 - 00000000 ____D () C:\ProgramData\ATI
2014-06-12 13:41 - 2014-06-12 13:41 - 00000000 ____D () C:\Users\Sara\Documents\Bluetooth Folder
2014-06-12 13:41 - 2014-06-12 13:41 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Lenovo
2014-06-12 13:41 - 2014-06-12 13:41 - 00000000 ____D () C:\Users\Sara\AppData\Local\BMExplorer
2014-06-12 13:41 - 2014-06-12 13:41 - 00000000 ____D () C:\ProgramData\Atheros
2014-06-12 13:40 - 2014-06-12 13:40 - 00001437 _____ () C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-12 13:40 - 2014-06-12 13:40 - 00000139 _____ () C:\Users\Public\Desktop\eBay.url
2014-06-12 13:40 - 2014-06-12 13:40 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-06-12 13:40 - 2014-06-12 13:40 - 00000000 ____D () C:\Users\Sara\AppData\Roaming\Atheros
2014-06-12 13:40 - 2014-06-12 13:40 - 00000000 ____D () C:\ProgramData\eBay
2014-06-12 13:40 - 2014-06-12 13:36 - 00000000 ____D () C:\Users\Sara
2014-06-12 13:40 - 2013-08-30 08:50 - 00081460 _____ () C:\windows\modules.log
2014-06-12 13:38 - 2014-06-12 13:38 - 00000000 ____D () C:\Users\Sara\AppData\Local\VirtualStore
2014-06-12 13:38 - 2012-07-26 01:12 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2014-06-12 13:36 - 2014-06-12 13:36 - 00000020 ___SH () C:\Users\Sara\ntuser.ini
2014-06-12 13:24 - 2014-06-12 13:24 - 00000000 _____ () C:\Recovery.txt
2014-06-12 13:24 - 2012-07-26 01:13 - 00262144 _____ () C:\windows\system32\config\BCD-Template
2014-06-10 14:16 - 2014-06-17 06:03 - 00602112 _____ (OldTimer Tools) C:\Users\Sara\Desktop\OTL.exe
2014-06-01 17:17 - 2014-06-13 03:15 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-05-30 22:16 - 2014-06-16 14:04 - 00703992 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-05-30 22:16 - 2014-06-16 14:04 - 00105464 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-23 19:48 - 2014-06-12 14:38 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-05-23 19:47 - 2014-06-12 14:38 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-05-23 19:47 - 2014-06-12 14:38 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-05-23 19:47 - 2014-06-12 14:38 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-05-23 19:47 - 2014-06-12 14:38 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-05-23 19:46 - 2014-06-12 14:38 - 19290112 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-23 19:46 - 2014-06-12 14:38 - 15368704 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-05-23 19:46 - 2014-06-12 14:38 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-05-23 19:46 - 2014-06-12 14:38 - 02650112 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-05-23 19:46 - 2014-06-12 14:38 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-05-23 19:46 - 2014-06-12 14:38 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-05-23 19:46 - 2014-06-12 14:38 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-05-23 19:46 - 2014-06-12 14:38 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-05-23 19:46 - 2014-06-12 14:38 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-23 19:46 - 2014-06-12 14:38 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-05-23 19:46 - 2014-06-12 14:38 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-05-23 19:46 - 2014-06-12 14:38 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-05-23 19:45 - 2014-06-12 14:38 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-05-23 19:45 - 2014-06-12 14:38 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-05-23 19:45 - 2014-06-12 14:38 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-05-23 18:26 - 2014-06-12 14:38 - 14365696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-23 18:26 - 2014-06-12 14:38 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-05-23 18:26 - 2014-06-12 14:38 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-05-23 18:26 - 2014-06-12 14:38 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-05-23 18:26 - 2014-06-12 14:38 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-05-23 18:26 - 2014-06-12 14:38 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-23 18:26 - 2014-06-12 14:38 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-05-23 18:25 - 2014-06-12 14:38 - 13731328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-05-23 18:25 - 2014-06-12 14:38 - 02862080 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-05-23 18:25 - 2014-06-12 14:38 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-05-23 18:25 - 2014-06-12 14:38 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-05-23 18:25 - 2014-06-12 14:38 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-05-23 18:25 - 2014-06-12 14:38 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-05-23 18:25 - 2014-06-12 14:38 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-05-23 18:25 - 2014-06-12 14:38 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-05-23 18:25 - 2014-06-12 14:38 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-05-23 18:25 - 2014-06-12 14:38 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-05-23 18:25 - 2014-06-12 14:38 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-05-23 18:09 - 2014-06-12 14:38 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-23 18:03 - 2014-06-12 14:38 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-23 15:37 - 2014-06-12 14:38 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2013-03-25 14:02
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2014
Ran by Sara at 2014-06-17 09:06:27
Running from F:\
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
 
==================== Installed Programs ======================
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.4.0.2710 - Adobe Systems Incorporated) Hidden
AMD Accelerated Video Transcoding (Version: 12.10.100.30424 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{B6CEDB2C-C8F8-7213-7BDD-9409B34F77EA}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0424.1659.28626 - Advanced Micro Devices, Inc.) Hidden
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.0 - AppEx Networks)
AMD VISION Engine Control Center (x32 Version: 2013.0424.1659.28626 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0424.1659.28626 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0424.1659.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0424.1658.28626 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0424.1659.28626 - Advanced Micro Devices, Inc.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.49.0 - Conexant)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.11 - Lenovo)
Energy Management (x32 Version: 8.0.2.11 - Lenovo) Hidden
FreeRide Games (HKLM-x32\...\{6C26A305-4549-4A8A-9F03-25719C03B0FB}) (Version: 07.05.80.00 - Exent Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10227 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.14.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4331.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4331.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{B8908ABE-8AAE-41FD-A367-391CD492981B}) (Version: 2.0.018.00 - Lenovo Group Limited)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Nitro Pro 8 (HKLM\...\{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}) (Version: 8.0.10.7 - Nitro)
OEM Application Profile (HKLM-x32\...\{548083DD-D99B-2CE1-8D2B-D78BEB834F7A}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.15 - Qualcomm Atheros Communications Inc.)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.39042 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
 
==================== Restore Points  =========================
 
13-06-2014 10:10:23 Windows Update
16-06-2014 20:36:09 Windows Update
 
==================== Hosts content: ==========================
 
2012-07-25 22:26 - 2012-07-25 22:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3655F30A-59EC-4945-A40A-B90E34F0DBD2} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\lsc.exe [2013-02-12] ()
Task: {893B9625-0FE9-4708-A8BF-E4BAC509ECC0} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] ()
Task: {96D90CD6-97F0-43EF-B69E-EDBDF8E29EB9} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-02-12] ()
Task: {9B8770AC-B619-4E28-AC31-B731DCD1E268} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-12] (Google Inc.)
Task: {A5A474B5-1086-4424-8A81-57F647CAF733} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-30] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AF4494D3-9147-4EC5-85BF-6D138D23129D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-02-12] (Lenovo)
Task: {B348714A-E886-4521-ADDC-98557435054A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-12] (Google Inc.)
Task: {BCCD4664-5A9F-4186-819A-A6CBA70B69ED} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-06-01] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D22B3F67-E73A-40A7-80EC-ED752AB451EB} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-04-24 17:10 - 2013-04-24 17:10 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-08-30 07:38 - 2013-08-30 07:38 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2013-08-30 07:38 - 2013-08-30 07:38 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2013-01-25 00:09 - 2013-01-25 00:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-25 00:05 - 2013-01-25 00:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-25 00:12 - 2013-01-25 00:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-04-24 17:10 - 2013-04-24 17:10 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/17/2014 07:56:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: SARA-PC)
Description: App winstore_cw5n1h2txyewy!Windows.Store did not launch within its allotted time.
 
Error: (06/16/2014 01:36:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddWin32ServiceFiles: Unable to back up image of service McAfee Network Agent since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
.
 
Error: (06/13/2014 03:10:26 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddWin32ServiceFiles: Unable to back up image of service McAfee Network Agent since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
.
 
Error: (06/12/2014 02:15:30 PM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY)
Description: 1
 
 
System errors:
=============
Error: (06/17/2014 08:43:35 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.0.9.
The computer with the IP address 192.168.0.21 did not allow the name to be claimed by
this computer.
 
Error: (06/17/2014 08:41:38 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.0.9.
The computer with the IP address 192.168.0.21 did not allow the name to be claimed by
this computer.
 
Error: (06/17/2014 08:41:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%2147942405
 
Error: (06/17/2014 08:41:25 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%2147942405
 
Error: (06/17/2014 08:31:09 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.0.9.
The computer with the IP address 192.168.0.21 did not allow the name to be claimed by
this computer.
 
Error: (06/17/2014 06:54:50 AM) (Source: DCOM) (EventID: 10010) (User: SARA-PC)
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (06/16/2014 02:09:25 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (06/16/2014 02:05:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
 
Error: (06/16/2014 02:00:00 PM) (Source: DCOM) (EventID: 10029) (User: NT AUTHORITY)
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}TrustedInstaller
 
Error: (06/16/2014 01:43:29 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}
 
 
Microsoft Office Sessions:
=========================
Error: (06/17/2014 07:56:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: SARA-PC)
Description: winstore_cw5n1h2txyewy!Windows.Store
 
Error: (06/16/2014 01:36:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service McAfee Network Agent since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
 
Error: (06/13/2014 03:10:26 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service McAfee Network Agent since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
 
Error: (06/12/2014 02:15:30 PM) (Source: McLogEvent) (EventID: 5022) (User: NT AUTHORITY)
Description: 1
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 40%
Total physical RAM: 3268.25 MB
Available physical RAM: 1951.32 MB
Total Pagefile: 6468.25 MB
Available Pagefile: 4892.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
 
==================== Drives ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:892.08 GB) (Free:856.43 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.9 GB) NTFS
Drive f: () (Removable) (Total:0.96 GB) (Free:0.9 GB) FAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: E1454212)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (Size: 983 MB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

  • 0

#7
Machiavelli
Posted 17 June 2014 - 11:03 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts

Your problem isn't malware related. I would open a new topic in the appropriate forum.


  • 0

#8
peter plus
Posted 17 June 2014 - 11:06 AM

peter plus

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts

Thanks.

Which is the most appropriate forum?


  • 0

#9
Machiavelli
Posted 17 June 2014 - 11:54 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts
Click here to get to get to the appropriate subforum
  • 0

#10
Machiavelli
Posted 21 June 2014 - 08:16 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP