Sure thing, here we go, this is the addition txt first
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2014 03
Ran by Aileen at 2014-12-12 23:04:13
Running from C:\Users\Aileen\Desktop\PC Virus and Malware tools
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced Sound Editor (HKLM-x32\...\{CC7BA35C-324E-45F8-B29D-6F4AAA527490}) (Version: 0.95.12.0 - Turtle Beach)
Amnesia - The Dark Descent version 1 (HKLM-x32\...\Amnesia - The Dark Descent_is1) (Version: 1 - Pure Energee)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Batman Arkham Origins (HKLM-x32\...\QmF0bWFuQXJraGFtT3JpZ2lucw==_is1) (Version: 1 - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CleanUp! (HKLM-x32\...\CleanUp!) (Version: - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.49.0 - Conexant)
Content Manager Assistant for PlayStation® (HKLM-x32\...\{81AD22B9-C28A-45a3-94B3-5FECD221AD5C}) (Version: 3.10.7525.4 - Sony Computer Entertainment Inc.)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.4.0.0377 - Disc Soft Ltd)
Dashlane (HKU\S-1-5-21-3529242554-1511314889-1376537505-1001\...\Dashlane) (Version: 3.2.0.75427 - Dashlane SAS)
DJ3520FWUpdateAlert (x32 Version: 2.00.0000 - HP) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
Ear Force Audio Hub (HKLM-x32\...\{BE2563CA-89DA-4E40-81E4-030A482E7AE2}) (Version: 1.0.31.0 - Voyetra Turtle Beach, Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.11 - Lenovo)
Energy Management (x32 Version: 8.0.2.11 - Lenovo) Hidden
FreeRide Games (HKLM-x32\...\{6C26A305-4549-4A8A-9F03-25719C03B0FB}) (Version: 07.05.80.00 - Exent Technologies)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hammerfight (HKLM-x32\...\Steam App 41100) (Version: - Konstantin Koshutin)
Health, safety and environment test DVD for operatives and specialists 2014 edition (Update 1) (HKLM-x32\...\{F76F1371-8CCB-49B2-9CEA-50F26D2F3089}_is1) (Version: 4.0 - Imagitech Ltd.)
HP Deskjet 3520 series Basic Device Software (HKLM\...\{A0A03B53-927D-4454-A456-CB0A72A4912F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Help (HKLM-x32\...\{C13E1F46-84FE-4D3B-8581-0F2F624C7EEC}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Product Improvement Study (HKLM\...\{14ABDFC2-491B-4AF0-8134-CC5596D0EF57}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
InqScribe 2.2.1.253 (HKLM-x32\...\InqScribe_is1) (Version: - Inquirium, LLC)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle)
LEGO The Hobbit version 1 (HKLM-x32\...\LEGO The Hobbit_is1) (Version: 1 - Pure Energee)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.14.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4331.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4331.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{F02F4A8B-1A5F-45B8-9B74-AAF21A2B1BCC}) (Version: 2.1.002.00 - Lenovo Group Limited)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
Magic Particles 1.61 (HKLM-x32\...\Magic Particles_is1) (Version: - Astralax)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Manhunt 2 (HKLM-x32\...\Manhunt 2) (Version: 1.00.0000 - Rockstar Games)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.1.3000 - Maxthon International Limited)
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 13.6.1248 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.154 - McAfee, Inc.)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3529242554-1511314889-1376537505-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 34.0.5 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-GB)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 en-GB)) (Version: 24.6.0 - Mozilla)
Nitro Pro 8 (HKLM\...\{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}) (Version: 8.0.10.7 - Nitro)
NVIDIA PhysX (HKLM-x32\...\{54194F60-988C-4D03-B922-C2B00EFDA39A}) (Version: 9.10.0222 - NVIDIA Corporation)
Office 2007 UOA (HKLM-x32\...\Office 2007 UOA) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{86F2B095-3998-41D5-833D-1C5075300950}) (Version: 4.11.9775 - Apache Software Foundation)
particleIllusion 3.0 (HKLM-x32\...\particleIllusion 3.0) (Version: - )
PHOTOfunSTUDIO 6.2 HD Edition (HKLM-x32\...\{F12E6A25-2F3A-4FEA-8E22-A89BD47574B2}) (Version: 6.02.619 - Panasonic Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Protected Folder (HKLM-x32\...\Protected Folder_is1) (Version: - IObit)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.229 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.16 - Qualcomm Atheros Communications Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.5.0.0 - IObit)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
The Walking Dead Season 2 Episode 2 Addon version 1 (HKLM-x32\...\The Walking Dead Season 2 Episode 2 Addon_is1) (Version: 1 - Pure Energee)
The Walking Dead: Season 2 (HKLM-x32\...\VGhlV2Fsa2luZ0RlYWRTZWFzb24y_is1) (Version: 1 - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
Ustream Producer (HKLM-x32\...\{8BFD0FDE-E4D1-4F53-83DE-361799433A4D}) (Version: 5.0.3 - Ustream)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XP500 Advanced Sound Editor (HKLM-x32\...\{5BF6D4DE-C915-44C4-9176-AF6D3B27052F}) (Version: 1.0.0.1 - Turtle Beach)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3529242554-1511314889-1376537505-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Aileen\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3529242554-1511314889-1376537505-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Aileen\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3529242554-1511314889-1376537505-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Aileen\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3529242554-1511314889-1376537505-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Aileen\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
25-11-2014 12:06:10 Driver Booster : Java Runtime Environment 32 bit
29-11-2014 21:24:23 AA11
07-12-2014 05:08:34 Scheduled Checkpoint
11-12-2014 00:02:48 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0A748CCA-1276-4498-B6B6-CC03380A99B0} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2014-05-14] (Maxthon International ltd.)
Task: {1B67CA91-64C0-4D26-B84F-6FDBC7749C28} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-29] (Google Inc.)
Task: {22239A55-A933-4C3C-BA1E-B27EE532231D} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-08-22] (IObit)
Task: {24CFFCD6-2370-4703-B963-144929039ECD} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3529242554-1511314889-1376537505-1011
Task: {4B153910-88BD-4665-8BC2-F9A21C05C54C} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3529242554-1511314889-1376537505-1010
Task: {5249A34E-0336-4669-96BC-789F3C83E110} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-11] (Microsoft Corporation)
Task: {58B98333-12B1-4458-BFB5-57D707153477} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-16] (Lenovo)
Task: {799A846D-F862-4BF0-9D4B-3CEB082BD931} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-05-16] (Lenovo)
Task: {7A0153EF-8FDE-431E-B0DB-7C656207D7EE} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {8BC60435-F939-45E2-9217-2AAF77DD9401} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {9AC4A098-3FDA-47A6-98CE-393A4F3B0465} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-09-01] (Dolby Laboratories Inc.)
Task: {A2BB3D2E-8C12-44AD-85CF-C093E15172A0} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2014-08-07] (IObit)
Task: {BF1610C3-5E18-4B6F-9CBC-D9FDA09464EB} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2014-10-01] ()
Task: {BFA1D10D-2730-426C-940A-DF16602A6D65} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3529242554-1511314889-1376537505-1012
Task: {C179E231-1986-4D4F-868A-70F8667FF60B} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-05-16] ()
Task: {C7843A3D-4FFF-4EF7-B822-DCECE0C30546} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-29] (Google Inc.)
Task: {F01E57E2-5168-47A3-9EDE-ABC3C3934C5A} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3529242554-1511314889-1376537505-1008
Task: {F1669C29-CB38-44C9-B4A2-58E99AC9F838} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-10-28] (IObit)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Loaded Modules (whitelisted) =============
2013-11-21 07:14 - 2013-11-21 07:14 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2013-11-21 07:14 - 2013-11-21 07:14 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2013-06-13 20:44 - 2013-06-13 20:44 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-06-13 20:40 - 2013-06-13 20:40 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-06-13 20:47 - 2013-06-13 20:47 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-12-09 12:41 - 2014-12-09 12:41 - 00227000 _____ () C:\Users\Aileen\AppData\Roaming\Dashlane\Dashlane.exe
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-01 10:22 - 2014-08-07 16:08 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2014-10-01 10:22 - 2014-08-07 16:08 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2014-10-01 10:22 - 2014-08-07 16:08 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2014-09-23 14:56 - 2014-09-23 14:56 - 00135168 __RSH () C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll
2014-12-09 04:31 - 2014-12-09 04:31 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-11-21 07:14 - 2012-07-12 12:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2013-11-21 07:14 - 2012-07-12 12:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2013-11-21 07:14 - 2012-07-12 12:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-11-21 07:14 - 2012-07-12 12:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-11-21 07:14 - 2012-07-12 12:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-11-21 07:14 - 2012-07-12 12:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2013-11-21 07:14 - 2012-07-12 12:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-11-21 07:14 - 2012-07-12 12:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-11-21 07:14 - 2012-07-12 12:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-11-21 07:14 - 2012-07-12 12:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-11-21 07:14 - 2012-07-12 12:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-11-21 07:14 - 2012-07-12 12:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2014-12-09 12:40 - 2014-12-09 12:40 - 00306360 _____ () C:\Users\Aileen\AppData\Roaming\Dashlane\3.2.0.75427\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.3.2.0.75427.dll
2014-12-09 12:40 - 2014-12-09 12:40 - 00417976 _____ () C:\Users\Aileen\AppData\Roaming\Dashlane\3.2.0.75427\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.3.2.0.75427.dll
2014-12-09 12:40 - 2014-12-09 12:40 - 00439992 _____ () C:\Users\Aileen\AppData\Roaming\Dashlane\3.2.0.75427\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.3.2.0.75427.dll
2014-12-09 12:40 - 2014-12-09 12:40 - 30844600 _____ () C:\Users\Aileen\AppData\Roaming\Dashlane\3.2.0.75427\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.3.2.0.75427.dll
2014-12-09 12:40 - 2014-12-09 12:40 - 00266936 _____ () C:\Users\Aileen\AppData\Roaming\Dashlane\3.2.0.75427\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.3.2.0.75427.dll
2014-12-09 12:40 - 2014-12-09 12:40 - 05782712 _____ () C:\Users\Aileen\AppData\Roaming\Dashlane\3.2.0.75427\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.3.2.0.75427.dll
2014-12-09 12:40 - 2014-12-09 12:40 - 06513848 _____ () C:\Users\Aileen\AppData\Roaming\Dashlane\3.2.0.75427\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.3.2.0.75427.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2013-11-21 06:47 - 2012-07-18 14:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-10-01 10:22 - 2014-08-07 16:08 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Aileen\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\star1_000\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\star1_000.LENOVO\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\star1_000.LENOVO\SkyDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\star1_000.LENOVO\SkyDrive.old:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3529242554-1511314889-1376537505-500 - Administrator - Disabled)
Aileen (S-1-5-21-3529242554-1511314889-1376537505-1001 - Administrator - Enabled) => C:\Users\Aileen
Guest (S-1-5-21-3529242554-1511314889-1376537505-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3529242554-1511314889-1376537505-1007 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (12/12/2014 05:34:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: mfmp4srcsnk.dll, version: 12.0.9600.17334, time stamp: 0x5407ac42
Exception code: 0xc0000094
Fault offset: 0x0007fda6
Faulting process id: 0x1090
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
Faulting package full name: DllHost.exe4
Faulting package-relative application ID: DllHost.exe5
Error: (12/12/2014 05:34:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.3.9600.16384, time stamp: 0x52157bbc
Faulting module name: mfmp4srcsnk.dll, version: 12.0.9600.17334, time stamp: 0x5407ac42
Exception code: 0xc0000094
Fault offset: 0x0007fda6
Faulting process id: 0x1270
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
Faulting package full name: DllHost.exe4
Faulting package-relative application ID: DllHost.exe5
Error: (12/12/2014 05:32:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.3.9600.16384, time stamp: 0x5215dfc6
Faulting module name: mfmp4srcsnk.dll, version: 12.0.9600.17334, time stamp: 0x5407ae99
Exception code: 0xc0000094
Fault offset: 0x0000000000096125
Faulting process id: 0x107c
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
Faulting package full name: DllHost.exe4
Faulting package-relative application ID: DllHost.exe5
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel® Core i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 35%
Total physical RAM: 8089.77 MB
Available physical RAM: 5233.68 MB
Total Pagefile: 16281.77 MB
Available Pagefile: 12663.49 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:890.94 GB) (Free:618.35 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.71 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: ED822683)
Partition: GPT Partition Type.
==================== End Of Log ============================
AND HERE IS THE OTHER TXT
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-12-2014 03
Ran by Aileen (administrator) on LENOVO on 12-12-2014 23:03:29
Running from C:\Users\Aileen\Desktop\PC Virus and Malware tools
Loaded Profile: Aileen (Available profiles: Aileen)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Users\Aileen\AppData\Roaming\Dashlane\Dashlane.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876816 2013-03-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-04-24] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [899680 2013-02-04] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2013-03-05] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17097200 2013-11-21] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-11-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-31] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [533872 2014-09-04] (McAfee, Inc.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-06-13] ( (Qualcomm®Atheros®))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3529242554-1511314889-1376537505-1001\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3529242554-1511314889-1376537505-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3529242554-1511314889-1376537505-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3529242554-1511314889-1376537505-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
HKU\S-1-5-21-3529242554-1511314889-1376537505-1001\...\Run: [Dashlane] => C:\Users\Aileen\AppData\Roaming\Dashlane\Dashlane.exe [227000 2014-12-09] ()
HKU\S-1-5-21-3529242554-1511314889-1376537505-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3125280 2013-10-17] (Disc Soft Ltd)
HKU\S-1-5-21-3529242554-1511314889-1376537505-1001\...\MountPoints2: {0c22d3de-3129-11e4-be9e-40f02f32986d} - "G:\CMADownloader.exe"
HKU\S-1-5-21-3529242554-1511314889-1376537505-1001\...\MountPoints2: {afb94cc2-c24b-11e3-be84-40f02f32986d} - "F:\setup.exe"
HKU\S-1-5-21-3529242554-1511314889-1376537505-1001\...\MountPoints2: {bd3360ba-4329-11e4-bea1-806e6f6e6963} - "F:\setup.exe"
HKU\S-1-5-21-3529242554-1511314889-1376537505-1001\...\MountPoints2: {bd336301-4329-11e4-bea1-40f02f32986d} - "G:\setup.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnk
ShortcutTarget: Content Manager Assistant for PlayStation®.lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 6.2 HD Edition.lnk
ShortcutTarget: PHOTOfunSTUDIO 6.2 HD Edition.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3529242554-1511314889-1376537505-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3529242554-1511314889-1376537505-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3529242554-1511314889-1376537505-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3529242554-1511314889-1376537505-1001 -> {406C15DE-5BFE-4133-85FD-A931CA5F302B} URL =
SearchScopes: HKU\S-1-5-21-3529242554-1511314889-1376537505-1001 -> {5B020A36-9A88-48D5-8569-AAD497C7B94A} URL = https://uk.search.ya...p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3529242554-1511314889-1376537505-1001 -> {B253561E-C0D6-47BC-A8FE-80A4621A91C9} URL = http://uk.search.yah...p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
FireFox:
========
FF ProfilePath: C:\Users\Aileen\AppData\Roaming\Mozilla\Firefox\Profiles\lsor1erd.default
FF NewTab: www.google.com
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 -> C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Aileen\AppData\Roaming\Mozilla\Firefox\Profiles\lsor1erd.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF Extension: British English Dictionary (Updated) - C:\Users\Aileen\AppData\Roaming\Mozilla\Firefox\Profiles\lsor1erd.default\Extensions\[email protected] [2014-04-10]
FF Extension: British English Dictionary (Forked by Marco Pinto) - C:\Users\Aileen\AppData\Roaming\Mozilla\Firefox\Profiles\lsor1erd.default\Extensions\[email protected] [2014-12-01]
FF Extension: NewTabURL - C:\Users\Aileen\AppData\Roaming\Mozilla\Firefox\Profiles\lsor1erd.default\Extensions\[email protected] [2014-04-12]
FF Extension: Bluhell Firewall - C:\Users\Aileen\AppData\Roaming\Mozilla\Firefox\Profiles\lsor1erd.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2014-12-01]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Aileen\AppData\Roaming\Mozilla\Firefox\Profiles\lsor1erd.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-11-15]
FF Extension: FlashResizer - C:\Users\Aileen\AppData\Roaming\Mozilla\Firefox\Profiles\lsor1erd.default\Extensions\{C6F77964-B0B5-4953-A144-93051184EC0C}.xpi [2014-04-10]
FF Extension: Adblock Plus - C:\Users\Aileen\AppData\Roaming\Mozilla\Firefox\Profiles\lsor1erd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-15]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-09]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-03-02]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-03-02]
FF HKU\S-1-5-21-3529242554-1511314889-1376537505-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF Extension: No Name - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} [Not Found]
Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> ""
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-29]
CHR Extension: (Google Docs) - C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-29]
CHR Extension: (Google Drive) - C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-29]
CHR Extension: (YouTube) - C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-29]
CHR Extension: (Google Search) - C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-29]
CHR Extension: (Google Sheets) - C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-29]
CHR Extension: (SiteAdvisor) - C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-09-29]
CHR Extension: (AdBlock) - C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-29]
CHR Extension: (Google Wallet) - C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-29]
CHR Extension: (Gmail) - C:\Users\Aileen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-10-30]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-06-13] (Windows ® Win 7 DDK provider)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-14] (Nitro PDF Software)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-08-07] (IObit)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-11-21] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-06-13] (Atheros) [File not signed]
S2 0285481417031053mcinstcleanup; C:\WINDOWS\TEMP\0285481417031053mcinst.exe -cleanup -nolog [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-06-13] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.)
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-09-23] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-23] (Disc Soft Ltd)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-12] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-07-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.)
R2 PfFilter; C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [39504 2013-04-03] (IObit Information Technology)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-11-25] (Realtek Semiconductor Corp.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-09-23] (Duplex Secure Ltd.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-12 20:02 - 2014-12-12 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-12-12 17:18 - 2014-12-12 17:18 - 00000804 _____ () C:\Users\Aileen\Desktop\JRT.txt
2014-12-12 17:14 - 2014-12-12 17:14 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-12-12 16:57 - 2014-12-12 16:57 - 01054912 _____ (Adobe) C:\Users\Aileen\Downloads\install_flashplayer16x32au_mssa_aaa_aih.exe
2014-12-12 16:49 - 2014-12-12 17:44 - 00046536 _____ () C:\WINDOWS\PFRO.log
2014-12-12 16:47 - 2014-12-12 16:47 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-12 16:42 - 2014-12-12 16:42 - 00001970 _____ () C:\Users\Aileen\Desktop\Dashlane.lnk
2014-12-12 16:41 - 2014-12-12 16:45 - 00000000 ____D () C:\AdwCleaner
2014-12-12 16:36 - 2014-12-12 16:36 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2014-12-11 00:04 - 2014-11-26 21:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-11 00:04 - 2014-11-26 21:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 22:44 - 2014-11-10 02:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 22:44 - 2014-11-10 01:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 22:44 - 2014-10-30 23:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 22:44 - 2014-10-30 23:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 22:42 - 2014-12-03 23:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-10 22:42 - 2014-12-03 23:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-10 22:42 - 2014-12-02 23:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-10 22:42 - 2014-12-02 23:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-10 22:42 - 2014-12-02 23:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-10 22:42 - 2014-12-02 23:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-10 22:42 - 2014-12-02 23:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-10 22:41 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 22:41 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 22:41 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 22:41 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 22:41 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 22:41 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 22:41 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 22:41 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 22:41 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 22:41 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 22:41 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 22:41 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 22:41 - 2014-11-07 04:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 22:41 - 2014-11-07 03:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 22:41 - 2014-10-31 23:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 22:41 - 2014-10-31 23:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 22:41 - 2014-10-13 02:43 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 22:41 - 2014-10-13 02:43 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 22:41 - 2014-10-13 02:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 22:41 - 2014-10-13 02:43 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-10 22:40 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 22:40 - 2014-11-22 02:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 22:40 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 22:40 - 2014-11-22 02:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 22:40 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 22:40 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 22:40 - 2014-11-22 02:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 22:40 - 2014-11-22 02:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 22:40 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 22:40 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 22:40 - 2014-11-22 01:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 22:40 - 2014-11-22 01:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 22:40 - 2014-11-22 01:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 22:40 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 22:40 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 22:40 - 2014-11-22 01:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 22:40 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 22:40 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 22:40 - 2014-11-22 01:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 22:40 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 22:40 - 2014-11-22 01:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 22:40 - 2014-11-22 01:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 22:40 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 22:40 - 2014-11-22 01:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 22:40 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 22:40 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 22:40 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-09 04:31 - 2014-12-10 18:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-04 20:23 - 2014-12-04 20:23 - 00001145 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-04 20:23 - 2014-12-04 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-04 20:23 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-12-04 20:23 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-12-04 20:23 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-11-30 22:43 - 2014-11-30 22:43 - 00000327 _____ () C:\Users\Aileen\Desktop\HP Printer Diagnostic Tools.url
2014-11-30 00:18 - 2014-11-30 00:19 - 00070344 _____ () C:\Users\Aileen\Downloads\FRST.txt
2014-11-30 00:18 - 2014-11-30 00:19 - 00046316 _____ () C:\Users\Aileen\Downloads\Addition.txt
2014-11-30 00:16 - 2014-12-12 23:03 - 00000000 ____D () C:\FRST
2014-11-30 00:05 - 2014-11-30 00:05 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Aileen\Downloads\mbam-setup-2.0.3.1025(1).exe
2014-11-29 23:12 - 2014-11-29 23:12 - 00017717 _____ () C:\Users\Aileen\Downloads\hijackthis.log
2014-11-29 22:49 - 2014-11-29 22:49 - 00002955 _____ () C:\Users\Aileen\Desktop\GTG.txt
2014-11-29 22:22 - 2014-12-12 16:52 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-29 22:22 - 2014-12-04 20:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-29 22:22 - 2014-11-29 22:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-29 22:20 - 2014-11-29 22:21 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Aileen\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-29 22:20 - 2014-11-29 22:20 - 00388608 _____ (Trend Micro Inc.) C:\Users\Aileen\Downloads\HijackThis.exe
2014-11-29 21:59 - 2014-12-12 23:03 - 00000000 ____D () C:\Users\Aileen\Desktop\PC Virus and Malware tools
2014-11-29 21:54 - 2014-11-29 23:48 - 00000000 ____D () C:\Users\Aileen\Desktop\Video Editing
2014-11-29 21:33 - 2014-11-29 21:33 - 00000000 ____D () C:\Users\Aileen\AppData\Roaming\LavasoftStatistics
2014-11-29 21:19 - 2014-12-12 16:49 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-29 21:19 - 2014-12-12 16:35 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-29 21:19 - 2014-11-29 21:19 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-11-29 21:18 - 2014-11-29 21:18 - 01754248 _____ () C:\Users\Aileen\Downloads\Adaware_Installer.exe
2014-11-29 21:17 - 2014-11-29 21:18 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Aileen\Downloads\spybot-2.4.exe
2014-11-25 12:08 - 2014-11-25 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-25 12:08 - 2014-11-25 12:07 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-11-25 12:08 - 2014-11-25 12:07 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-11-25 12:08 - 2014-11-25 12:07 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-11-25 12:08 - 2014-11-25 12:07 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-11-25 12:07 - 2014-11-25 12:07 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2014-11-25 12:07 - 2014-11-25 12:07 - 00331992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsUVStor.sys
2014-11-25 12:07 - 2014-11-25 12:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-25 12:06 - 2014-11-25 12:06 - 09105624 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\rtsuvc.sys
2014-11-25 12:06 - 2014-11-25 12:06 - 02628312 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtCamU64.exe
2014-11-25 12:06 - 2014-11-25 12:06 - 00472792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCamX64.dll
2014-11-25 12:06 - 2014-11-25 12:06 - 00419032 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtCamX.dll
2014-11-25 12:03 - 2014-11-29 22:57 - 00002860 _____ () C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2014-11-25 12:03 - 2014-11-29 11:26 - 00002109 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2014-11-25 12:03 - 2014-11-25 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-11-19 01:02 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-19 01:02 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-19 01:02 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-19 01:02 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-18 14:56 - 2014-11-18 14:56 - 01202848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FM20.DLL
2014-11-15 16:10 - 2014-12-12 22:15 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-15 16:10 - 2014-12-12 17:45 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-15 10:10 - 2014-11-15 10:10 - 00000000 _____ () C:\asc_rdflag
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-12 23:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-12 22:48 - 2014-02-25 19:48 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-12 22:46 - 2014-03-08 22:46 - 01308756 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-12 21:22 - 2014-02-24 13:08 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3529242554-1511314889-1376537505-1001
2014-12-12 17:50 - 2014-09-12 18:43 - 00000000 ____D () C:\Users\Aileen\AppData\Roaming\Dashlane
2014-12-12 17:49 - 2014-03-02 12:26 - 00000000 ___DO () C:\Users\Aileen\SkyDrive
2014-12-12 17:44 - 2014-02-24 13:38 - 09932988 _____ () C:\Users\Public\CAFADEBUG.log
2014-12-12 17:44 - 2013-11-21 07:14 - 00006656 _____ () C:\WINDOWS\system32\VfService.trf
2014-12-12 17:44 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-12 17:44 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-12 17:34 - 2014-10-14 11:56 - 00199168 ___SH () C:\Users\Aileen\Desktop\Thumbs.db
2014-12-12 17:29 - 2014-03-02 12:27 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D9AE39B2-2C78-4FD0-86DA-122C70343BC6}
2014-12-12 16:50 - 2014-10-01 09:13 - 00000000 ____D () C:\ProgramData\ProductData
2014-12-12 16:49 - 2014-10-01 09:12 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-12-12 16:49 - 2014-03-14 19:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-12 16:47 - 2014-07-15 17:52 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-12 16:47 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2014-12-12 16:46 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-12 16:40 - 2014-10-01 09:13 - 00000294 _____ () C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job
2014-12-12 16:36 - 2014-10-01 09:13 - 00000000 ____D () C:\ProgramData\IObit
2014-12-12 16:31 - 2014-04-12 16:08 - 00000000 ____D () C:\Users\Aileen\AppData\Roaming\uTorrent
2014-12-12 04:27 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-11 10:27 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-11 00:09 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-11 00:09 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-11 00:09 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-11 00:08 - 2014-03-13 22:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 00:07 - 2014-03-01 17:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-11 00:04 - 2014-03-01 17:38 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-09 17:48 - 2014-02-25 19:48 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-07 21:21 - 2014-05-24 19:37 - 00000000 ____D () C:\Users\Aileen\AppData\Roaming\HpUpdate
2014-12-06 20:18 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-11-30 02:29 - 2014-04-12 15:53 - 00000000 ____D () C:\Users\Aileen\Desktop\NEIL's Folder
2014-11-30 01:46 - 2014-02-25 19:45 - 00000000 ____D () C:\Users\Aileen\AppData\Roaming\vlc
2014-11-29 23:12 - 2014-02-24 12:58 - 00000000 ____D () C:\Users\Aileen\AppData\Local\VirtualStore
2014-11-29 22:58 - 2013-11-14 07:28 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-29 21:57 - 2014-04-17 19:11 - 00000000 ____D () C:\Users\Aileen\Desktop\Neil work folder
2014-11-26 19:44 - 2014-03-02 20:05 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-11-25 12:03 - 2014-10-01 09:12 - 00000000 ____D () C:\Users\Aileen\AppData\Roaming\IObit
2014-11-21 00:27 - 2014-03-24 03:29 - 00000000 ____D () C:\ldiag
2014-11-15 16:10 - 2014-09-29 16:00 - 00003892 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 16:10 - 2014-09-29 16:00 - 00003656 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-15 10:12 - 2013-08-22 14:44 - 00511656 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-15 10:10 - 2014-10-13 11:55 - 86802432 _____ () C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2014-11-15 10:10 - 2014-10-13 11:55 - 00335872 _____ () C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2014-11-15 10:10 - 2014-10-13 11:55 - 00036864 _____ () C:\WINDOWS\system32\config\SAM.iodefrag.bak
2014-11-15 10:10 - 2014-10-13 11:55 - 00028672 _____ () C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2014-11-15 10:08 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-15 10:08 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-15 10:08 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-15 10:08 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-15 10:08 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-15 10:08 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
Some content of TEMP:
====================
C:\Users\Aileen\AppData\Local\Temp\Quarantine.exe
C:\Users\Aileen\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-04 19:23
==================== End Of Log ============================