Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Do I have a malware problem? [Solved]


  • This topic is locked This topic is locked

#1
Deevly

Deevly

    Member

  • Member
  • PipPip
  • 15 posts

So, I wasn't paying attention last night and downloaded what I thought was Firefox from a non-Mozilla site, freegogo-download. I realized immediately what I'd done, and tried to remedy my mistake, probably rather ham-fistedly, and now I'm paranoid that there's something nasty lurking in the background. Here's what happened:

I tried to immediately uninstall the programs that downloaded: Driver Restore, PC Utility Pro, Optimizer Pro, Firefox Packages ... maybe something called Vosteran. That may not be a complete list of what I uninstalled because my notes were a bit panicky, and that last one may not have been something I uninstalled, but I saw it somewhere. (My notes aren't clear.) Everything appeared to uninstall okay, except "Firefox Packages," which would only give me a popup from an "uninstaller.exe" that didn't look legit. 

I downloaded malwarebytes and adwcleaner, both of which found and quarantined a few things. I tried to download and use Norton Security Scan, but it just hung there and wouldn't work. Then I tried to download a 30-day trial of Norton Security, which seemed to be okay, but when I tried to scan, nothing happened. That's when I noticed that the security that came with this new laptop, McAfee and Windows Defender, were disabled and I couldn't enable them. So I did a system Restore. 

I don't know how smart that was, but it appeared to get rid of everything I'd downloaded the last few days since I'd gotten the laptop. Appeared.

So I downloaded the 30-day trial of Norton Security again. And it worked this time. I ran a full scan and it found something called Bloodhound.MalPE. 

Everything "seems" okay today, (apart from the fact that when I downloaded the real Firefox app for Windows 8.1, it didn't work.) but I really don't think I handled any of that properly and I just want to find out what I missed. I feel like there's something lurking. I got even more paranoid when I looked at the Norton history this afternoon and saw some "unauthorized access blocked" messages that may be perfectly normal, I don't know. If someone could take a look, I'd really appreciate it. 

OTL created two text files, OTL.txt and Extras. txt. I'll post both.

OTL.txt:

OTL logfile created on: 12/8/2014 3:09:08 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Deidra\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17416)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.91 Gb Total Physical Memory | 3.71 Gb Available Physical Memory | 46.91% Memory free
9.79 Gb Paging File | 4.15 Gb Available in Paging File | 42.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195.93 Gb Total Space | 144.52 Gb Free Space | 73.76% Space Free | Partition Type: NTFS
Drive D: | 25.00 Gb Total Space | 21.60 Gb Free Space | 86.40% Space Free | Partition Type: NTFS
 
Computer Name: FLIPSY | User Name: Deidra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/12/08 15:08:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Deidra\Downloads\OTL.exe
PRC - [2014/12/04 16:33:58 | 000,072,192 | ---- | M] () -- C:\Program Files\WindowsApps\Amazon.com.Amazon_3.1.2.7_neutral__343d40qqvtj1t\AmazonForWindowsWebview.exe
PRC - [2014/11/25 01:39:27 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/09/13 08:49:28 | 000,282,568 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.0.0.110\NS.exe
PRC - [2014/08/20 21:11:28 | 000,154,896 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
PRC - [2014/08/20 21:11:28 | 000,153,872 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
PRC - [2014/08/20 21:11:26 | 000,294,672 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
PRC - [2014/08/20 21:11:26 | 000,108,304 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
PRC - [2014/08/20 21:11:13 | 000,161,792 | ---- | M] () -- C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
PRC - [2014/08/20 21:11:10 | 000,249,872 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
PRC - [2014/06/21 13:13:06 | 001,354,296 | ---- | M] (Superfish, Inc.) -- C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe
PRC - [2014/05/21 20:29:04 | 000,584,960 | ---- | M] (LENOVO INCORPORATED.) -- C:\Program Files\lenovo\iMController\SystemAgentService.exe
PRC - [2014/04/08 20:05:52 | 004,260,112 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\DragonAssistant3\DragonAssistantMaintenance.exe
PRC - [2014/03/26 14:37:04 | 001,165,688 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2014/03/26 14:36:30 | 001,206,648 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2014/03/18 04:55:25 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WWAHost.exe
PRC - [2014/02/24 18:39:42 | 001,479,944 | ---- | M] (PointGrab LTD) -- C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
PRC - [2014/02/24 18:39:40 | 000,512,776 | ---- | M] (PointGrab LTD) -- C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
PRC - [2013/12/12 20:57:54 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE
PRC - [2013/11/07 19:12:28 | 005,545,448 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
PRC - [2013/08/08 15:25:18 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/08/08 15:25:12 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2013/08/07 16:24:00 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/08/07 16:24:00 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/12/08 13:28:02 | 000,869,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Web\e80741874129b38ff4bc85abedf8e4a2\Windows.Web.ni.dll
MOD - [2014/12/08 13:27:58 | 000,337,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Data\fe565d34d4335337c06264bb0d85e3b0\Windows.Data.ni.dll
MOD - [2014/12/08 13:27:45 | 000,797,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Networking\e1a2f3f274995f1f847c00f962657943\Windows.Networking.ni.dll
MOD - [2014/12/08 13:27:43 | 000,960,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.UI\6c2169e34bfb3814fa44f267572335f6\Windows.UI.ni.dll
MOD - [2014/12/08 13:27:42 | 000,228,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\f7e726805e56676bd7b8662a3d842b0e\Windows.Foundation.ni.dll
MOD - [2014/12/08 13:27:42 | 000,133,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.System\7819e306c2c55c42f35a5fa10b93710f\Windows.System.ni.dll
MOD - [2014/12/08 13:27:39 | 000,808,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Storage\f0a2c10499402eff632a7a7df0b4afef\Windows.Storage.ni.dll
MOD - [2014/12/08 13:27:38 | 001,130,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\6e37f358bf8363dad51e2333292d61a9\Windows.ApplicationModel.ni.dll
MOD - [2014/12/08 13:27:37 | 003,530,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\90a4331ab5b5bb3ead23d75d4349a491\Windows.UI.Xaml.ni.dll
MOD - [2014/12/04 16:33:58 | 000,072,192 | ---- | M] () -- C:\Program Files\WindowsApps\Amazon.com.Amazon_3.1.2.7_neutral__343d40qqvtj1t\AmazonForWindowsWebview.exe
MOD - [2014/11/25 01:39:24 | 009,009,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
MOD - [2014/11/25 01:39:20 | 001,077,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
MOD - [2014/11/25 01:39:18 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
MOD - [2014/11/25 01:39:17 | 001,677,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
MOD - [2014/08/20 21:11:28 | 000,101,648 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll
MOD - [2014/08/20 21:11:26 | 000,294,672 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
MOD - [2014/08/20 21:11:26 | 000,108,304 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
MOD - [2014/08/20 21:11:26 | 000,102,672 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\3200\TransitionLib.dll
MOD - [2014/08/20 21:11:26 | 000,101,648 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll
MOD - [2014/02/24 18:39:42 | 002,690,312 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterFilter.ax
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/10/30 23:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/10/06 20:54:27 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/09/21 22:05:56 | 000,368,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/09/21 22:05:56 | 000,023,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/08/20 21:13:17 | 000,198,192 | ---- | M] (Lenovo(beijing) Limited) [Auto | Running] -- C:\Windows\SysNative\LenovoWiFiHotspotSvr.exe -- (LenovoWiFiHotspotSvr)
SRV:64bit: - [2014/08/20 21:11:10 | 000,328,720 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe -- (PhoneCompanionVap)
SRV:64bit: - [2014/08/20 21:11:10 | 000,249,872 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe -- (PhoneCompanionPusher)
SRV:64bit: - [2014/08/15 22:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/15 19:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/15 19:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/05/21 20:29:04 | 000,584,960 | ---- | M] (LENOVO INCORPORATED.) [Auto | Running] -- C:\Program Files\lenovo\iMController\SystemAgentService.exe -- (Lenovo System Agent Service)
SRV:64bit: - [2014/04/14 20:45:06 | 000,282,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:64bit: - [2014/04/02 21:51:48 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/03/18 04:55:03 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/18 04:55:03 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/03/18 04:54:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/03/18 04:54:56 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/03/18 04:54:56 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/03/18 04:54:53 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/03/14 01:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 00:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 02:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/01/17 20:37:48 | 003,816,176 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2014/01/17 20:37:30 | 000,284,912 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2014/01/17 20:37:08 | 000,632,048 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2014/01/17 20:36:42 | 000,154,864 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2013/12/12 20:57:44 | 000,230,920 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe -- (NitroDriverReadSpool9)
SRV:64bit: - [2013/11/07 19:12:36 | 000,198,120 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)
SRV:64bit: - [2013/09/13 03:40:30 | 000,288,472 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2013/08/22 06:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 06:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 06:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 06:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 06:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 05:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 05:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 04:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 04:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 04:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 04:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 04:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 04:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 04:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 04:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/08/07 16:24:00 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2013/08/02 11:37:12 | 000,148,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfPolicyCriticalService.exe -- (DptfPolicyCriticalService)
SRV:64bit: - [2013/08/02 11:37:12 | 000,124,880 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfPolicyLpmService.exe -- (DptfPolicyLpmService)
SRV:64bit: - [2013/08/02 11:37:12 | 000,116,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfPolicyConfigTDPService.exe -- (DptfPolicyConfigTDPService)
SRV:64bit: - [2013/08/02 11:37:12 | 000,115,632 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DptfParticipantProcessorService.exe -- (DptfParticipantProcessorService)
SRV:64bit: - [2013/05/11 19:45:54 | 000,822,232 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013/05/11 19:45:38 | 000,733,696 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012/04/24 05:43:50 | 000,390,632 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV - [2014/10/15 07:46:07 | 000,282,568 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.0.2.17\NS.exe -- (NS)
SRV - [2014/08/20 21:11:28 | 000,070,416 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe -- (LsvUIService)
SRV - [2014/08/20 21:11:26 | 000,034,576 | ---- | M] (Lenovo) [Auto | Running] -- C:\ProgramData\LenovoTransition\Server\x64\ymc.exe -- (ymc)
SRV - [2014/08/20 21:11:25 | 000,068,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe -- (VeriFaceSrv)
SRV - [2014/08/15 22:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/06/21 13:13:06 | 001,354,296 | ---- | M] (Superfish, Inc.) [Auto | Running] -- C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe -- (VisualDiscovery)
SRV - [2014/06/03 13:08:46 | 000,533,760 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe -- (Lenovo EasyPlus Hotspot)
SRV - [2014/04/14 20:45:10 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/04/08 20:05:52 | 004,260,112 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\DragonAssistant3\DragonAssistantMaintenance.exe -- (DAMSvc)
SRV - [2014/03/26 14:37:04 | 001,165,688 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2014/03/26 14:36:30 | 001,206,648 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2014/03/14 01:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/02/24 18:39:40 | 000,512,776 | ---- | M] (PointGrab LTD) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe -- (PG_Service_Launcher)
SRV - [2014/02/24 18:39:38 | 000,167,176 | ---- | M] (PointGrab LTD) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe -- (PGService)
SRV - [2014/01/06 17:14:12 | 000,019,440 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe -- (YogaPicks.AppService)
SRV - [2013/12/12 20:57:54 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2013/08/21 22:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 21:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/08 15:25:18 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/08/08 15:25:12 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/12/07 21:32:59 | 000,102,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2014/10/09 20:58:57 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/09/21 22:06:16 | 000,258,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/09/21 22:06:16 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/09/21 21:49:43 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/09/09 00:15:11 | 000,565,464 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NSx64\1600000.06E\symnets.sys -- (SymNetS)
DRV:64bit: - [2014/09/09 00:15:10 | 001,151,704 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NSx64\1600020.011\symefa64.sys -- (SymEFA)
DRV:64bit: - [2014/09/09 00:15:10 | 000,023,568 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\NSx64\1600020.011\symelam.sys -- (SymELAM)
DRV:64bit: - [2014/09/09 00:15:09 | 000,490,712 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NSx64\1600020.011\symds64.sys -- (SymDS)
DRV:64bit: - [2014/09/09 00:05:40 | 000,271,576 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSx64\1600020.011\ironx64.sys -- (SymIRON)
DRV:64bit: - [2014/09/09 00:05:23 | 000,165,080 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSx64\1600020.011\ccsetx64.sys -- (ccSet_NS)
DRV:64bit: - [2014/09/09 00:05:05 | 001,016,024 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NSx64\1600000.06E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2014/09/09 00:05:05 | 000,042,200 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSx64\1600020.011\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2014/08/20 21:13:37 | 000,035,600 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2014/08/14 19:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/24 10:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/06/01 05:11:02 | 003,443,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwbw02.sys -- (NETwNb64)
DRV:64bit: - [2014/05/12 13:29:44 | 000,039,800 | ---- | M] (Superfish, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\VDWFP64.sys -- (VDWFP)
DRV:64bit: - [2014/05/09 17:27:38 | 000,192,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibtusb.sys -- (ibtusb)
DRV:64bit: - [2014/05/01 08:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/04/22 13:47:46 | 001,424,184 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2014/04/01 01:23:41 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/03/26 14:37:38 | 000,140,600 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2014/03/19 22:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/18 04:54:57 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/03/18 04:54:54 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/18 04:54:43 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/03/18 04:54:43 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/03/18 04:54:42 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/03/18 04:54:42 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/03/18 04:54:42 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2014/03/18 04:54:42 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/03/18 04:54:42 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/03/18 04:54:42 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/03/18 04:54:42 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/03/18 04:54:42 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/03/18 04:38:02 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2014/03/13 07:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 15:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/06 20:26:42 | 000,450,520 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2014/03/06 20:18:22 | 003,729,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/03/01 15:32:31 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2014/03/01 15:32:31 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/12/30 22:27:36 | 001,527,712 | ---- | M] (Sunplus) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SPUVCBv_x64.sys -- (SPUVCbv)
DRV:64bit: - [2013/08/28 22:42:56 | 000,524,016 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/08/28 22:42:56 | 000,034,544 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013/08/22 08:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 08:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 07:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 07:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 07:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 07:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 07:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 07:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 07:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 07:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 07:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 07:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 07:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 07:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 07:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 07:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 07:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 07:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 07:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 07:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 07:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 07:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 07:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 07:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 07:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 07:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 07:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 07:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 07:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 06:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 06:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 06:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 06:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 06:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 06:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 06:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 06:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 06:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 06:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 06:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 06:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 06:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 06:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 06:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 06:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 06:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 06:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 06:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 06:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 06:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 06:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 03:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 18:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 19:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/08/08 19:06:40 | 000,021,920 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent)
DRV:64bit: - [2013/08/08 19:06:40 | 000,021,408 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)
DRV:64bit: - [2013/08/08 15:25:14 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013/08/07 19:01:32 | 000,046,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2013/08/07 19:01:24 | 000,029,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\INETMON.sys -- (INETMON)
DRV:64bit: - [2013/08/07 16:23:46 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/08/02 11:37:06 | 000,494,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfManager.sys -- (DptfManager)
DRV:64bit: - [2013/08/02 11:37:06 | 000,287,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevProc.sys -- (DptfDevProc)
DRV:64bit: - [2013/08/02 11:37:06 | 000,114,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DptfDevPch.sys -- (DptfDevPch)
DRV:64bit: - [2013/07/30 13:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 14:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/18 10:53:33 | 000,113,864 | ---- | M] (ASIX Electronics Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ax88772.sys -- (AX88772)
DRV:64bit: - [2013/06/18 09:45:43 | 004,649,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwew02.sys -- (NETwNe64)
DRV:64bit: - [2013/06/18 09:45:26 | 000,460,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1i63x64.sys -- (e1iexpress)
DRV:64bit: - [2012/06/13 19:10:32 | 000,102,376 | ---- | M] ("CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV - [2014/12/07 04:53:35 | 002,137,304 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Security\Norton Security\NortonData\22.0.0.110\Definitions\VirusDefs\20141207.020\ex64.sys -- (NAVEX15)
DRV - [2014/12/07 04:53:35 | 000,142,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/12/07 04:53:35 | 000,129,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Security\Norton Security\NortonData\22.0.0.110\Definitions\VirusDefs\20141207.020\eng64.sys -- (NAVENG)
DRV - [2014/12/05 18:33:54 | 000,637,656 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Security\Norton Security\NortonData\22.0.0.110\Definitions\IPSDefs\20141205.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/12/03 01:45:46 | 001,587,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Security\Norton Security\NortonData\22.0.0.110\Definitions\BASHDefs\20141203.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2014/08/27 01:08:34 | 000,487,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {D0232CC2-9906-451D-8D17-174CE262E070}
IE:64bit: - HKLM\..\SearchScopes\{D0232CC2-9906-451D-8D17-174CE262E070}: "URL" = http://www.bing.com/...=IE11TR&pc=LCJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {D0232CC2-9906-451D-8D17-174CE262E070}
IE - HKLM\..\SearchScopes\{D0232CC2-9906-451D-8D17-174CE262E070}: "URL" = http://www.bing.com/...=IE11TR&pc=LCJB
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://home.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {D0232CC2-9906-451D-8D17-174CE262E070}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.se...t=kwd&qsrc=2869
IE - HKCU\..\SearchScopes\{D0232CC2-9906-451D-8D17-174CE262E070}: "URL" = http://www.bing.com/...=IE11TR&pc=LCJB
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.0.0.110\coFFPlgn\ [2014/12/07 22:46:00 | 000,000,000 | ---D | M]
 
[2014/12/07 22:15:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Deidra\AppData\Roaming\mozilla\Extensions
 
========== Chrome  ==========
 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/08/22 08:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Norton Security\Engine64\22.0.0.110\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.0.0.110\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Norton Security\Engine64\22.0.0.110\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.0.0.110\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Norton Security\Engine64\22.0.0.110\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.0.0.110\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [AutoStartTransition] C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe ()
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [DptfPolicyLpmServiceHelper] C:\Windows\SysNative\DptfPolicyLpmServiceHelper.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Energy Manager] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Lenovo Utility] C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Yoga PhoneCompanion] C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe (Lenovo)
O4 - HKLM..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe (Flexera Software LLC.)
O4 - HKLM..\Run: [Yoga Picks] C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe (Lenovo)
O4 - HKCU..\Run: [Pokki] "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{69D4D24E-EABE-4D89-9D53-63772106FBD6}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC7BA11C-B9A8-481A-B85E-8792CBC3E87C}: DhcpNameServer = 150.201.1.3
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC64Loader.dll) - C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC64Loader.dll (ClientConnect LTD)
O20 - AppInit_DLLs: (C:\PROGRA~2\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32Loader.dll) - C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32Loader.dll (ClientConnect LTD)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/12/08 00:13:30 | 001,151,704 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NSx64\1600020.011\symefa64.sys
[2014/12/08 00:13:30 | 001,016,024 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NSx64\1600020.011\srtsp64.sys
[2014/12/08 00:13:30 | 000,565,464 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NSx64\1600020.011\symnets.sys
[2014/12/08 00:13:30 | 000,490,712 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NSx64\1600020.011\symds64.sys
[2014/12/08 00:13:30 | 000,271,576 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NSx64\1600020.011\ironx64.sys
[2014/12/08 00:13:30 | 000,165,080 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NSx64\1600020.011\ccsetx64.sys
[2014/12/08 00:13:30 | 000,042,200 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NSx64\1600020.011\srtspx64.sys
[2014/12/08 00:13:30 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NSx64\1600020.011\symelam.sys
[2014/12/08 00:13:28 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NSx64\1600020.011
[2014/12/07 22:45:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/12/07 22:13:26 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Roaming\Mozilla
[2014/12/07 22:13:26 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Local\Mozilla
[2014/12/07 22:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/12/07 21:45:54 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Local\NPE
[2014/12/07 21:32:59 | 000,102,616 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014/12/07 21:32:56 | 001,151,704 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NSx64\1600000.06E\SymEFA64.sys
[2014/12/07 21:32:56 | 001,016,024 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NSx64\1600000.06E\srtsp64.sys
[2014/12/07 21:32:56 | 000,565,464 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NSx64\1600000.06E\symnets.sys
[2014/12/07 21:32:56 | 000,490,712 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NSx64\1600000.06E\SymDS64.sys
[2014/12/07 21:32:56 | 000,271,576 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NSx64\1600000.06E\Ironx64.sys
[2014/12/07 21:32:56 | 000,165,080 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NSx64\1600000.06E\ccSetx64.sys
[2014/12/07 21:32:56 | 000,042,200 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NSx64\1600000.06E\srtspx64.sys
[2014/12/07 21:32:56 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NSx64\1600000.06E\SymELAM.sys
[2014/12/07 21:32:29 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NSx64
[2014/12/07 21:32:29 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NSx64\1600000.06E
[2014/12/07 21:32:28 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
[2014/12/07 20:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2014/12/07 19:34:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2014/12/07 19:33:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security
[2014/12/07 18:52:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/12/07 18:24:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan
[2014/12/07 18:24:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2014/12/07 18:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2014/12/07 18:23:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2014/12/07 17:59:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/12/07 17:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/12/07 17:38:16 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Local\Programs
[2014/12/07 17:02:00 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\AppData\Local\EmieBrowserModeList
[2014/12/04 22:24:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2014/12/04 15:32:31 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Roaming\Nitro PDF
[2014/12/04 15:28:48 | 000,000,000 | ---D | C] -- C:\Users\Deidra\Documents\Medical Arts
[2014/12/04 15:28:46 | 000,000,000 | ---D | C] -- C:\Users\Deidra\Documents\coop
[2014/12/03 22:27:09 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Local\Lenovo
[2014/12/03 13:10:05 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2014/12/03 13:08:11 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Local\CyberLink
[2014/12/03 12:49:18 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Local\CrashDumps
[2014/12/03 12:42:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/12/03 12:42:05 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Local\Google
[2014/12/03 12:41:51 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Local\Deployment
[2014/12/03 12:41:51 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Local\Apps
[2014/12/03 12:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\AppData\Local\EmieUserList
[2014/12/03 12:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\AppData\Local\EmieSiteList
[2014/12/03 12:29:23 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Roaming\Screensaver Factory
[2014/12/03 11:56:58 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Roaming\Hightail for Lenovo
[2014/12/03 11:54:53 | 000,000,000 | ---D | C] -- C:\Users\Deidra\OneDrive
[2014/12/03 11:49:56 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Roaming\Intel Corporation
[2014/12/03 11:48:47 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Roaming\Macromedia
[2014/12/03 11:48:25 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Local\LenovoBrowserGuard
[2014/12/03 11:48:23 | 000,000,000 | R--D | C] -- C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/12/03 11:48:23 | 000,000,000 | R--D | C] -- C:\Users\Deidra\Searches
[2014/12/03 11:48:23 | 000,000,000 | R--D | C] -- C:\Users\Deidra\Contacts
[2014/12/03 11:48:23 | 000,000,000 | R--D | C] -- C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/12/03 11:48:23 | 000,000,000 | -H-D | C] -- C:\Users\Deidra\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/12/03 11:48:23 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Local\VirtualStore
[2014/12/03 11:48:23 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Roaming\Adobe
[2014/12/03 11:48:22 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Local\Packages
[2014/12/03 11:48:21 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\IntelGraphicsProfiles
[2014/12/03 11:48:21 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Roaming\Intel
[2014/12/03 11:48:10 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\AppData\Local\Temporary Internet Files
[2014/12/03 11:48:10 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\Templates
[2014/12/03 11:48:10 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\Start Menu
[2014/12/03 11:48:10 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\SendTo
[2014/12/03 11:48:10 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\Recent
[2014/12/03 11:48:10 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\PrintHood
[2014/12/03 11:48:10 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\NetHood
[2014/12/03 11:48:10 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\Documents\My Videos
[2014/12/03 11:48:10 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\Documents\My Pictures
[2014/12/03 11:48:10 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\Documents\My Music
[2014/12/03 11:48:10 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\My Documents
[2014/12/03 11:48:10 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\Local Settings
[2014/12/03 11:48:10 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\AppData\Local\History
[2014/12/03 11:48:10 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\Cookies
[2014/12/03 11:48:10 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\Application Data
[2014/12/03 11:48:10 | 000,000,000 | -HSD | C] -- C:\Users\Deidra\AppData\Local\Application Data
[2014/12/03 11:48:07 | 000,000,000 | --SD | C] -- C:\Users\Deidra\AppData\Roaming\Microsoft
[2014/12/03 11:48:07 | 000,000,000 | R--D | C] -- C:\Users\Deidra\Videos
[2014/12/03 11:48:07 | 000,000,000 | R--D | C] -- C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/12/03 11:48:07 | 000,000,000 | R--D | C] -- C:\Users\Deidra\Saved Games
[2014/12/03 11:48:07 | 000,000,000 | R--D | C] -- C:\Users\Deidra\Music
[2014/12/03 11:48:07 | 000,000,000 | R--D | C] -- C:\Users\Deidra\Links
[2014/12/03 11:48:07 | 000,000,000 | R--D | C] -- C:\Users\Deidra\Favorites
[2014/12/03 11:48:07 | 000,000,000 | R--D | C] -- C:\Users\Deidra\Downloads
[2014/12/03 11:48:07 | 000,000,000 | R--D | C] -- C:\Users\Deidra\Documents
[2014/12/03 11:48:07 | 000,000,000 | R--D | C] -- C:\Users\Deidra\Desktop
[2014/12/03 11:48:07 | 000,000,000 | R--D | C] -- C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/12/03 11:48:07 | 000,000,000 | R--D | C] -- C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/12/03 11:48:07 | 000,000,000 | -H-D | C] -- C:\Users\Deidra\AppData
[2014/12/03 11:48:07 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Local\Temp
[2014/12/03 11:48:07 | 000,000,000 | ---D | C] -- C:\Users\Deidra\Roaming
[2014/12/03 11:48:07 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Local\Pokki
[2014/12/03 11:48:07 | 000,000,000 | ---D | C] -- C:\Users\Deidra\Pictures
[2014/12/03 11:48:07 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Local\Microsoft
[2014/12/03 11:48:07 | 000,000,000 | ---D | C] -- C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 
========== Files - Modified Within 30 Days ==========
 
[2014/12/08 14:49:00 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/12/08 14:45:14 | 150,994,944 | -HS- | M] () -- C:\swapfile.sys
[2014/12/08 14:37:36 | 002,952,975 | ---- | M] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\Cat.DB
[2014/12/08 13:00:54 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/12/07 22:49:00 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/12/07 22:48:53 | 000,865,408 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/12/07 22:48:53 | 000,738,346 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/12/07 22:48:53 | 000,138,624 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/12/07 22:45:21 | 000,002,310 | ---- | M] () -- C:\Users\Deidra\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/12/07 22:45:21 | 000,002,286 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/12/07 22:43:49 | 2503,389,183 | -HS- | M] () -- C:\hiberfil.sys
[2014/12/07 22:43:24 | 000,002,560 | ---- | M] () -- C:\windows\SysNative\VfService.trf
[2014/12/07 22:05:49 | 000,010,760 | ---- | M] () -- C:\windows\SysWow64\VisualDiscovery.ini
[2014/12/07 22:05:49 | 000,005,288 | ---- | M] () -- C:\windows\SysWow64\VisualDiscoveryOff.ini
[2014/12/07 22:05:49 | 000,005,288 | ---- | M] () -- C:\windows\SysNative\VisualDiscoveryOff.ini
[2014/12/07 21:32:59 | 000,102,616 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2014/12/07 21:32:59 | 000,008,214 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014/12/07 21:32:59 | 000,002,748 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security.lnk
[2014/12/07 21:32:59 | 000,000,855 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2014/12/07 14:40:59 | 000,007,605 | ---- | M] () -- C:\Users\Deidra\AppData\Local\Resmon.ResmonCfg
[2014/12/03 23:15:42 | 000,346,744 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/12/03 12:01:03 | 000,001,447 | ---- | M] () -- C:\Users\Deidra\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/12/03 11:56:04 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/12/03 11:48:21 | 000,000,180 | ---- | M] () -- C:\windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2014/11/17 06:35:18 | 000,054,581 | ---- | M] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\VT20141117.003
 
========== Files Created - No Company Name ==========
 
[2014/12/08 00:13:30 | 000,009,939 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\symelam64.cat
[2014/12/08 00:13:30 | 000,008,258 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\symds64.cat
[2014/12/08 00:13:30 | 000,008,194 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\ccsetx64.cat
[2014/12/08 00:13:30 | 000,008,188 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\srtspx64.cat
[2014/12/08 00:13:30 | 000,008,186 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\symefa64.cat
[2014/12/08 00:13:30 | 000,008,184 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\symnet64.cat
[2014/12/08 00:13:30 | 000,008,184 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\srtsp64.cat
[2014/12/08 00:13:30 | 000,008,176 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\iron.cat
[2014/12/08 00:13:30 | 000,003,434 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\symefa.inf
[2014/12/08 00:13:30 | 000,002,852 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\symds.inf
[2014/12/08 00:13:30 | 000,001,442 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\symnet.inf
[2014/12/08 00:13:30 | 000,001,439 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\srtsp64.inf
[2014/12/08 00:13:30 | 000,001,421 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\srtspx64.inf
[2014/12/08 00:13:30 | 000,001,098 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\symelam.inf
[2014/12/08 00:13:30 | 000,000,854 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\ccsetx64.inf
[2014/12/08 00:13:30 | 000,000,767 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\iron.inf
[2014/12/08 00:13:28 | 000,042,291 | ---- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\symvtcer.dat
[2014/12/08 00:13:28 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NSx64\1600020.011\isolate.ini
[2014/12/07 22:45:21 | 000,002,286 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/12/07 22:44:46 | 000,000,912 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/12/07 22:44:46 | 000,000,908 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/12/07 21:41:21 | 000,054,581 | ---- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\VT20141117.003
[2014/12/07 21:33:00 | 002,952,975 | ---- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\Cat.DB
[2014/12/07 21:32:59 | 000,008,214 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2014/12/07 21:32:59 | 000,002,748 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security.lnk
[2014/12/07 21:32:59 | 000,000,855 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2014/12/07 21:32:34 | 000,003,434 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\SymEFA.inf
[2014/12/07 21:32:34 | 000,002,852 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\SymDS.inf
[2014/12/07 21:32:34 | 000,001,442 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\SymNet.inf
[2014/12/07 21:32:34 | 000,001,439 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\srtsp64.inf
[2014/12/07 21:32:34 | 000,001,421 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\srtspx64.inf
[2014/12/07 21:32:34 | 000,001,098 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\symELAM.inf
[2014/12/07 21:32:34 | 000,000,854 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\ccSetx64.inf
[2014/12/07 21:32:34 | 000,000,767 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\Iron.inf
[2014/12/07 21:32:32 | 000,042,291 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\SymVTcer.dat
[2014/12/07 21:32:31 | 000,009,939 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\SymELAM64.cat
[2014/12/07 21:32:31 | 000,008,184 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\symnet64.cat
[2014/12/07 21:32:30 | 000,008,258 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\SymDS64.cat
[2014/12/07 21:32:30 | 000,008,194 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\ccSetx64.cat
[2014/12/07 21:32:30 | 000,008,188 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\srtspx64.cat
[2014/12/07 21:32:30 | 000,008,186 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\SymEFA64.cat
[2014/12/07 21:32:30 | 000,008,184 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\srtsp64.cat
[2014/12/07 21:32:30 | 000,008,176 | R--- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\iron.cat
[2014/12/07 21:32:29 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NSx64\1600000.06E\isolate.ini
[2014/12/07 14:28:57 | 000,007,605 | ---- | C] () -- C:\Users\Deidra\AppData\Local\Resmon.ResmonCfg
[2014/12/04 15:28:52 | 004,036,720 | ---- | C] () -- C:\Users\Deidra\Documents\FS_Exercise_Guide.pdf
[2014/12/04 15:28:52 | 000,009,256 | ---- | C] () -- C:\Users\Deidra\Documents\House colors.odt
[2014/12/04 15:28:51 | 000,116,463 | ---- | C] () -- C:\Users\Deidra\Documents\2012 Year End Tax Package_02_11_2013.pdf
[2014/12/04 15:28:44 | 001,863,830 | ---- | C] () -- C:\Users\Deidra\Documents\p3_registration.bmp
[2014/12/04 15:28:44 | 001,050,446 | ---- | C] () -- C:\Users\Deidra\Documents\p1_feedback_1.bmp
[2014/12/04 15:28:44 | 001,046,654 | ---- | C] () -- C:\Users\Deidra\Documents\p1_feedback_2.bmp
[2014/12/04 15:28:44 | 000,465,846 | ---- | C] () -- C:\Users\Deidra\Documents\p1_registration.bmp
[2014/12/03 12:56:15 | 000,389,176 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2014/12/03 12:52:10 | 000,002,302 | ---- | C] () -- C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
[2014/12/03 12:42:46 | 000,002,310 | ---- | C] () -- C:\Users\Deidra\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/12/03 12:36:44 | 000,050,745 | ---- | C] () -- C:\windows\SysNative\srms.dat
[2014/12/03 12:01:03 | 000,001,447 | ---- | C] () -- C:\Users\Deidra\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/12/03 11:56:04 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/12/03 11:48:23 | 000,001,453 | ---- | C] () -- C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/12/03 11:48:21 | 000,000,180 | ---- | C] () -- C:\windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2014/12/03 11:48:07 | 000,000,369 | ---- | C] () -- C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2014/12/03 11:48:07 | 000,000,369 | ---- | C] () -- C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2014/12/03 11:48:07 | 000,000,352 | ---- | C] () -- C:\Users\Deidra\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/12/03 11:48:07 | 000,000,334 | ---- | C] () -- C:\Users\Deidra\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/08/20 21:11:59 | 000,010,760 | ---- | C] () -- C:\windows\SysWow64\VisualDiscovery.ini
[2014/08/20 21:11:59 | 000,005,288 | ---- | C] () -- C:\windows\SysWow64\VisualDiscoveryOff.ini
[2014/08/20 21:07:05 | 000,001,137 | ---- | C] () -- C:\windows\PEIS_PreloadData.ini
[2014/08/20 20:50:27 | 000,863,592 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2014/08/20 20:48:56 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/08/20 05:29:20 | 000,068,608 | ---- | C] () -- C:\windows\SysWow64\igfxexps32.dll
[2014/08/20 05:29:15 | 000,342,944 | ---- | C] () -- C:\windows\SysWow64\igdmd32.dll
[2014/08/20 05:29:11 | 000,183,296 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2014/08/20 05:29:11 | 000,142,848 | ---- | C] () -- C:\windows\SysWow64\igdail32.dll
[2014/08/20 05:24:45 | 000,004,411 | ---- | C] () -- C:\windows\SysWow64\DptfInvalidPolicyRemover.ini
[2014/03/18 04:55:08 | 000,002,255 | ---- | C] () -- C:\windows\SysWow64\WimBootCompress.ini
[2014/03/18 04:54:44 | 000,103,936 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2013/09/22 21:14:16 | 000,300,408 | ---- | C] () -- C:\windows\SysWow64\VCamPPage.dll
[2013/09/22 21:14:16 | 000,097,192 | ---- | C] () -- C:\windows\un_dext.exe
[2013/09/22 21:14:16 | 000,087,928 | ---- | C] () -- C:\windows\SPRemove_x64.exe
[2013/09/22 21:14:16 | 000,014,478 | ---- | C] () -- C:\windows\TWAIN2080.ini
[2013/09/22 21:14:16 | 000,003,666 | ---- | C] () -- C:\windows\Dext_09.ini
[2013/09/22 21:14:16 | 000,003,044 | ---- | C] () -- C:\windows\Dext_04.ini
[2013/09/22 21:14:16 | 000,002,894 | ---- | C] () -- C:\windows\Dext_17.ini
[2013/09/22 21:14:16 | 000,002,836 | ---- | C] () -- C:\windows\Dext_2052.ini
[2013/09/22 21:14:16 | 000,002,443 | ---- | C] () -- C:\windows\remove.ini
[2013/08/22 10:36:43 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2013/08/22 10:36:42 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2013/08/22 09:46:23 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2013/08/22 02:01:23 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2013/08/21 22:32:36 | 000,046,080 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2013/08/21 18:55:20 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2013/08/21 18:52:39 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2013/05/11 19:17:52 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/30 19:15:33 | 021,197,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/30 17:59:13 | 018,723,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 04:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 21:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 04:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/12/03 12:42:45 | 000,000,000 | ---D | M] -- C:\Users\Deidra\AppData\Roaming\Hightail for Lenovo
[2014/12/08 13:47:23 | 000,000,000 | ---D | M] -- C:\Users\Deidra\AppData\Roaming\Nitro PDF
[2014/12/03 12:29:23 | 000,000,000 | ---D | M] -- C:\Users\Deidra\AppData\Roaming\Screensaver Factory
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\Deidra\OneDrive:ms-properties
 
< End of report >



And here's the Extras.txt file:


OTL Extras logfile created on: 12/8/2014 3:09:08 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Deidra\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17416)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.91 Gb Total Physical Memory | 3.71 Gb Available Physical Memory | 46.91% Memory free
9.79 Gb Paging File | 4.15 Gb Available in Paging File | 42.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195.93 Gb Total Space | 144.52 Gb Free Space | 73.76% Space Free | Partition Type: NTFS
Drive D: | 25.00 Gb Total Space | 21.60 Gb Free Space | 86.40% Space Free | Partition Type: NTFS
 
Computer Name: FLIPSY | User Name: Deidra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A9E923B1-4D02-4D4D-9913-5BA968596200}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{B803B192-D142-4876-9ED6-379EEB1E4492}" = lport=55100 | protocol=6 | dir=in | name=lenovo mobile phone wireless import | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{081C88C4-BC13-4599-909D-EFB694E152A5}" = dir=out | name=onenote | 
"{0A052D64-506B-4A51-BED9-F5C9ED32402B}" = dir=out | name=dailymotion | 
"{0B1B0AEB-40F7-41FD-90CD-63458B46E10A}" = dir=out | [email protected]{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{0CF6E358-D285-45F5-89B4-4F8F29D913B1}" = dir=out | name=tripadvisor hotels flights restaurants | 
"{0D7D7FDE-3061-47FE-9724-4B689BD6E8CD}" = dir=out | name=evernote touch | 
"{1126FAD0-B290-4688-B077-3A8D3F40C3DD}" = dir=in | name=mcafee® central for lenovo | 
"{12918473-087A-459B-B87F-35C787975F58}" = dir=in | name=yoga phone companion | 
"{12A6AEAD-A4BC-4FC5-BD55-E4E2071CDDCD}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{1455624C-4857-40C6-8470-78450986793E}" = dir=out | name=zinio | 
"{1C9C765F-F5D1-4E38-A6F3-DC7259FA9E6C}" = dir=in | app=c:\program files (x86)\lenovo\lenovo photo master\photoplus.exe | 
"{1CD73AB0-5AF2-4C80-9643-29D6882CC63C}" = dir=out | [email protected]{microsoft.bingweather_3.0.4.249_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} | 
"{1D76DF4E-C8DA-4E38-AB2D-9C430A7D504A}" = dir=out | name=yoga phone companion | 
"{1E06092E-73A0-490E-98C0-B82799C7BB30}" = dir=out | [email protected]{microsoft.zunevideo_2.6.408.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{2138A830-9484-4A38-80F3-C3CDF12A62CC}" = dir=out | name=kindle | 
"{2F9DF80B-0942-40DB-BDA2-C5FE26B55143}" = dir=in | name=zinio | 
"{321BF14C-029D-4768-9011-9A281D033A7A}" = dir=out | name=windows_ie_ac_001 | 
"{3B5213C4-56BA-41E8-BC25-2776E76ACFD5}" = dir=out | name=intel® experience center | 
"{40255A49-8C11-4BEB-9296-C6D007D0F670}" = dir=out | name=windows_ie_ac_001 | 
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | 
"{4D073124-FF84-472E-8BFD-10E1235E9B44}" = dir=out | [email protected]{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{52F4C254-D44D-4631-92FE-AD1C8FDBFD6E}" = dir=out | [email protected]{filmonlivetvfree.filmonlivetvfree_1.3.6.115_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.filmonlivetvfree/whitelabel/app-name} | 
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | 
"{5B0E98C2-9797-49C7-B9FA-62C9E4390A55}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\shareit\shareit.exe | 
"{5C3DA8C8-4199-46CA-8C37-D3E5E9013135}" = dir=out | name=free online games for lenovo | 
"{5EABC0AA-5DA7-4A94-B69B-594CE3677302}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | 
"{6C9BFE23-29EE-45F8-94CF-20AA84971095}" = dir=in | [email protected]{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{6E06F9CF-BB8F-41A2-9C4B-A70AF5C73968}" = dir=in | [email protected]{filmonlivetvfree.filmonlivetvfree_1.3.6.115_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.filmonlivetvfree/whitelabel/app-name} | 
"{7BD658E2-CA4E-4E76-A38E-A729AD9AFBDE}" = dir=out | name=skype | 
"{7D8E0C59-BD68-476D-A674-C38A2D032622}" = dir=out | [email protected]{microsoft.zunemusic_2.6.476.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{83D7DF47-FA03-47E1-928D-5699BBBA1FE4}" = dir=out | [email protected]{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{8E25FA38-1258-4789-8EDC-5DC8DCFCF0EC}" = dir=out | name=mcafee® central for lenovo | 
"{8FA12A77-FFF0-4B35-B123-2D09811E8C20}" = dir=out | name=hightail for lenovo | 
"{923B406E-43B5-47D3-A2AD-3E10D611A0C2}" = dir=out | [email protected]{microsoft.binghealthandfitness_3.0.4.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{9F5A49F2-BA0F-4E06-A6C5-53A007874E9C}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\shareit\shareit.exe | 
"{A4E76E4F-3AD9-4C69-941B-307F6CA57D30}" = dir=out | name=yoga picks | 
"{A74654A1-CFAD-42B1-B674-0E85F5FCD994}" = dir=out | [email protected]{microsoft.bingfinance_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | 
"{A9167C3D-40EA-40F9-8DD5-AEF47EDE7E36}" = dir=out | name=facebook | 
"{A91ABB88-B8E0-4CAF-943D-EA086815401F}" = dir=out | name=amazon | 
"{AA745C65-FE51-4492-A3A1-C889EB949369}" = dir=out | [email protected]{microsoft.bingfoodanddrink_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{B1E7590E-DBE6-4CF1-A3B8-DF89CBAF0FF4}" = dir=out | name=yoga camera man | 
"{B1EE6AFA-1D94-4636-9A4B-5F37FEB90C7F}" = dir=in | name=skype | 
"{B89EA8A9-846F-4522-8359-EB12E49C687E}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{B9190AC6-B60D-4A6F-A681-5564EA0DF59B}" = dir=out | name=yoga chef | 
"{BE820CB5-2BF2-4E18-BB7E-59406D2737F0}" = dir=out | [email protected]{microsoft.bingtravel_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | 
"{BEEC08A9-C1E2-4876-8DC0-C49B75F7A533}" = dir=in | app=c:\program files\cyberlink\powerdirector10\pdr10.exe | 
"{CD231983-1D37-4965-8FED-B887FBC206C2}" = dir=out | name=ebay | 
"{CD32567B-59F9-429B-99B3-6C905C8F2575}" = dir=out | name=the telegraph for lenovo | 
"{CE463EAA-6198-48E1-B706-C1433578C365}" = protocol=6 | dir=out | app=c:\program files\lenovo photomasterimport\photomasterimport.exe | 
"{D563A42F-A597-487C-8921-DC19B618172C}" = dir=out | name=the weather channel for lenovo | 
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | 
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | 
"{DE2E294A-1140-4A78-A6FA-745CFD29FE14}" = dir=in | name=evernote touch | 
"{E253E30A-2B04-4E08-A93D-22AEAF93EF45}" = dir=out | name=onecalendar | 
"{E32A56FB-3B0F-4CA6-9707-241E382F01DC}" = dir=out | name=lenovo support | 
"{E58586A3-2E4C-4C1F-AF38-26D445E5DE25}" = dir=in | app=c:\program files (x86)\lenovo\lenovo photo master\subsys\advphotoeditor\photodirector5.exe | 
"{E6C2B246-AB32-4884-8F4F-D82F2C69D289}" = dir=out | name=companion | 
"{E8B229E6-84C1-47C5-8E32-E4ED1AE5DEA6}" = dir=in | name=onenote | 
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | 
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | 
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | 
"{F78CA17D-6980-49A2-A362-BFBD5E6560A0}" = dir=in | name=the telegraph for lenovo | 
"{FF2DEC5A-980D-4F0C-9AA2-4310E6BFDD14}" = dir=out | [email protected]{microsoft.bingnews_3.0.4.213_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0788641D-D31A-478D-BB34-C41564AE9F93}" = Dependency Package Update
"{09888C31-E15A-4E69-AF26-4BFCEE55821B}" = Intel® Experience Center Driver
"{0bdfb86d-484e-40d5-9def-5ebde377e270}" = Intel® PRO/Wireless Driver
"{0FAB5672-2C64-4192-B173-107DCF22F4FD}" = Update for Microsoft en-us Dictionary
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}" = Hightail for Lenovo
"{302600C1-6BDF-4FD1-1405-148929CC1385}" = Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1419.2)
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel® Rapid Storage Technology
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{5252431C-288E-409D-ADCF-24407E0E6F70}" = Dependency Package Update
"{62DE858A-A2A5-452F-B067-C5F104358AD6}" = Intel® PROSet/Wireless WiFi Software
"{70B831B7-A8EE-4C5F-8F34-F383D24B3A04}" = Nitro Pro 9
"{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}" = Dolby Digital Plus Home Theater
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89AFB053-A343-46EF-97E4-D593AD7184E6}" = Intel® Trusted Connect Service Client
"{92DA2455-E6C9-4EFF-9AFD-07C2C3B185DA}" = Intel® Smart Connect Technology
"{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}" = Intel® Rapid Storage Technology
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}" = Dependency Package Update
"35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E" = Windows Driver Package - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776)
"6BCA401E9CBEED970D75F55FA5320F60D11984E9" = Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288)
"Lenovo Dependency Package_is1" = Lenovo Dependency Package
"Lenovo SmartVoice" = Lenovo Smart Voice
"Lenovo Transition" = Lenovo Transition
"Lenovo VeriFace" = Lenovo VeriFace
"LenovoExperienceImprovement" = Lenovo Experience Improvement
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03C682A4-05CD-4D22-B50A-B9C3C5F2B137}" = Lenovo Yoga 2 Demo
"{0B4726D2-6B18-47AE-91E3-64A304EE2A8A}" = Intel® Update Manager
"{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}" = Lenovo Yoga PhoneCompanion
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}" = Yoga Picks
"{2f4d8103-e601-4d48-b81d-d508d760aaba}" = Intel® PROSet/Wireless Software
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3608ec0a-56b4-4d9d-b038-9b3e51d72582}" = Intel® Experience Center Desktop Software
"{4693847A-7139-4CF4-B274-916C046C9E50}" = Dragon Assistant 3
"{532A5345-1A42-4C55-B56E-CE753D0BAA02}" = Dragon Assistant 3 Language Data Pack en_US
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC768037-7079-4658-AC24-2897650E0ABE}" = Energy Manager
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BC94C56A-3649-420C-8756-2ADEBE399D33}" =  Lenovo Photo Master
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}" = Metric Collection SDK 35
"{C73A16B7-AC35-4262-9BAF-DA9B2039A563}" = Intel Experience Center - Configuration
"{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}" = Lenovo Mobile Phone Wireless Import
"{E9325F15-6339-45E8-9DC4-C2D44B623039}" = Lenovo Motion Control
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = User Manuals
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C" = Intel® Dynamic Platform and Thermal Framework
"Google Chrome" = Google Chrome
"InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}" = Lenovo Yoga PhoneCompanion
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}" = Energy Manager
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}" =  Lenovo Photo Master
"InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}" = Lenovo Mobile Phone Wireless Import
"InstallShield_{E9325F15-6339-45E8-9DC4-C2D44B623039}" = Lenovo Motion Control
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = User Manuals
"Lenovo FusionEngine" = Lenovo FusionEngine 
"Lenovo SHAREit_is1" = Lenovo SHAREit
"LenovoBrowserGuard" = Lenovo Browser Guard
"NS" = Norton Security
"Sunplus SPUVCb" = Lenovo EasyCamera
"Superfish Inc. VisualDiscovery" = Superfish Inc. VisualDiscovery
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Pokki" = Host App Service
"Pokki_Start_Menu" = Start Menu
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12/5/2014 9:32:43 PM | Computer Name = Flipsy | Source = Application Error | ID = 1000
Description = Faulting application name: HostAppServiceUpdater.exe, version: 1.0.0.0,
 time stamp: 0x543d2d78  Faulting module name: HostAppServiceUpdater.exe, version:
 1.0.0.0, time stamp: 0x543d2d78  Exception code: 0xc000041d  Fault offset: 0x000000000005a753
Faulting
 process id: 0x1a94  Faulting application start time: 0x01d00f791e54e84d  Faulting application
 path: C:\Users\Deidra\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe  Faulting
 module path: C:\Users\Deidra\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
Report
 Id: c57e4beb-7ce7-11e4-825c-e82aead02aea  Faulting package full name:   Faulting package-relative
 application ID: 
 
Error - 12/5/2014 10:01:09 PM | Computer Name = Flipsy | Source = .NET Runtime | ID = 1026
Description = 
 
Error - 12/5/2014 10:01:09 PM | Computer Name = Flipsy | Source = Application Error | ID = 1000
Description = Faulting application name: Facebook.exe, version: 0.0.0.1, time stamp:
 0x53e2b340  Faulting module name: Windows.UI.Xaml.dll, version: 6.3.9600.17129, time
 stamp: 0x5376eb9b  Exception code: 0xc0000005  Fault offset: 0x00000000009353b3  Faulting
 process id: 0x1774  Faulting application start time: 0x01d00f7a90b962f5  Faulting application
 path: C:\Program Files\WindowsApps\Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt\Facebook.exe
Faulting
 module path: C:\Windows\System32\Windows.UI.Xaml.dll  Report Id: be83c425-7ceb-11e4-825c-e82aead02aea
Faulting
 package full name: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt  Faulting package-relative
 application ID: App
 
Error - 12/5/2014 10:01:11 PM | Computer Name = Flipsy | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = App Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt+App did not launch
 within its allotted time.
 
Error - 12/7/2014 7:39:04 PM | Computer Name = Flipsy | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = App Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt+App did not launch
 within its allotted time.
 
Error - 12/7/2014 7:39:23 PM | Computer Name = Flipsy | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Facebook.Facebook_8xx8rvfyw5nnt!App failed with 
error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional
 information.
 
Error - 12/7/2014 7:56:01 PM | Computer Name = Flipsy | Source = ISCTAgent | ID = 1000
Description = ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net
 Detect Supported Error Getting Adapter List Error=0x80040302\n
 
Error - 12/7/2014 7:59:16 PM | Computer Name = Flipsy | Source = Application Hang | ID = 1002
Description = The program InstStub.exe version 4.1.0.28 stopped interacting with
 Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Action Center control panel.    Process ID: 1eb4    Start
 Time: 01d01279921428f8    Termination Time: 4294967295    Application Path: C:\Program 
Files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\4.1.0.28\InstStub.exe
 
Report
 Id: 0c0a3ec2-7e6d-11e4-8260-da633b9451f8    Faulting package full name:     Faulting package-relative
 application ID:   
 
Error - 12/7/2014 8:46:13 PM | Computer Name = Flipsy | Source = AVLogEvent | ID = 5003
Description = 
 
Error - 12/7/2014 9:12:52 PM | Computer Name = Flipsy | Source = Application Hang | ID = 1002
Description = The program InstStub.exe version 4.1.0.28 stopped interacting with
 Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Action Center control panel.    Process ID: 3914    Start
 Time: 01d01281e8766d75    Termination Time: 4294967295    Application Path: C:\Program 
Files (x86)\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\4.1.0.28\InstStub.exe
 
Report
 Id: 544fa352-7e77-11e4-8260-da633b9451f8    Faulting package full name:     Faulting package-relative
 application ID:   
 
[ System Events ]
Error - 12/7/2014 7:55:40 PM | Computer Name = Flipsy | Source = Service Control Manager | ID = 7031
Description = The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated
 unexpectedly.  It has done this 1 time(s).  The following corrective action will
 be taken in 0 milliseconds: Restart the service.
 
Error - 12/7/2014 7:55:40 PM | Computer Name = Flipsy | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly.  It has done this
 1 time(s).  The following corrective action will be taken in 30000 milliseconds:
 Restart the service.
 
Error - 12/7/2014 7:55:40 PM | Computer Name = Flipsy | Source = Service Control Manager | ID = 7034
Description = The Bluetooth Device Monitor service terminated unexpectedly.  It 
has done this 1 time(s).
 
Error - 12/7/2014 7:55:40 PM | Computer Name = Flipsy | Source = Service Control Manager | ID = 7034
Description = The Bluetooth OBEX Service service terminated unexpectedly.  It has
 done this 1 time(s).
 
Error - 12/7/2014 7:55:40 PM | Computer Name = Flipsy | Source = Service Control Manager | ID = 7034
Description = The Intel® Rapid Storage Technology service terminated unexpectedly.
  It has done this 1 time(s).
 
Error - 12/7/2014 7:55:40 PM | Computer Name = Flipsy | Source = Service Control Manager | ID = 7034
Description = The Intel® Dynamic Application Loader Host Interface Service service
 terminated unexpectedly.  It has done this 1 time(s).
 
Error - 12/7/2014 7:55:40 PM | Computer Name = Flipsy | Source = Service Control Manager | ID = 7034
Description = The Intel® Management and Security Application Local Management 
Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error - 12/7/2014 7:56:00 PM | Computer Name = Flipsy | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003
Description = WLAN Extensibility Module has stopped unexpectedly.    Module Path: C:\windows\System32\IWMSSvc.dll
 
 
Error - 12/7/2014 7:56:02 PM | Computer Name = Flipsy | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003
Description = WLAN Extensibility Module has stopped unexpectedly.    Module Path: C:\windows\System32\IWMSSvc.dll
 
 
Error - 12/7/2014 7:56:02 PM | Computer Name = Flipsy | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003
Description = WLAN Extensibility Module has stopped unexpectedly.    Module Path: C:\windows\System32\IWMSSvc.dll
 
 
 
< End of report >
 

Edited by Deevly, 08 December 2014 - 02:49 PM.

  • 0

Advertisements


#2
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Greetings,

Welcome to Geeks to Go--the friendliest online community dedicated to the sole goal of helping people from all around the world! :) I am Pyxis and I will be assisting you. As such, I would like to stress the following reminders:
  • It is important that you do not install anything unless asked while the process is ongoing. Doing so may hinder or even complicate the cleaning of your system. You will get the chance to install things as you would like after the process has been completed.
  • Ensure you take extra caution to precisely follow my instructions. Please only use the tools I have asked you to. The instructions for your computer are unique and should therefore only apply to your system.
  • Since the cleaning process is quite delicate, your timely response is crucial. Topics are marked inactive and thus closed within 3 full days of no activity. If you deem I have overlooked your thread--which is in a matter of more than 48 hours--please send me a PM and I will get back to you shortly.
I hope you keep in mind these reminders. Let's get to work! :thumbsup:
  • Step 1

    Download 'AdwCleaner by Xplode' and save it to your desktop.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • Read the Terms of Use and click I Agree.
    • Click Scan and choose Clean after.
    • Wait for it to finish. It won't take long.
    • Click OK for the next prompts. Your system will automatically reboot.
    • A log will automatically pop-up after rebooting. Alternatively, you can find it at C:\AdwCleaner\AdwCleaner[S*].txt.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Step 2

    Download 'Junkware Removal Tool by thisisu' and save it to your desktop.
    • Ensure all programs and windows are closed before proceeding.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • A black window will appear. Press any key to continue.
    • Wait for it to finish. It won't take long.
    • A log will automatically pop-up once done. Alternatively, you can find JRT.txt at your desktop.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Step 3

    If you haven't already, download 'Farbar Recovery Scan Tool by Farbar' and save it to your desktop.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • The program will initialize. Press Yes to accept the disclaimer.
    • Put a check on Addition.
    • Press the Scan button after.
    • It will produce FRST.txt and Addition.txt on your desktop once done.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the logs in your next reply.
  • Logs to Post

    In summary of the above, I will need you to post the following log(s):
    • Addition.txt (Farbar Recovery Scan Tool)
    • FRST.txt (Farbar Recovery Scan Tool)
    • AdwCleaner[S*].txt (AdwCleaner)
    • JRT.txt (Junkware Removal Tool)

  • 0

#3
Deevly

Deevly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2014
Ran by Deidra at 2014-12-09 13:34:41
Running from C:\Users\Deidra\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
 Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.32.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dragon Assistant 3 (HKLM-x32\...\{4693847A-7139-4CF4-B274-916C046C9E50}) (Version: 3.1.30 - Nuance Communications, Inc.)
Dragon Assistant 3 Language Data Pack en_US (HKLM-x32\...\{532A5345-1A42-4C55-B56E-CE753D0BAA02}) (Version: 3.1.30 - Nuance Communications, Inc.)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.1.51 - Lenovo)
Energy Manager (x32 Version: 1.0.1.51 - Lenovo) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
HP Officejet 5740 series Basic Device Software (HKLM\...\{7FAA9D15-FF0B-4593-8D4A-0B941FD1977A}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel® Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1419.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{92DA2455-E6C9-4EFF-9AFD-07C2C3B185DA}) (Version: 4.2.41.2633 - Intel Corporation)
Intel® Update Manager (x32 Version: 1.6.2.69 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f4d8103-e601-4d48-b81d-d508d760aaba}) (Version: 17.0.3 - Intel Corporation)
Lenovo Browser Guard (HKLM-x32\...\LenovoBrowserGuard) (Version: 2.16.50.5 - ClientConnect LTD)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.5.43 - SunplusIT)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.17.0 - Lenovo)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{E9325F15-6339-45E8-9DC4-C2D44B623039}) (Version: 2.5.1.0224 - PointGrab)
Lenovo Motion Control (x32 Version: 2.5.1.0224 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.4 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.0.13.12271 - Lenovo)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo Yoga 2 Demo (HKLM-x32\...\{03C682A4-05CD-4D22-B50A-B9C3C5F2B137}) (Version: 1.0.7 - Lenovo)
Lenovo Yoga PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.1.9.3 - Lenovo)
Lenovo Yoga PhoneCompanion (x32 Version: 1.1.9.3 - Lenovo) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Nitro Pro 9 (HKLM\...\{70B831B7-A8EE-4C5F-8F34-F383D24B3A04}) (Version: 9.0.5.9 - Nitro)
Norton Security (HKLM-x32\...\NS) (Version: 22.0.2.17 - Symantec Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7058 - Realtek Semiconductor Corp.)
Start Menu (HKU\S-1-5-21-818984236-3831732592-3455439087-1001\...\Pokki_Start_Menu) (Version: 0.269.4.137 - Pokki)
Superfish Inc. VisualDiscovery (HKLM-x32\...\Superfish Inc. VisualDiscovery) (Version: 1.0.0.1 - Superfish)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.7 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Yoga Picks (HKLM-x32\...\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}) (Version: 1.5.014.0106 - Lenovo)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-818984236-3831732592-3455439087-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points  =========================
 
03-12-2014 17:33:02 McAfee Vulnerability Scanner
05-12-2014 17:50:01 McAfee Vulnerability Scanner
07-12-2014 20:12:49 Removed Microsoft Office
08-12-2014 01:51:25 Restore Operation
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {02CB54FA-9273-4CAC-9C86-2EC426B20FFC} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {25780E0B-6E43-4DDC-957F-034654611EF8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {260412EB-AC49-4220-B580-5E0B0541DACB} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {35ACD3E1-B471-4821-919C-E3F75F0FA80D} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.0.2.17\SymErr.exe [2014-09-08] (Symantec Corporation)
Task: {552B432F-3DE9-45F8-880A-639A1B5C54F7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-10-31] (Microsoft Corporation)
Task: {5C276670-BA19-45CF-B70A-EAC3E532BE40} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.0.2.17\WSCStub.exe [2014-10-15] (Symantec Corporation)
Task: {5FC5605C-A1EC-4A16-8DCA-C885A2E5DDA6} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-08-20] (Lenovo)
Task: {67CA2BF3-865F-4FC5-8F57-B6736DE8849A} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.0.2.17\SymErr.exe [2014-09-08] (Symantec Corporation)
Task: {8EA3C866-F401-4EF8-AF7C-3592AF8BE95E} - System32\Tasks\GoogleUpdateTaskMachineUA1d00f20798012ba => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {8FA551CA-5EAB-42D4-90A5-47143600E071} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2014-12-03] (Lenovo)
Task: {9E6226A5-AEA1-48F7-8CA8-21DFF01496CB} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {C60B6ABA-5013-4760-9F29-5584518E19AF} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)
Task: {DE7F333C-7AB1-4C04-AEA7-5AE04519AFAC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {EA0EC87D-DC20-4D47-A53A-EEB8A4ABFF88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-11-07 19:12 - 2013-11-07 19:12 - 00198120 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-11-07 19:12 - 2013-11-07 19:12 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-11-07 19:12 - 2013-11-07 19:12 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-20 21:11 - 2012-04-24 05:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-08-20 21:11 - 2014-08-20 21:11 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2014-08-20 21:11 - 2014-08-20 21:11 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2014-08-20 21:11 - 2014-08-20 21:11 - 00062224 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2014-08-20 21:09 - 2014-01-06 17:14 - 00019440 _____ () C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
2014-08-20 21:11 - 2014-08-20 21:11 - 00294672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
2014-08-20 21:11 - 2014-08-20 21:11 - 00108304 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
2014-08-20 05:29 - 2014-03-06 20:21 - 00080312 _____ () C:\windows\system32\igfxexps.dll
2014-02-24 18:39 - 2014-02-24 18:39 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2014-08-20 21:11 - 2014-08-20 21:11 - 00102672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\3200\TransitionLib.dll
2014-08-20 21:11 - 2014-08-20 21:11 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll
2014-08-20 21:11 - 2014-08-20 21:11 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll
2014-08-20 20:46 - 2013-08-08 15:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Deidra\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Deidra\Downloads\Facebook-20141203-121530.jpg:StreamedFileState
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VisualDiscovery => ""="service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "Yoga PhoneCompanion"
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "Yoga Picks"
HKU\S-1-5-21-818984236-3831732592-3455439087-1001\...\StartupApproved\Run: => "Pokki"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-818984236-3831732592-3455439087-500 - Administrator - Disabled)
Deidra (S-1-5-21-818984236-3831732592-3455439087-1001 - Administrator - Enabled) => C:\Users\Deidra
Guest (S-1-5-21-818984236-3831732592-3455439087-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
Error: (12/09/2014 01:34:32 PM) (Source: DCOM) (EventID: 10010) (User: FLIPSY)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (12/09/2014 01:34:02 PM) (Source: DCOM) (EventID: 10010) (User: FLIPSY)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 23%
Total physical RAM: 8104.27 MB
Available physical RAM: 6183.43 MB
Total Pagefile: 10024.27 MB
Available Pagefile: 7799.58 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
 
==================== Drives ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:195.93 GB) (Free:142.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.6 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 7EC13322)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2014
Ran by Deidra (administrator) on FLIPSY on 09-12-2014 13:34:17
Running from C:\Users\Deidra\Downloads
Loaded Profile: Deidra (Available profiles: Deidra)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\DragonAssistant3\DragonAssistantMaintenance.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Superfish, Inc.) C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
() C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.0.2.17\ns.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.0.2.17\ns.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16.0.3030.1024_x64__8wekyb3d8bbwe\onenoteim.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13656792 2013-10-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-09-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\windows\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-08-02] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-08-20] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-08-20] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [59923440 2014-08-20] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-08-20] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC.)
HKLM-x32\...\Run: [Yoga Picks] => C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe [119280 2014-01-06] (Lenovo)
HKU\S-1-5-21-818984236-3831732592-3455439087-1001\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-818984236-3831732592-3455439087-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-818984236-3831732592-3455439087-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://home.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Norton Security\Engine64\22.0.2.17\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.0.2.17\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Norton Security\Engine64\22.0.2.17\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.0.2.17\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\Deidra\AppData\Roaming\Mozilla\Firefox\Profiles\qipkhwio.default
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.0.0.110\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.0.0.110\coFFPlgn [2014-12-07]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR Profile: C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-03]
CHR Extension: (Google Docs) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-03]
CHR Extension: (Google Drive) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-03]
CHR Extension: (YouTube) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-03]
CHR Extension: (Google Search) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-03]
CHR Extension: (Google Sheets) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-03]
CHR Extension: (Google Wallet) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-03]
CHR Extension: (Gmail) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-03]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.0.2.17\Exts\Chrome.crx [2014-12-08]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.0.2.17\Exts\Chrome.crx [2014-12-08]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 DAMSvc; C:\Program Files (x86)\Nuance\DragonAssistant3\DragonAssistantMaintenance.exe [4260112 2014-04-08] (Nuance Communications, Inc.)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115632 2013-08-02] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116656 2013-08-02] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148688 2013-08-02] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124880 2013-08-02] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-04-14] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-11-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-20] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-08-20] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
R2 NS; C:\Program Files (x86)\Norton Security\Norton Security\Engine\22.0.2.17\NS.exe [282568 2014-10-15] (Symantec Corporation)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-24] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-24] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [249872 2014-08-20] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [328720 2014-08-20] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [288472 2013-09-13] (Realtek Semiconductor)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-08-20] ()
R2 VisualDiscovery; C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe [1354296 2014-06-21] (Superfish, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [34576 2014-08-20] (Lenovo)
R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-06] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\Norton Security\NortonData\22.0.0.110\Definitions\BASHDefs\20141203.001\BHDrvx64.sys [1587416 2014-12-03] (Symantec Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.)
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1600020.011\ccSetx64.sys [165080 2014-09-09] (Symantec Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [114680 2013-08-02] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [287160 2013-08-02] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494272 2013-08-02] (Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-07] (Symantec Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [192456 2014-05-09] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\Norton Security\NortonData\22.0.0.110\Definitions\IPSDefs\20141208.001\IDSvia64.sys [637656 2014-12-05] (Symantec Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\windows\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security\Norton Security\NortonData\22.0.0.110\Definitions\VirusDefs\20141208.035\ENG64.SYS [129752 2014-12-07] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security\Norton Security\NortonData\22.0.0.110\Definitions\VirusDefs\20141208.035\EX64.SYS [2137304 2014-12-07] (Symantec Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3443680 2014-06-01] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1527712 2013-12-30] (Sunplus)
R3 SRTSP; C:\Windows\System32\Drivers\NSx64\1600020.011\SRTSP64.SYS [1016024 2014-09-09] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1600020.011\SRTSPX64.SYS [42200 2014-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NSx64\1600020.011\SYMDS64.SYS [490712 2014-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NSx64\1600020.011\SYMEFA64.SYS [1151704 2014-09-09] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NSx64\1600020.011\SymELAM.sys [23568 2014-09-09] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [102616 2014-12-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1600020.011\Ironx64.SYS [271576 2014-09-09] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1600020.011\SYMNETS.SYS [565464 2014-09-09] (Symantec Corporation)
R2 VDWFP; C:\windows\system32\Drivers\VDWFP64.sys [39800 2014-05-12] (Superfish, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-09 13:34 - 2014-12-09 13:34 - 00022544 _____ () C:\Users\Deidra\Downloads\FRST.txt
2014-12-09 13:33 - 2014-12-09 13:34 - 00000000 ____D () C:\FRST
2014-12-09 13:33 - 2014-12-09 13:33 - 02119680 _____ (Farbar) C:\Users\Deidra\Downloads\frst64.exe
2014-12-09 13:26 - 2014-12-09 13:26 - 00000623 _____ () C:\Users\Deidra\Desktop\JRT.txt
2014-12-09 13:23 - 2014-12-09 13:23 - 00000000 ____D () C:\windows\ERUNT
2014-12-09 13:22 - 2014-12-09 13:22 - 01707646 _____ (Thisisu) C:\Users\Deidra\Downloads\JRT.exe
2014-12-09 13:22 - 2014-12-09 13:22 - 00000000 ____D () C:\windows\System32\Tasks\Norton Security
2014-12-09 13:18 - 2014-12-09 13:18 - 00008884 _____ () C:\Users\Deidra\Desktop\AdwCleaner[S0].txt
2014-12-09 13:10 - 2014-12-09 13:10 - 00001166 _____ () C:\Users\Deidra\Desktop\AdwCleaner.exe - Shortcut.lnk
2014-12-09 13:09 - 2014-12-09 13:09 - 02166272 _____ () C:\Users\Deidra\Downloads\AdwCleaner.exe
2014-12-08 21:31 - 2014-12-08 21:31 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-12-08 21:31 - 2014-12-08 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-12-08 21:31 - 2014-12-08 21:31 - 00000000 ____D () C:\ProgramData\HP
2014-12-08 21:31 - 2014-12-08 21:31 - 00000000 ____D () C:\Program Files\HP
2014-12-08 21:31 - 2014-12-08 21:31 - 00000000 ____D () C:\Program Files (x86)\HP
2014-12-08 21:31 - 2014-08-22 05:12 - 00751624 ____N (Hewlett-Packard Development Company, LP) C:\windows\system32\HPDiscoPMCD11.dll
2014-12-08 21:29 - 2014-12-08 21:34 - 00000000 ____D () C:\Users\Deidra\AppData\Local\HP
2014-12-08 21:18 - 2014-12-08 21:25 - 188058456 _____ () C:\Users\Deidra\Downloads\OJ5740_117.exe
2014-12-08 15:11 - 2014-12-08 15:11 - 00157350 _____ () C:\Users\Deidra\Downloads\OTL.Txt
2014-12-08 15:11 - 2014-12-08 15:11 - 00055168 _____ () C:\Users\Deidra\Downloads\Extras.Txt
2014-12-08 15:08 - 2014-12-08 15:08 - 00602112 _____ (OldTimer Tools) C:\Users\Deidra\Downloads\OTL.exe
2014-12-08 13:22 - 2014-04-13 22:29 - 01018880 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-12-07 22:45 - 2014-12-07 22:45 - 00002286 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-07 22:45 - 2014-12-07 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-07 22:44 - 2014-12-09 13:17 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 22:44 - 2014-12-09 01:49 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 22:13 - 2014-12-07 22:15 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Mozilla
2014-12-07 22:13 - 2014-12-07 22:15 - 00000000 ____D () C:\Users\Deidra\AppData\Local\Mozilla
2014-12-07 22:13 - 2014-12-07 22:13 - 00000000 ____D () C:\ProgramData\Mozilla
2014-12-07 21:45 - 2014-12-07 21:46 - 00000000 ____D () C:\Users\Deidra\AppData\Local\NPE
2014-12-07 21:33 - 2014-12-09 13:17 - 00003248 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2014-12-07 21:33 - 2014-10-30 06:25 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-12-07 21:32 - 2014-12-09 13:17 - 00002665 _____ () C:\Users\Public\Desktop\Norton Security.lnk
2014-12-07 21:32 - 2014-12-09 13:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2014-12-07 21:32 - 2014-12-09 13:17 - 00000000 ____D () C:\windows\system32\Drivers\NSx64
2014-12-07 21:32 - 2014-12-07 21:32 - 00102616 _____ (Symantec Corporation) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
2014-12-07 21:32 - 2014-12-07 21:32 - 00008214 _____ () C:\windows\system32\Drivers\SYMEVENT64x86.CAT
2014-12-07 21:05 - 2014-07-24 10:28 - 00419648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-12-07 21:05 - 2014-07-24 10:28 - 00412992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2014-12-07 21:05 - 2014-07-24 10:28 - 00280384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys
2014-12-07 21:05 - 2014-07-24 10:28 - 00143680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-12-07 21:05 - 2014-07-24 10:23 - 00125472 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2014-12-07 21:05 - 2014-07-24 10:20 - 00645592 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-12-07 21:05 - 2014-07-24 10:20 - 00263400 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe
2014-12-07 21:05 - 2014-07-24 10:16 - 02574208 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2014-12-07 21:05 - 2014-07-24 10:16 - 00211216 _____ (Microsoft Corporation) C:\windows\system32\SndVol.exe
2014-12-07 21:05 - 2014-07-24 10:07 - 02009920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-12-07 21:05 - 2014-07-24 10:05 - 01660048 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-12-07 21:05 - 2014-07-24 10:05 - 01519560 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-12-07 21:05 - 2014-07-24 10:05 - 01488008 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2014-12-07 21:05 - 2014-07-24 10:05 - 01356840 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2014-12-07 21:05 - 2014-07-24 10:03 - 02141920 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2014-12-07 21:05 - 2014-07-24 10:03 - 00882136 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2014-12-07 21:05 - 2014-07-24 10:03 - 00360480 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
2014-12-07 21:05 - 2014-07-24 10:03 - 00233888 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-12-07 21:05 - 2014-07-24 10:03 - 00205512 _____ (Microsoft Corporation) C:\windows\system32\mftranscode.dll
2014-12-07 21:05 - 2014-07-24 08:50 - 00098048 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2014-12-07 21:05 - 2014-07-24 08:48 - 02410976 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2014-12-07 21:05 - 2014-07-24 08:48 - 00180208 _____ (Microsoft Corporation) C:\windows\SysWOW64\SndVol.exe
2014-12-07 21:05 - 2014-07-24 08:46 - 00477200 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-12-07 21:05 - 2014-07-24 08:36 - 02145472 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2014-12-07 21:05 - 2014-07-24 08:36 - 00707536 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2014-12-07 21:05 - 2014-07-24 08:36 - 00355800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
2014-12-07 21:05 - 2014-07-24 08:36 - 00180720 _____ (Microsoft Corporation) C:\windows\SysWOW64\mftranscode.dll
2014-12-07 21:05 - 2014-07-24 06:51 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDRUM.DLL
2014-12-07 21:05 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-12-07 21:05 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTT102.DLL
2014-12-07 21:05 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-12-07 21:05 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-12-07 21:05 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-12-07 21:05 - 2014-07-24 06:51 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-12-07 21:05 - 2014-07-24 06:46 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys
2014-12-07 21:05 - 2014-07-24 06:45 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hdaudbus.sys
2014-12-07 21:05 - 2014-07-24 06:44 - 00674816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-12-07 21:05 - 2014-07-24 06:43 - 00412160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2014-12-07 21:05 - 2014-07-24 06:42 - 00446976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nwifi.sys
2014-12-07 21:05 - 2014-07-24 06:42 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\NdisImPlatform.sys
2014-12-07 21:05 - 2014-07-24 06:41 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthpan.sys
2014-12-07 21:05 - 2014-07-24 06:06 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\iasnap.dll
2014-12-07 21:05 - 2014-07-24 06:05 - 00287232 _____ (Microsoft Corporation) C:\windows\system32\usbmon.dll
2014-12-07 21:05 - 2014-07-24 06:05 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2014-12-07 21:05 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-12-07 21:05 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTT102.DLL
2014-12-07 21:05 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-12-07 21:05 - 2014-07-24 05:51 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRUM.DLL
2014-12-07 21:05 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-12-07 21:05 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-12-07 21:05 - 2014-07-24 05:51 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-12-07 21:05 - 2014-07-24 05:49 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\WorkFoldersGPExt.dll
2014-12-07 21:05 - 2014-07-24 05:32 - 00207360 _____ (Microsoft Corporation) C:\windows\system32\powercfg.cpl
2014-12-07 21:05 - 2014-07-24 05:20 - 02050560 _____ (Microsoft Corporation) C:\windows\system32\SRH.dll
2014-12-07 21:05 - 2014-07-24 05:18 - 01089024 _____ (Microsoft Corporation) C:\windows\system32\gpedit.dll
2014-12-07 21:05 - 2014-07-24 05:12 - 00878592 _____ (Microsoft Corporation) C:\windows\system32\ActionCenter.dll
2014-12-07 21:05 - 2014-07-24 05:10 - 01844224 _____ (Microsoft Corporation) C:\windows\system32\Display.dll
2014-12-07 21:05 - 2014-07-24 05:10 - 00834560 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-12-07 21:05 - 2014-07-24 05:10 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2014-12-07 21:05 - 2014-07-24 05:10 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\iasnap.dll
2014-12-07 21:05 - 2014-07-24 05:05 - 00187392 _____ (Microsoft Corporation) C:\windows\system32\WorkFoldersShell.dll
2014-12-07 21:05 - 2014-07-24 04:52 - 00621056 _____ (Microsoft Corporation) C:\windows\system32\comdlg32.dll
2014-12-07 21:05 - 2014-07-24 04:44 - 16874496 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2014-12-07 21:05 - 2014-07-24 04:42 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercfg.cpl
2014-12-07 21:05 - 2014-07-24 04:40 - 00557056 _____ (Microsoft Corporation) C:\windows\system32\PrintDialogs.dll
2014-12-07 21:05 - 2014-07-24 04:39 - 00770048 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2014-12-07 21:05 - 2014-07-24 04:33 - 01741824 _____ (Microsoft Corporation) C:\windows\SysWOW64\SRH.dll
2014-12-07 21:05 - 2014-07-24 04:32 - 01048064 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpedit.dll
2014-12-07 21:05 - 2014-07-24 04:27 - 00779264 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-12-07 21:05 - 2014-07-24 04:25 - 00832512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActionCenter.dll
2014-12-07 21:05 - 2014-07-24 04:24 - 01817088 _____ (Microsoft Corporation) C:\windows\SysWOW64\Display.dll
2014-12-07 21:05 - 2014-07-24 04:21 - 00134144 _____ (Microsoft Corporation) C:\windows\system32\browser.dll
2014-12-07 21:05 - 2014-07-24 04:18 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\wlansvcpal.dll
2014-12-07 21:05 - 2014-07-24 04:16 - 12730880 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2014-12-07 21:05 - 2014-07-24 04:14 - 00443904 _____ (Microsoft Corporation) C:\windows\system32\wlansec.dll
2014-12-07 21:05 - 2014-07-24 04:12 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\WiFiDisplay.dll
2014-12-07 21:05 - 2014-07-24 04:11 - 00356864 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2014-12-07 21:05 - 2014-07-24 04:11 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\wshbth.dll
2014-12-07 21:05 - 2014-07-24 04:10 - 00540672 _____ (Microsoft Corporation) C:\windows\SysWOW64\comdlg32.dll
2014-12-07 21:05 - 2014-07-24 04:04 - 00492032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintDialogs.dll
2014-12-07 21:05 - 2014-07-24 04:04 - 00183808 _____ (Microsoft Corp.) C:\windows\system32\Defrag.exe
2014-12-07 21:05 - 2014-07-24 04:03 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2014-12-07 21:05 - 2014-07-24 04:02 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-12-07 21:05 - 2014-07-24 03:58 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\BluetoothApis.dll
2014-12-07 21:05 - 2014-07-24 03:53 - 01261056 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2014-12-07 21:05 - 2014-07-24 03:53 - 00449536 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll
2014-12-07 21:05 - 2014-07-24 03:49 - 01287680 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll
2014-12-07 21:05 - 2014-07-24 03:49 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\wlanapi.dll
2014-12-07 21:05 - 2014-07-24 03:48 - 00659968 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Bluetooth.dll
2014-12-07 21:05 - 2014-07-24 03:47 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2014-12-07 21:05 - 2014-07-24 03:43 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshbth.dll
2014-12-07 21:05 - 2014-07-24 03:39 - 02397184 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2014-12-07 21:05 - 2014-07-24 03:38 - 00371200 _____ (Microsoft Corporation) C:\windows\system32\wlanmsm.dll
2014-12-07 21:05 - 2014-07-24 03:36 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\BluetoothApis.dll
2014-12-07 21:05 - 2014-07-24 03:32 - 01532416 _____ (Microsoft Corporation) C:\windows\system32\wlansvc.dll
2014-12-07 21:05 - 2014-07-24 03:30 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanapi.dll
2014-12-07 21:05 - 2014-07-24 03:29 - 00439296 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-12-07 21:05 - 2014-07-24 03:28 - 00595456 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.dll
2014-12-07 21:05 - 2014-07-24 03:23 - 01404416 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2014-12-07 21:05 - 2014-07-24 03:22 - 00487936 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2014-12-07 21:05 - 2014-07-24 03:21 - 01231872 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.dll
2014-12-07 21:05 - 2014-07-24 03:21 - 00302080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanmsm.dll
2014-12-07 21:05 - 2014-07-24 03:18 - 01144320 _____ (Microsoft Corporation) C:\windows\system32\wwanmm.dll
2014-12-07 21:05 - 2014-07-24 03:18 - 00795136 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2014-12-07 21:05 - 2014-07-24 03:16 - 00505344 _____ (Microsoft Corporation) C:\windows\system32\VAN.dll
2014-12-07 21:05 - 2014-07-24 03:16 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
2014-12-07 21:05 - 2014-07-24 03:15 - 00721408 _____ (Microsoft Corporation) C:\windows\system32\twinapi.dll
2014-12-07 21:05 - 2014-07-24 03:15 - 00432128 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.dll
2014-12-07 21:05 - 2014-07-24 03:13 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\SndVolSSO.dll
2014-12-07 21:05 - 2014-07-24 03:10 - 00889344 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.dll
2014-12-07 21:05 - 2014-07-24 03:10 - 00371712 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
2014-12-07 21:05 - 2014-07-24 03:08 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
2014-12-07 21:05 - 2014-07-24 03:05 - 00448000 _____ (Microsoft Corporation) C:\windows\SysWOW64\VAN.dll
2014-12-07 21:05 - 2014-07-24 03:01 - 01992192 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2014-12-07 21:05 - 2014-07-24 03:00 - 02100736 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlowUI.dll
2014-12-07 21:05 - 2014-07-24 02:58 - 00432640 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll
2014-12-07 21:05 - 2014-07-24 02:58 - 00288768 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
2014-12-07 21:05 - 2014-07-24 02:54 - 01290752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2014-12-07 21:05 - 2014-07-24 02:50 - 01182208 _____ (Microsoft Corporation) C:\windows\system32\printui.dll
2014-12-07 21:05 - 2014-07-24 02:47 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2014-12-07 21:05 - 2014-07-24 02:44 - 01057792 _____ (Microsoft Corporation) C:\windows\SysWOW64\printui.dll
2014-12-07 21:05 - 2014-07-24 02:41 - 00459264 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2014-12-07 21:05 - 2014-07-24 02:28 - 01600000 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2014-12-07 21:05 - 2014-07-23 23:11 - 00513544 _____ () C:\windows\SysWOW64\locale.nls
2014-12-07 21:05 - 2014-07-23 23:11 - 00513544 _____ () C:\windows\system32\locale.nls
2014-12-07 21:05 - 2014-07-12 00:55 - 00268288 _____ (Microsoft Corporation) C:\windows\system32\wisp.dll
2014-12-07 21:05 - 2014-07-11 23:58 - 00210944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wisp.dll
2014-12-07 21:05 - 2014-07-04 07:59 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys
2014-12-07 21:05 - 2014-07-04 05:29 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\AppxSip.dll
2014-12-07 21:05 - 2014-07-04 05:20 - 01656832 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2014-12-07 21:05 - 2014-07-04 05:06 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxSip.dll
2014-12-07 21:05 - 2014-07-04 05:00 - 01351168 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2014-12-07 21:05 - 2014-07-04 04:30 - 00544768 _____ (Microsoft Corporation) C:\windows\system32\AppxPackaging.dll
2014-12-07 21:05 - 2014-07-04 04:27 - 00474112 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxPackaging.dll
2014-12-07 21:05 - 2014-06-27 01:22 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-12-07 21:05 - 2014-06-25 19:32 - 01029632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mispace.dll
2014-12-07 21:05 - 2014-06-25 19:29 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\dab.dll
2014-12-07 21:05 - 2014-06-19 18:37 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-12-07 21:05 - 2014-06-18 21:13 - 00310080 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2014-12-07 21:05 - 2014-06-14 01:03 - 02389504 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-12-07 21:05 - 2014-06-14 00:46 - 02071552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-12-07 21:05 - 2014-06-07 07:46 - 00216368 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2014-12-07 21:05 - 2014-06-07 05:20 - 00189016 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2014-12-07 21:05 - 2014-06-05 09:00 - 01118040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2014-12-07 21:05 - 2014-06-05 05:18 - 01018368 _____ (Microsoft Corporation) C:\windows\system32\aclui.dll
2014-12-07 21:05 - 2014-06-05 04:42 - 00889856 _____ (Microsoft Corporation) C:\windows\SysWOW64\aclui.dll
2014-12-07 21:05 - 2014-05-31 00:00 - 01463808 _____ (Microsoft Corporation) C:\windows\system32\wsecedit.dll
2014-12-07 21:05 - 2014-05-30 23:18 - 01319936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsecedit.dll
2014-12-07 21:05 - 2014-05-29 01:23 - 00427008 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll
2014-12-07 21:05 - 2014-05-29 00:25 - 00313856 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll
2014-12-07 21:05 - 2014-05-26 02:26 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\AppxSysprep.dll
2014-12-07 21:05 - 2014-05-10 05:12 - 00387896 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2014-12-07 21:05 - 2014-05-10 03:46 - 00335680 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2014-12-07 21:05 - 2014-05-05 23:41 - 00486744 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll
2014-12-07 21:05 - 2014-05-05 19:55 - 00391000 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll
2014-12-07 21:05 - 2014-03-24 21:27 - 00160600 _____ (Microsoft Corporation) C:\windows\system32\winmmbase.dll
2014-12-07 21:05 - 2014-03-24 21:27 - 00123920 _____ (Microsoft Corporation) C:\windows\system32\winmm.dll
2014-12-07 21:05 - 2014-03-24 20:20 - 00128568 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmm.dll
2014-12-07 21:05 - 2014-03-24 20:20 - 00127544 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmmbase.dll
2014-12-07 20:56 - 2014-10-12 21:33 - 00116032 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-12-07 20:56 - 2014-10-10 19:58 - 03320320 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-12-07 20:56 - 2014-10-10 19:53 - 03607040 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-12-07 20:56 - 2014-10-08 02:30 - 00110080 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2014-12-07 20:56 - 2014-10-08 02:09 - 00428032 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-12-07 20:56 - 2014-10-08 01:27 - 00325120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-12-07 20:56 - 2014-10-08 00:32 - 02773504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-12-07 20:56 - 2014-10-08 00:19 - 02459136 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-12-07 19:34 - 2014-12-07 21:32 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-12-07 19:33 - 2014-12-07 21:32 - 00000000 ____D () C:\Program Files (x86)\Norton Security
2014-12-07 18:52 - 2014-12-09 13:16 - 00000000 ____D () C:\AdwCleaner
2014-12-07 18:52 - 2014-12-07 18:52 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-07 18:24 - 2014-12-07 21:32 - 00000000 ____D () C:\ProgramData\Norton
2014-12-07 18:24 - 2014-12-07 20:53 - 00000000 ____D () C:\Program Files (x86)\Norton Security Scan
2014-12-07 17:59 - 2014-12-07 20:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-07 17:59 - 2014-12-07 17:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-07 17:02 - 2014-12-07 17:02 - 00000000 __SHD () C:\Users\Deidra\AppData\Local\EmieBrowserModeList
2014-12-07 14:28 - 2014-12-07 14:40 - 00007605 _____ () C:\Users\Deidra\AppData\Local\Resmon.ResmonCfg
2014-12-04 22:24 - 2014-12-04 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-12-04 15:32 - 2014-12-08 21:38 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Nitro PDF
2014-12-04 15:28 - 2014-12-04 15:28 - 00000000 ____D () C:\Users\Deidra\Documents\Medical Arts
2014-12-04 15:28 - 2014-12-04 15:28 - 00000000 ____D () C:\Users\Deidra\Documents\coop
2014-12-04 15:28 - 2009-10-04 15:16 - 00009256 _____ () C:\Users\Deidra\Documents\House colors.odt
2014-12-04 15:28 - 2006-10-12 18:26 - 00001948 _____ () C:\Users\Deidra\Documents\Family Birthdays.txt
2014-12-04 15:28 - 2003-04-11 00:49 - 00045568 _____ () C:\Users\Deidra\Documents\LionsPrint.xls
2014-12-04 15:28 - 2003-04-08 23:53 - 00046592 _____ () C:\Users\Deidra\Documents\LionsMaster.xls
2014-12-04 15:28 - 2003-03-18 17:36 - 00016384 _____ () C:\Users\Deidra\Documents\2002HomeCosts.xls
2014-12-04 15:28 - 2001-06-06 16:34 - 01863830 _____ () C:\Users\Deidra\Documents\p3_registration.bmp
2014-12-04 15:28 - 2001-04-03 16:53 - 01046654 _____ () C:\Users\Deidra\Documents\p1_feedback_2.bmp
2014-12-04 15:28 - 2001-04-03 16:50 - 01050446 _____ () C:\Users\Deidra\Documents\p1_feedback_1.bmp
2014-12-04 15:28 - 2001-04-03 13:17 - 00465846 _____ () C:\Users\Deidra\Documents\p1_registration.bmp
2014-12-04 15:28 - 1999-10-22 14:09 - 00016896 _____ () C:\Users\Deidra\Documents\Birthdays.xls
2014-12-04 15:28 - 1999-06-16 11:16 - 00039424 _____ () C:\Users\Deidra\Documents\The Wedding List.xls
2014-12-04 15:28 - 1999-02-27 11:19 - 00021504 _____ () C:\Users\Deidra\Documents\Financial Plan.xls
2014-12-04 15:28 - 1999-02-12 11:55 - 00020992 _____ () C:\Users\Deidra\Documents\Finances.xls
2014-12-04 15:28 - 1998-01-17 14:27 - 00017408 _____ () C:\Users\Deidra\Documents\Computer.xls
2014-12-04 15:28 - 1997-06-02 23:30 - 00027136 _____ () C:\Users\Deidra\Documents\Wedding Costs.xls
2014-12-03 22:27 - 2014-12-03 22:27 - 00000000 ____D () C:\Users\Deidra\AppData\Local\Lenovo
2014-12-03 13:10 - 2014-12-03 13:11 - 00000000 ____D () C:\windows\system32\MRT
2014-12-03 13:10 - 2014-10-31 23:26 - 103374192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-12-03 13:08 - 2014-12-03 13:09 - 00000000 ____D () C:\Users\Deidra\AppData\Local\CyberLink
2014-12-03 13:00 - 2014-11-09 18:19 - 00991232 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-12-03 13:00 - 2014-11-09 18:19 - 00806400 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-12-03 13:00 - 2014-11-09 18:18 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-12-03 13:00 - 2014-11-09 18:18 - 00208896 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-12-03 13:00 - 2014-08-23 00:18 - 02149376 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-12-03 13:00 - 2014-08-23 00:03 - 01346048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-12-03 12:59 - 2014-10-09 20:58 - 00177472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-12-03 12:59 - 2014-10-09 20:58 - 00027456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2014-12-03 12:59 - 2014-10-09 20:44 - 00563976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2014-12-03 12:59 - 2014-10-08 02:37 - 00736768 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-12-03 12:59 - 2014-10-08 02:37 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-12-03 12:59 - 2014-10-08 02:34 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-12-03 12:59 - 2014-10-08 02:24 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\rfxvmt.dll
2014-12-03 12:59 - 2014-10-08 01:56 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2014-12-03 12:59 - 2014-10-08 01:51 - 00736768 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-12-03 12:59 - 2014-10-08 01:51 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-12-03 12:59 - 2014-10-08 01:18 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2014-12-03 12:59 - 2014-10-08 01:17 - 01441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-12-03 12:59 - 2014-10-08 00:23 - 03547648 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-12-03 12:58 - 2014-10-23 00:48 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-12-03 12:58 - 2014-10-23 00:05 - 00072192 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-12-03 12:58 - 2014-10-17 02:01 - 00789184 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-12-03 12:58 - 2014-10-17 01:58 - 00602768 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-12-03 12:58 - 2014-10-07 01:28 - 00500016 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-12-03 12:58 - 2014-10-07 01:27 - 00482872 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-12-03 12:58 - 2014-10-07 01:27 - 00394120 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-12-03 12:58 - 2014-10-07 01:27 - 00272248 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2014-12-03 12:58 - 2014-10-07 01:27 - 00108432 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-12-03 12:58 - 2014-10-06 22:34 - 00370424 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-12-03 12:58 - 2014-10-06 22:34 - 00344536 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-12-03 12:58 - 2014-10-06 22:33 - 00424544 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-12-03 12:58 - 2014-10-06 22:30 - 04182016 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-12-03 12:58 - 2014-10-06 20:54 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2014-12-03 12:58 - 2014-10-06 20:46 - 00911360 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-12-03 12:58 - 2014-09-27 02:13 - 00104336 _____ (Microsoft Corporation) C:\windows\system32\ncryptsslp.dll
2014-12-03 12:58 - 2014-09-27 00:24 - 00088800 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncryptsslp.dll
2014-12-03 12:58 - 2014-09-26 22:38 - 00426496 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-12-03 12:58 - 2014-09-26 22:30 - 00185856 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2014-12-03 12:58 - 2014-09-26 22:17 - 00357376 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-12-03 12:57 - 2014-10-31 00:28 - 25110016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-12-03 12:57 - 2014-10-31 00:12 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2014-12-03 12:57 - 2014-10-31 00:12 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-12-03 12:57 - 2014-10-31 00:10 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2014-12-03 12:57 - 2014-10-31 00:09 - 00064512 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2014-12-03 12:57 - 2014-10-31 00:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-12-03 12:57 - 2014-10-31 00:06 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-12-03 12:57 - 2014-10-31 00:06 - 00237568 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-12-03 12:57 - 2014-10-31 00:06 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-12-03 12:57 - 2014-10-31 00:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-12-03 12:57 - 2014-10-31 00:05 - 02884096 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-12-03 12:57 - 2014-10-31 00:05 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2014-12-03 12:57 - 2014-10-31 00:04 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-12-03 12:57 - 2014-10-30 23:57 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-12-03 12:57 - 2014-10-30 23:56 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-12-03 12:57 - 2014-10-30 23:54 - 00132096 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2014-12-03 12:57 - 2014-10-30 23:53 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-12-03 12:57 - 2014-10-30 23:52 - 00108544 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2014-12-03 12:57 - 2014-10-30 23:51 - 00812544 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-12-03 12:57 - 2014-10-30 23:51 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-12-03 12:57 - 2014-10-30 23:51 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-12-03 12:57 - 2014-10-30 23:50 - 06040064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-12-03 12:57 - 2014-10-30 23:50 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-12-03 12:57 - 2014-10-30 23:40 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2014-12-03 12:57 - 2014-10-30 23:38 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-12-03 12:57 - 2014-10-30 23:30 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-12-03 12:57 - 2014-10-30 23:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-12-03 12:57 - 2014-10-30 23:29 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2014-12-03 12:57 - 2014-10-30 23:28 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2014-12-03 12:57 - 2014-10-30 23:25 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-12-03 12:57 - 2014-10-30 23:24 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-12-03 12:57 - 2014-10-30 23:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-12-03 12:57 - 2014-10-30 23:23 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2014-12-03 12:57 - 2014-10-30 23:21 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-12-03 12:57 - 2014-10-30 23:19 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2014-12-03 12:57 - 2014-10-30 23:15 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2014-12-03 12:57 - 2014-10-30 23:08 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2014-12-03 12:57 - 2014-10-30 23:06 - 00372736 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-12-03 12:57 - 2014-10-30 23:05 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-12-03 12:57 - 2014-10-30 23:05 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-12-03 12:57 - 2014-10-30 23:03 - 02124288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-12-03 12:57 - 2014-10-30 22:59 - 14390272 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-12-03 12:57 - 2014-10-30 22:45 - 02365440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-12-03 12:57 - 2014-10-30 22:44 - 02865152 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2014-12-03 12:57 - 2014-10-30 22:42 - 19781632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-12-03 12:57 - 2014-10-30 22:42 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2014-12-03 12:57 - 2014-10-30 22:32 - 01550336 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-12-03 12:57 - 2014-10-30 22:28 - 00137728 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2014-12-03 12:57 - 2014-10-30 22:28 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2014-12-03 12:57 - 2014-10-30 22:27 - 00152064 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2014-12-03 12:57 - 2014-10-30 22:26 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2014-12-03 12:57 - 2014-10-30 22:25 - 00011264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2014-12-03 12:57 - 2014-10-30 22:24 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-12-03 12:57 - 2014-10-30 22:24 - 00235520 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2014-12-03 12:57 - 2014-10-30 22:24 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-12-03 12:57 - 2014-10-30 22:23 - 00340992 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2014-12-03 12:57 - 2014-10-30 22:23 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-12-03 12:57 - 2014-10-30 22:22 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-12-03 12:57 - 2014-10-30 22:20 - 00799232 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-12-03 12:57 - 2014-10-30 22:18 - 02277376 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-12-03 12:57 - 2014-10-30 22:16 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-12-03 12:57 - 2014-10-30 22:15 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-12-03 12:57 - 2014-10-30 22:14 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2014-12-03 12:57 - 2014-10-30 22:13 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-12-03 12:57 - 2014-10-30 22:13 - 00099328 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2014-12-03 12:57 - 2014-10-30 22:12 - 00661504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-12-03 12:57 - 2014-10-30 22:12 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-12-03 12:57 - 2014-10-30 22:11 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-12-03 12:57 - 2014-10-30 22:03 - 00027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2014-12-03 12:57 - 2014-10-30 22:02 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-12-03 12:57 - 2014-10-30 21:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-03 12:57 - 2014-10-30 21:56 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2014-12-03 12:57 - 2014-10-30 21:56 - 00090624 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-12-03 12:57 - 2014-10-30 21:56 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2014-12-03 12:57 - 2014-10-30 21:53 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-12-03 12:57 - 2014-10-30 21:53 - 00052736 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2014-12-03 12:57 - 2014-10-30 21:52 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-12-03 12:57 - 2014-10-30 21:51 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2014-12-03 12:57 - 2014-10-30 21:50 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-12-03 12:57 - 2014-10-30 21:48 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2014-12-03 12:57 - 2014-10-30 21:46 - 04298240 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-12-03 12:57 - 2014-10-30 21:46 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2014-12-03 12:57 - 2014-10-30 21:42 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2014-12-03 12:57 - 2014-10-30 21:40 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-12-03 12:57 - 2014-10-30 21:40 - 00325632 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-12-03 12:57 - 2014-10-30 21:39 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-12-03 12:57 - 2014-10-30 21:30 - 12819456 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-12-03 12:57 - 2014-10-30 21:26 - 01042944 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2014-12-03 12:57 - 2014-10-30 21:24 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2014-12-03 12:57 - 2014-10-30 21:17 - 01892864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-12-03 12:57 - 2014-10-30 21:13 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-12-03 12:57 - 2014-10-30 21:11 - 00708096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-12-03 12:57 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-12-03 12:56 - 2014-09-10 01:25 - 00474432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-12-03 12:56 - 2014-09-07 22:07 - 02497344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-12-03 12:56 - 2014-09-07 22:07 - 00428864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-12-03 12:56 - 2014-09-07 17:08 - 00389176 _____ () C:\windows\system32\ApnDatabase.xml
2014-12-03 12:56 - 2014-09-04 17:30 - 00822272 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2014-12-03 12:56 - 2014-09-04 17:21 - 01053184 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-12-03 12:56 - 2014-09-03 22:05 - 00836176 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2014-12-03 12:56 - 2014-09-03 21:22 - 00670384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2014-12-03 12:56 - 2014-09-03 20:01 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2014-12-03 12:56 - 2014-09-03 19:32 - 00334336 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2014-12-03 12:56 - 2014-09-03 19:10 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\winbici.dll
2014-12-03 12:56 - 2014-09-03 18:57 - 00921600 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll
2014-12-03 12:56 - 2014-09-03 18:49 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\MrmCoreR.dll
2014-12-03 12:56 - 2014-08-30 19:17 - 00148800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2014-12-03 12:56 - 2014-08-30 19:15 - 21197152 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-12-03 12:56 - 2014-08-30 17:59 - 18723112 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-12-03 12:56 - 2014-08-30 17:05 - 00615424 _____ (Microsoft Corporation) C:\windows\system32\FXSCOMEX.dll
2014-12-03 12:56 - 2014-08-30 16:58 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\FXSAPI.dll
2014-12-03 12:56 - 2014-08-30 16:04 - 00941568 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2014-12-03 12:56 - 2014-08-30 15:53 - 00239104 _____ (Microsoft Corporation) C:\windows\SysWOW64\FXSAPI.dll
2014-12-03 12:56 - 2014-08-30 15:17 - 00799744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2014-12-03 12:56 - 2014-08-27 21:55 - 07484224 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-12-03 12:56 - 2014-08-27 19:21 - 02480128 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2014-12-03 12:56 - 2014-08-27 19:06 - 02030592 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2014-12-03 12:56 - 2014-08-23 00:14 - 13424128 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-12-03 12:56 - 2014-08-23 00:04 - 11820544 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-12-03 12:56 - 2014-08-22 23:50 - 02714112 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers.dll
2014-12-03 12:56 - 2014-08-01 19:51 - 00545792 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2014-12-03 12:56 - 2014-08-01 19:35 - 00485376 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2014-12-03 12:56 - 2014-07-24 06:22 - 00308736 _____ (Microsoft Corporation) C:\windows\system32\compstui.dll
2014-12-03 12:56 - 2014-07-24 04:53 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\prnntfy.dll
2014-12-03 12:56 - 2014-07-24 04:13 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\prnntfy.dll
2014-12-03 12:56 - 2014-07-24 03:20 - 00187392 _____ (Microsoft Corporation) C:\windows\system32\puiapi.dll
2014-12-03 12:56 - 2014-07-24 03:08 - 00162816 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiapi.dll
2014-12-03 12:56 - 2014-07-24 02:49 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll
2014-12-03 12:56 - 2014-07-24 02:43 - 00200192 _____ (Microsoft Corporation) C:\windows\SysWOW64\DafPrintProvider.dll
2014-12-03 12:54 - 2014-10-18 04:55 - 00055776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-12-03 12:54 - 2014-10-18 03:09 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-12-03 12:54 - 2014-10-18 03:09 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-12-03 12:54 - 2014-10-18 02:25 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-12-03 12:54 - 2014-10-18 01:50 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\wuaext.dll
2014-12-03 12:54 - 2014-10-18 01:38 - 03557376 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-12-03 12:54 - 2014-10-18 01:27 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-12-03 12:54 - 2014-10-18 01:26 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-12-03 12:54 - 2014-10-18 01:23 - 00407552 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-12-03 12:54 - 2014-10-18 01:23 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-12-03 12:54 - 2014-10-18 01:21 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-12-03 12:54 - 2014-10-18 01:20 - 01714176 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-12-03 12:54 - 2014-10-18 01:14 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-12-03 12:54 - 2014-10-18 01:14 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-12-03 12:54 - 2014-10-18 01:12 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-12-03 12:54 - 2014-10-18 01:11 - 00723968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-12-03 12:53 - 2014-12-03 12:53 - 00000000 ____D () C:\Users\Public\Pokki
2014-12-03 12:53 - 2014-09-21 23:38 - 01519488 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2014-12-03 12:53 - 2014-09-21 22:06 - 00258368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2014-12-03 12:53 - 2014-09-21 22:06 - 00114496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdNisDrv.sys
2014-12-03 12:53 - 2014-09-21 21:49 - 00035320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2014-12-03 12:53 - 2014-09-18 19:16 - 01346048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2014-12-03 12:53 - 2014-09-02 17:08 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\winshfhc.dll
2014-12-03 12:53 - 2014-09-02 17:08 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\winshfhc.dll
2014-12-03 12:53 - 2014-08-15 19:29 - 00249344 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-03 12:53 - 2014-08-15 19:22 - 00286208 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveShell.dll
2014-12-03 12:53 - 2014-08-15 19:19 - 00189952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-03 12:53 - 2014-08-15 19:14 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\SkyDriveShell.dll
2014-12-03 12:53 - 2014-08-15 19:11 - 00920064 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-12-03 12:53 - 2014-08-15 19:07 - 00756224 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-12-03 12:53 - 2014-07-24 10:28 - 00468288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-12-03 12:52 - 2014-12-07 21:18 - 00002302 _____ () C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-12-03 12:52 - 2014-08-15 23:08 - 01507648 _____ (Microsoft Corporation) C:\windows\system32\propsys.dll
2014-12-03 12:52 - 2014-08-15 23:01 - 01710184 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-12-03 12:52 - 2014-08-15 22:58 - 01112512 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-12-03 12:52 - 2014-08-15 22:16 - 01205976 _____ (Microsoft Corporation) C:\windows\SysWOW64\propsys.dll
2014-12-03 12:52 - 2014-08-15 22:03 - 01467384 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-12-03 12:52 - 2014-08-15 20:31 - 00838144 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-12-03 12:52 - 2014-08-15 20:04 - 00359424 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll
2014-12-03 12:52 - 2014-08-15 19:58 - 00287744 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll
2014-12-03 12:52 - 2014-08-15 19:53 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\httpprxm.dll
2014-12-03 12:52 - 2014-08-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\ProximityService.dll
2014-12-03 12:52 - 2014-08-15 19:45 - 00267776 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2014-12-03 12:52 - 2014-08-15 19:43 - 00321024 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll
2014-12-03 12:52 - 2014-08-15 19:43 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\adhsvc.dll
2014-12-03 12:52 - 2014-08-15 19:31 - 00914432 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2014-12-03 12:52 - 2014-08-15 19:31 - 00286208 _____ (Microsoft Corporation) C:\windows\system32\pcsvDevice.dll
2014-12-03 12:52 - 2014-08-15 19:23 - 01106432 _____ (Microsoft Corporation) C:\windows\system32\SearchFolder.dll
2014-12-03 12:52 - 2014-08-15 19:22 - 00717824 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveTelemetry.dll
2014-12-03 12:52 - 2014-08-15 19:18 - 04758528 _____ (Microsoft Corporation) C:\windows\system32\SyncEngine.dll
2014-12-03 12:52 - 2014-08-15 19:17 - 08757760 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Search.dll
2014-12-03 12:52 - 2014-08-15 19:13 - 06649344 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-12-03 12:52 - 2014-08-15 19:13 - 05902848 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Search.dll
2014-12-03 12:52 - 2014-08-15 19:13 - 00840192 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFolder.dll
2014-12-03 12:52 - 2014-08-15 19:10 - 01120768 _____ (Microsoft Corporation) C:\windows\system32\SkyDrive.exe
2014-12-03 12:52 - 2014-08-15 19:08 - 05777408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-12-03 12:52 - 2014-07-24 06:42 - 01200640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2014-12-03 12:52 - 2014-07-24 06:41 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bridge.sys
2014-12-03 12:52 - 2014-07-24 05:09 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2014-12-03 12:52 - 2014-07-24 04:27 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2014-12-03 12:49 - 2014-12-07 21:04 - 00000000 ____D () C:\Users\Deidra\AppData\Local\CrashDumps
2014-12-03 12:42 - 2014-12-07 22:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-03 12:42 - 2014-12-07 22:44 - 00003884 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-03 12:42 - 2014-12-07 22:44 - 00003648 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-03 12:42 - 2014-12-03 12:42 - 00003884 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1d00f20798012ba
2014-12-03 12:42 - 2014-12-03 12:42 - 00000000 ____D () C:\Users\Deidra\AppData\Local\Google
2014-12-03 12:41 - 2014-12-07 22:44 - 00000000 ____D () C:\Users\Deidra\AppData\Local\Deployment
2014-12-03 12:41 - 2014-12-03 12:41 - 00000000 __SHD () C:\Users\Deidra\AppData\Local\EmieUserList
2014-12-03 12:41 - 2014-12-03 12:41 - 00000000 __SHD () C:\Users\Deidra\AppData\Local\EmieSiteList
2014-12-03 12:41 - 2014-12-03 12:41 - 00000000 ____D () C:\Users\Deidra\AppData\Local\Apps\2.0
2014-12-03 12:41 - 2014-09-03 19:12 - 00590336 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-12-03 12:41 - 2014-09-03 19:01 - 00514048 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-12-03 12:40 - 2014-06-09 17:13 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-12-03 12:40 - 2014-06-09 17:13 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-12-03 12:39 - 2014-08-23 02:48 - 02374784 _____ (Microsoft Corporation) C:\windows\explorer.exe
2014-12-03 12:39 - 2014-08-23 02:13 - 02084520 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2014-12-03 12:39 - 2014-08-23 01:10 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-12-03 12:39 - 2014-08-23 00:32 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-12-03 12:39 - 2014-08-22 23:33 - 00796672 _____ (Microsoft Corporation) C:\windows\system32\uDWM.dll
2014-12-03 12:39 - 2014-08-14 19:36 - 00146752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msgpioclx.sys
2014-12-03 12:39 - 2014-08-01 19:18 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-12-03 12:39 - 2014-07-29 20:56 - 00299520 _____ (Microsoft Corporation) C:\windows\system32\WSDMon.dll
2014-12-03 12:39 - 2014-07-29 00:22 - 00205824 _____ (Microsoft Corporation) C:\windows\system32\tcpmon.dll
2014-12-03 12:39 - 2014-07-23 22:20 - 00875688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2014-12-03 12:39 - 2014-07-23 22:20 - 00869544 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2014-12-03 12:37 - 2014-08-06 21:12 - 01336624 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-12-03 12:37 - 2014-08-01 22:56 - 01064448 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-12-03 12:37 - 2014-07-15 13:16 - 03048880 _____ (Microsoft Corporation) C:\windows\system32\WpcMon.exe
2014-12-03 12:37 - 2014-07-15 03:29 - 03118080 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll
2014-12-03 12:37 - 2014-07-15 03:22 - 02861056 _____ (Microsoft Corporation) C:\windows\system32\WpcWebSync.dll
2014-12-03 12:37 - 2014-07-15 03:03 - 02344448 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll
2014-12-03 12:37 - 2014-07-11 23:17 - 00623616 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe
2014-12-03 12:37 - 2014-06-01 21:10 - 00423768 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2014-12-03 12:37 - 2014-05-31 05:07 - 00440664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-12-03 12:37 - 2014-05-31 05:07 - 00089944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-12-03 12:37 - 2014-05-31 05:07 - 00027480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-12-03 12:37 - 2014-05-31 01:30 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-12-03 12:37 - 2014-05-31 01:27 - 00110592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys
2014-12-03 12:37 - 2014-05-31 01:26 - 00227840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys
2014-12-03 12:37 - 2014-05-30 23:01 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe
2014-12-03 12:37 - 2014-05-30 23:01 - 00209408 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll
2014-12-03 12:37 - 2014-05-30 23:01 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll
2014-12-03 12:37 - 2014-05-27 04:56 - 00323584 _____ (Microsoft Corporation) C:\windows\system32\DaOtpCredentialProvider.dll
2014-12-03 12:37 - 2014-05-27 04:53 - 00270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\DaOtpCredentialProvider.dll
2014-12-03 12:37 - 2014-05-01 08:31 - 00055328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wpcfltr.sys
2014-12-03 12:36 - 2014-05-13 02:01 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\BulkOperationHost.exe
2014-12-03 12:36 - 2014-05-03 00:36 - 00997888 _____ (Microsoft Corporation) C:\windows\system32\reseteng.dll
2014-12-03 12:36 - 2014-05-03 00:19 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\ncobjapi.dll
2014-12-03 12:36 - 2014-05-03 00:08 - 00301056 _____ (Microsoft Corporation) C:\windows\system32\framedynos.dll
2014-12-03 12:36 - 2014-05-03 00:07 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\framedyn.dll
2014-12-03 12:36 - 2014-05-02 23:46 - 00052736 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncobjapi.dll
2014-12-03 12:36 - 2014-05-02 23:37 - 00235008 _____ (Microsoft Corporation) C:\windows\SysWOW64\framedynos.dll
2014-12-03 12:36 - 2014-05-02 23:37 - 00207360 _____ (Microsoft Corporation) C:\windows\SysWOW64\framedyn.dll
2014-12-03 12:36 - 2014-05-02 18:26 - 00050745 _____ () C:\windows\system32\srms.dat
2014-12-03 12:36 - 2014-04-30 01:43 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwififlt.sys
2014-12-03 12:36 - 2014-04-30 01:41 - 00402432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-12-03 12:36 - 2014-04-30 01:41 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\agilevpn.sys
2014-12-03 12:36 - 2014-04-30 01:41 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwifimp.sys
2014-12-03 12:36 - 2014-04-30 00:45 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\Robocopy.exe
2014-12-03 12:36 - 2014-04-29 23:48 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Robocopy.exe
2014-12-03 12:36 - 2014-04-29 23:24 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll
2014-12-03 12:36 - 2014-04-29 23:23 - 00353280 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore.dll
2014-12-03 12:36 - 2014-04-29 23:23 - 00271872 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2014-12-03 12:36 - 2014-04-29 23:23 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc.dll
2014-12-03 12:36 - 2014-04-29 23:14 - 00827392 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2014-12-03 12:36 - 2014-04-29 22:59 - 01063424 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2014-12-03 12:36 - 2014-04-29 22:46 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore.dll
2014-12-03 12:36 - 2014-04-29 22:46 - 00229888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2014-12-03 12:36 - 2014-04-29 22:46 - 00056320 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll
2014-12-03 12:36 - 2014-04-29 22:45 - 00062976 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc.dll
2014-12-03 12:36 - 2014-04-29 22:42 - 00403968 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll
2014-12-03 12:36 - 2014-04-28 17:40 - 00721408 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2014-12-03 12:36 - 2014-04-26 11:39 - 00339456 _____ (Microsoft Corporation) C:\windows\system32\bdesvc.dll
2014-12-03 12:36 - 2014-04-14 04:37 - 02125344 _____ (Microsoft Corporation) C:\windows\system32\d3d9.dll
2014-12-03 12:36 - 2014-04-14 03:08 - 01797896 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d9.dll
2014-12-03 12:36 - 2014-04-14 00:18 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d8thk.dll
2014-12-03 12:35 - 2014-06-19 20:48 - 01273184 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-12-03 12:35 - 2014-06-19 18:52 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-12-03 12:35 - 2014-06-12 20:15 - 00517528 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2014-12-03 12:35 - 2014-06-12 20:14 - 01557848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-12-03 12:35 - 2014-06-12 19:10 - 00406400 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2014-12-03 12:35 - 2014-06-06 06:34 - 02133504 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2014-12-03 12:34 - 2014-05-31 05:06 - 00555736 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll
2014-12-03 12:34 - 2014-05-30 21:37 - 01054208 _____ (Microsoft Corporation) C:\windows\system32\twinui.appcore.dll
2014-12-03 12:34 - 2014-05-30 21:35 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.appcore.dll
2014-12-03 12:33 - 2014-06-06 08:04 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-12-03 12:33 - 2014-06-06 07:18 - 00488960 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-12-03 12:33 - 2014-05-29 22:03 - 00563200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-12-03 12:33 - 2014-05-19 01:31 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\drvcfg.exe
2014-12-03 12:33 - 2014-05-19 01:21 - 00110592 _____ (Microsoft Corporation) C:\windows\system32\drvinst.exe
2014-12-03 12:33 - 2014-05-19 00:23 - 00098816 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvinst.exe
2014-12-03 12:33 - 2014-05-01 00:24 - 02834944 _____ (Microsoft Corporation) C:\windows\system32\wpccpl.dll
2014-12-03 12:33 - 2014-04-29 23:43 - 01975296 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2014-12-03 12:33 - 2014-04-29 23:26 - 01345536 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2014-12-03 12:33 - 2014-04-29 22:47 - 01509888 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2014-12-03 12:29 - 2014-12-03 12:29 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Screensaver Factory
2014-12-03 11:56 - 2014-12-03 12:42 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Hightail for Lenovo
2014-12-03 11:56 - 2014-12-03 11:56 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-12-03 11:54 - 2014-12-09 13:17 - 00000000 ___DO () C:\Users\Deidra\OneDrive
2014-12-03 11:53 - 2014-12-09 13:29 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-818984236-3831732592-3455439087-1001
2014-12-03 11:49 - 2014-12-03 11:49 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Intel Corporation
2014-12-03 11:48 - 2014-12-09 02:20 - 00000000 ____D () C:\Users\Deidra\AppData\Local\Pokki
2014-12-03 11:48 - 2014-12-08 21:03 - 00000000 ____D () C:\Users\Deidra\AppData\Local\Packages
2014-12-03 11:48 - 2014-12-07 20:55 - 00000000 ____D () C:\Users\Deidra
2014-12-03 11:48 - 2014-12-03 11:48 - 00001453 _____ () C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-03 11:48 - 2014-12-03 11:48 - 00000180 _____ () C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-12-03 11:48 - 2014-12-03 11:48 - 00000020 ___SH () C:\Users\Deidra\ntuser.ini
2014-12-03 11:48 - 2014-12-03 11:48 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Macromedia
2014-12-03 11:48 - 2014-12-03 11:48 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Intel
2014-12-03 11:48 - 2014-12-03 11:48 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Adobe
2014-12-03 11:48 - 2014-12-03 11:48 - 00000000 ____D () C:\Users\Deidra\AppData\Local\VirtualStore
2014-12-03 11:48 - 2014-12-03 11:48 - 00000000 ____D () C:\Users\Deidra\AppData\Local\LenovoBrowserGuard
2014-12-03 11:48 - 2014-08-20 20:45 - 00000000 ___RD () C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-03 11:48 - 2014-03-18 05:05 - 00000000 ___RD () C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-03 11:48 - 2014-03-18 04:55 - 00000369 _____ () C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-12-03 11:48 - 2014-03-18 04:55 - 00000369 _____ () C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-12-03 11:48 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-03 11:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-09 13:22 - 2014-03-18 04:53 - 00865408 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-09 13:21 - 2014-08-20 20:41 - 01196518 _____ () C:\windows\WindowsUpdate.log
2014-12-09 13:17 - 2014-08-20 21:11 - 00010776 _____ () C:\windows\SysWOW64\VisualDiscovery.ini
2014-12-09 13:17 - 2014-08-20 21:11 - 00005296 _____ () C:\windows\SysWOW64\VisualDiscoveryOff.ini
2014-12-09 13:17 - 2014-08-20 21:11 - 00005296 _____ () C:\windows\system32\VisualDiscoveryOff.ini
2014-12-09 13:17 - 2014-08-20 21:11 - 00002560 _____ () C:\windows\system32\VfService.trf
2014-12-09 13:17 - 2014-03-18 04:44 - 00016862 _____ () C:\windows\PFRO.log
2014-12-09 13:17 - 2013-08-22 10:36 - 00000000 ___HD () C:\windows\ELAMBKUP
2014-12-09 13:17 - 2013-08-22 09:46 - 00024646 _____ () C:\windows\setupact.log
2014-12-09 13:17 - 2013-08-22 09:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-09 13:17 - 2013-08-22 08:25 - 00524288 ___SH () C:\windows\system32\config\BBI
2014-12-09 13:16 - 2014-03-18 04:38 - 00000000 ____D () C:\Program Files\Windows Journal
2014-12-09 13:16 - 2013-08-22 10:36 - 00000000 ___RD () C:\windows\ToastData
2014-12-09 13:16 - 2013-08-22 10:36 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2014-12-09 13:16 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-09 13:16 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-09 13:16 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\SysWOW64\setup
2014-12-09 13:16 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\SysWOW64\InputMethod
2014-12-09 13:16 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\system32\setup
2014-12-09 13:16 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\AppReadiness
2014-12-09 13:16 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\oobe
2014-12-09 13:01 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\system32\sru
2014-12-08 14:37 - 2013-08-22 10:20 - 00000000 ____D () C:\windows\CbsTemp
2014-12-08 13:22 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-07 21:17 - 2014-08-20 21:09 - 00000000 ____D () C:\ProgramData\McAfee
2014-12-07 20:54 - 2014-08-20 21:11 - 00000000 ____D () C:\Program Files\Lenovo Yoga PhoneCompanion
2014-12-07 20:54 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\rescache
2014-12-07 20:54 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-07 20:54 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\Sysprep
2014-12-07 20:54 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\servicing
2014-12-07 20:53 - 2014-08-20 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hightail
2014-12-07 20:53 - 2014-08-20 21:07 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki
2014-12-07 20:53 - 2014-08-20 21:07 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki
2014-12-07 20:53 - 2014-08-20 21:07 - 00000000 ____D () C:\ProgramData\Pokki
2014-12-07 20:53 - 2014-08-20 21:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-12-07 20:52 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\registration
2014-12-07 19:35 - 2013-08-22 08:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-12-03 23:15 - 2013-08-22 09:44 - 00346744 _____ () C:\windows\system32\FNTCACHE.DAT
2014-12-03 23:14 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-03 23:14 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-03 23:14 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\WinStore
2014-12-03 23:14 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-12-03 23:14 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\MediaViewer
2014-12-03 23:14 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\FileManager
2014-12-03 23:14 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\Camera
2014-12-03 23:14 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-03 13:08 - 2014-08-20 21:12 - 00000000 ____D () C:\ProgramData\CyberLink
2014-12-03 11:55 - 2014-08-20 21:08 - 00000000 ____D () C:\windows\System32\Tasks\Lenovo
2014-12-03 11:53 - 2014-08-20 20:48 - 00000000 ____D () C:\ProgramData\Intel
2014-12-03 11:52 - 2014-08-20 21:07 - 00000000 ____D () C:\ProgramData\Lenovo
2014-12-03 11:48 - 2014-08-20 21:38 - 00118107 ____H () C:\windows\modules.log
2014-12-03 11:48 - 2014-08-20 21:08 - 00000000 ____D () C:\Program Files (x86)\LenovoBrowserGuard
2014-12-03 11:48 - 2014-04-03 14:15 - 00000000 ____D () C:\windows\Panther
2014-11-20 15:51 - 2013-08-22 10:38 - 00714208 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-20 15:51 - 2013-08-22 10:38 - 00106976 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
 
Some content of TEMP:
====================
C:\Users\Deidra\AppData\Local\Temp\Quarantine.exe
C:\Users\Deidra\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-20 20:39
 
==================== End Of Log ============================
 
 
 
 
# AdwCleaner v4.104 - Report created 07/12/2014 at 18:55:39
# Updated 05/12/2014 by Xplode
# Database : 2014-12-07.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : Deidra - FLIPSY
# Running from : C:\Users\Deidra\AppData\Local\Microsoft\Windows\INetCache\IE\H3RO8K5Q\adwcleaner_4.104.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
Folder Deleted : C:\Program Files (x86)\DriverRestore
Folder Deleted : C:\Users\Deidra\AppData\Local\Temp\Hold Page
Folder Deleted : C:\Users\Deidra\Documents\Optimizer Pro
File Deleted : C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal
File Deleted : C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D0232CC2-9906-451D-8D17-174CE262E070}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D0232CC2-9906-451D-8D17-174CE262E070}
Key Deleted : HKCU\Software\eSupport.com
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\DriverRestore
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\lenovobrowserguard\lenovobrowserguard\bin\spvc32loader.dll
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v
 
[C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [4379 octets] - [07/12/2014 18:53:03]
AdwCleaner[S0].txt - [4085 octets] - [07/12/2014 18:55:39]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4145 octets] ##########
# AdwCleaner v4.105 - Report created 09/12/2014 at 13:16:07
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : Deidra - FLIPSY
# Running from : C:\Users\Deidra\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : CltMngSvc
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.best-deals-products.com_0.localstorage-journal
File Deleted : C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.best-deals-products.com_0.localstorage-journal
File Deleted : C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.best-deals-products.com_0.localstorage
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC64Loader.dll
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Mozilla Firefox v
 
 
-\\ Google Chrome v39.0.2171.71
 
 
*************************
 
AdwCleaner[R0].txt - [9170 octets] - [07/12/2014 18:53:03]
AdwCleaner[S0].txt - [8692 octets] - [07/12/2014 18:55:39]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8752 octets] ##########
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 8.1 x64
Ran by Deidra on Tue 12/09/2014 at 13:23:56.30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 12/09/2014 at 13:26:29.16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

  • 0

#4
Deevly

Deevly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Also, File Explorer is now running with administrative privileges. Is that a result of the programs (adwcleaner, jrt, farbar) I downloaded? Or should I restart that?


  • 0

#5
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts

Also, File Explorer is now running with administrative privileges. Is that a result of the programs (adwcleaner, jrt, farbar) I downloaded? Or should I restart that?


What do you mean by this? Was it prompting to be restarted?
  • 0

#6
Deevly

Deevly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

The apps on the start screen (browser, email, etc.) gave me a prompt when I tried to open them, saying that the app couldn't open while File Explorer was open with administrative privileges. This happened immediately after I downloaded and ran the three diagnostic programs. It resolved after a reboot. I also noticed that two desktop.ini files are now visible on the desktop.

 

BTW, thanks for your help, if I didn't say that earlier.


  • 0

#7
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts

The apps on the start screen (browser, email, etc.) gave me a prompt when I tried to open them, saying that the app couldn't open while File Explorer was open with administrative privileges. This happened immediately after I downloaded and ran the three diagnostic programs. It resolved after a reboot.


You are correct--one of the tools did cause this (normal) behavior, and the solution happens to be rebooting. :)
 

I also noticed that two desktop.ini files are now visible on the desktop.


Yes, hidden files are now made visible. Would you like to hide them again? I will instruct you to do so at the end of the process. At any rate, you may safely delete those two files if they bother you. Note that this applies only to the ones you find in your desktop! There are numerous desktop.ini files in your system which you should ignore, as deleting those would mess up icons.
 

BTW, thanks for your help, if I didn't say that earlier.


You are welcome! Let's proceed to checking if anything was missed.
  • Step 1

    Download the free version of 'Malwarebytes Anti-Malware by Malwarebytes Corporation' and save it to your desktop.
    • Double-click mbam-setup-*.exe and proceed to installing the program.
      • Accept the License Agreement.
      • At the end, ensure a check mark is only placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
    • Once the program has loaded, navigate to the Settings tab and select Detection and Protection.
      • Tick the Scan For Rootkits box.
    • Go back to the Dashboard and select Update Now. Click Scan Now after.
      • Updates can sometimes still be present. Be sure to select Update Now again if you are prompted.
      • Once the scan is complete, click Apply Actions.
      • If you are prompted to reboot, allow it by pressing Yes.
    • Navigate to the program's History tab to retrieve the log.
      • Click Application Logs and double-click on the most recent Scan Log.
      • Export the log to your desktop as a .TXT file.
      • You can also choose to directly copy the log by selecting Copy to Clipboard.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Step 2

    Run a free 'ESET Online Scan by ESET' by firstly saving the file to your desktop.
    • Double-click esetsmartinstaller_enu.exe. Accept the Terms of Use then click on Start.
    • Ensure the following settings are followed before clicking Start (you may or may not see the software warning at the very bottom):

      nvMhqop.png

    • The virus signature database will begin to download. Wait for the scan to end--it may take several hours.
    • Upon completion, select List of found threats > Export to text file....
    • Press Back and put a check on the following:
      • Uninstall application on close
      • Delete quarantined files
    • Click Finish.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Logs to Post

    In summary of the above, I will need you to post the following log(s):
    • log.txt (ESET Online Scan)
    • mbam-log-YYYY-MM-DD (HH-MM-SS).xml (Malwarebytes Anti-Malware)

  • 0

#8
Deevly

Deevly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts


Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/11/2014
Scan Time: 9:32:03 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.11.08
Rootkit Database: v2014.12.08.03
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Deidra

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 320472
Time Elapsed: 4 min, 15 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)




 



 

 

C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\cltmng.exe a variant of Win32/Conduit.SearchProtect.I potentially unwanted application deleted - quarantined
C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPTool64.exe a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32.dll a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32Loader.dll a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC64.dll a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC64Loader.dll a variant of Win64/Conduit.SearchProtect.A potentially unwanted application deleted - quarantined
C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\SPTool.dll a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\uninstall.exe a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined
C:\Program Files (x86)\LenovoBrowserGuard\UI\bin\cltmngui.exe a variant of Win32/ClientConnect.A potentially unwanted application deleted - quarantined


 


  • 0

#9
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
You had a lot of adware. How is your computer running? :)
  • 0

#10
Deevly

Deevly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

It seems fine, apart from some battery and sleep issues that I'm sure have nothing to do with malware/adware. I think I can figure those out on my own, though. Thanks for your help.


  • 0

Advertisements


#11
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Thank you for your cooperation. Your logs show no sign of infection. Congratulations, your system is now clean. :thumbsup: Below are the last few steps for you to accomplish.

Remove Temporary Files with TFC by OldTimer
  • Download 'TFC by OldTimer' and save it to your desktop.
    • Ensure all programs and windows are closed before proceeding.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • Click the Start button and wait for the process to complete.
    • You will be prompted to reboot. Please allow it by choosing Yes.
Remove Special Tools with DelFix by Xplode
  • Download 'DelFix by Xplode' and save it to your desktop.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • Ensure the following options are checked:
      • Remove Disinfection Tools
      • Create Registry Backup
      • Purge System Restore
    • Press Run.
    • A log will automatically pop-up. Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.

  • 0

#12
Deevly

Deevly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
And here's where I admit to not following directions. :X  I thought we were done and started uninstalling things last night. Oops. :/

Here's the Delfix log, but I had a couple of questions. 

1. Have you ever heard of Pokki Start Menu? I uninstalled it, but there are a lot of Pokki files left in various places. Any idea how to clean those up?

2. Have you ever heard of Superfish Visual Discovery? None of the scans picked it up, but it was causing popups in my browser. It was installed on the same date as all the other Lenovo bloatware (bastiches), so I assume it's not malicious and the uninstall I did on it should be good. The popups have stopped.  (As an aside, I've never seen a computer preloaded with so much crap! I'm seriously considering a clean install.)

# DelFix v10.8 - Logfile created 13/12/2014 at 11:09:48
# Updated 29/07/2014 by Xplode
# Username : Deidra - FLIPSY
# Operating System : Windows 8.1  (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\Users\Deidra\Downloads\Addition.txt
Deleted : C:\Users\Deidra\Downloads\esetsmartinstaller_enu.exe
Deleted : C:\Users\Deidra\Downloads\Extras.Txt
Deleted : C:\Users\Deidra\Downloads\FRST.txt
Deleted : C:\Users\Deidra\Downloads\frst64.exe
Deleted : C:\Users\Deidra\Downloads\JRT.exe
Deleted : C:\Users\Deidra\Downloads\OTL.Txt
Deleted : C:\Users\Deidra\Downloads\OTL.exe
Deleted : C:\Users\Deidra\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
Deleted : RP #4 [McAfee Vulnerability Scanner | 12/05/2014 17:50:01]
Deleted : RP #5 [Removed Microsoft Office | 12/07/2014 20:12:49]
Deleted : RP #6 [Restore Operation | 12/08/2014 01:51:25]
Deleted : RP #7 [Windows Modules Installer | 12/10/2014 14:54:21]
Deleted : RP #8 [Removed Nitro Pro 9 | 12/12/2014 23:05:43]
 
New restore point created !
 
########## - EOF - ##########

  • 0

#13
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Eeps, looks like we still have some work to do, then.  :headscratch:

For this post, we're going to clean-up all security programs e.g. remove ESET Online Scanner, Malwarebytes Anti-Malware (as you accidentally installed the trial version), and Norton Security (unless you wish to pay for it, I'm going to recommend free alternatives), remove the unwanted programs, and install a free anti-virus.

1. To begin, please uninstall the following applications normally i.e. via Programs and Features:
  • ESET Online Scanner
  • Malwarebytes Anti-Malware
  • Norton Security
  • Start Menu
  • Superfish Inc. VisualDiscovery
2. Once done, please run the below uninstallers one after the other. You may or may not be asked to reboot:3. Proceed to install one of the following free anti-virus programs:4. Please provide me with fresh FRST logs so we can see where we are. Don't forget to tick the Addition box.
  • 0

#14
Deevly

Deevly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

1. I had already uninstalled everything but Norton, which I uninstalled today.

2. I ran the uninstallers for Malwarebytes and Norton Security, and I also ran one from the McAfee site to try and clean up leftovers from a free trial that was preinstalled. Note: There is still a 516 MB McAfee folder on the D drive under "Applications." And there are three Norton folders still on the C drive under "Program Files (x86) ). The folders are Norton Security (136 MB), Norton Security Scan (45 KB), and Norton Installer (496 KB). Do you think it's safe to just delete those folders?
3. I haven't downloaded any new security yet. The laptop came with Windows Defender, which I assume is sufficient for now?

4. Here are the FRST logs: 
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014
Ran by Deidra (administrator) on FLIPSY on 14-12-2014 15:46:24
Running from C:\Users\Deidra\Desktop
Loaded Profile: Deidra (Available profiles: Deidra)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\DragonAssistant3\DragonAssistantMaintenance.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16.0.3030.1024_x64__8wekyb3d8bbwe\onenoteim.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt\Facebook.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13656792 2013-10-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-09-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\windows\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-08-02] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-08-20] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-08-20] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [59923440 2014-08-20] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-08-20] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC.)
HKU\S-1-5-21-818984236-3831732592-3455439087-1001\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-818984236-3831732592-3455439087-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-818984236-3831732592-3455439087-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://home.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\Deidra\AppData\Roaming\Mozilla\Firefox\Profiles\qipkhwio.default
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR Profile: C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-03]
CHR Extension: (Google Docs) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-03]
CHR Extension: (Google Drive) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-03]
CHR Extension: (YouTube) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-03]
CHR Extension: (Google Search) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-03]
CHR Extension: (Google Sheets) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-03]
CHR Extension: (Google Wallet) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-03]
CHR Extension: (Gmail) - C:\Users\Deidra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-03]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 DAMSvc; C:\Program Files (x86)\Nuance\DragonAssistant3\DragonAssistantMaintenance.exe [4260112 2014-04-08] (Nuance Communications, Inc.)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115632 2013-08-02] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116656 2013-08-02] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148688 2013-08-02] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124880 2013-08-02] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-04-14] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-11-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-20] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-08-20] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-24] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-24] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [249872 2014-08-20] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [328720 2014-08-20] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [288472 2013-09-13] (Realtek Semiconductor)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-08-20] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [34576 2014-08-20] (Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [114680 2013-08-02] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [287160 2013-08-02] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494272 2013-08-02] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [192456 2014-05-09] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\windows\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3443680 2014-06-01] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1527712 2013-12-30] (Sunplus)
R2 VDWFP; C:\windows\system32\Drivers\VDWFP64.sys [39800 2014-05-12] (Superfish, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-14 15:46 - 2014-12-14 15:46 - 00016572 _____ () C:\Users\Deidra\Desktop\FRST.txt
2014-12-14 15:45 - 2014-12-14 15:46 - 00000000 ____D () C:\FRST
2014-12-14 15:45 - 2014-12-14 15:45 - 02119680 _____ (Farbar) C:\Users\Deidra\Desktop\FRST64.exe
2014-12-14 15:03 - 2014-12-14 15:03 - 05292448 _____ (McAfee, Inc.) C:\Users\Deidra\Downloads\Setup_serial_TNzaGaKK9DayI6KGto34DA2_key.exe
2014-12-14 13:14 - 2014-12-14 13:14 - 00896048 _____ () C:\Users\Deidra\Downloads\Norton_Removal_Tool.exe
2014-12-14 13:13 - 2014-12-14 13:13 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Deidra\Downloads\mbam-clean-2.1.1.1001.exe
2014-12-14 01:42 - 2014-12-14 01:42 - 00000000 ____D () C:\Users\Deidra\AppData\Local\Amazon
2014-12-14 00:30 - 2014-12-14 00:30 - 00000000 ___RD () C:\Users\Deidra\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2014-12-13 11:09 - 2014-12-13 11:09 - 00001157 _____ () C:\DelFix.txt
2014-12-12 23:58 - 2014-12-12 23:58 - 00000000 ____H () C:\Users\Deidra\Documents\Default.rdp
2014-12-12 20:42 - 2014-12-12 20:42 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\FLEXnet
2014-12-12 18:08 - 2014-12-12 18:08 - 00000319 _____ () C:\windows\system32\InstallUtil.InstallLog
2014-12-12 17:58 - 2014-12-12 17:58 - 00000000 ____D () C:\Users\Deidra\AppData\Local\Nuance
2014-12-11 21:26 - 2014-12-11 21:26 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Deidra\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-11 20:19 - 2014-12-11 20:19 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Nitro
2014-12-10 09:55 - 2014-11-09 21:29 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupStatusProvider.dll
2014-12-10 09:55 - 2014-11-09 20:51 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 09:55 - 2014-10-30 18:39 - 01970432 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-12-10 09:55 - 2014-10-30 18:38 - 01612992 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2014-12-10 00:26 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-12-10 00:26 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-12-10 00:26 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-12-10 00:26 - 2014-11-21 21:49 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2014-12-10 00:26 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-12-10 00:26 - 2014-11-21 21:35 - 00812544 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-12-10 00:26 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-12-10 00:26 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-12-10 00:26 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-12-10 00:26 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-12-10 00:26 - 2014-11-21 21:06 - 00340992 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2014-12-10 00:26 - 2014-11-21 21:06 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2014-12-10 00:26 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-12-10 00:26 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-12-10 00:26 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-12-10 00:26 - 2014-11-21 20:59 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2014-12-10 00:26 - 2014-11-21 20:55 - 00661504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-12-10 00:26 - 2014-11-21 20:52 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2014-12-10 00:26 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-12-10 00:26 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-12-10 00:26 - 2014-11-21 20:49 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-12-10 00:26 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-12-10 00:26 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-12-10 00:26 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-12-10 00:26 - 2014-11-21 20:34 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2014-12-10 00:26 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-12-10 00:26 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-12-10 00:26 - 2014-11-21 20:29 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2014-12-10 00:26 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-12-10 00:26 - 2014-11-21 20:25 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2014-12-10 00:26 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-12-10 00:26 - 2014-11-21 20:23 - 00326656 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-12-10 00:26 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-12-10 00:26 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-12-10 00:26 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-12-10 00:26 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-12-10 00:26 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-12-10 00:26 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-12-10 00:26 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-12-10 00:26 - 2014-11-06 23:16 - 01762840 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-12-10 00:26 - 2014-11-06 22:26 - 01489072 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-12-10 00:26 - 2014-10-31 18:57 - 01091072 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll
2014-12-10 00:26 - 2014-10-31 18:47 - 00790528 _____ (Microsoft Corporation) C:\windows\SysWOW64\MrmCoreR.dll
2014-12-10 00:26 - 2014-10-12 21:43 - 00238912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2014-12-10 00:26 - 2014-10-12 21:43 - 00153920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2014-12-10 00:26 - 2014-10-12 21:43 - 00086336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2014-12-10 00:26 - 2014-10-12 21:43 - 00039744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelpep.sys
2014-12-09 13:23 - 2014-12-13 11:09 - 00000000 ____D () C:\windows\ERUNT
2014-12-08 21:31 - 2014-12-08 21:31 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-12-08 21:31 - 2014-12-08 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-12-08 21:31 - 2014-12-08 21:31 - 00000000 ____D () C:\ProgramData\HP
2014-12-08 21:31 - 2014-12-08 21:31 - 00000000 ____D () C:\Program Files\HP
2014-12-08 21:31 - 2014-12-08 21:31 - 00000000 ____D () C:\Program Files (x86)\HP
2014-12-08 21:31 - 2014-08-22 05:12 - 00751624 ____N (Hewlett-Packard Development Company, LP) C:\windows\system32\HPDiscoPMCD11.dll
2014-12-08 21:29 - 2014-12-08 21:34 - 00000000 ____D () C:\Users\Deidra\AppData\Local\HP
2014-12-08 21:18 - 2014-12-08 21:25 - 188058456 _____ () C:\Users\Deidra\Downloads\OJ5740_117.exe
2014-12-08 13:22 - 2014-04-13 22:29 - 01018880 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-12-07 22:45 - 2014-12-07 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-07 22:44 - 2014-12-14 15:35 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 22:44 - 2014-12-14 14:49 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 22:13 - 2014-12-07 22:15 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Mozilla
2014-12-07 22:13 - 2014-12-07 22:15 - 00000000 ____D () C:\Users\Deidra\AppData\Local\Mozilla
2014-12-07 22:13 - 2014-12-07 22:13 - 00000000 ____D () C:\ProgramData\Mozilla
2014-12-07 21:45 - 2014-12-07 21:46 - 00000000 ____D () C:\Users\Deidra\AppData\Local\NPE
2014-12-07 21:33 - 2014-10-30 06:25 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-12-07 21:05 - 2014-07-24 10:28 - 00419648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-12-07 21:05 - 2014-07-24 10:28 - 00412992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2014-12-07 21:05 - 2014-07-24 10:28 - 00280384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys
2014-12-07 21:05 - 2014-07-24 10:28 - 00143680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-12-07 21:05 - 2014-07-24 10:23 - 00125472 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2014-12-07 21:05 - 2014-07-24 10:20 - 00645592 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-12-07 21:05 - 2014-07-24 10:20 - 00263400 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe
2014-12-07 21:05 - 2014-07-24 10:16 - 02574208 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2014-12-07 21:05 - 2014-07-24 10:16 - 00211216 _____ (Microsoft Corporation) C:\windows\system32\SndVol.exe
2014-12-07 21:05 - 2014-07-24 10:07 - 02009920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-12-07 21:05 - 2014-07-24 10:05 - 01660048 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-12-07 21:05 - 2014-07-24 10:05 - 01519560 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-12-07 21:05 - 2014-07-24 10:05 - 01488008 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2014-12-07 21:05 - 2014-07-24 10:05 - 01356840 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2014-12-07 21:05 - 2014-07-24 10:03 - 02141920 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2014-12-07 21:05 - 2014-07-24 10:03 - 00882136 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2014-12-07 21:05 - 2014-07-24 10:03 - 00360480 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
2014-12-07 21:05 - 2014-07-24 10:03 - 00233888 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-12-07 21:05 - 2014-07-24 10:03 - 00205512 _____ (Microsoft Corporation) C:\windows\system32\mftranscode.dll
2014-12-07 21:05 - 2014-07-24 08:50 - 00098048 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2014-12-07 21:05 - 2014-07-24 08:48 - 02410976 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2014-12-07 21:05 - 2014-07-24 08:48 - 00180208 _____ (Microsoft Corporation) C:\windows\SysWOW64\SndVol.exe
2014-12-07 21:05 - 2014-07-24 08:46 - 00477200 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-12-07 21:05 - 2014-07-24 08:36 - 02145472 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2014-12-07 21:05 - 2014-07-24 08:36 - 00707536 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2014-12-07 21:05 - 2014-07-24 08:36 - 00355800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
2014-12-07 21:05 - 2014-07-24 08:36 - 00180720 _____ (Microsoft Corporation) C:\windows\SysWOW64\mftranscode.dll
2014-12-07 21:05 - 2014-07-24 06:51 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDRUM.DLL
2014-12-07 21:05 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-12-07 21:05 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTT102.DLL
2014-12-07 21:05 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-12-07 21:05 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-12-07 21:05 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-12-07 21:05 - 2014-07-24 06:51 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-12-07 21:05 - 2014-07-24 06:46 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys
2014-12-07 21:05 - 2014-07-24 06:45 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hdaudbus.sys
2014-12-07 21:05 - 2014-07-24 06:44 - 00674816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-12-07 21:05 - 2014-07-24 06:43 - 00412160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2014-12-07 21:05 - 2014-07-24 06:42 - 00446976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nwifi.sys
2014-12-07 21:05 - 2014-07-24 06:42 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\NdisImPlatform.sys
2014-12-07 21:05 - 2014-07-24 06:41 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthpan.sys
2014-12-07 21:05 - 2014-07-24 06:06 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\iasnap.dll
2014-12-07 21:05 - 2014-07-24 06:05 - 00287232 _____ (Microsoft Corporation) C:\windows\system32\usbmon.dll
2014-12-07 21:05 - 2014-07-24 06:05 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2014-12-07 21:05 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-12-07 21:05 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTT102.DLL
2014-12-07 21:05 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-12-07 21:05 - 2014-07-24 05:51 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRUM.DLL
2014-12-07 21:05 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-12-07 21:05 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-12-07 21:05 - 2014-07-24 05:51 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-12-07 21:05 - 2014-07-24 05:49 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\WorkFoldersGPExt.dll
2014-12-07 21:05 - 2014-07-24 05:32 - 00207360 _____ (Microsoft Corporation) C:\windows\system32\powercfg.cpl
2014-12-07 21:05 - 2014-07-24 05:20 - 02050560 _____ (Microsoft Corporation) C:\windows\system32\SRH.dll
2014-12-07 21:05 - 2014-07-24 05:18 - 01089024 _____ (Microsoft Corporation) C:\windows\system32\gpedit.dll
2014-12-07 21:05 - 2014-07-24 05:12 - 00878592 _____ (Microsoft Corporation) C:\windows\system32\ActionCenter.dll
2014-12-07 21:05 - 2014-07-24 05:10 - 01844224 _____ (Microsoft Corporation) C:\windows\system32\Display.dll
2014-12-07 21:05 - 2014-07-24 05:10 - 00834560 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-12-07 21:05 - 2014-07-24 05:10 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2014-12-07 21:05 - 2014-07-24 05:10 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\iasnap.dll
2014-12-07 21:05 - 2014-07-24 05:05 - 00187392 _____ (Microsoft Corporation) C:\windows\system32\WorkFoldersShell.dll
2014-12-07 21:05 - 2014-07-24 04:52 - 00621056 _____ (Microsoft Corporation) C:\windows\system32\comdlg32.dll
2014-12-07 21:05 - 2014-07-24 04:44 - 16874496 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2014-12-07 21:05 - 2014-07-24 04:42 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercfg.cpl
2014-12-07 21:05 - 2014-07-24 04:40 - 00557056 _____ (Microsoft Corporation) C:\windows\system32\PrintDialogs.dll
2014-12-07 21:05 - 2014-07-24 04:39 - 00770048 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2014-12-07 21:05 - 2014-07-24 04:33 - 01741824 _____ (Microsoft Corporation) C:\windows\SysWOW64\SRH.dll
2014-12-07 21:05 - 2014-07-24 04:32 - 01048064 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpedit.dll
2014-12-07 21:05 - 2014-07-24 04:27 - 00779264 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-12-07 21:05 - 2014-07-24 04:25 - 00832512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActionCenter.dll
2014-12-07 21:05 - 2014-07-24 04:24 - 01817088 _____ (Microsoft Corporation) C:\windows\SysWOW64\Display.dll
2014-12-07 21:05 - 2014-07-24 04:21 - 00134144 _____ (Microsoft Corporation) C:\windows\system32\browser.dll
2014-12-07 21:05 - 2014-07-24 04:18 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\wlansvcpal.dll
2014-12-07 21:05 - 2014-07-24 04:16 - 12730880 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2014-12-07 21:05 - 2014-07-24 04:14 - 00443904 _____ (Microsoft Corporation) C:\windows\system32\wlansec.dll
2014-12-07 21:05 - 2014-07-24 04:12 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\WiFiDisplay.dll
2014-12-07 21:05 - 2014-07-24 04:11 - 00356864 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2014-12-07 21:05 - 2014-07-24 04:11 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\wshbth.dll
2014-12-07 21:05 - 2014-07-24 04:10 - 00540672 _____ (Microsoft Corporation) C:\windows\SysWOW64\comdlg32.dll
2014-12-07 21:05 - 2014-07-24 04:04 - 00492032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintDialogs.dll
2014-12-07 21:05 - 2014-07-24 04:04 - 00183808 _____ (Microsoft Corp.) C:\windows\system32\Defrag.exe
2014-12-07 21:05 - 2014-07-24 04:03 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2014-12-07 21:05 - 2014-07-24 04:02 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-12-07 21:05 - 2014-07-24 03:58 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\BluetoothApis.dll
2014-12-07 21:05 - 2014-07-24 03:53 - 01261056 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2014-12-07 21:05 - 2014-07-24 03:53 - 00449536 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll
2014-12-07 21:05 - 2014-07-24 03:49 - 01287680 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll
2014-12-07 21:05 - 2014-07-24 03:49 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\wlanapi.dll
2014-12-07 21:05 - 2014-07-24 03:48 - 00659968 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Bluetooth.dll
2014-12-07 21:05 - 2014-07-24 03:47 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2014-12-07 21:05 - 2014-07-24 03:43 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshbth.dll
2014-12-07 21:05 - 2014-07-24 03:39 - 02397184 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2014-12-07 21:05 - 2014-07-24 03:38 - 00371200 _____ (Microsoft Corporation) C:\windows\system32\wlanmsm.dll
2014-12-07 21:05 - 2014-07-24 03:36 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\BluetoothApis.dll
2014-12-07 21:05 - 2014-07-24 03:32 - 01532416 _____ (Microsoft Corporation) C:\windows\system32\wlansvc.dll
2014-12-07 21:05 - 2014-07-24 03:30 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanapi.dll
2014-12-07 21:05 - 2014-07-24 03:29 - 00439296 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-12-07 21:05 - 2014-07-24 03:28 - 00595456 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.dll
2014-12-07 21:05 - 2014-07-24 03:23 - 01404416 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2014-12-07 21:05 - 2014-07-24 03:22 - 00487936 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2014-12-07 21:05 - 2014-07-24 03:21 - 01231872 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.dll
2014-12-07 21:05 - 2014-07-24 03:21 - 00302080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanmsm.dll
2014-12-07 21:05 - 2014-07-24 03:18 - 01144320 _____ (Microsoft Corporation) C:\windows\system32\wwanmm.dll
2014-12-07 21:05 - 2014-07-24 03:18 - 00795136 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2014-12-07 21:05 - 2014-07-24 03:16 - 00505344 _____ (Microsoft Corporation) C:\windows\system32\VAN.dll
2014-12-07 21:05 - 2014-07-24 03:16 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
2014-12-07 21:05 - 2014-07-24 03:15 - 00721408 _____ (Microsoft Corporation) C:\windows\system32\twinapi.dll
2014-12-07 21:05 - 2014-07-24 03:15 - 00432128 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.dll
2014-12-07 21:05 - 2014-07-24 03:13 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\SndVolSSO.dll
2014-12-07 21:05 - 2014-07-24 03:10 - 00889344 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.dll
2014-12-07 21:05 - 2014-07-24 03:10 - 00371712 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
2014-12-07 21:05 - 2014-07-24 03:08 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
2014-12-07 21:05 - 2014-07-24 03:05 - 00448000 _____ (Microsoft Corporation) C:\windows\SysWOW64\VAN.dll
2014-12-07 21:05 - 2014-07-24 03:01 - 01992192 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2014-12-07 21:05 - 2014-07-24 03:00 - 02100736 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlowUI.dll
2014-12-07 21:05 - 2014-07-24 02:58 - 00432640 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll
2014-12-07 21:05 - 2014-07-24 02:58 - 00288768 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
2014-12-07 21:05 - 2014-07-24 02:54 - 01290752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2014-12-07 21:05 - 2014-07-24 02:50 - 01182208 _____ (Microsoft Corporation) C:\windows\system32\printui.dll
2014-12-07 21:05 - 2014-07-24 02:47 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2014-12-07 21:05 - 2014-07-24 02:44 - 01057792 _____ (Microsoft Corporation) C:\windows\SysWOW64\printui.dll
2014-12-07 21:05 - 2014-07-24 02:41 - 00459264 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2014-12-07 21:05 - 2014-07-24 02:28 - 01600000 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2014-12-07 21:05 - 2014-07-23 23:11 - 00513544 _____ () C:\windows\SysWOW64\locale.nls
2014-12-07 21:05 - 2014-07-23 23:11 - 00513544 _____ () C:\windows\system32\locale.nls
2014-12-07 21:05 - 2014-07-12 00:55 - 00268288 _____ (Microsoft Corporation) C:\windows\system32\wisp.dll
2014-12-07 21:05 - 2014-07-11 23:58 - 00210944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wisp.dll
2014-12-07 21:05 - 2014-07-04 07:59 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys
2014-12-07 21:05 - 2014-07-04 05:29 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\AppxSip.dll
2014-12-07 21:05 - 2014-07-04 05:20 - 01656832 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2014-12-07 21:05 - 2014-07-04 05:06 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxSip.dll
2014-12-07 21:05 - 2014-07-04 05:00 - 01351168 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2014-12-07 21:05 - 2014-07-04 04:30 - 00544768 _____ (Microsoft Corporation) C:\windows\system32\AppxPackaging.dll
2014-12-07 21:05 - 2014-07-04 04:27 - 00474112 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxPackaging.dll
2014-12-07 21:05 - 2014-06-27 01:22 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-12-07 21:05 - 2014-06-25 19:32 - 01029632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mispace.dll
2014-12-07 21:05 - 2014-06-25 19:29 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\dab.dll
2014-12-07 21:05 - 2014-06-19 18:37 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-12-07 21:05 - 2014-06-18 21:13 - 00310080 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2014-12-07 21:05 - 2014-06-14 01:03 - 02389504 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-12-07 21:05 - 2014-06-14 00:46 - 02071552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-12-07 21:05 - 2014-06-07 07:46 - 00216368 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2014-12-07 21:05 - 2014-06-07 05:20 - 00189016 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2014-12-07 21:05 - 2014-06-05 09:00 - 01118040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2014-12-07 21:05 - 2014-06-05 05:18 - 01018368 _____ (Microsoft Corporation) C:\windows\system32\aclui.dll
2014-12-07 21:05 - 2014-06-05 04:42 - 00889856 _____ (Microsoft Corporation) C:\windows\SysWOW64\aclui.dll
2014-12-07 21:05 - 2014-05-31 00:00 - 01463808 _____ (Microsoft Corporation) C:\windows\system32\wsecedit.dll
2014-12-07 21:05 - 2014-05-30 23:18 - 01319936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsecedit.dll
2014-12-07 21:05 - 2014-05-29 01:23 - 00427008 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll
2014-12-07 21:05 - 2014-05-29 00:25 - 00313856 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll
2014-12-07 21:05 - 2014-05-26 02:26 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\AppxSysprep.dll
2014-12-07 21:05 - 2014-05-10 05:12 - 00387896 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2014-12-07 21:05 - 2014-05-10 03:46 - 00335680 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2014-12-07 21:05 - 2014-05-05 23:41 - 00486744 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll
2014-12-07 21:05 - 2014-05-05 19:55 - 00391000 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll
2014-12-07 21:05 - 2014-03-24 21:27 - 00160600 _____ (Microsoft Corporation) C:\windows\system32\winmmbase.dll
2014-12-07 21:05 - 2014-03-24 21:27 - 00123920 _____ (Microsoft Corporation) C:\windows\system32\winmm.dll
2014-12-07 21:05 - 2014-03-24 20:20 - 00128568 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmm.dll
2014-12-07 21:05 - 2014-03-24 20:20 - 00127544 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmmbase.dll
2014-12-07 20:56 - 2014-10-12 21:33 - 00116032 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-12-07 20:56 - 2014-10-10 19:58 - 03320320 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-12-07 20:56 - 2014-10-10 19:53 - 03607040 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-12-07 20:56 - 2014-10-08 02:30 - 00110080 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2014-12-07 20:56 - 2014-10-08 02:09 - 00428032 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-12-07 20:56 - 2014-10-08 01:27 - 00325120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-12-07 20:56 - 2014-10-08 00:32 - 02773504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-12-07 20:56 - 2014-10-08 00:19 - 02459136 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-12-07 19:33 - 2014-12-14 13:05 - 00000000 ____D () C:\Program Files (x86)\Norton Security
2014-12-07 18:24 - 2014-12-14 13:15 - 00000000 ____D () C:\ProgramData\Norton
2014-12-07 18:24 - 2014-12-07 20:53 - 00000000 ____D () C:\Program Files (x86)\Norton Security Scan
2014-12-07 17:02 - 2014-12-07 17:02 - 00000000 __SHD () C:\Users\Deidra\AppData\Local\EmieBrowserModeList
2014-12-07 14:28 - 2014-12-07 14:40 - 00007605 _____ () C:\Users\Deidra\AppData\Local\Resmon.ResmonCfg
2014-12-04 22:24 - 2014-12-04 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-12-04 15:32 - 2014-12-08 21:38 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Nitro PDF
2014-12-03 22:27 - 2014-12-12 17:54 - 00000000 ____D () C:\Users\Deidra\AppData\Local\Lenovo
2014-12-03 13:10 - 2014-12-14 14:03 - 00000000 ____D () C:\windows\system32\MRT
2014-12-03 13:10 - 2014-12-14 14:02 - 112710672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-12-03 13:08 - 2014-12-03 13:09 - 00000000 ____D () C:\Users\Deidra\AppData\Local\CyberLink
2014-12-03 13:00 - 2014-11-09 18:19 - 00991232 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-12-03 13:00 - 2014-11-09 18:19 - 00806400 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-12-03 13:00 - 2014-11-09 18:18 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-12-03 13:00 - 2014-11-09 18:18 - 00208896 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-12-03 13:00 - 2014-08-23 00:18 - 02149376 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-12-03 13:00 - 2014-08-23 00:03 - 01346048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-12-03 12:59 - 2014-10-09 20:58 - 00177472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-12-03 12:59 - 2014-10-09 20:58 - 00027456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys
2014-12-03 12:59 - 2014-10-09 20:44 - 00563976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2014-12-03 12:59 - 2014-10-08 02:37 - 00736768 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-12-03 12:59 - 2014-10-08 02:37 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-12-03 12:59 - 2014-10-08 02:34 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-12-03 12:59 - 2014-10-08 02:24 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\rfxvmt.dll
2014-12-03 12:59 - 2014-10-08 01:56 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2014-12-03 12:59 - 2014-10-08 01:51 - 00736768 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-12-03 12:59 - 2014-10-08 01:51 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-12-03 12:59 - 2014-10-08 01:18 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2014-12-03 12:59 - 2014-10-08 01:17 - 01441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-12-03 12:59 - 2014-10-08 00:23 - 03547648 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-12-03 12:58 - 2014-10-23 00:48 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-12-03 12:58 - 2014-10-23 00:05 - 00072192 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-12-03 12:58 - 2014-10-17 02:01 - 00789184 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-12-03 12:58 - 2014-10-17 01:58 - 00602768 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-12-03 12:58 - 2014-10-07 01:28 - 00500016 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-12-03 12:58 - 2014-10-07 01:27 - 00482872 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-12-03 12:58 - 2014-10-07 01:27 - 00394120 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-12-03 12:58 - 2014-10-07 01:27 - 00272248 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2014-12-03 12:58 - 2014-10-07 01:27 - 00108432 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-12-03 12:58 - 2014-10-06 22:34 - 00370424 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-12-03 12:58 - 2014-10-06 22:34 - 00344536 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-12-03 12:58 - 2014-10-06 22:33 - 00424544 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-12-03 12:58 - 2014-10-06 22:30 - 04182016 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-12-03 12:58 - 2014-10-06 20:54 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2014-12-03 12:58 - 2014-10-06 20:46 - 00911360 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-12-03 12:58 - 2014-09-27 02:13 - 00104336 _____ (Microsoft Corporation) C:\windows\system32\ncryptsslp.dll
2014-12-03 12:58 - 2014-09-27 00:24 - 00088800 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncryptsslp.dll
2014-12-03 12:58 - 2014-09-26 22:38 - 00426496 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-12-03 12:58 - 2014-09-26 22:30 - 00185856 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2014-12-03 12:58 - 2014-09-26 22:17 - 00357376 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-12-03 12:57 - 2014-10-31 00:12 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2014-12-03 12:57 - 2014-10-31 00:12 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-12-03 12:57 - 2014-10-31 00:10 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2014-12-03 12:57 - 2014-10-31 00:09 - 00064512 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2014-12-03 12:57 - 2014-10-31 00:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-12-03 12:57 - 2014-10-31 00:06 - 00237568 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-12-03 12:57 - 2014-10-31 00:06 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-12-03 12:57 - 2014-10-31 00:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-12-03 12:57 - 2014-10-30 23:57 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-12-03 12:57 - 2014-10-30 23:56 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-12-03 12:57 - 2014-10-30 23:54 - 00132096 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2014-12-03 12:57 - 2014-10-30 23:53 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-12-03 12:57 - 2014-10-30 23:52 - 00108544 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2014-12-03 12:57 - 2014-10-30 23:51 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-12-03 12:57 - 2014-10-30 23:51 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-12-03 12:57 - 2014-10-30 23:50 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-12-03 12:57 - 2014-10-30 23:40 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2014-12-03 12:57 - 2014-10-30 23:38 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-12-03 12:57 - 2014-10-30 23:30 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-12-03 12:57 - 2014-10-30 23:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-12-03 12:57 - 2014-10-30 23:29 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2014-12-03 12:57 - 2014-10-30 23:28 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2014-12-03 12:57 - 2014-10-30 23:25 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-12-03 12:57 - 2014-10-30 23:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-12-03 12:57 - 2014-10-30 23:19 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2014-12-03 12:57 - 2014-10-30 22:44 - 02865152 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2014-12-03 12:57 - 2014-10-30 22:42 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2014-12-03 12:57 - 2014-10-30 22:28 - 00137728 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2014-12-03 12:57 - 2014-10-30 22:28 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2014-12-03 12:57 - 2014-10-30 22:27 - 00152064 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2014-12-03 12:57 - 2014-10-30 22:26 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2014-12-03 12:57 - 2014-10-30 22:25 - 00011264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2014-12-03 12:57 - 2014-10-30 22:24 - 00235520 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2014-12-03 12:57 - 2014-10-30 22:24 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-12-03 12:57 - 2014-10-30 22:23 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-12-03 12:57 - 2014-10-30 22:16 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-12-03 12:57 - 2014-10-30 22:15 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-12-03 12:57 - 2014-10-30 22:14 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2014-12-03 12:57 - 2014-10-30 22:13 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-12-03 12:57 - 2014-10-30 22:13 - 00099328 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2014-12-03 12:57 - 2014-10-30 22:12 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-12-03 12:57 - 2014-10-30 22:11 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-12-03 12:57 - 2014-10-30 22:03 - 00027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2014-12-03 12:57 - 2014-10-30 22:02 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-12-03 12:57 - 2014-10-30 21:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-03 12:57 - 2014-10-30 21:56 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2014-12-03 12:57 - 2014-10-30 21:56 - 00090624 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-12-03 12:57 - 2014-10-30 21:56 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2014-12-03 12:57 - 2014-10-30 21:53 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-12-03 12:57 - 2014-10-30 21:53 - 00052736 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2014-12-03 12:57 - 2014-10-30 21:48 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2014-12-03 12:57 - 2014-10-30 21:26 - 01042944 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2014-12-03 12:57 - 2014-10-30 21:24 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2014-12-03 12:57 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-12-03 12:56 - 2014-09-10 01:25 - 00474432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-12-03 12:56 - 2014-09-07 22:07 - 02497344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-12-03 12:56 - 2014-09-07 22:07 - 00428864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-12-03 12:56 - 2014-09-07 17:08 - 00389176 _____ () C:\windows\system32\ApnDatabase.xml
2014-12-03 12:56 - 2014-09-04 17:30 - 00822272 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2014-12-03 12:56 - 2014-09-04 17:21 - 01053184 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-12-03 12:56 - 2014-09-03 22:05 - 00836176 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2014-12-03 12:56 - 2014-09-03 21:22 - 00670384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2014-12-03 12:56 - 2014-09-03 20:01 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2014-12-03 12:56 - 2014-09-03 19:32 - 00334336 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2014-12-03 12:56 - 2014-09-03 19:10 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\winbici.dll
2014-12-03 12:56 - 2014-08-30 19:17 - 00148800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2014-12-03 12:56 - 2014-08-30 19:15 - 21197152 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-12-03 12:56 - 2014-08-30 17:59 - 18723112 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-12-03 12:56 - 2014-08-30 17:05 - 00615424 _____ (Microsoft Corporation) C:\windows\system32\FXSCOMEX.dll
2014-12-03 12:56 - 2014-08-30 16:58 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\FXSAPI.dll
2014-12-03 12:56 - 2014-08-30 16:04 - 00941568 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2014-12-03 12:56 - 2014-08-30 15:53 - 00239104 _____ (Microsoft Corporation) C:\windows\SysWOW64\FXSAPI.dll
2014-12-03 12:56 - 2014-08-30 15:17 - 00799744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2014-12-03 12:56 - 2014-08-27 21:55 - 07484224 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-12-03 12:56 - 2014-08-27 19:21 - 02480128 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2014-12-03 12:56 - 2014-08-27 19:06 - 02030592 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2014-12-03 12:56 - 2014-08-23 00:14 - 13424128 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-12-03 12:56 - 2014-08-23 00:04 - 11820544 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-12-03 12:56 - 2014-08-22 23:50 - 02714112 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers.dll
2014-12-03 12:56 - 2014-08-01 19:51 - 00545792 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2014-12-03 12:56 - 2014-08-01 19:35 - 00485376 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2014-12-03 12:56 - 2014-07-24 06:22 - 00308736 _____ (Microsoft Corporation) C:\windows\system32\compstui.dll
2014-12-03 12:56 - 2014-07-24 04:53 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\prnntfy.dll
2014-12-03 12:56 - 2014-07-24 04:13 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\prnntfy.dll
2014-12-03 12:56 - 2014-07-24 03:20 - 00187392 _____ (Microsoft Corporation) C:\windows\system32\puiapi.dll
2014-12-03 12:56 - 2014-07-24 03:08 - 00162816 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiapi.dll
2014-12-03 12:56 - 2014-07-24 02:49 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll
2014-12-03 12:56 - 2014-07-24 02:43 - 00200192 _____ (Microsoft Corporation) C:\windows\SysWOW64\DafPrintProvider.dll
2014-12-03 12:54 - 2014-10-18 04:55 - 00055776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-12-03 12:54 - 2014-10-18 03:09 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-12-03 12:54 - 2014-10-18 03:09 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-12-03 12:54 - 2014-10-18 02:25 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-12-03 12:54 - 2014-10-18 01:50 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\wuaext.dll
2014-12-03 12:54 - 2014-10-18 01:38 - 03557376 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-12-03 12:54 - 2014-10-18 01:27 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-12-03 12:54 - 2014-10-18 01:26 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-12-03 12:54 - 2014-10-18 01:23 - 00407552 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-12-03 12:54 - 2014-10-18 01:23 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-12-03 12:54 - 2014-10-18 01:21 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-12-03 12:54 - 2014-10-18 01:20 - 01714176 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-12-03 12:54 - 2014-10-18 01:14 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-12-03 12:54 - 2014-10-18 01:14 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-12-03 12:54 - 2014-10-18 01:12 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-12-03 12:54 - 2014-10-18 01:11 - 00723968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-12-03 12:53 - 2014-12-03 12:53 - 00000000 ____D () C:\Users\Public\Pokki
2014-12-03 12:53 - 2014-09-21 23:38 - 01519488 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2014-12-03 12:53 - 2014-09-21 22:06 - 00258368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2014-12-03 12:53 - 2014-09-21 22:06 - 00114496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdNisDrv.sys
2014-12-03 12:53 - 2014-09-21 21:49 - 00035320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2014-12-03 12:53 - 2014-09-18 19:16 - 01346048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2014-12-03 12:53 - 2014-09-02 17:08 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\winshfhc.dll
2014-12-03 12:53 - 2014-09-02 17:08 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\winshfhc.dll
2014-12-03 12:53 - 2014-08-15 19:29 - 00249344 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-03 12:53 - 2014-08-15 19:22 - 00286208 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveShell.dll
2014-12-03 12:53 - 2014-08-15 19:19 - 00189952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-03 12:53 - 2014-08-15 19:14 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\SkyDriveShell.dll
2014-12-03 12:53 - 2014-08-15 19:11 - 00920064 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-12-03 12:53 - 2014-08-15 19:07 - 00756224 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-12-03 12:53 - 2014-07-24 10:28 - 00468288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-12-03 12:52 - 2014-12-07 21:18 - 00002302 _____ () C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-12-03 12:52 - 2014-08-15 23:08 - 01507648 _____ (Microsoft Corporation) C:\windows\system32\propsys.dll
2014-12-03 12:52 - 2014-08-15 23:01 - 01710184 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-12-03 12:52 - 2014-08-15 22:58 - 01112512 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-12-03 12:52 - 2014-08-15 22:16 - 01205976 _____ (Microsoft Corporation) C:\windows\SysWOW64\propsys.dll
2014-12-03 12:52 - 2014-08-15 22:03 - 01467384 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-12-03 12:52 - 2014-08-15 20:31 - 00838144 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-12-03 12:52 - 2014-08-15 20:04 - 00359424 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll
2014-12-03 12:52 - 2014-08-15 19:58 - 00287744 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll
2014-12-03 12:52 - 2014-08-15 19:53 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\httpprxm.dll
2014-12-03 12:52 - 2014-08-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\ProximityService.dll
2014-12-03 12:52 - 2014-08-15 19:45 - 00267776 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2014-12-03 12:52 - 2014-08-15 19:43 - 00321024 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll
2014-12-03 12:52 - 2014-08-15 19:43 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\adhsvc.dll
2014-12-03 12:52 - 2014-08-15 19:31 - 00914432 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2014-12-03 12:52 - 2014-08-15 19:31 - 00286208 _____ (Microsoft Corporation) C:\windows\system32\pcsvDevice.dll
2014-12-03 12:52 - 2014-08-15 19:23 - 01106432 _____ (Microsoft Corporation) C:\windows\system32\SearchFolder.dll
2014-12-03 12:52 - 2014-08-15 19:22 - 00717824 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveTelemetry.dll
2014-12-03 12:52 - 2014-08-15 19:18 - 04758528 _____ (Microsoft Corporation) C:\windows\system32\SyncEngine.dll
2014-12-03 12:52 - 2014-08-15 19:17 - 08757760 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Search.dll
2014-12-03 12:52 - 2014-08-15 19:13 - 06649344 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-12-03 12:52 - 2014-08-15 19:13 - 05902848 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Search.dll
2014-12-03 12:52 - 2014-08-15 19:13 - 00840192 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFolder.dll
2014-12-03 12:52 - 2014-08-15 19:10 - 01120768 _____ (Microsoft Corporation) C:\windows\system32\SkyDrive.exe
2014-12-03 12:52 - 2014-08-15 19:08 - 05777408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-12-03 12:52 - 2014-07-24 06:42 - 01200640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2014-12-03 12:52 - 2014-07-24 06:41 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bridge.sys
2014-12-03 12:52 - 2014-07-24 05:09 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2014-12-03 12:52 - 2014-07-24 04:27 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2014-12-03 12:49 - 2014-12-14 13:06 - 00000000 ____D () C:\Users\Deidra\AppData\Local\CrashDumps
2014-12-03 12:42 - 2014-12-07 22:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-03 12:42 - 2014-12-07 22:44 - 00003884 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-03 12:42 - 2014-12-07 22:44 - 00003648 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-03 12:42 - 2014-12-03 12:42 - 00003884 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1d00f20798012ba
2014-12-03 12:42 - 2014-12-03 12:42 - 00000000 ____D () C:\Users\Deidra\AppData\Local\Google
2014-12-03 12:41 - 2014-12-07 22:44 - 00000000 ____D () C:\Users\Deidra\AppData\Local\Deployment
2014-12-03 12:41 - 2014-12-03 12:41 - 00000000 __SHD () C:\Users\Deidra\AppData\Local\EmieUserList
2014-12-03 12:41 - 2014-12-03 12:41 - 00000000 __SHD () C:\Users\Deidra\AppData\Local\EmieSiteList
2014-12-03 12:41 - 2014-12-03 12:41 - 00000000 ____D () C:\Users\Deidra\AppData\Local\Apps\2.0
2014-12-03 12:41 - 2014-09-03 19:12 - 00590336 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-12-03 12:41 - 2014-09-03 19:01 - 00514048 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-12-03 12:40 - 2014-06-09 17:13 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-12-03 12:40 - 2014-06-09 17:13 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-12-03 12:39 - 2014-08-23 02:48 - 02374784 _____ (Microsoft Corporation) C:\windows\explorer.exe
2014-12-03 12:39 - 2014-08-23 02:13 - 02084520 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2014-12-03 12:39 - 2014-08-23 01:10 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-12-03 12:39 - 2014-08-23 00:32 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-12-03 12:39 - 2014-08-22 23:33 - 00796672 _____ (Microsoft Corporation) C:\windows\system32\uDWM.dll
2014-12-03 12:39 - 2014-08-14 19:36 - 00146752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msgpioclx.sys
2014-12-03 12:39 - 2014-08-01 19:18 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-12-03 12:39 - 2014-07-29 20:56 - 00299520 _____ (Microsoft Corporation) C:\windows\system32\WSDMon.dll
2014-12-03 12:39 - 2014-07-29 00:22 - 00205824 _____ (Microsoft Corporation) C:\windows\system32\tcpmon.dll
2014-12-03 12:39 - 2014-07-23 22:20 - 00875688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2014-12-03 12:39 - 2014-07-23 22:20 - 00869544 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2014-12-03 12:37 - 2014-08-06 21:12 - 01336624 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-12-03 12:37 - 2014-08-01 22:56 - 01064448 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-12-03 12:37 - 2014-07-15 13:16 - 03048880 _____ (Microsoft Corporation) C:\windows\system32\WpcMon.exe
2014-12-03 12:37 - 2014-07-15 03:29 - 03118080 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll
2014-12-03 12:37 - 2014-07-15 03:22 - 02861056 _____ (Microsoft Corporation) C:\windows\system32\WpcWebSync.dll
2014-12-03 12:37 - 2014-07-15 03:03 - 02344448 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll
2014-12-03 12:37 - 2014-07-11 23:17 - 00623616 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe
2014-12-03 12:37 - 2014-06-01 21:10 - 00423768 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2014-12-03 12:37 - 2014-05-31 05:07 - 00440664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-12-03 12:37 - 2014-05-31 05:07 - 00089944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-12-03 12:37 - 2014-05-31 05:07 - 00027480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-12-03 12:37 - 2014-05-31 01:30 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-12-03 12:37 - 2014-05-31 01:27 - 00110592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys
2014-12-03 12:37 - 2014-05-31 01:26 - 00227840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys
2014-12-03 12:37 - 2014-05-30 23:01 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe
2014-12-03 12:37 - 2014-05-30 23:01 - 00209408 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll
2014-12-03 12:37 - 2014-05-30 23:01 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll
2014-12-03 12:37 - 2014-05-27 04:56 - 00323584 _____ (Microsoft Corporation) C:\windows\system32\DaOtpCredentialProvider.dll
2014-12-03 12:37 - 2014-05-27 04:53 - 00270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\DaOtpCredentialProvider.dll
2014-12-03 12:37 - 2014-05-01 08:31 - 00055328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wpcfltr.sys
2014-12-03 12:36 - 2014-05-13 02:01 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\BulkOperationHost.exe
2014-12-03 12:36 - 2014-05-03 00:36 - 00997888 _____ (Microsoft Corporation) C:\windows\system32\reseteng.dll
2014-12-03 12:36 - 2014-05-03 00:19 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\ncobjapi.dll
2014-12-03 12:36 - 2014-05-03 00:08 - 00301056 _____ (Microsoft Corporation) C:\windows\system32\framedynos.dll
2014-12-03 12:36 - 2014-05-03 00:07 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\framedyn.dll
2014-12-03 12:36 - 2014-05-02 23:46 - 00052736 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncobjapi.dll
2014-12-03 12:36 - 2014-05-02 23:37 - 00235008 _____ (Microsoft Corporation) C:\windows\SysWOW64\framedynos.dll
2014-12-03 12:36 - 2014-05-02 23:37 - 00207360 _____ (Microsoft Corporation) C:\windows\SysWOW64\framedyn.dll
2014-12-03 12:36 - 2014-05-02 18:26 - 00050745 _____ () C:\windows\system32\srms.dat
2014-12-03 12:36 - 2014-04-30 01:43 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwififlt.sys
2014-12-03 12:36 - 2014-04-30 01:41 - 00402432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-12-03 12:36 - 2014-04-30 01:41 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\agilevpn.sys
2014-12-03 12:36 - 2014-04-30 01:41 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwifimp.sys
2014-12-03 12:36 - 2014-04-30 00:45 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\Robocopy.exe
2014-12-03 12:36 - 2014-04-29 23:48 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Robocopy.exe
2014-12-03 12:36 - 2014-04-29 23:24 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll
2014-12-03 12:36 - 2014-04-29 23:23 - 00353280 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore.dll
2014-12-03 12:36 - 2014-04-29 23:23 - 00271872 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2014-12-03 12:36 - 2014-04-29 23:23 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc.dll
2014-12-03 12:36 - 2014-04-29 23:14 - 00827392 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2014-12-03 12:36 - 2014-04-29 22:59 - 01063424 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2014-12-03 12:36 - 2014-04-29 22:46 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore.dll
2014-12-03 12:36 - 2014-04-29 22:46 - 00229888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2014-12-03 12:36 - 2014-04-29 22:46 - 00056320 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll
2014-12-03 12:36 - 2014-04-29 22:45 - 00062976 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc.dll
2014-12-03 12:36 - 2014-04-29 22:42 - 00403968 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll
2014-12-03 12:36 - 2014-04-28 17:40 - 00721408 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2014-12-03 12:36 - 2014-04-26 11:39 - 00339456 _____ (Microsoft Corporation) C:\windows\system32\bdesvc.dll
2014-12-03 12:36 - 2014-04-14 04:37 - 02125344 _____ (Microsoft Corporation) C:\windows\system32\d3d9.dll
2014-12-03 12:36 - 2014-04-14 03:08 - 01797896 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d9.dll
2014-12-03 12:36 - 2014-04-14 00:18 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d8thk.dll
2014-12-03 12:35 - 2014-06-19 20:48 - 01273184 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-12-03 12:35 - 2014-06-19 18:52 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-12-03 12:35 - 2014-06-12 20:15 - 00517528 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2014-12-03 12:35 - 2014-06-12 20:14 - 01557848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-12-03 12:35 - 2014-06-12 19:10 - 00406400 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2014-12-03 12:35 - 2014-06-06 06:34 - 02133504 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2014-12-03 12:34 - 2014-05-31 05:06 - 00555736 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll
2014-12-03 12:34 - 2014-05-30 21:37 - 01054208 _____ (Microsoft Corporation) C:\windows\system32\twinui.appcore.dll
2014-12-03 12:34 - 2014-05-30 21:35 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.appcore.dll
2014-12-03 12:33 - 2014-06-06 08:04 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-12-03 12:33 - 2014-06-06 07:18 - 00488960 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-12-03 12:33 - 2014-05-29 22:03 - 00563200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-12-03 12:33 - 2014-05-19 01:31 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\drvcfg.exe
2014-12-03 12:33 - 2014-05-19 01:21 - 00110592 _____ (Microsoft Corporation) C:\windows\system32\drvinst.exe
2014-12-03 12:33 - 2014-05-19 00:23 - 00098816 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvinst.exe
2014-12-03 12:33 - 2014-05-01 00:24 - 02834944 _____ (Microsoft Corporation) C:\windows\system32\wpccpl.dll
2014-12-03 12:33 - 2014-04-29 23:43 - 01975296 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2014-12-03 12:33 - 2014-04-29 23:26 - 01345536 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2014-12-03 12:33 - 2014-04-29 22:47 - 01509888 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2014-12-03 12:29 - 2014-12-03 12:29 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Screensaver Factory
2014-12-03 11:56 - 2014-12-03 12:42 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Hightail for Lenovo
2014-12-03 11:56 - 2014-12-03 11:56 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-12-03 11:54 - 2014-12-14 15:35 - 00000000 __RDO () C:\Users\Deidra\OneDrive
2014-12-03 11:53 - 2014-12-14 15:40 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-818984236-3831732592-3455439087-1001
2014-12-03 11:49 - 2014-12-03 11:49 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Intel Corporation
2014-12-03 11:48 - 2014-12-14 13:11 - 00000000 ____D () C:\Users\Deidra\AppData\Local\Packages
2014-12-03 11:48 - 2014-12-12 13:05 - 00000000 ____D () C:\Users\Deidra
2014-12-03 11:48 - 2014-12-09 02:20 - 00000000 ____D () C:\Users\Deidra\AppData\Local\Pokki
2014-12-03 11:48 - 2014-12-03 11:48 - 00001453 _____ () C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-03 11:48 - 2014-12-03 11:48 - 00000180 _____ () C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-12-03 11:48 - 2014-12-03 11:48 - 00000020 ___SH () C:\Users\Deidra\ntuser.ini
2014-12-03 11:48 - 2014-12-03 11:48 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Macromedia
2014-12-03 11:48 - 2014-12-03 11:48 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Intel
2014-12-03 11:48 - 2014-12-03 11:48 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Adobe
2014-12-03 11:48 - 2014-12-03 11:48 - 00000000 ____D () C:\Users\Deidra\AppData\Local\VirtualStore
2014-12-03 11:48 - 2014-12-03 11:48 - 00000000 ____D () C:\Users\Deidra\AppData\Local\LenovoBrowserGuard
2014-12-03 11:48 - 2014-08-20 20:45 - 00000000 ___RD () C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-03 11:48 - 2014-03-18 05:05 - 00000000 ___RD () C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-03 11:48 - 2014-03-18 04:55 - 00000369 _____ () C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-12-03 11:48 - 2014-03-18 04:55 - 00000369 _____ () C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-12-03 11:48 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-03 11:48 - 2013-08-22 10:36 - 00000000 ____D () C:\Users\Deidra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-14 15:39 - 2014-03-18 04:53 - 00865408 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-14 15:36 - 2014-08-20 20:41 - 01060599 _____ () C:\windows\WindowsUpdate.log
2014-12-14 15:35 - 2014-08-20 21:11 - 00002560 _____ () C:\windows\system32\VfService.trf
2014-12-14 15:35 - 2014-03-18 04:44 - 01694026 _____ () C:\windows\PFRO.log
2014-12-14 15:35 - 2013-08-22 09:46 - 00027325 _____ () C:\windows\setupact.log
2014-12-14 15:35 - 2013-08-22 09:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-14 15:35 - 2013-08-22 08:25 - 00524288 ___SH () C:\windows\system32\config\BBI
2014-12-14 15:23 - 2014-08-20 21:09 - 00000000 ____D () C:\ProgramData\McAfee
2014-12-14 15:21 - 2013-08-22 10:36 - 00000000 ___HD () C:\windows\ELAMBKUP
2014-12-14 15:11 - 2013-08-22 08:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-12-14 15:00 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\system32\sru
2014-12-14 14:02 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\AppReadiness
2014-12-12 18:08 - 2014-08-20 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-12-12 18:08 - 2014-08-20 21:07 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-12-12 18:08 - 2014-08-20 20:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-12 18:00 - 2014-08-20 21:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-12-12 17:55 - 2014-08-20 21:07 - 00000000 ____D () C:\ProgramData\Lenovo
2014-12-12 17:54 - 2014-08-20 21:08 - 00000000 ____D () C:\windows\System32\Tasks\Lenovo
2014-12-12 17:53 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files\lenovo
2014-12-12 13:29 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\rescache
2014-12-12 01:04 - 2014-08-20 21:11 - 00010920 _____ () C:\windows\SysWOW64\VisualDiscovery.ini
2014-12-12 01:04 - 2014-08-20 21:11 - 00005376 _____ () C:\windows\SysWOW64\VisualDiscoveryOff.ini
2014-12-12 01:04 - 2014-08-20 21:11 - 00005376 _____ () C:\windows\system32\VisualDiscoveryOff.ini
2014-12-11 20:28 - 2014-08-20 21:13 - 00000000 ____D () C:\ProgramData\Energy Manager
2014-12-11 02:18 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-12-10 10:51 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\system32\sr-Latn-RS
2014-12-10 10:51 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\system32\sr-Latn-CS
2014-12-10 10:51 - 2013-08-22 10:20 - 00000000 ____D () C:\windows\CbsTemp
2014-12-10 00:23 - 2013-08-22 09:44 - 00346744 _____ () C:\windows\system32\FNTCACHE.DAT
2014-12-09 13:16 - 2014-03-18 04:38 - 00000000 ____D () C:\Program Files\Windows Journal
2014-12-09 13:16 - 2013-08-22 10:36 - 00000000 ___RD () C:\windows\ToastData
2014-12-09 13:16 - 2013-08-22 10:36 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2014-12-09 13:16 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-09 13:16 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-09 13:16 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\SysWOW64\setup
2014-12-09 13:16 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\SysWOW64\InputMethod
2014-12-09 13:16 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\system32\setup
2014-12-09 13:16 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\oobe
2014-12-08 13:22 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-07 20:54 - 2014-08-20 21:11 - 00000000 ____D () C:\Program Files\Lenovo Yoga PhoneCompanion
2014-12-07 20:54 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-07 20:54 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\Sysprep
2014-12-07 20:54 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\servicing
2014-12-07 20:53 - 2014-08-20 21:07 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki
2014-12-07 20:53 - 2014-08-20 21:07 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki
2014-12-07 20:53 - 2014-08-20 21:07 - 00000000 ____D () C:\ProgramData\Pokki
2014-12-07 20:52 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\registration
2014-12-03 23:14 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-03 23:14 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-03 23:14 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\WinStore
2014-12-03 23:14 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\MediaViewer
2014-12-03 23:14 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\FileManager
2014-12-03 23:14 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\Camera
2014-12-03 23:14 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-03 13:08 - 2014-08-20 21:12 - 00000000 ____D () C:\ProgramData\CyberLink
2014-12-03 11:53 - 2014-08-20 20:48 - 00000000 ____D () C:\ProgramData\Intel
2014-12-03 11:48 - 2014-08-20 21:38 - 00118107 ____H () C:\windows\modules.log
2014-12-03 11:48 - 2014-08-20 21:08 - 00000000 ____D () C:\Program Files (x86)\LenovoBrowserGuard
2014-12-03 11:48 - 2014-04-03 14:15 - 00000000 ____D () C:\windows\Panther
2014-11-26 16:10 - 2013-08-22 10:38 - 00714720 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 16:10 - 2013-08-22 10:38 - 00106976 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-20 20:39
 
==================== End Of Log ============================
 
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2014
Ran by Deidra at 2014-12-14 15:46:49
Running from C:\Users\Deidra\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
 Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dragon Assistant 3 (HKLM-x32\...\{4693847A-7139-4CF4-B274-916C046C9E50}) (Version: 3.1.30 - Nuance Communications, Inc.)
Dragon Assistant 3 Language Data Pack en_US (HKLM-x32\...\{532A5345-1A42-4C55-B56E-CE753D0BAA02}) (Version: 3.1.30 - Nuance Communications, Inc.)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.1.51 - Lenovo)
Energy Manager (x32 Version: 1.0.1.51 - Lenovo) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Officejet 5740 series Basic Device Software (HKLM\...\{7FAA9D15-FF0B-4593-8D4A-0B941FD1977A}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel® Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1419.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{92DA2455-E6C9-4EFF-9AFD-07C2C3B185DA}) (Version: 4.2.41.2633 - Intel Corporation)
Intel® Update Manager (x32 Version: 1.6.2.69 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f4d8103-e601-4d48-b81d-d508d760aaba}) (Version: 17.0.3 - Intel Corporation)
Lenovo Browser Guard (HKLM-x32\...\LenovoBrowserGuard) (Version: 2.16.50.5 - ClientConnect LTD)
Lenovo EasyCamera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.5.43 - SunplusIT)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.17.0 - Lenovo)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{E9325F15-6339-45E8-9DC4-C2D44B623039}) (Version: 2.5.1.0224 - PointGrab)
Lenovo Motion Control (x32 Version: 2.5.1.0224 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.4 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.0.13.12271 - Lenovo)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo Yoga PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.1.9.3 - Lenovo)
Lenovo Yoga PhoneCompanion (x32 Version: 1.1.9.3 - Lenovo) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7058 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.7 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-818984236-3831732592-3455439087-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points  =========================
 
13-12-2014 16:09:51 End of disinfection
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {02CB54FA-9273-4CAC-9C86-2EC426B20FFC} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {25780E0B-6E43-4DDC-957F-034654611EF8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {260412EB-AC49-4220-B580-5E0B0541DACB} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {5FC5605C-A1EC-4A16-8DCA-C885A2E5DDA6} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-08-20] (Lenovo)
Task: {7F364DB4-E342-42D7-B642-B801362B4682} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-12-14] (Microsoft Corporation)
Task: {8EA3C866-F401-4EF8-AF7C-3592AF8BE95E} - System32\Tasks\GoogleUpdateTaskMachineUA1d00f20798012ba => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {8FA551CA-5EAB-42D4-90A5-47143600E071} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2014-12-03] (Lenovo)
Task: {C60B6ABA-5013-4760-9F29-5584518E19AF} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)
Task: {DE7F333C-7AB1-4C04-AEA7-5AE04519AFAC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {E6E337EB-D94D-430F-A66E-1849E41EF85F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {EA0EC87D-DC20-4D47-A53A-EEB8A4ABFF88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-11-07 19:12 - 2013-11-07 19:12 - 00198120 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-11-07 19:12 - 2013-11-07 19:12 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-11-07 19:12 - 2013-11-07 19:12 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-20 21:11 - 2012-04-24 05:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-08-20 21:11 - 2014-08-20 21:11 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2014-08-20 21:11 - 2014-08-20 21:11 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2014-08-20 21:11 - 2014-08-20 21:11 - 00062224 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2014-08-20 21:11 - 2014-08-20 21:11 - 00294672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
2014-08-20 21:11 - 2014-08-20 21:11 - 00108304 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
2014-08-20 05:29 - 2014-03-06 20:21 - 00080312 _____ () C:\windows\system32\igfxexps.dll
2014-12-03 12:02 - 2014-12-03 12:03 - 02394624 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt\Facebook.exe
2014-12-14 14:07 - 2014-12-14 14:07 - 10501632 _____ () C:\Users\Deidra\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook\eff57947f2d527a4d30599471bd8a2a4\Facebook.ni.exe
2014-12-08 13:27 - 2014-12-08 13:27 - 05185024 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.UI.Xaml\873b701d9b42e91132f08a6f05c4361a\Windows.UI.Xaml.ni.dll
2014-12-14 14:07 - 2014-12-14 14:07 - 01134592 _____ () C:\Users\Deidra\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-Win8-Base\8a9f4d141ea60649eb4ac5dc3eae33d2\Facebook-Win8-Base.ni.dll
2014-12-14 14:07 - 2014-12-14 14:07 - 00619520 _____ () C:\Users\Deidra\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-Base\a1e018847a9bbd02df0c31d4d2044695\Facebook-Base.ni.dll
2014-12-14 14:07 - 2014-12-14 14:07 - 01112576 _____ () C:\Users\Deidra\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-Models\6345c048bbd973b5b6935da559c99955\Facebook-Models.ni.dll
2014-12-14 14:07 - 2014-12-14 14:07 - 05790720 _____ () C:\Users\Deidra\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-Services\f8229d2b8e40c929a92d58b800fa8d1e\Facebook-Services.ni.dll
2014-12-08 13:28 - 2014-12-08 13:28 - 01782784 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\3f4dc590466037f015f65bc07d1ea923\Windows.ApplicationModel.ni.dll
2014-12-08 13:28 - 2014-12-08 13:28 - 00632320 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Security\c7f6d022c5d5aec4891cb6b3b9934336\Windows.Security.ni.dll
2014-12-08 13:28 - 2014-12-08 13:28 - 01278464 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Storage\f9ac074d298db459c5eff6d3256861c8\Windows.Storage.ni.dll
2014-12-08 13:27 - 2014-12-08 13:27 - 00363520 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\6382e6f5ad8b7a9db4f5cd4817e70319\Windows.Foundation.ni.dll
2014-12-14 14:07 - 2014-12-14 14:07 - 01492992 _____ () C:\Users\Deidra\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Bing.Maps\da17719ac327a528f002ca1420a4abca\Bing.Maps.ni.dll
2014-12-03 12:28 - 2014-12-03 12:28 - 02019840 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Devices\0b4b3f23bdebd1d056b32b31e2f746bb\Windows.Devices.ni.dll
2014-12-08 13:27 - 2014-12-08 13:27 - 01459712 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\4bd80968bf666252841ca7792faaff11\Windows.UI.ni.dll
2014-12-08 13:27 - 2014-12-08 13:27 - 00207872 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.System\a4efa88b742703220e527956d8ab4e84\Windows.System.ni.dll
2014-12-08 13:27 - 2014-12-08 13:27 - 00521216 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Data\fae2b750f87849ca11806d20b2504bf2\Windows.Data.ni.dll
2014-12-03 12:28 - 2014-12-03 12:28 - 00467456 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Graphics\ea818a24554fc2db9a73de1e79afb286\Windows.Graphics.ni.dll
2014-12-08 13:27 - 2014-12-08 13:27 - 01259520 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Networking\8f0dd293f95c402613c49fb2fac85bdd\Windows.Networking.ni.dll
2014-12-14 14:07 - 2014-12-14 14:07 - 00021504 _____ () C:\Users\Deidra\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-No02b98c3e#\ad3ee8ea231e42a87d3bfbbf64e06b7e\Facebook-Notifications.ni.dll
2014-12-14 14:07 - 2014-12-14 14:07 - 00592896 _____ () C:\Users\Deidra\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Notificatioc5a47191#\3b0f4eefb2f4c55dbed371d125599081\NotificationsExtensions.ni.dll
2014-02-24 18:39 - 2014-02-24 18:39 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2014-08-20 21:11 - 2014-08-20 21:11 - 00102672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\3200\TransitionLib.dll
2014-08-20 21:11 - 2014-08-20 21:11 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll
2014-08-20 21:11 - 2014-08-20 21:11 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll
2014-02-24 18:39 - 2014-02-24 18:39 - 02690312 _____ () C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterFilter.ax
2014-12-11 21:48 - 2014-12-05 20:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-11 21:48 - 2014-12-05 20:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-11 21:48 - 2014-12-05 20:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-11 21:48 - 2014-12-05 20:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-08-20 20:46 - 2013-08-08 15:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:B3503B59
AlternateDataStreams: C:\Users\Deidra\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Deidra\Downloads\Facebook-20141203-121530.jpg:StreamedFileState
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "Yoga PhoneCompanion"
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "Yoga Picks"
HKU\S-1-5-21-818984236-3831732592-3455439087-1001\...\StartupApproved\Run: => "Pokki"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-818984236-3831732592-3455439087-500 - Administrator - Disabled)
Deidra (S-1-5-21-818984236-3831732592-3455439087-1001 - Administrator - Enabled) => C:\Users\Deidra
Guest (S-1-5-21-818984236-3831732592-3455439087-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
Name: UMDF HID minidriver Device
Description: UMDF HID minidriver Device
Class Guid: {177b1d2a-679c-4093-98bf-fd6999695d3b}
Manufacturer: Lenovo
Service: mshidumdf
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
Name: Intel® Experience Center Driver
Description: Intel® Experience Center Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/14/2014 01:06:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wwahost.exe, version: 6.3.9600.17031, time stamp: 0x53085904
Faulting module name: ntdll.dll, version: 6.3.9600.17278, time stamp: 0x53eeb4a3
Exception code: 0xc0000374
Fault offset: 0x000debd8
Faulting process id: 0x1ad8
Faulting application start time: 0xwwahost.exe0
Faulting application path: wwahost.exe1
Faulting module path: wwahost.exe2
Report Id: wwahost.exe3
Faulting package full name: wwahost.exe4
Faulting package-relative application ID: wwahost.exe5
 
Error: (12/13/2014 05:51:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1d30
 
Start Time: 01d016a9a3c90217
 
Termination Time: 4294967295
 
Application Path: C:\windows\system32\backgroundTaskHost.exe
 
Report Id: 0b9f3d06-82b6-11e4-826c-ed96d921c996
 
Faulting package full name: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt
 
Faulting package-relative application ID: App
 
Error: (12/13/2014 00:16:26 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (12/12/2014 08:40:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FIRSTRUN.EXE, version: 15.0.4569.1506, time stamp: 0x52e0bd57
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x1f14
Faulting application start time: 0xFIRSTRUN.EXE0
Faulting application path: FIRSTRUN.EXE1
Faulting module path: FIRSTRUN.EXE2
Report Id: FIRSTRUN.EXE3
Faulting package full name: FIRSTRUN.EXE4
Faulting package-relative application ID: FIRSTRUN.EXE5
 
Error: (12/12/2014 07:46:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FIRSTRUN.EXE, version: 15.0.4569.1506, time stamp: 0x52e0bd57
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x1304
Faulting application start time: 0xFIRSTRUN.EXE0
Faulting application path: FIRSTRUN.EXE1
Faulting module path: FIRSTRUN.EXE2
Report Id: FIRSTRUN.EXE3
Faulting package full name: FIRSTRUN.EXE4
Faulting package-relative application ID: FIRSTRUN.EXE5
 
Error: (12/12/2014 07:45:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FIRSTRUN.EXE, version: 15.0.4569.1506, time stamp: 0x52e0bd57
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xed8
Faulting application start time: 0xFIRSTRUN.EXE0
Faulting application path: FIRSTRUN.EXE1
Faulting module path: FIRSTRUN.EXE2
Report Id: FIRSTRUN.EXE3
Faulting package full name: FIRSTRUN.EXE4
Faulting package-relative application ID: FIRSTRUN.EXE5
 
Error: (12/12/2014 07:45:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FIRSTRUN.EXE, version: 15.0.4569.1506, time stamp: 0x52e0bd57
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xce4
Faulting application start time: 0xFIRSTRUN.EXE0
Faulting application path: FIRSTRUN.EXE1
Faulting module path: FIRSTRUN.EXE2
Report Id: FIRSTRUN.EXE3
Faulting package full name: FIRSTRUN.EXE4
Faulting package-relative application ID: FIRSTRUN.EXE5
 
Error: (12/12/2014 07:45:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FIRSTRUN.EXE, version: 15.0.4569.1506, time stamp: 0x52e0bd57
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x133c
Faulting application start time: 0xFIRSTRUN.EXE0
Faulting application path: FIRSTRUN.EXE1
Faulting module path: FIRSTRUN.EXE2
Report Id: FIRSTRUN.EXE3
Faulting package full name: FIRSTRUN.EXE4
Faulting package-relative application ID: FIRSTRUN.EXE5
 
Error: (12/12/2014 06:06:15 PM) (Source: nlsX86cc) (EventID: 0) (User: )
Description: Stop request seennlsX86cc error: 0
 
Error: (12/12/2014 05:55:48 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: FLIPSY)
Description: Application or service 'Lenovo System Agent Service' could not be restarted.
 
 
System errors:
=============
Error: (12/14/2014 03:35:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error: 
%%2
 
Error: (12/14/2014 03:20:45 PM) (Source: DCOM) (EventID: 10010) (User: FLIPSY)
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (12/14/2014 03:20:15 PM) (Source: DCOM) (EventID: 10010) (User: FLIPSY)
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (12/14/2014 03:11:35 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (12/14/2014 03:09:38 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The McAfee Proxy Service service depends on the following service: mfefire. This service might not be installed.
 
Error: (12/14/2014 00:26:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Windows Malicious Software Removal Tool for Windows 8, 8.1 and Windows Server 2012, 2012 R2 x64 Edition - December 2014 (KB890830).
 
Error: (12/13/2014 11:05:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DragonAssistant3 Maintenance Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (12/13/2014 00:36:05 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.
 
Error: (12/12/2014 06:05:26 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.
 
Error: (12/12/2014 01:07:19 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.
 
 
Microsoft Office Sessions:
=========================
Error: (12/14/2014 01:06:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.3.9600.1703153085904ntdll.dll6.3.9600.1727853eeb4a3c0000374000debd81ad801d017c8b8170894C:\windows\syswow64\wwahost.exeC:\windows\SYSTEM32\ntdll.dllfc42eb3f-83bb-11e4-8270-dc0b82b37368Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp
 
Error: (12/13/2014 05:51:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.163841d3001d016a9a3c902174294967295C:\windows\system32\backgroundTaskHost.exe0b9f3d06-82b6-11e4-826c-ed96d921c996Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp
 
Error: (12/13/2014 00:16:26 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Deidra\Downloads\esetsmartinstaller_enu.exe
 
Error: (12/12/2014 08:40:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FIRSTRUN.EXE15.0.4569.150652e0bd57MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd1f1401d01675d288e083C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXEC:\windows\SYSTEM32\MSVCR100.dll104ae15e-8269-11e4-826b-dd060e412ba1
 
Error: (12/12/2014 07:46:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FIRSTRUN.EXE15.0.4569.150652e0bd57MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd130401d0166e362d876cC:\PROGRA~2\MICROS~1\Office15\FIRSTRUN.EXEC:\windows\SYSTEM32\MSVCR100.dll73ded7b8-8261-11e4-826b-dd060e412ba1
 
Error: (12/12/2014 07:45:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FIRSTRUN.EXE15.0.4569.150652e0bd57MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fded801d0166e182c4665C:\PROGRA~2\MICROS~1\Office15\FIRSTRUN.EXEC:\windows\SYSTEM32\MSVCR100.dll55dff793-8261-11e4-826b-dd060e412ba1
 
Error: (12/12/2014 07:45:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FIRSTRUN.EXE15.0.4569.150652e0bd57MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdce401d0166e12692004C:\PROGRA~2\MICROS~1\Office15\FIRSTRUN.EXEC:\windows\SYSTEM32\MSVCR100.dll501cf0de-8261-11e4-826b-dd060e412ba1
 
Error: (12/12/2014 07:45:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FIRSTRUN.EXE15.0.4569.150652e0bd57MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd133c01d0166e0e5fc4d1C:\PROGRA~2\MICROS~1\Office15\FIRSTRUN.EXEC:\windows\SYSTEM32\MSVCR100.dll4c2cfd13-8261-11e4-826b-dd060e412ba1
 
Error: (12/12/2014 06:06:15 PM) (Source: nlsX86cc) (EventID: 0) (User: )
Description: Stop request seennlsX86cc error: 0
 
Error: (12/12/2014 05:55:48 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: FLIPSY)
Description: 0SystemAgentService.exeLenovo System Agent Service03026217863920
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 30%
Total physical RAM: 8104.27 MB
Available physical RAM: 5607.29 MB
Total Pagefile: 9384.27 MB
Available Pagefile: 5880.69 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
 
==================== Drives ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:195.93 GB) (Free:164.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.6 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 7EC13322)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

  • 0

#15
Deevly

Deevly

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Oh, another quirky thing: My Kindle app stopped working last night, after working fine the night before. It starts to open, then crashes. I tried uninstalling and reinstalling with no joy. It seems to be the only app affected. Trying to figure that out now. *shrug*


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP