computer is infested with genieo virus which changes my browser from a lot of differents. and my print looks funny and small . i also did hijackthis and ordered mcafee antivirus which did not remove this genieo thing. attached is the
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Bonnie (administrator) on BONNIE-PC on 21-03-2015 14:53:52
Running from C:\Users\Bonnie\Downloads
Loaded Profiles: Bonnie (Available profiles: Bonnie & Guest)
Platform: Windows Vista Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Agere Systems) C:\Program Files\LSI SoftModem\agr64svc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company) C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimService\SlimServiceFactory.exe
(Malwarebytes Corp.) C:\Users\Bonnie\Downloads\mbar-1.09.1.1004.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Malwarebytes Corporation) C:\Users\Bonnie\Desktop\mbar\mbar.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_ActiveX.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Health Check Scheduler] => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75016 2008-12-04] (Hewlett-Packard)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDIRShortCut] => c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe [210216 2008-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [643064 2015-02-09] (McAfee, Inc.)
HKLM-x32\...\RunOnce: [SlimCleaner Plus] => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [26166552 2015-03-19] (SlimWare Utilities, Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\896\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-733362238-1924327222-3910265676-1000\...\Run: [HPAdvisor] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [966656 2008-12-01] (Hewlett-Packard)
HKU\S-1-5-21-733362238-1924327222-3910265676-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-733362238-1924327222-3910265676-1000\...\Run: [ISUSPM] => "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
HKU\S-1-5-21-733362238-1924327222-3910265676-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [26232152 2015-02-19] (Google)
HKU\S-1-5-21-733362238-1924327222-3910265676-1000\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-733362238-1924327222-3910265676-1000\...\MountPoints2: {bb9fb75c-7df2-11e2-b6a8-002197cb408f} - G:\LGAutoRun.exe
IFEO\svchostc.exe: [Debugger] svchost.exe
IFEO\svchosts.exe: [Debugger] svchost.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Startup: C:\Users\Bonnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.ne...ch?r=minisearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.netzero.ne...ch?r=minisearch
HKU\S-1-5-21-733362238-1924327222-3910265676-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-733362238-1924327222-3910265676-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cndt
HKU\S-1-5-21-733362238-1924327222-3910265676-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.netzer...urce=minisearch
HKU\S-1-5-21-733362238-1924327222-3910265676-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.netzer...urce=minisearch
URLSearchHook: HKU\S-1-5-21-733362238-1924327222-3910265676-1000 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM -> DefaultScope {7BBFCCA2-89C0-4322-9D81-5AD815F310C9} URL = http://search.live.c...ms}&FORM=HPDTDF
SearchScopes: HKLM -> {7BBFCCA2-89C0-4322-9D81-5AD815F310C9} URL = http://search.live.c...ms}&FORM=HPDTDF
SearchScopes: HKLM -> {AC4A402C-FDE2-404E-9078-682CAA7E97D7} URL = http://www.ask.com/w...}&l=dis&o=uscqd
SearchScopes: HKLM-x32 -> DefaultScope {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...hromesbox-en-us
SearchScopes: HKLM-x32 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...hromesbox-en-us
SearchScopes: HKLM-x32 -> {7BBFCCA2-89C0-4322-9D81-5AD815F310C9} URL = http://search.live.c...ms}&FORM=HPDTDF
SearchScopes: HKLM-x32 -> {AC4A402C-FDE2-404E-9078-682CAA7E97D7} URL = http://www.ask.com/w...}&l=dis&o=uscqd
SearchScopes: HKU\S-1-5-21-733362238-1924327222-3910265676-1000 -> DefaultScope {C7EAE6FD-8533-49F1-93DA-D92D6596EA76} URL = http://www.google.co...?q={searchTerms}
SearchScopes: HKU\S-1-5-21-733362238-1924327222-3910265676-1000 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL =
SearchScopes: HKU\S-1-5-21-733362238-1924327222-3910265676-1000 -> {7BBFCCA2-89C0-4322-9D81-5AD815F310C9} URL =
SearchScopes: HKU\S-1-5-21-733362238-1924327222-3910265676-1000 -> {AC4A402C-FDE2-404E-9078-682CAA7E97D7} URL =
SearchScopes: HKU\S-1-5-21-733362238-1924327222-3910265676-1000 -> {C7EAE6FD-8533-49F1-93DA-D92D6596EA76} URL = http://www.google.co...?q={searchTerms}
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-08-29] (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28] (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-08-29] (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28] (Microsoft Corp.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Toolbar: HKU\S-1-5-21-733362238-1924327222-3910265676-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...pdetect1262.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-02-27] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-02-27] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [2015-02-27] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.6.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-08-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.6.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-08-29] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [2014-05-14] ()
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\8\NP_wtapp.dll [2015-03-03] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-04-21]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-03-19]
Chrome:
=======
CHR HomePage: Default -> hxxp://us.yhs4.search.yahoo.com/web/partner?&hspart=w3i&hsimp=yhs-syctransfer&type=W3i_SP,203,0_0,StartPage,20140104,20033,0,18,0
CHR StartupUrls: Default -> "hxxp://xfinity.comcast.net/?cid=insDate01282013", "hxxp://yahoo.genieo.com/?v=w3i8"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Bonnie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Surf Canyon) - C:\Users\Bonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjagnifjocnddgeknajocbkkhlgibem [2012-07-25]
CHR Extension: (YouTube) - C:\Users\Bonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-13]
CHR Extension: (Google Search) - C:\Users\Bonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-13]
CHR Extension: (Yahoo Extension) - C:\Users\Bonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2014-01-20]
CHR Extension: (SiteAdvisor) - C:\Users\Bonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-03-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-19]
CHR Extension: (Google Wallet) - C:\Users\Bonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-29]
CHR Extension: (Gmail) - C:\Users\Bonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-13]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-03-19]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\Exts\Chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bcjagnifjocnddgeknajocbkkhlgibem] - C:\Program Files (x86)\Chrome\surfcanyon.crx [2012-06-27]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-03-19]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 0204721426902391mcinstcleanup; C:\Windows\TEMP\020472~1.EXE [851136 2014-08-08] (McAfee, Inc.)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agr64svc.exe [16896 2008-08-26] (Agere Systems)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-12-04] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-03-25] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-10-22] (Hewlett-Packard Company) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-02-19] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-02-27] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2015-02-27] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]
R2 SlimService; C:\Program Files\SlimService\SlimServiceFactory.exe [244504 2015-03-19] (SlimWare Utilities, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [103936 2012-07-04] (LG Electronics Inc.)
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-03-20] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-20] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
S3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [900608 2009-08-03] (Ralink Technology Corp.)
S4 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [166944 2008-07-21] (NVIDIA Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2015-03-20] ()
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-21 14:53 - 2015-03-21 14:54 - 00024527 _____ () C:\Users\Bonnie\Downloads\FRST.txt
2015-03-21 14:52 - 2015-03-21 14:54 - 00000000 ____D () C:\FRST
2015-03-21 14:52 - 2015-03-21 14:52 - 02095616 _____ (Farbar) C:\Users\Bonnie\Downloads\FRST64.exe
2015-03-21 14:50 - 2015-03-21 14:51 - 01135104 _____ (Farbar) C:\Users\Bonnie\Downloads\FRST.exe
2015-03-20 21:43 - 2015-03-20 22:47 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-20 21:42 - 2015-03-20 21:43 - 00000000 ____D () C:\Users\Bonnie\Desktop\mbar
2015-03-20 21:39 - 2015-03-20 21:43 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Bonnie\Downloads\mbar-1.09.1.1004.exe
2015-03-20 21:34 - 2015-03-20 21:34 - 00001864 _____ () C:\Users\Public\Desktop\SlimCleaner Plus.lnk
2015-03-20 21:34 - 2015-03-20 21:34 - 00000000 ____D () C:\Users\Bonnie\AppData\Local\Downloaded Installers
2015-03-20 21:34 - 2015-03-20 21:34 - 00000000 ____D () C:\ProgramData\SlimWare Utilities Inc
2015-03-20 21:34 - 2015-03-20 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus
2015-03-20 21:34 - 2015-03-20 21:34 - 00000000 ____D () C:\Program Files\SlimService
2015-03-20 21:34 - 2015-03-20 21:34 - 00000000 ____D () C:\Program Files\SlimCleaner Plus
2015-03-20 21:33 - 2015-03-20 21:33 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2015-03-20 21:33 - 2015-03-20 21:33 - 00003346 _____ () C:\Windows\System32\Tasks\DriverUpdate Scan
2015-03-20 21:33 - 2015-03-20 21:33 - 00002848 _____ () C:\Windows\System32\Tasks\DriverUpdate Startup
2015-03-20 21:33 - 2015-03-20 21:33 - 00000474 _____ () C:\Windows\Tasks\DriverUpdate Scan.job
2015-03-20 21:33 - 2015-03-20 21:33 - 00000420 _____ () C:\Windows\Tasks\DriverUpdate Startup.job
2015-03-20 21:33 - 2015-03-20 21:33 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2015-03-20 21:33 - 2015-03-20 21:33 - 00000000 ____D () C:\Users\Bonnie\AppData\Local\SlimWare Utilities Inc
2015-03-20 21:33 - 2015-03-20 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
2015-03-20 21:33 - 2015-03-20 21:33 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
2015-03-20 19:51 - 2015-03-20 19:51 - 00787140 _____ (Generic ) C:\Users\Bonnie\Downloads\DownloadManagerSetup.exe
2015-03-20 19:46 - 2015-03-21 07:18 - 00002521 _____ () C:\Users\Bonnie\Desktop\HiJackThis.lnk
2015-03-20 19:46 - 2015-03-20 19:46 - 00000000 ____D () C:\Users\Bonnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2015-03-20 19:46 - 2015-03-20 19:46 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2015-03-20 19:44 - 2015-03-20 19:44 - 01402880 _____ () C:\Users\Bonnie\Downloads\HiJackThis.msi
2015-03-19 23:24 - 2015-03-19 23:24 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2015-03-19 22:14 - 2015-03-20 21:43 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-19 22:12 - 2015-03-20 21:43 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-19 22:12 - 2015-03-19 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-19 22:12 - 2015-03-19 22:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-19 22:12 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-19 22:12 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-19 22:10 - 2015-03-19 22:10 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Bonnie\Downloads\mbam-setup-2.1.4.1018 (1).exe
2015-03-19 22:09 - 2015-03-19 22:10 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Bonnie\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-19 21:45 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2015-03-19 21:36 - 2015-03-19 21:36 - 00388608 _____ (Trend Micro Inc.) C:\Users\Bonnie\Downloads\HijackThis (3).exe
2015-03-19 21:36 - 2015-03-19 21:36 - 00388608 _____ (Trend Micro Inc.) C:\Users\Bonnie\Downloads\HijackThis (2).exe
2015-03-19 21:36 - 2015-03-19 21:36 - 00388608 _____ (Trend Micro Inc.) C:\Users\Bonnie\Downloads\HijackThis (1).exe
2015-03-19 21:32 - 2015-03-19 21:33 - 00388608 _____ (Trend Micro Inc.) C:\Users\Bonnie\Downloads\HijackThis.exe
2015-03-19 21:19 - 2015-03-19 21:20 - 00000470 _____ () C:\Windows\wininit.ini
2015-03-19 21:09 - 2015-03-19 21:09 - 00000000 _____ () C:\autoexec.bat
2015-03-19 21:06 - 2015-03-19 21:06 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-03-19 21:05 - 2015-03-19 21:05 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Bonnie\Downloads\SpyHunter-Installer (1).exe
2015-03-19 21:04 - 2015-03-19 21:04 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Bonnie\Downloads\SpyHunter-Installer.exe
2015-03-19 20:36 - 2015-03-19 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-03-19 20:33 - 2015-03-19 20:36 - 00001713 _____ () C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
2015-03-19 20:31 - 2015-03-20 21:46 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-03-19 20:31 - 2015-03-19 20:33 - 00000000 ____D () C:\Program Files\McAfee
2015-03-19 20:31 - 2015-03-19 20:31 - 00000000 ____D () C:\Program Files\McAfee.com
2015-03-19 20:31 - 2015-03-19 20:31 - 00000000 ____D () C:\Program Files (x86)\McAfee.com
2015-03-19 20:23 - 2015-03-19 20:24 - 00000000 ____D () C:\Program Files\stinger
2015-03-19 20:22 - 2015-03-19 21:44 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-03-19 20:22 - 2014-10-01 12:18 - 00189920 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
2015-03-19 20:21 - 2015-03-19 20:21 - 05157536 _____ (McAfee, Inc.) C:\Users\Bonnie\Downloads\Setup_serial_zmoABI3WYCe6NzJRltMd7g2_key.exe
2015-03-19 19:36 - 2015-03-19 19:36 - 00000000 ____D () C:\Users\Bonnie\AppData\Local\Citrix
2015-03-19 19:36 - 2015-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\Citrix
2015-03-16 03:02 - 2015-02-17 22:02 - 11587584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-16 03:02 - 2015-02-17 21:42 - 12899840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-15 20:08 - 2015-02-21 15:17 - 17882624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-15 20:08 - 2015-02-21 15:07 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-15 20:08 - 2015-02-21 15:02 - 10931200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-15 20:08 - 2015-02-21 15:00 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-15 20:08 - 2015-02-21 14:54 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-15 20:08 - 2015-02-21 14:54 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-15 20:08 - 2015-02-21 14:53 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-15 20:08 - 2015-02-21 14:52 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-03-15 20:08 - 2015-02-21 14:52 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-15 20:08 - 2015-02-21 14:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-15 20:08 - 2015-02-21 14:51 - 02157568 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-15 20:08 - 2015-02-21 14:51 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-15 20:08 - 2015-02-21 14:51 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-15 20:08 - 2015-02-21 14:51 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-15 20:08 - 2015-02-21 14:51 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-15 20:08 - 2015-02-21 14:51 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-15 20:08 - 2015-02-21 14:51 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-03-15 20:08 - 2015-02-21 14:51 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-03-15 20:08 - 2015-02-21 14:50 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-15 20:08 - 2015-02-21 14:50 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-15 20:08 - 2015-02-21 14:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-15 20:08 - 2015-02-21 14:50 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-03-15 20:08 - 2015-02-21 13:37 - 12375040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-15 20:08 - 2015-02-21 13:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-03-15 20:08 - 2015-02-21 13:29 - 09747968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-15 20:08 - 2015-02-21 13:28 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-15 20:08 - 2015-02-21 13:22 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-15 20:08 - 2015-02-21 13:21 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-15 20:08 - 2015-02-21 13:21 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-15 20:08 - 2015-02-21 13:20 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-03-15 20:08 - 2015-02-21 13:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-15 20:08 - 2015-02-21 13:19 - 01803264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-15 20:08 - 2015-02-21 13:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-15 20:08 - 2015-02-21 13:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-15 20:08 - 2015-02-21 13:19 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-15 20:08 - 2015-02-21 13:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-15 20:08 - 2015-02-21 13:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-15 20:08 - 2015-02-21 13:18 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-15 20:08 - 2015-02-21 13:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-15 20:08 - 2015-02-21 13:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-15 20:08 - 2015-02-21 13:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-03-15 20:08 - 2015-02-21 13:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-03-15 20:08 - 2015-02-21 13:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-03-15 20:08 - 2015-02-21 13:17 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-14 03:05 - 2015-02-19 22:03 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-14 03:05 - 2015-02-19 21:44 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-14 03:05 - 2015-02-19 20:39 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-14 03:05 - 2015-02-19 20:28 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-14 03:05 - 2014-10-12 21:12 - 02264064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-03-14 03:05 - 2014-10-12 20:56 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-14 03:04 - 2015-02-25 20:31 - 02792960 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-14 03:04 - 2015-01-28 21:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-14 03:04 - 2015-01-28 21:33 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-14 03:04 - 2015-01-20 22:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-14 03:04 - 2015-01-20 21:42 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-14 03:03 - 2015-02-25 21:40 - 04692408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-14 03:03 - 2015-01-28 21:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-14 03:03 - 2015-01-28 21:33 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-14 03:03 - 2015-01-08 21:41 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-14 03:03 - 2015-01-08 20:29 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-14 03:01 - 2015-03-06 00:01 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-14 03:01 - 2015-03-05 23:35 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-07 19:45 - 2015-03-07 19:45 - 00001918 _____ () C:\Users\Public\Desktop\eBay Turbo Lister 2.lnk
2015-03-07 19:42 - 2015-03-07 19:44 - 33486880 _____ (eBay Inc. ) C:\Users\Bonnie\Downloads\setupUS.exe
2015-03-06 16:10 - 2015-03-06 21:09 - 00000000 ____D () C:\Users\Bonnie\Desktop\2015-03-06
2015-03-03 20:21 - 2015-03-03 20:21 - 00000000 ____D () C:\ProgramData\BlueStacks
2015-02-27 04:36 - 2014-12-07 21:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-27 04:36 - 2014-12-07 21:37 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-27 04:25 - 2014-11-25 22:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-27 04:25 - 2014-11-25 21:42 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-27 04:24 - 2014-12-18 20:26 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-02-27 04:24 - 2014-08-22 21:05 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-02-27 04:24 - 2014-08-22 20:42 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-02-27 04:22 - 2014-11-03 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-02-27 04:22 - 2014-11-03 20:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-02-27 04:21 - 2014-08-11 22:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-02-27 04:21 - 2014-08-11 22:11 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-02-27 04:14 - 2014-10-23 21:03 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-27 04:14 - 2014-10-23 20:39 - 00656384 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-27 04:14 - 2014-06-15 18:18 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-02-27 04:14 - 2014-06-15 18:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-02-27 04:14 - 2014-06-13 14:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-02-27 04:14 - 2014-06-13 14:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-02-27 04:14 - 2014-06-13 13:36 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-02-27 04:14 - 2014-06-13 13:36 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-02-27 04:11 - 2014-10-09 21:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-02-27 04:11 - 2014-10-09 21:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-27 04:11 - 2014-10-09 21:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-27 04:11 - 2014-10-09 19:53 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-27 04:11 - 2014-10-09 19:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-27 04:08 - 2014-06-26 18:17 - 01389200 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-02-27 04:08 - 2014-06-26 18:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-02-27 04:08 - 2014-06-26 18:17 - 00171152 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-02-27 04:08 - 2014-06-26 18:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-02-27 04:08 - 2014-06-26 18:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-02-27 04:08 - 2014-06-26 18:17 - 00008848 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-02-27 04:07 - 2014-06-06 00:29 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-02-27 04:07 - 2014-06-06 00:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-02-27 04:06 - 2014-10-02 21:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-02-27 04:06 - 2014-10-02 21:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-02-27 04:06 - 2014-10-02 21:17 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-02-27 04:06 - 2014-10-02 21:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-02-27 04:06 - 2014-10-02 21:02 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-02-27 04:06 - 2014-10-02 21:01 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-02-27 04:06 - 2014-10-02 21:01 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-02-27 04:06 - 2014-10-02 19:49 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodg.exe
2015-02-27 04:04 - 2014-12-05 23:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-02-27 04:04 - 2014-12-05 23:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-02-27 04:04 - 2014-12-05 22:54 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-02-27 04:04 - 2014-12-05 22:54 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-02-27 04:03 - 2014-12-05 22:54 - 00178688 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-02-27 04:03 - 2014-10-23 21:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-02-27 04:03 - 2014-10-23 20:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-02-27 04:03 - 2014-09-04 19:38 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-02-27 04:03 - 2014-08-26 20:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-02-27 04:03 - 2014-08-26 20:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-02-27 04:03 - 2014-08-26 20:41 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-02-27 04:03 - 2014-08-26 20:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-02-27 04:02 - 2015-01-15 02:53 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-27 04:02 - 2015-01-15 00:08 - 00516536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-27 04:02 - 2014-10-09 21:09 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-26 16:08 - 2014-06-13 20:56 - 00901568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-02-26 16:08 - 2014-06-13 20:51 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-02-26 16:07 - 2014-06-06 04:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-02-26 16:07 - 2014-06-06 03:13 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-02-26 16:07 - 2014-06-02 17:30 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-02-26 16:07 - 2014-06-02 17:29 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-02-26 16:07 - 2014-06-02 17:29 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-02-26 16:07 - 2014-06-02 16:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-02-26 16:07 - 2014-06-02 06:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-02-26 16:07 - 2014-06-02 06:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-02-26 16:07 - 2014-05-30 03:10 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-02-23 14:25 - 2015-02-23 14:25 - 00001863 _____ () C:\WildTangent Games App - hp.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-21 14:39 - 2011-03-16 08:31 - 01290927 _____ () C:\Windows\WindowsUpdate.log
2015-03-21 14:35 - 2012-07-13 20:45 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-21 14:34 - 2013-02-14 21:40 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-21 14:13 - 2006-11-02 11:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-21 14:13 - 2006-11-02 11:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-21 10:40 - 2015-01-21 22:16 - 00001947 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-20 22:36 - 2012-07-13 20:45 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-20 20:12 - 2008-01-20 23:26 - 00614914 _____ () C:\Windows\PFRO.log
2015-03-20 20:12 - 2006-11-02 11:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-20 20:11 - 2006-11-02 11:42 - 00032532 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-20 20:10 - 2011-03-18 21:25 - 00000456 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2015-03-20 20:08 - 2011-04-21 19:59 - 00000000 ____D () C:\ProgramData\Symantec
2015-03-20 20:08 - 2009-03-09 18:52 - 00000000 ____D () C:\ProgramData\Norton
2015-03-20 16:55 - 2009-03-09 18:59 - 00003576 _____ () C:\Windows\System32\Tasks\HP Health Check
2015-03-20 16:55 - 2006-11-02 08:46 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-20 16:25 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\IME
2015-03-20 02:27 - 2011-03-16 08:40 - 00003194 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForBonnie
2015-03-20 02:27 - 2011-03-16 08:40 - 00000338 _____ () C:\Windows\Tasks\HPCeeScheduleForBonnie.job
2015-03-20 00:42 - 2012-08-29 16:30 - 00000000 ____D () C:\ProgramData\McAfee
2015-03-19 22:24 - 2011-03-16 08:41 - 00000955 _____ () C:\Users\Bonnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-03-19 22:24 - 2011-03-16 08:41 - 00000945 _____ () C:\Users\Bonnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-19 22:24 - 2011-03-16 08:40 - 00000921 _____ () C:\Users\Bonnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-03-19 22:12 - 2012-04-21 08:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-19 21:20 - 2014-01-20 19:56 - 00000000 ____D () C:\ProgramData\Yahoo!
2015-03-19 21:20 - 2014-01-20 19:56 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2015-03-19 20:05 - 2011-03-16 08:42 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-03-19 17:02 - 2006-11-02 11:27 - 00157654 _____ () C:\Windows\setupact.log
2015-03-19 07:34 - 2013-02-14 21:40 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-19 07:34 - 2013-02-14 21:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-19 07:34 - 2013-02-14 21:40 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-19 01:39 - 2013-03-22 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-03-16 03:03 - 2011-04-09 17:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-16 03:00 - 2006-11-02 08:35 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-03-15 10:58 - 2011-09-25 17:43 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-03-14 03:25 - 2006-11-02 11:21 - 00354920 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-09 14:21 - 2012-08-01 12:22 - 00000000 ____D () C:\Users\Bonnie\AppData\Local\CrashDumps
2015-03-08 12:48 - 2015-01-16 18:42 - 00000000 ____D () C:\Users\Bonnie\Desktop\dolls
2015-03-07 20:29 - 2015-01-11 18:59 - 00000000 ____D () C:\Users\Bonnie\Desktop\New Folder
2015-03-07 19:48 - 2014-05-27 22:21 - 00001012 _____ () C:\InstallHelper.log
2015-03-07 19:45 - 2014-05-27 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay
2015-03-06 17:44 - 2013-02-20 23:22 - 00000000 ____D () C:\Users\Bonnie\AppData\Roaming\Image Zone Express
2015-03-06 17:23 - 2015-01-19 19:16 - 00000000 ____D () C:\Users\Bonnie\Desktop\jan 19
2015-03-03 20:20 - 2012-03-11 16:28 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-02-27 20:17 - 2013-03-03 21:18 - 00000000 ____D () C:\Users\Bonnie\Desktop\STUFFED ANIMALS
2015-02-27 20:09 - 2015-02-02 08:06 - 00000000 ____D () C:\Users\Bonnie\Desktop\2015-02-02
2015-02-27 19:41 - 2014-12-04 20:23 - 00000000 ____D () C:\Users\Bonnie\Desktop\2014-12-04
2015-02-27 18:00 - 2011-03-16 08:43 - 00000004 _____ () C:\Users\Bonnie\AppData\Roaming\wklnhst.dat
2015-02-27 05:14 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\rescache
2015-02-27 04:56 - 2009-03-09 18:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-02-27 04:54 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files\Windows Journal
2015-02-27 04:13 - 2014-04-19 03:07 - 00752894 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-02-27 04:06 - 2011-03-29 06:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-26 22:23 - 2014-03-27 16:47 - 00000000 ____D () C:\Users\Bonnie\Desktop\album 3-27-2014
2015-02-23 14:25 - 2013-12-22 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games for HP
2015-02-23 14:25 - 2012-03-11 16:28 - 00002112 ____N () C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
2015-02-23 14:25 - 2006-11-02 11:07 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-23 14:24 - 2015-02-02 19:31 - 00000000 ____D () C:\Users\Bonnie\Desktop\animals on line - Copy
2015-02-23 13:54 - 2014-11-28 17:34 - 00000000 ____D () C:\Users\Bonnie\Desktop\jewerly
2015-02-19 23:30 - 2012-07-13 20:45 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-19 23:30 - 2012-07-13 20:45 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2012-03-31 15:50 - 2012-04-15 22:01 - 0003284 _____ () C:\Users\Bonnie\AppData\Roaming\ANIWZCS{A9E1DCA6-ED47-4C15-A59A-F3478961DC1B}
2012-10-27 17:08 - 2012-10-27 17:12 - 0000000 _____ () C:\Users\Bonnie\AppData\Roaming\bibstats
2012-04-15 20:18 - 2012-04-15 20:18 - 0000613 _____ () C:\Users\Bonnie\AppData\Roaming\result.db
2011-03-16 08:43 - 2015-02-27 18:00 - 0000004 _____ () C:\Users\Bonnie\AppData\Roaming\wklnhst.dat
2012-07-13 22:05 - 2014-12-22 10:49 - 0000680 _____ () C:\Users\Bonnie\AppData\Local\d3d9caps.dat
2013-02-23 21:33 - 2014-11-28 18:15 - 0000732 _____ () C:\Users\Bonnie\AppData\Local\d3d9caps64.dat
2013-02-07 23:16 - 2014-12-15 20:38 - 0005120 _____ () C:\Users\Bonnie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-03-18 18:45 - 2013-03-18 18:45 - 0427802 _____ () C:\Users\Bonnie\AppData\Local\dd_vcredistMSI5BDC.txt
2013-03-18 18:45 - 2013-03-18 18:45 - 0011434 _____ () C:\Users\Bonnie\AppData\Local\dd_vcredistUI5BDC.txt
2012-01-23 19:03 - 2014-01-18 18:31 - 0012398 _____ () C:\ProgramData\hpzinstall.log
Some content of TEMP:
====================
C:\Users\Bonnie\AppData\Local\Temp\DefaultAssets.exe
C:\Users\Bonnie\AppData\Local\Temp\DefaultOfflineContent.exe
C:\Users\Bonnie\AppData\Local\Temp\InstallNorton.exe
C:\Users\Bonnie\AppData\Local\Temp\NLStubInstallerResources.dll
C:\Users\Bonnie\AppData\Local\Temp\PCCU_Installer.exe
C:\Users\Bonnie\AppData\Local\Temp\SCC.dll
C:\Users\Bonnie\AppData\Local\Temp\scp8853.tmp.exe
C:\Users\Bonnie\AppData\Local\Temp\SHSetup.exe
C:\Users\Bonnie\AppData\Local\Temp\SymCCIS.dll
C:\Users\Bonnie\AppData\Local\Temp\SymcPCCUInstaller.exe
C:\Users\Bonnie\AppData\Local\Temp\_PC_DRIVERS_HQAssets.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-21 08:24
==================== End Of Log ============================