Jump to content

fcignarella

Members
 View Profile  See their activity

  • Posts

    13

  • Joined

  • Last visited

Reputation

0 Neutral
  1. fcignarella
    much better now thanks I the condition has not come back
  2. fcignarella
    I believe it has been corrected when I try and search it is not bringing up the malware anylonger I will continue to test THANKS
  3. fcignarella
    I have attached the fixlog results. Wanted to also say thank you for your patience as I have been traveling and not been able to get to this computer until the weekends Fixlog.txt
  4. fcignarella
    Opps sorry attached the files FRST.txt Addition.txt
  5. fcignarella
    Part 2 - 00331880 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtlCPAPI64.dll 2015-02-04 15:35 - 2011-12-19 16:43 - 00220776 _____ (Sony Corporation) C:\windows\system32\SFSS_APO.dll 2015-02-04 15:35 - 2011-11-22 03:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCoLDR64.dll 2015-02-04 15:35 - 2011-09-02 01:21 - 00221024 _____ (Synopsys, Inc.) C:\windows\system32\SFNHK64.dll 2015-02-04 15:35 - 2011-09-02 01:21 - 00081248 _____ (Synopsys, Inc.) C:\windows\system32\SFCOM64.dll 2015-02-04 15:35 - 2011-09-02 01:21 - 00078688 _____ (Synopsys, Inc.) C:\windows\system32\SFAPO64.dll 2015-02-04 15:35 - 2011-05-30 20:42 - 01756264 _____ (DTS) C:\windows\system32\DTSS2SpeakerDLL64.dll 2015-02-04 15:35 - 2011-05-30 20:42 - 01568360 _____ (DTS) C:\windows\system32\DTSS2HeadphoneDLL64.dll 2015-02-04 15:35 - 2011-05-30 20:42 - 01486952 _____ (DTS) C:\windows\system32\DTSBoostDLL64.dll 2015-02-04 15:35 - 2011-05-30 20:42 - 00728680 _____ (DTS) C:\windows\system32\DTSBassEnhancementDLL64.dll 2015-02-04 15:35 - 2011-05-30 20:42 - 00712296 _____ (DTS) C:\windows\system32\DTSSymmetryDLL64.dll 2015-02-04 15:35 - 2011-05-30 20:42 - 00693352 _____ (DTS) C:\windows\system32\DTSVoiceClarityDLL64.dll 2015-02-04 15:35 - 2011-05-30 20:42 - 00491112 _____ (DTS) C:\windows\system32\DTSNeoPCDLL64.dll 2015-02-04 15:35 - 2011-05-30 20:42 - 00432744 _____ (DTS) C:\windows\system32\DTSLimiterDLL64.dll 2015-02-04 15:35 - 2011-05-30 20:42 - 00428648 _____ (DTS) C:\windows\system32\DTSGainCompensatorDLL64.dll 2015-02-04 15:35 - 2011-05-30 20:42 - 00242792 _____ (DTS) C:\windows\system32\DTSLFXAPO64.dll 2015-02-04 15:35 - 2011-05-30 20:42 - 00242792 _____ (DTS) C:\windows\system32\DTSGFXAPO64.dll 2015-02-04 15:35 - 2011-05-30 20:42 - 00241768 _____ (DTS) C:\windows\system32\DTSGFXAPONS64.dll 2015-02-04 15:35 - 2010-11-07 18:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEP64A.dll 2015-02-04 15:35 - 2010-11-07 18:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DHT64.dll 2015-02-04 15:35 - 2010-11-07 18:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DAA64.dll 2015-02-04 15:35 - 2010-11-07 18:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEED64A.dll 2015-02-04 15:35 - 2010-11-07 18:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEL64A.dll 2015-02-04 15:35 - 2010-11-07 18:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEG64A.dll 2015-02-04 15:35 - 2010-11-03 05:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCfg64.dll 2015-02-04 15:35 - 2010-09-26 20:34 - 00318808 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO20.dll 2015-02-04 15:35 - 2010-07-22 03:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\windows\SysWOW64\SFCOM.dll 2015-02-04 15:35 - 2009-11-23 20:55 - 00518896 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSX64.dll 2015-02-04 15:35 - 2009-11-23 20:55 - 00211184 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSH64.dll 2015-02-04 15:35 - 2009-11-23 20:55 - 00198896 _____ (SRS Labs, Inc.) C:\windows\system32\SRSHP64.dll 2015-02-04 15:35 - 2009-11-23 20:55 - 00155888 _____ (SRS Labs, Inc.) C:\windows\system32\SRSWOW64.dll 2015-02-04 15:34 - 2015-02-04 15:34 - 00003936 _____ () C:\windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d 2015-02-04 15:34 - 2015-02-04 15:34 - 00003690 _____ () C:\windows\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon 2015-02-04 15:34 - 2015-02-04 15:34 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2015-02-04 15:34 - 2013-09-03 18:53 - 00016344 _____ (Intel Corporation) C:\windows\system32\Drivers\IntelMEFWVer.dll 2015-02-04 15:33 - 2015-02-04 15:34 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2015-02-04 15:33 - 2015-02-04 15:34 - 00000000 ____D () C:\ProgramData\Intel 2015-02-04 15:33 - 2015-02-04 15:34 - 00000000 ____D () C:\Program Files\Intel 2015-02-04 15:33 - 2015-02-04 15:34 - 00000000 ____D () C:\Program Files (x86)\Intel 2015-02-04 15:33 - 2015-02-04 15:33 - 00881814 _____ () C:\windows\SysWOW64\PerfStringBackup.INI 2015-02-04 15:33 - 2013-09-05 13:44 - 00064000 _____ (Khronos Group) C:\windows\system32\OpenCL.DLL 2015-02-04 15:33 - 2013-09-05 13:44 - 00060416 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.DLL 2015-02-04 15:33 - 2013-08-21 02:16 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\windows\SysWOW64\CSVer.dll 2015-02-04 15:32 - 2015-02-04 15:32 - 00000000 ___HD () C:\Intel 2015-02-04 15:27 - 2015-02-04 15:29 - 00000042 _____ () C:\windows\SysWOW64\Drivers\17AA_Lenovo_Lenovo_Flex_2-14_20404.MRK 2015-02-04 15:23 - 2014-07-24 10:28 - 00468288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS 2015-02-04 15:23 - 2014-07-24 10:28 - 00419648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys 2015-02-04 15:23 - 2014-07-24 10:28 - 00412992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys 2015-02-04 15:23 - 2014-07-24 10:28 - 00280384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys 2015-02-04 15:23 - 2014-07-24 10:28 - 00143680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys 2015-02-04 15:23 - 2014-07-24 10:25 - 00054752 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe 2015-02-04 15:23 - 2014-07-24 10:23 - 00125472 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll 2015-02-04 15:23 - 2014-07-24 10:20 - 00645592 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll 2015-02-04 15:23 - 2014-07-24 10:20 - 00263400 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe 2015-02-04 15:23 - 2014-07-24 10:16 - 02574208 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL 2015-02-04 15:23 - 2014-07-24 10:16 - 00211216 _____ (Microsoft Corporation) C:\windows\system32\SndVol.exe 2015-02-04 15:23 - 2014-07-24 10:07 - 02009920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys 2015-02-04 15:23 - 2014-07-24 10:05 - 01660048 _____ (Microsoft Corporation) C:\windows\system32\winload.efi 2015-02-04 15:23 - 2014-07-24 10:05 - 01519560 _____ (Microsoft Corporation) C:\windows\system32\winload.exe 2015-02-04 15:23 - 2014-07-24 10:05 - 01488008 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi 2015-02-04 15:23 - 2014-07-24 10:05 - 01356840 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe 2015-02-04 15:23 - 2014-07-24 10:03 - 02141920 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll 2015-02-04 15:23 - 2014-07-24 10:03 - 00882136 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll 2015-02-04 15:23 - 2014-07-24 10:03 - 00360480 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll 2015-02-04 15:23 - 2014-07-24 10:03 - 00233888 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll 2015-02-04 15:23 - 2014-07-24 10:03 - 00205512 _____ (Microsoft Corporation) C:\windows\system32\mftranscode.dll 2015-02-04 15:23 - 2014-07-24 08:50 - 00098048 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll 2015-02-04 15:23 - 2014-07-24 08:48 - 02410976 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL 2015-02-04 15:23 - 2014-07-24 08:48 - 00180208 _____ (Microsoft Corporation) C:\windows\SysWOW64\SndVol.exe 2015-02-04 15:23 - 2014-07-24 08:46 - 00477200 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll 2015-02-04 15:23 - 2014-07-24 08:36 - 02145472 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll 2015-02-04 15:23 - 2014-07-24 08:36 - 00707536 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll 2015-02-04 15:23 - 2014-07-24 08:36 - 00355800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll 2015-02-04 15:23 - 2014-07-24 08:36 - 00180720 _____ (Microsoft Corporation) C:\windows\SysWOW64\mftranscode.dll 2015-02-04 15:23 - 2014-07-24 06:51 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDRUM.DLL 2015-02-04 15:23 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL 2015-02-04 15:23 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTT102.DLL 2015-02-04 15:23 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL 2015-02-04 15:23 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL 2015-02-04 15:23 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL 2015-02-04 15:23 - 2014-07-24 06:51 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL 2015-02-04 15:23 - 2014-07-24 06:46 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys 2015-02-04 15:23 - 2014-07-24 06:45 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hdaudbus.sys 2015-02-04 15:23 - 2014-07-24 06:44 - 00674816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys 2015-02-04 15:23 - 2014-07-24 06:43 - 00412160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys 2015-02-04 15:23 - 2014-07-24 06:42 - 01200640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys 2015-02-04 15:23 - 2014-07-24 06:42 - 00446976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nwifi.sys 2015-02-04 15:23 - 2014-07-24 06:42 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\NdisImPlatform.sys 2015-02-04 15:23 - 2014-07-24 06:41 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthpan.sys 2015-02-04 15:23 - 2014-07-24 06:41 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bridge.sys 2015-02-04 15:23 - 2014-07-24 06:33 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\wups.dll 2015-02-04 15:23 - 2014-07-24 06:33 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll 2015-02-04 15:23 - 2014-07-24 06:22 - 00308736 _____ (Microsoft Corporation) C:\windows\system32\compstui.dll 2015-02-04 15:23 - 2014-07-24 06:06 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\iasnap.dll 2015-02-04 15:23 - 2014-07-24 06:05 - 00287232 _____ (Microsoft Corporation) C:\windows\system32\usbmon.dll 2015-02-04 15:23 - 2014-07-24 06:05 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll 2015-02-04 15:23 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL 2015-02-04 15:23 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTT102.DLL 2015-02-04 15:23 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL 2015-02-04 15:23 - 2014-07-24 05:51 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRUM.DLL 2015-02-04 15:23 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL 2015-02-04 15:23 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL 2015-02-04 15:23 - 2014-07-24 05:51 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL 2015-02-04 15:23 - 2014-07-24 05:49 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\WorkFoldersGPExt.dll 2015-02-04 15:23 - 2014-07-24 05:33 - 00026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll 2015-02-04 15:23 - 2014-07-24 05:32 - 00207360 _____ (Microsoft Corporation) C:\windows\system32\powercfg.cpl 2015-02-04 15:23 - 2014-07-24 05:20 - 02050560 _____ (Microsoft Corporation) C:\windows\system32\SRH.dll 2015-02-04 15:23 - 2014-07-24 05:18 - 01089024 _____ (Microsoft Corporation) C:\windows\system32\gpedit.dll 2015-02-04 15:23 - 2014-07-24 05:12 - 00878592 _____ (Microsoft Corporation) C:\windows\system32\ActionCenter.dll 2015-02-04 15:23 - 2014-07-24 05:10 - 01844224 _____ (Microsoft Corporation) C:\windows\system32\Display.dll 2015-02-04 15:23 - 2014-07-24 05:10 - 00834560 _____ (Microsoft Corporation) C:\windows\system32\osk.exe 2015-02-04 15:23 - 2014-07-24 05:10 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll 2015-02-04 15:23 - 2014-07-24 05:10 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\iasnap.dll 2015-02-04 15:23 - 2014-07-24 05:09 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll 2015-02-04 15:23 - 2014-07-24 05:05 - 00187392 _____ (Microsoft Corporation) C:\windows\system32\WorkFoldersShell.dll 2015-02-04 15:23 - 2014-07-24 04:53 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\prnntfy.dll 2015-02-04 15:23 - 2014-07-24 04:52 - 00621056 _____ (Microsoft Corporation) C:\windows\system32\comdlg32.dll 2015-02-04 15:23 - 2014-07-24 04:44 - 16874496 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll 2015-02-04 15:23 - 2014-07-24 04:42 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercfg.cpl 2015-02-04 15:23 - 2014-07-24 04:40 - 00557056 _____ (Microsoft Corporation) C:\windows\system32\PrintDialogs.dll 2015-02-04 15:23 - 2014-07-24 04:39 - 00770048 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll 2015-02-04 15:23 - 2014-07-24 04:33 - 01741824 _____ (Microsoft Corporation) C:\windows\SysWOW64\SRH.dll 2015-02-04 15:23 - 2014-07-24 04:32 - 01048064 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpedit.dll 2015-02-04 15:23 - 2014-07-24 04:27 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll 2015-02-04 15:23 - 2014-07-24 04:27 - 00779264 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe 2015-02-04 15:23 - 2014-07-24 04:25 - 00832512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActionCenter.dll 2015-02-04 15:23 - 2014-07-24 04:24 - 01817088 _____ (Microsoft Corporation) C:\windows\SysWOW64\Display.dll 2015-02-04 15:23 - 2014-07-24 04:21 - 00134144 _____ (Microsoft Corporation) C:\windows\system32\browser.dll 2015-02-04 15:23 - 2014-07-24 04:18 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\wlansvcpal.dll 2015-02-04 15:23 - 2014-07-24 04:16 - 12730880 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll 2015-02-04 15:23 - 2014-07-24 04:14 - 00443904 _____ (Microsoft Corporation) C:\windows\system32\wlansec.dll 2015-02-04 15:23 - 2014-07-24 04:13 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\prnntfy.dll 2015-02-04 15:23 - 2014-07-24 04:12 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\WiFiDisplay.dll 2015-02-04 15:23 - 2014-07-24 04:11 - 00356864 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe 2015-02-04 15:23 - 2014-07-24 04:11 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\wshbth.dll 2015-02-04 15:23 - 2014-07-24 04:10 - 00540672 _____ (Microsoft Corporation) C:\windows\SysWOW64\comdlg32.dll 2015-02-04 15:23 - 2014-07-24 04:04 - 00492032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintDialogs.dll 2015-02-04 15:23 - 2014-07-24 04:04 - 00183808 _____ (Microsoft Corp.) C:\windows\system32\Defrag.exe 2015-02-04 15:23 - 2014-07-24 04:03 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll 2015-02-04 15:23 - 2014-07-24 03:58 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\BluetoothApis.dll 2015-02-04 15:23 - 2014-07-24 03:53 - 01261056 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll 2015-02-04 15:23 - 2014-07-24 03:53 - 00449536 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll 2015-02-04 15:23 - 2014-07-24 03:49 - 01287680 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll 2015-02-04 15:23 - 2014-07-24 03:49 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\wlanapi.dll 2015-02-04 15:23 - 2014-07-24 03:48 - 00659968 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Bluetooth.dll 2015-02-04 15:23 - 2014-07-24 03:47 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll 2015-02-04 15:23 - 2014-07-24 03:43 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshbth.dll 2015-02-04 15:23 - 2014-07-24 03:39 - 02397184 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll 2015-02-04 15:23 - 2014-07-24 03:38 - 00371200 _____ (Microsoft Corporation) C:\windows\system32\wlanmsm.dll 2015-02-04 15:23 - 2014-07-24 03:36 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\BluetoothApis.dll 2015-02-04 15:23 - 2014-07-24 03:32 - 01532416 _____ (Microsoft Corporation) C:\windows\system32\wlansvc.dll 2015-02-04 15:23 - 2014-07-24 03:30 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanapi.dll 2015-02-04 15:23 - 2014-07-24 03:29 - 00439296 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Bluetooth.dll 2015-02-04 15:23 - 2014-07-24 03:28 - 00595456 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.dll 2015-02-04 15:23 - 2014-07-24 03:23 - 01404416 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll 2015-02-04 15:23 - 2014-07-24 03:22 - 00487936 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv 2015-02-04 15:23 - 2014-07-24 03:21 - 01231872 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.dll 2015-02-04 15:23 - 2014-07-24 03:21 - 00302080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanmsm.dll 2015-02-04 15:23 - 2014-07-24 03:20 - 00187392 _____ (Microsoft Corporation) C:\windows\system32\puiapi.dll 2015-02-04 15:23 - 2014-07-24 03:19 - 00388608 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll 2015-02-04 15:23 - 2014-07-24 03:18 - 01144320 _____ (Microsoft Corporation) C:\windows\system32\wwanmm.dll 2015-02-04 15:23 - 2014-07-24 03:18 - 00795136 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe 2015-02-04 15:23 - 2014-07-24 03:18 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll 2015-02-04 15:23 - 2014-07-24 03:16 - 00505344 _____ (Microsoft Corporation) C:\windows\system32\VAN.dll 2015-02-04 15:23 - 2014-07-24 03:16 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll 2015-02-04 15:23 - 2014-07-24 03:15 - 00828416 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll 2015-02-04 15:23 - 2014-07-24 03:15 - 00721408 _____ (Microsoft Corporation) C:\windows\system32\twinapi.dll 2015-02-04 15:23 - 2014-07-24 03:15 - 00432128 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.dll 2015-02-04 15:23 - 2014-07-24 03:13 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\SndVolSSO.dll 2015-02-04 15:23 - 2014-07-24 03:10 - 00889344 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.dll 2015-02-04 15:23 - 2014-07-24 03:10 - 00371712 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv 2015-02-04 15:23 - 2014-07-24 03:08 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll 2015-02-04 15:23 - 2014-07-24 03:08 - 00162816 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiapi.dll 2015-02-04 15:23 - 2014-07-24 03:07 - 01705472 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll 2015-02-04 15:23 - 2014-07-24 03:06 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll 2015-02-04 15:23 - 2014-07-24 03:05 - 00448000 _____ (Microsoft Corporation) C:\windows\SysWOW64\VAN.dll 2015-02-04 15:23 - 2014-07-24 03:04 - 00667136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll 2015-02-04 15:23 - 2014-07-24 03:02 - 03465216 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll 2015-02-04 15:23 - 2014-07-24 03:01 - 01992192 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll 2015-02-04 15:23 - 2014-07-24 03:00 - 02100736 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlowUI.dll 2015-02-04 15:23 - 2014-07-24 02:58 - 00432640 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll 2015-02-04 15:23 - 2014-07-24 02:58 - 00288768 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll 2015-02-04 15:23 - 2014-07-24 02:54 - 01290752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll 2015-02-04 15:23 - 2014-07-24 02:50 - 01182208 _____ (Microsoft Corporation) C:\windows\system32\printui.dll 2015-02-04 15:23 - 2014-07-24 02:49 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll 2015-02-04 15:23 - 2014-07-24 02:47 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll 2015-02-04 15:23 - 2014-07-24 02:44 - 01057792 _____ (Microsoft Corporation) C:\windows\SysWOW64\printui.dll 2015-02-04 15:23 - 2014-07-24 02:43 - 00200192 _____ (Microsoft Corporation) C:\windows\SysWOW64\DafPrintProvider.dll 2015-02-04 15:23 - 2014-07-24 02:41 - 00459264 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll 2015-02-04 15:23 - 2014-07-24 02:28 - 01600000 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll 2015-02-04 15:23 - 2014-07-12 00:55 - 00268288 _____ (Microsoft Corporation) C:\windows\system32\wisp.dll 2015-02-04 15:23 - 2014-07-11 23:58 - 00210944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wisp.dll 2015-02-04 15:23 - 2014-07-04 07:59 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys 2015-02-04 15:23 - 2014-07-04 05:29 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\AppxSip.dll 2015-02-04 15:23 - 2014-07-04 05:20 - 01656832 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll 2015-02-04 15:23 - 2014-07-04 05:06 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxSip.dll 2015-02-04 15:23 - 2014-07-04 05:00 - 01351168 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll 2015-02-04 15:23 - 2014-07-04 04:30 - 00544768 _____ (Microsoft Corporation) C:\windows\system32\AppxPackaging.dll 2015-02-04 15:23 - 2014-07-04 04:27 - 00474112 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxPackaging.dll 2015-02-04 15:23 - 2014-06-27 01:22 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys 2015-02-04 15:23 - 2014-06-25 19:32 - 01029632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mispace.dll 2015-02-04 15:23 - 2014-06-25 19:29 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\dab.dll 2015-02-04 15:23 - 2014-06-19 20:48 - 01273184 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2015-02-04 15:23 - 2014-06-19 18:52 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll 2015-02-04 15:23 - 2014-06-19 18:37 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys 2015-02-04 15:23 - 2014-06-18 21:13 - 00310080 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys 2015-02-04 15:23 - 2014-06-14 01:03 - 02389504 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll 2015-02-04 15:23 - 2014-06-14 00:46 - 02071552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll 2015-02-04 15:23 - 2014-06-12 20:15 - 00517528 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll 2015-02-04 15:23 - 2014-06-12 20:14 - 01557848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys 2015-02-04 15:23 - 2014-06-12 19:10 - 00406400 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll 2015-02-04 15:23 - 2014-06-07 07:46 - 00216368 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll 2015-02-04 15:23 - 2014-06-07 05:20 - 00189016 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll 2015-02-04 15:23 - 2014-06-06 06:34 - 02133504 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll 2015-02-04 15:23 - 2014-06-05 09:00 - 01118040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys 2015-02-04 15:23 - 2014-06-05 05:18 - 01018368 _____ (Microsoft Corporation) C:\windows\system32\aclui.dll 2015-02-04 15:23 - 2014-06-05 04:42 - 00889856 _____ (Microsoft Corporation) C:\windows\SysWOW64\aclui.dll 2015-02-04 15:23 - 2014-05-31 00:00 - 01463808 _____ (Microsoft Corporation) C:\windows\system32\wsecedit.dll 2015-02-04 15:23 - 2014-05-30 23:18 - 01319936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsecedit.dll 2015-02-04 15:23 - 2014-05-29 01:23 - 00427008 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll 2015-02-04 15:23 - 2014-05-29 00:25 - 00313856 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll 2015-02-04 15:23 - 2014-05-26 02:26 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\AppxSysprep.dll 2015-02-04 15:23 - 2014-05-10 05:12 - 00387896 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll 2015-02-04 15:23 - 2014-05-10 03:46 - 00335680 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll 2015-02-04 15:23 - 2014-05-05 23:41 - 00486744 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll 2015-02-04 15:23 - 2014-05-05 19:55 - 00391000 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll 2015-02-04 15:23 - 2014-03-24 21:27 - 00160600 _____ (Microsoft Corporation) C:\windows\system32\winmmbase.dll 2015-02-04 15:23 - 2014-03-24 21:27 - 00123920 _____ (Microsoft Corporation) C:\windows\system32\winmm.dll 2015-02-04 15:23 - 2014-03-24 20:20 - 00128568 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmm.dll 2015-02-04 15:23 - 2014-03-24 20:20 - 00127544 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmmbase.dll 2015-02-04 15:22 - 2015-02-28 19:21 - 01667672 _____ () C:\windows\WindowsUpdate.log 2015-02-04 15:22 - 2015-02-04 16:21 - 00028272 _____ () C:\windows\DPINST.LOG 2015-02-04 15:22 - 2015-02-04 15:40 - 00000011 _____ () C:\windows\system32\lendrvchk.scp 2015-02-04 15:19 - 2015-02-04 15:19 - 00002324 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2491684161-953214207-2461470077-500 2015-02-04 00:15 - 2014-08-07 13:20 - 00549104 _____ (Synaptics Incorporated) C:\windows\system32\Drivers\SynTP.sys 2015-02-04 00:15 - 2014-08-07 13:20 - 00208112 _____ (Synaptics Incorporated) C:\windows\system32\SynTPCo20.dll 2015-02-04 00:15 - 2014-08-07 13:20 - 00031472 _____ (Synaptics Incorporated) C:\windows\system32\Drivers\Smb_driver_Intel.sys 2015-02-04 00:15 - 2014-08-07 13:19 - 00745200 _____ (Synaptics Incorporated) C:\windows\system32\SynCOM.dll 2015-02-04 00:15 - 2014-08-07 13:19 - 00404720 _____ (Synaptics Incorporated) C:\windows\SysWOW64\SynCom.dll 2015-02-04 00:15 - 2014-08-07 13:19 - 00254704 _____ (Synaptics Incorporated) C:\windows\system32\SynTPAPI.dll 2015-02-04 00:13 - 2014-01-07 21:56 - 07596528 _____ (Intel Corporation) C:\windows\system32\GfxUIEx.exe 2015-02-04 00:13 - 2014-01-07 21:56 - 02476976 _____ (Intel Corporation) C:\windows\system32\IntelWiDiVAD64.exe 2015-02-04 00:13 - 2014-01-07 21:56 - 00906224 _____ (Intel Corporation) C:\windows\system32\igfxstarter.exe 2015-02-04 00:13 - 2014-01-07 21:56 - 00845296 _____ (Intel Corporation) C:\windows\system32\igfxsrvc.exe 2015-02-04 00:13 - 2014-01-07 21:56 - 00771568 _____ (Intel Corporation) C:\windows\system32\hkcmd.exe 2015-02-04 00:13 - 2014-01-07 21:56 - 00770544 _____ (Intel Corporation) C:\windows\system32\igfxpers.exe 2015-02-04 00:13 - 2014-01-07 21:56 - 00755184 _____ (Intel Corporation) C:\windows\system32\GfxUIHotKeyMenu.exe 2015-02-04 00:13 - 2014-01-07 21:56 - 00530928 _____ (Intel Corporation) C:\windows\system32\DPTopologyApp.exe 2015-02-04 00:13 - 2014-01-07 21:56 - 00416240 _____ (Intel Corporation) C:\windows\system32\IntelWiDiUMS64.exe 2015-02-04 00:13 - 2014-01-07 21:56 - 00397808 _____ (Intel Corporation) C:\windows\system32\igfxext.exe 2015-02-04 00:13 - 2014-01-07 21:56 - 00396784 _____ (Intel Corporation) C:\windows\system32\CustomModeApp.exe 2015-02-04 00:13 - 2014-01-07 21:56 - 00391152 _____ (Intel Corporation) C:\windows\system32\igfxtray.exe 2015-02-04 00:13 - 2014-01-07 21:56 - 00279024 _____ (Intel Corporation) C:\windows\SysWOW64\IntelCpHeciSvc.exe 2015-02-04 00:13 - 2014-01-07 21:56 - 00153072 _____ (Intel Corporation) C:\windows\system32\difx64.exe 2015-02-04 00:13 - 2013-12-30 16:06 - 00450520 _____ (Intel® Corporation) C:\windows\system32\Drivers\IntcDAud.sys 2015-02-04 00:13 - 2013-12-30 16:06 - 00182784 _____ (Intel Corporation) C:\windows\system32\igfxCoIn_v3383.dll 2015-02-04 00:13 - 2013-12-30 16:03 - 00002940 _____ () C:\windows\system32\iglhxs64.vp 2015-02-04 00:13 - 2013-12-30 16:01 - 19202560 _____ (Intel Corporation) C:\windows\SysWOW64\igdumdim32.dll 2015-02-04 00:13 - 2013-12-30 16:01 - 06280704 _____ (Intel Corporation) C:\windows\SysWOW64\ig75icd32.dll 2015-02-04 00:13 - 2013-12-30 16:01 - 00280064 _____ () C:\windows\SysWOW64\igdmd32.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 21658624 _____ (Intel Corporation) C:\windows\system32\igd10iumd64.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 21007360 _____ (Intel Corporation) C:\windows\SysWOW64\igd10iumd32.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 19950592 _____ (Intel Corporation) C:\windows\system32\igdumdim64.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 09081856 _____ (Intel Corporation) C:\windows\system32\igfxress.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 07944704 _____ (Intel Corporation) C:\windows\system32\ig75icd64.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 04220416 _____ (Intel Corporation) C:\windows\system32\Drivers\igdkmd64.sys 2015-02-04 00:13 - 2013-12-30 16:00 - 02384896 _____ () C:\windows\system32\GfxRes.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00729088 _____ (Intel Corporation) C:\windows\system32\MetroIntelGenericUIFramework.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00624640 _____ (Intel Corporation) C:\windows\system32\igfxdev.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00548864 _____ (Intel Corporation) C:\windows\system32\igfxpph.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00527872 _____ (Intel Corporation) C:\windows\system32\igfxrell.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00527360 _____ (Intel Corporation) C:\windows\system32\igfxrplk.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00527360 _____ (Intel Corporation) C:\windows\system32\igfxrfra.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00527360 _____ (Intel Corporation) C:\windows\system32\igfxresn.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00526848 _____ (Intel Corporation) C:\windows\system32\igfxrrus.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00526848 _____ (Intel Corporation) C:\windows\system32\igfxrdeu.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00526336 _____ (Intel Corporation) C:\windows\system32\igfxrrom.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00526336 _____ (Intel Corporation) C:\windows\system32\igfxrnld.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00526336 _____ (Intel Corporation) C:\windows\system32\igfxrita.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00525824 _____ (Intel Corporation) C:\windows\system32\igfxrsky.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00525824 _____ (Intel Corporation) C:\windows\system32\igfxrptg.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00525824 _____ (Intel Corporation) C:\windows\system32\igfxrhun.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00525824 _____ (Intel Corporation) C:\windows\system32\igfxrhrv.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00525824 _____ (Intel Corporation) C:\windows\system32\igfxrcsy.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00525312 _____ (Intel Corporation) C:\windows\system32\igfxrsve.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00525312 _____ (Intel Corporation) C:\windows\system32\igfxrslv.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00525312 _____ (Intel Corporation) C:\windows\system32\igfxrfin.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00524800 _____ (Intel Corporation) C:\windows\system32\igfxrtrk.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00524800 _____ (Intel Corporation) C:\windows\system32\igfxrptb.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00524288 _____ (Intel Corporation) C:\windows\system32\igfxrnor.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00524288 _____ (Intel Corporation) C:\windows\system32\igfxrdan.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00523776 _____ (Intel Corporation) C:\windows\system32\igfxrtha.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00522240 _____ (Intel Corporation) C:\windows\system32\igfxrheb.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00521728 _____ (Intel Corporation) C:\windows\system32\igfxrara.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00517632 _____ (Intel Corporation) C:\windows\system32\igfxrjpn.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00516096 _____ (Intel Corporation) C:\windows\system32\igfxrkor.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00514048 _____ (Intel Corporation) C:\windows\system32\igfxrcht.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00513536 _____ (Intel Corporation) C:\windows\system32\igfxrchs.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00493056 _____ (Intel Corporation) C:\windows\SysWOW64\igfxdv32.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00371200 _____ (Intel Corporation) C:\windows\system32\igfxrenu.lrc 2015-02-04 00:13 - 2013-12-30 16:00 - 00347648 _____ () C:\windows\system32\igdmd64.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00346624 _____ (Intel Corporation) C:\windows\system32\igfxTMM.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00279040 _____ (Intel Corporation) C:\windows\system32\igfxcpl.cpl 2015-02-04 00:13 - 2013-12-30 16:00 - 00267407 _____ () C:\windows\system32\Gfxres.th-TH.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00253466 _____ () C:\windows\system32\Gfxres.el-GR.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00243712 _____ (Intel Corporation) C:\windows\system32\igfxdo.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00235401 _____ () C:\windows\system32\Gfxres.ru-RU.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00224256 _____ (Intel Corporation) C:\windows\system32\hccutils.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00222208 _____ () C:\windows\system32\igdde64.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00201128 _____ () C:\windows\system32\Gfxres.ar-SA.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00198725 _____ () C:\windows\system32\Gfxres.ja-JP.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00194560 _____ (Intel Corporation) C:\windows\system32\gfxSrvc.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00192758 _____ () C:\windows\system32\Gfxres.he-IL.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00182272 _____ () C:\windows\SysWOW64\igdde32.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00180936 _____ () C:\windows\system32\Gfxres.ko-KR.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00180850 _____ () C:\windows\system32\Gfxres.it-IT.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00178473 _____ () C:\windows\system32\Gfxres.es-ES.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00178290 _____ () C:\windows\system32\Gfxres.fr-FR.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00178123 _____ () C:\windows\system32\Gfxres.de-DE.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00176838 _____ () C:\windows\system32\Gfxres.ro-RO.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00175862 _____ () C:\windows\system32\Gfxres.hu-HU.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00175571 _____ () C:\windows\system32\Gfxres.tr-TR.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00175067 _____ () C:\windows\system32\Gfxres.nl-NL.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00174802 _____ () C:\windows\system32\Gfxres.pl-PL.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00174269 _____ () C:\windows\system32\Gfxres.pt-BR.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00173792 _____ () C:\windows\system32\Gfxres.fi-FI.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00173276 _____ () C:\windows\system32\Gfxres.sk-SK.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00173059 _____ () C:\windows\system32\Gfxres.sv-SE.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00172833 _____ () C:\windows\system32\Gfxres.pt-PT.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00172554 _____ () C:\windows\system32\Gfxres.cs-CZ.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00171691 _____ () C:\windows\system32\Gfxres.hr-HR.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00168215 _____ () C:\windows\system32\Gfxres.sl-SI.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00166833 _____ () C:\windows\system32\Gfxres.nb-NO.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00166220 _____ () C:\windows\system32\Gfxres.da-DK.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00161534 _____ () C:\windows\system32\Gfxres.en-US.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00160256 _____ () C:\windows\system32\igdail64.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00154805 _____ () C:\windows\system32\Gfxres.zh-TW.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00152993 _____ () C:\windows\system32\Gfxres.zh-CN.resources 2015-02-04 00:13 - 2013-12-30 16:00 - 00142848 _____ () C:\windows\SysWOW64\igdail32.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00066560 _____ (Intel Corporation) C:\windows\system32\igfxsrvc.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00029696 _____ (Intel Corporation) C:\windows\system32\igfxexps.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00025600 _____ (Intel Corporation) C:\windows\SysWOW64\igfxexps32.dll 2015-02-04 00:13 - 2013-12-30 16:00 - 00012288 _____ ( ) C:\windows\system32\IGFXDEVLib.dll 2015-02-04 00:13 - 2013-12-30 15:53 - 25971712 _____ (Intel Corporation) C:\windows\system32\igdfcl64.dll 2015-02-04 00:13 - 2013-12-30 15:53 - 20954112 _____ (Intel Corporation) C:\windows\SysWOW64\igdfcl32.dll 2015-02-04 00:13 - 2013-12-30 15:53 - 03207680 _____ (Intel Corporation) C:\windows\system32\igdrcl64.dll 2015-02-04 00:13 - 2013-12-30 15:53 - 02881536 _____ (Intel Corporation) C:\windows\SysWOW64\igdrcl32.dll 2015-02-04 00:13 - 2013-12-30 15:53 - 00329216 _____ (Intel Corporation) C:\windows\system32\igdbcl64.dll 2015-02-04 00:13 - 2013-12-30 15:53 - 00320512 _____ (Intel Corporation) C:\windows\system32\IntelOpenCL64.dll 2015-02-04 00:13 - 2013-12-30 15:53 - 00290816 _____ (Intel Corporation) C:\windows\SysWOW64\igdbcl32.dll 2015-02-04 00:13 - 2013-12-30 15:53 - 00265216 _____ (Intel Corporation) C:\windows\SysWOW64\IntelOpenCL32.dll 2015-02-04 00:13 - 2013-12-30 15:47 - 04011168 _____ (Intel Corporation) C:\windows\system32\IntelWiDiAAC64.dll 2015-02-04 00:13 - 2013-12-30 15:47 - 02065920 _____ (Intel Corporation) C:\windows\system32\igfxcmjit64.dll 2015-02-04 00:13 - 2013-12-30 15:47 - 01815040 _____ (Intel Corporation) C:\windows\SysWOW64\igfxcmjit32.dll 2015-02-04 00:13 - 2013-12-30 15:47 - 01450656 _____ (Intel Corporation) C:\windows\system32\IntelWiDiSecureSourceFilter64.dll 2015-02-04 00:13 - 2013-12-30 15:47 - 00785568 _____ (Intel Corporation) C:\windows\system32\IntelWiDiWinNextAgent64.dll 2015-02-04 00:13 - 2013-12-30 15:47 - 00644768 _____ (Intel Corporation) C:\windows\system32\IntelWiDiAudioFilter64.dll 2015-02-04 00:13 - 2013-12-30 15:47 - 00602272 _____ (Intel Corporation) C:\windows\system32\IntelWiDiMux64.dll 2015-02-04 00:13 - 2013-12-30 15:47 - 00344736 _____ (Intel Corporation) C:\windows\system32\IntelWiDiSilenceFilter64.dll 2015-02-04 00:13 - 2013-12-30 15:47 - 00210592 _____ (Intel Corporation) C:\windows\system32\IntelWiDiUtils64.dll 2015-02-04 00:13 - 2013-12-30 15:47 - 00177824 _____ (Intel Corporation) C:\windows\system32\IntelWiDiDDEAgent64.dll 2015-02-04 00:13 - 2013-12-30 15:47 - 00163328 _____ (Intel Corporation) C:\windows\system32\igfxcmrt64.dll 2015-02-04 00:13 - 2013-12-30 15:47 - 00155136 _____ (Intel Corporation) C:\windows\system32\igfx11cmrt64.dll 2015-02-04 00:13 - 2013-12-30 15:47 - 00137728 _____ (Intel Corporation) C:\windows\SysWOW64\igfxcmrt32.dll 2015-02-04 00:13 - 2013-12-30 15:47 - 00133120 _____ (Intel Corporation) C:\windows\SysWOW64\igfx11cmrt32.dll 2015-02-04 00:13 - 2013-12-30 15:47 - 00128672 _____ (Intel Corporation) C:\windows\system32\IntelWiDiMCUMD64.dll 2015-02-04 00:13 - 2013-12-30 15:47 - 00094368 _____ (Intel Corporation) C:\windows\system32\IntelWiDiLogServer64.dll 2015-02-04 00:13 - 2013-12-30 15:46 - 04472320 _____ (Intel Corporation) C:\windows\system32\igdusc64.dll 2015-02-04 00:13 - 2013-12-30 15:28 - 03556864 _____ (Intel Corporation) C:\windows\SysWOW64\igdusc32.dll 2015-02-04 00:13 - 2013-09-05 13:44 - 02813952 _____ () C:\windows\system32\iglhxa64.cpa 2015-02-04 00:13 - 2013-09-05 13:44 - 01127424 _____ (Intel Corporation) C:\windows\system32\iglhsip64.dll 2015-02-04 00:13 - 2013-09-05 13:44 - 01123328 _____ (Intel Corporation) C:\windows\SysWOW64\iglhsip32.dll 2015-02-04 00:13 - 2013-09-05 13:44 - 00214528 _____ (Intel Corporation) C:\windows\system32\iglhcp64.dll 2015-02-04 00:13 - 2013-09-05 13:44 - 00179712 _____ (Intel Corporation) C:\windows\SysWOW64\iglhcp32.dll 2015-02-04 00:13 - 2013-09-05 13:44 - 00094208 _____ () C:\windows\system32\IccLibDll_x64.dll 2015-02-04 00:13 - 2013-09-05 13:44 - 00064000 _____ (Khronos Group) C:\windows\system32\Intel_OpenCL_ICD64.dll 2015-02-04 00:13 - 2013-09-05 13:44 - 00060416 _____ (Khronos Group) C:\windows\SysWOW64\Intel_OpenCL_ICD32.dll 2015-02-04 00:13 - 2013-09-05 13:44 - 00044025 _____ () C:\windows\system32\iglhxo64.vp 2015-02-04 00:13 - 2013-09-05 13:44 - 00043816 _____ () C:\windows\system32\iglhxc64_dev.vp 2015-02-04 00:13 - 2013-09-05 13:44 - 00043494 _____ () C:\windows\system32\iglhxc64.vp 2015-02-04 00:13 - 2013-09-05 13:44 - 00043298 _____ () C:\windows\system32\iglhxg64_dev.vp 2015-02-04 00:13 - 2013-09-05 13:44 - 00043256 _____ () C:\windows\system32\iglhxg64.vp 2015-02-04 00:13 - 2013-09-05 13:44 - 00042079 _____ () C:\windows\system32\iglhxo64_dev.vp 2015-02-04 00:13 - 2013-09-05 13:44 - 00001125 _____ () C:\windows\system32\iglhxa64.vp 2015-02-04 00:13 - 2013-09-03 18:53 - 01795952 _____ (Microsoft Corporation) C:\windows\system32\WdfCoInstaller01011.dll 2015-02-04 00:13 - 2013-09-03 18:53 - 00099288 _____ (Intel Corporation) C:\windows\system32\Drivers\TeeDriverx64.sys 2015-02-04 00:11 - 2015-02-04 00:11 - 00000005 _____ () C:\windows\core.ver 2015-02-04 00:08 - 2015-02-04 00:08 - 00028672 ___SH () C:\windows\system32\config\BCD-Template.LOG 2015-02-04 00:08 - 2015-02-04 00:03 - 00000012 _____ () C:\windows\CSUP.TXT ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-28 19:00 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\system32\sru 2015-02-28 18:57 - 2013-08-22 08:25 - 00262144 ___SH () C:\windows\system32\config\ELAM 2015-02-28 18:54 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\AppReadiness 2015-02-27 07:22 - 2014-03-18 04:53 - 00865408 _____ () C:\windows\system32\PerfStringBackup.INI 2015-02-27 07:16 - 2014-03-18 04:44 - 00034650 _____ () C:\windows\PFRO.log 2015-02-27 07:16 - 2013-08-22 09:46 - 00027191 _____ () C:\windows\setupact.log 2015-02-27 07:16 - 2013-08-22 09:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2015-02-27 07:16 - 2013-08-22 08:25 - 00524288 ___SH () C:\windows\system32\config\BBI 2015-02-25 10:43 - 2013-08-22 10:20 - 00000000 ____D () C:\windows\CbsTemp 2015-02-23 06:59 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\LiveKernelReports 2015-02-22 16:58 - 2013-08-22 10:36 - 00000000 __RSD () C:\windows\Media 2015-02-20 11:38 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\rescache 2015-02-16 18:54 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\system32\NDF 2015-02-16 17:05 - 2013-08-22 09:44 - 00492000 _____ () C:\windows\system32\FNTCACHE.DAT 2015-02-16 17:02 - 2013-08-22 10:36 - 00000000 ___RD () C:\windows\ToastData 2015-02-16 17:02 - 2013-08-22 10:36 - 00000000 ___RD () C:\windows\ImmersiveControlPanel 2015-02-16 17:02 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-02-16 17:02 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-02-16 17:02 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\WinStore 2015-02-16 17:02 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\system32\sr-Latn-RS 2015-02-16 17:02 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\system32\sr-Latn-CS 2015-02-16 17:02 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\PolicyDefinitions 2015-02-16 17:02 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\MediaViewer 2015-02-16 17:02 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\FileManager 2015-02-16 17:02 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\Camera 2015-02-16 17:02 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Defender 2015-02-16 17:02 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-02-15 23:35 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2015-02-13 21:10 - 2013-08-22 10:36 - 00000000 ___HD () C:\windows\ELAMBKUP 2015-02-04 16:29 - 2014-04-03 14:15 - 00000000 ____D () C:\windows\Panther 2015-02-04 16:28 - 2013-08-22 10:37 - 00004787 _____ () C:\windows\DtcInstall.log 2015-02-04 16:22 - 2013-08-22 10:36 - 00001410 _____ () C:\windows\system32\OEMDefaultAssociations.xml 2015-02-04 16:21 - 2013-09-24 18:40 - 00035576 _____ (Lenovo Corporation) C:\windows\system32\Drivers\AcpiVpc.sys 2015-02-04 15:30 - 2014-03-18 04:38 - 00000000 ____D () C:\Program Files\Windows Journal 2015-02-04 15:30 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-02-04 15:30 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-02-04 15:30 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\SysWOW64\setup 2015-02-04 15:30 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\SysWOW64\InputMethod 2015-02-04 15:30 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\system32\setup 2015-02-04 15:30 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\oobe 2015-02-04 15:22 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\system32\restore 2015-02-04 15:22 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\Sysprep 2015-02-04 15:21 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\system32\Recovery 2015-02-04 00:12 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\Web 2015-02-04 00:12 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\Resources 2015-02-04 00:12 - 2013-08-22 10:36 - 00000000 ____D () C:\windows\Help 2015-02-04 00:12 - 2013-08-22 08:36 - 00000000 ___HD () C:\Users\Default 2015-02-04 00:08 - 2013-08-22 10:36 - 00262144 _____ () C:\windows\system32\config\BCD-Template ==================== Files in the root of some directories ======= 2015-02-13 21:10 - 2015-02-13 21:10 - 27093992 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe 2015-02-16 18:05 - 2015-02-16 18:05 - 0000044 _____ () C:\Users\Vicki\AppData\Roaming\WB.CFG 2015-02-13 20:50 - 2015-02-28 18:58 - 0052061 _____ () C:\Users\Vicki\AppData\Local\BTServer.log 2015-02-04 15:35 - 2015-02-04 15:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some content of TEMP: ==================== C:\Users\Vicki\AppData\Local\Temp\MSETUP4.EXE C:\Users\Vicki\AppData\Local\Temp\SPSetup.exe C:\Users\Vicki\AppData\Local\Temp\supoptsetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-23 04:01 ==================== End Of Log ============================
  6. fcignarella
    FRST part 1 result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015 Ran by Vicki (administrator) on VICKI-PC on 28-02-2015 19:24:16 Running from C:\Users\Vicki\AppData\Local\Microsoft\Windows\INetCache\IE\T3MGIUWO Loaded Profiles: Vicki (Available profiles: Vicki) Platform: Windows 8.1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe () C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe (Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe (Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe (McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe () C:\Windows\SysWOW64\UMonit64.exe (Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe (Super PC Tools Ltd) C:\ProgramData\{c7c5bb79-4cd7-2948-c7c5-5bb794cdede5}\SuperOptimizer.exe (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE () C:\Program Files\Lenovo PhoneCompanion\adb.exe (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (McAfee, Inc.) C:\Program Files\mcafee\MAT\McPvTray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\Windows\WinStore\WSHost.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe () C:\Program Files\WindowsApps\Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt\Facebook.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320360 2014-08-04] (Intel Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor) HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor) HKLM\...\Run: [btServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [217088 2014-06-06] (Realtek Semiconductor Corporation) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2808560 2014-08-07] (Synaptics Incorporated) HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2015-02-04] () HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2015-02-04] (Lenovo) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2015-02-04] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2015-02-04] (Lenovo(beijing) Limited) HKLM-x32\...\Run: [Lenovo Recommends] => C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe [119280 2014-01-09] (Lenovo) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-2491684161-953214207-2461470077-1001\...\MountPoints2: {45347752-ba2b-11e4-8266-acd1b8139b6e} - "E:\Msetup4.exe" HKU\S-1-5-21-2491684161-953214207-2461470077-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [571392 2013-08-22] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey IE RunOnce.lnk ShortcutTarget: Install SafeKey IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee) Startup: C:\Users\Vicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SuperOptimizer.lnk ShortcutTarget: SuperOptimizer.lnk -> C:\ProgramData\{c7c5bb79-4cd7-2948-c7c5-5bb794cdede5}\SuperOptimizer.exe (Super PC Tools Ltd) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2491684161-953214207-2461470077-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/ HKU\S-1-5-21-2491684161-953214207-2461470077-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB HKU\S-1-5-21-2491684161-953214207-2461470077-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.lenovo.com SearchScopes: HKLM -> DefaultScope {CC6BCA79-81B6-4643-AF49-DD9F635BB7E2} URL = http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_secureddownload_15_08&cd=2XzuyEtN2Y1L1Qzu0A0C0DtC0BzztCtAzy0ByC0E0FtDtB0DtN0D0Tzu0StCtCyEtBtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyByDtA0DzztD0DzytG0ByC0E0FtG0ByC0BzztGtA0EyCzztGtB0B0AtC0Czy0CtDtAtDyCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyB0D0E0EtCtCtAtGyDtDyCtBtGyE0A0B0FtG0ByC0DyBtG0AyC0D0BtDtB0FtAtD0B0EtB2Q&cr=1981183841&ir= SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {CC6BCA79-81B6-4643-AF49-DD9F635BB7E2} URL = http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_secureddownload_15_08&cd=2XzuyEtN2Y1L1Qzu0A0C0DtC0BzztCtAzy0ByC0E0FtDtB0DtN0D0Tzu0StCtCyEtBtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyByDtA0DzztD0DzytG0ByC0E0FtG0ByC0BzztGtA0EyCzztGtB0B0AtC0Czy0CtDtAtDyCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyB0D0E0EtCtCtAtGyDtDyCtBtGyE0A0B0FtG0ByC0DyBtG0AyC0D0BtDtB0FtAtD0B0EtB2Q&cr=1981183841&ir= SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2491684161-953214207-2461470077-1001 -> DefaultScope {CC6BCA79-81B6-4643-AF49-DD9F635BB7E2} URL = http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_secureddownload_15_08&cd=2XzuyEtN2Y1L1Qzu0A0C0DtC0BzztCtAzy0ByC0E0FtDtB0DtN0D0Tzu0StCtCyEtBtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyByDtA0DzztD0DzytG0ByC0E0FtG0ByC0BzztGtA0EyCzztGtB0B0AtC0Czy0CtDtAtDyCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyB0D0E0EtCtCtAtGyDtDyCtBtGyE0A0B0FtG0ByC0DyBtG0AyC0D0BtDtB0FtAtD0B0EtB2Q&cr=1981183841&ir= SearchScopes: HKU\S-1-5-21-2491684161-953214207-2461470077-1001 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = http://www.bing.com/search?pc=conduit&ptag=A41171EDFAF7747F7B2F&form=CONADR&conlogo=CT3210127&q={searchTerms} SearchScopes: HKU\S-1-5-21-2491684161-953214207-2461470077-1001 -> {647BC463-FFD6-4246-A94F-A08F54DFBC8A} URL = https://search.yahoo.com/search?fr=mcafee&type=A011US0&p={SearchTerms} SearchScopes: HKU\S-1-5-21-2491684161-953214207-2461470077-1001 -> {CC6BCA79-81B6-4643-AF49-DD9F635BB7E2} URL = http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_secureddownload_15_08&cd=2XzuyEtN2Y1L1Qzu0A0C0DtC0BzztCtAzy0ByC0E0FtDtB0DtN0D0Tzu0StCtCyEtBtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyByDtA0DzztD0DzytG0ByC0E0FtG0ByC0BzztGtA0EyCzztGtB0B0AtC0Czy0CtDtAtDyCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyB0D0E0EtCtCtAtGyDtDyCtBtGyE0A0B0FtG0ByC0DyBtG0AyC0D0BtDtB0FtAtD0B0EtB2Q&cr=1981183841&ir= BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-02-13] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-02-13] Chrome: ======= CHR Profile: C:\Users\Vicki\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Vicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-16] CHR Extension: (Google Docs) - C:\Users\Vicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-16] CHR Extension: (Google Drive) - C:\Users\Vicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-16] CHR Extension: (YouTube) - C:\Users\Vicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-16] CHR Extension: (Google Cast) - C:\Users\Vicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-02-16] CHR Extension: (Google Search) - C:\Users\Vicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-16] CHR Extension: (Google Sheets) - C:\Users\Vicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-16] CHR Extension: (SiteAdvisor) - C:\Users\Vicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-02-16] CHR Extension: (Bookmark Manager) - C:\Users\Vicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-02-16] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Vicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-02-16] CHR Extension: (Google Wallet) - C:\Users\Vicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-16] CHR Extension: (Gmail) - C:\Users\Vicki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-16] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-16] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-16] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [94208 2014-05-06] () [File not signed] R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-09] () R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-13] (Microsoft Corporation) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-08-04] (Intel Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] () R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed] S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation) R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-11-21] (LENOVO INCORPORATED.) R2 LenovoRecommends.AppService; C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe [19440 2014-01-09] () R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-02-04] (Lenovo(beijing) Limited) R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2015-02-04] (Lenovo) R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-02-12] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-10-08] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.) R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [163624 2014-01-07] (PointGrab LTD) R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2015-02-04] (Lenovo) S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2015-02-04] (Lenovo) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-08-07] (Synaptics Incorporated) R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2015-02-04] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation) R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2015-02-04] (Lenovo) S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.) S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [111336 2014-04-17] (GenesysLogic) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-28] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation) R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [74560 2013-09-09] (McAfee, Inc.) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.) R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [573144 2014-04-18] (Realtek Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3558104 2014-08-14] (Realtek Semiconductor Corporation ) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-08-07] (Synaptics Incorporated) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-28 19:00 - 2015-02-28 19:06 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-02-25 09:47 - 2014-12-13 16:28 - 00513488 _____ () C:\windows\SysWOW64\locale.nls 2015-02-25 09:47 - 2014-12-13 16:28 - 00513488 _____ () C:\windows\system32\locale.nls 2015-02-25 09:47 - 2014-10-28 20:27 - 01200128 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll 2015-02-25 09:47 - 2014-10-28 20:27 - 00323072 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll 2015-02-25 09:47 - 2014-10-28 20:04 - 00868352 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll 2015-02-25 09:47 - 2014-10-28 20:04 - 00200704 _____ (Microsoft Corporation) C:\windows\SysWOW64\GlobCollationHost.dll 2015-02-25 06:57 - 2015-02-25 06:57 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2015-02-24 17:52 - 2015-02-28 19:06 - 00000000 ____D () C:\Users\Vicki\Desktop\mbar 2015-02-22 19:19 - 2015-02-22 19:20 - 01110848 _____ () C:\windows\Minidump\022215-13593-01.dmp 2015-02-22 17:13 - 2015-02-22 17:16 - 00000000 ___HD () C:\ProgramData\CanonIJMIG 2015-02-22 17:05 - 2015-02-22 17:05 - 00000000 ___HD () C:\ProgramData\CanonIJScan 2015-02-22 16:58 - 2015-02-28 19:00 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2015-02-22 16:58 - 2015-02-22 17:12 - 00000000 ____D () C:\Users\Vicki\AppData\Roaming\Canon 2015-02-22 16:58 - 2015-02-22 16:58 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu 2015-02-22 16:58 - 2015-02-22 16:58 - 00000000 ___HD () C:\ProgramData\CanonIJEGV 2015-02-22 16:58 - 2012-07-05 08:58 - 00320000 _____ (CANON INC.) C:\windows\SysWOW64\CNQ9604L.dll 2015-02-22 16:58 - 2012-07-04 15:18 - 00081664 _____ () C:\windows\SysWOW64\CNQ190DD.TBL 2015-02-22 16:58 - 2012-04-06 16:40 - 00103424 _____ (CANON INC.) C:\windows\SysWOW64\CNQ9604U.dll 2015-02-22 16:58 - 2012-04-06 13:27 - 00786504 _____ () C:\windows\SysWOW64\CNQ_412N.DAT 2015-02-22 16:58 - 2012-04-04 10:07 - 00296064 _____ () C:\windows\SysWOW64\CNQ_412W.DAT 2015-02-22 16:58 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\windows\SysWOW64\CNHMCA.dll 2015-02-22 16:57 - 2015-02-22 16:57 - 00002048 _____ () C:\Users\Public\Desktop\Canon Quick Menu.lnk 2015-02-22 16:57 - 2015-02-22 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan 9000F Mark II User Registration 2015-02-22 16:57 - 2015-02-22 16:57 - 00000000 ____D () C:\ProgramData\CanonIJWSpt 2015-02-22 16:57 - 2015-02-22 16:57 - 00000000 ____D () C:\Program Files\Common Files\CANON 2015-02-22 16:55 - 2015-02-22 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2015-02-22 16:53 - 2015-02-22 16:53 - 00002405 _____ () C:\Users\Public\Desktop\Canon CanoScan 9000F II On-screen Manual.lnk 2015-02-22 16:53 - 2015-02-22 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan 9000F Mark II Manual 2015-02-22 16:49 - 2015-02-22 16:49 - 00000000 ___HD () C:\windows\system32\CanonIJ Uninstaller Information 2015-02-22 16:49 - 2015-02-22 16:49 - 00000000 ___HD () C:\Program Files\CanonBJ 2015-02-22 16:49 - 2015-02-22 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan 9000F Mark II 2015-02-22 16:49 - 2012-07-05 09:00 - 00363520 _____ (CANON INC.) C:\windows\system32\CNQ9604L.dll 2015-02-22 16:49 - 2012-05-09 10:27 - 00062464 _____ (Canon Inc.) C:\windows\system32\CNQ9604O.dll 2015-02-22 16:49 - 2012-04-06 16:40 - 00287744 _____ (CANON INC.) C:\windows\system32\CNQ9604C.dll 2015-02-22 16:49 - 2012-04-06 16:39 - 00106496 _____ (CANON INC.) C:\windows\system32\CNQ9604I.dll 2015-02-22 16:49 - 2012-04-06 13:27 - 00786504 _____ () C:\windows\system32\CNQ_412N.DAT 2015-02-22 16:49 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\windows\system32\CNHMCA6.dll 2015-02-22 16:48 - 2015-02-22 16:58 - 00000000 ____D () C:\Program Files (x86)\Canon 2015-02-21 19:39 - 2015-02-21 19:39 - 00840328 _____ () C:\windows\Minidump\022115-19156-01.dmp 2015-02-21 16:38 - 2015-02-22 19:19 - 835351005 _____ () C:\windows\MEMORY.DMP 2015-02-21 16:38 - 2015-02-22 19:19 - 00000000 ____D () C:\windows\Minidump 2015-02-21 16:38 - 2015-02-21 16:38 - 01082184 _____ () C:\windows\Minidump\022115-26625-01.dmp 2015-02-21 10:08 - 2015-02-21 10:09 - 00000000 ____D () C:\Users\Vicki\Documents\malware 2015-02-21 10:06 - 2015-02-21 10:07 - 00043382 _____ () C:\Users\Vicki\Downloads\Addition.txt 2015-02-21 10:04 - 2015-02-28 19:24 - 00000000 ____D () C:\FRST 2015-02-21 10:04 - 2015-02-21 10:07 - 00133319 _____ () C:\Users\Vicki\Downloads\FRST.txt 2015-02-21 10:04 - 2015-02-21 10:04 - 02086912 _____ (Farbar) C:\Users\Vicki\Downloads\FRST64.exe 2015-02-20 21:33 - 2015-02-20 21:33 - 00000000 __RHD () C:\MSOCache 2015-02-19 11:01 - 2015-02-19 11:01 - 00000000 ____D () C:\Users\Vicki\AppData\Local\Intel_Corporation 2015-02-17 20:49 - 2015-02-17 20:49 - 00000000 ____D () C:\Users\Vicki\AppData\Local\CyberLink 2015-02-17 20:44 - 2015-02-17 20:44 - 00880208 _____ (Google Inc.) C:\Users\Vicki\Downloads\ChromeSetup.exe 2015-02-17 11:23 - 2015-01-22 23:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2015-02-17 11:23 - 2015-01-22 22:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2015-02-16 18:49 - 2015-02-16 18:49 - 00880208 _____ (Google Inc.) C:\Users\Vicki\Downloads\chromecastinstaller (1).exe 2015-02-16 18:44 - 2015-02-16 18:44 - 00880208 _____ (Google Inc.) C:\Users\Vicki\Downloads\chromecastinstaller.exe 2015-02-16 18:41 - 2015-02-25 17:46 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-02-16 18:41 - 2015-02-16 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-02-16 18:40 - 2015-02-27 07:45 - 00000914 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-16 18:40 - 2015-02-27 07:17 - 00000910 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-16 18:40 - 2015-02-16 18:40 - 00003886 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-02-16 18:40 - 2015-02-16 18:40 - 00003650 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-02-16 18:40 - 2015-02-16 18:40 - 00000000 ____D () C:\Program Files (x86)\Google 2015-02-16 18:39 - 2015-02-16 19:49 - 00000000 ____D () C:\Users\Vicki\AppData\Local\Google 2015-02-16 18:39 - 2015-02-16 18:39 - 00000000 ____D () C:\Users\Vicki\AppData\Local\Deployment 2015-02-16 18:39 - 2015-02-16 18:39 - 00000000 ____D () C:\Users\Vicki\AppData\Local\Apps\2.0 2015-02-16 18:30 - 2015-02-16 18:30 - 00000000 ____D () C:\Users\Vicki\AppData\Roaming\Lenovo 2015-02-16 18:28 - 2015-02-16 18:28 - 00000000 ____D () C:\ProgramData\2bebdc3900002db7 2015-02-16 18:26 - 2015-02-16 18:26 - 00000000 ____D () C:\Users\Vicki\AppData\Roaming\My Bluetooth 2015-02-16 18:05 - 2015-02-16 18:05 - 00000044 _____ () C:\Users\Vicki\AppData\Roaming\WB.CFG 2015-02-16 18:03 - 2015-02-16 18:05 - 00000000 ____D () C:\ProgramData\{c7c5bb79-4cd7-2948-c7c5-5bb794cdede5} 2015-02-16 18:03 - 2015-02-16 18:03 - 00000000 ____D () C:\Users\Vicki\AppData\Local\3537875 2015-02-16 18:03 - 2015-02-16 18:03 - 00000000 ____D () C:\ProgramData\{A7234FE0-F7A1-9E66-4627-EEE496A53D6A} 2015-02-16 18:02 - 2015-02-16 18:02 - 00784864 _____ (Google Inc.) C:\Users\Vicki\Downloads\chromecast-setup.exe 2015-02-16 17:40 - 2015-02-16 17:40 - 00000000 __SHD () C:\Users\Vicki\AppData\Local\EmieBrowserModeList 2015-02-16 17:05 - 2015-02-03 14:31 - 00714720 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2015-02-16 17:05 - 2015-02-03 14:31 - 00106976 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-02-15 23:35 - 2015-02-15 23:38 - 00000000 ____D () C:\windows\system32\MRT 2015-02-15 23:35 - 2015-01-29 17:49 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2015-02-15 19:34 - 2015-02-15 19:34 - 00002863 _____ () C:\Users\Vicki\Desktop\Documents - Shortcut.lnk 2015-02-15 16:05 - 2015-01-11 22:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2015-02-15 16:05 - 2015-01-11 21:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2015-02-15 16:05 - 2015-01-11 21:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2015-02-15 16:05 - 2015-01-11 21:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2015-02-15 16:05 - 2015-01-11 21:34 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2015-02-15 16:05 - 2015-01-11 21:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2015-02-15 16:05 - 2015-01-11 21:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2015-02-15 16:05 - 2015-01-11 21:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2015-02-15 16:05 - 2015-01-11 21:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2015-02-15 16:05 - 2015-01-11 21:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll 2015-02-15 16:05 - 2015-01-11 21:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2015-02-15 16:05 - 2015-01-11 20:58 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll 2015-02-15 16:05 - 2015-01-11 20:55 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2015-02-15 16:05 - 2015-01-11 20:51 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll 2015-02-15 16:05 - 2015-01-11 20:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2015-02-15 16:05 - 2015-01-11 20:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2015-02-15 16:05 - 2015-01-11 20:48 - 00374272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2015-02-15 16:05 - 2015-01-11 20:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2015-02-15 16:05 - 2015-01-11 20:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2015-02-15 16:05 - 2015-01-11 20:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2015-02-15 16:05 - 2015-01-11 20:34 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll 2015-02-15 16:05 - 2015-01-11 20:30 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll 2015-02-15 16:05 - 2015-01-11 20:27 - 02865152 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll 2015-02-15 16:05 - 2015-01-11 20:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2015-02-15 16:05 - 2015-01-11 20:25 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll 2015-02-15 16:05 - 2015-01-11 20:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2015-02-15 16:05 - 2015-01-11 20:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2015-02-15 16:05 - 2015-01-11 20:23 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2015-02-15 16:05 - 2015-01-11 20:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2015-02-15 16:05 - 2015-01-11 20:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2015-02-15 16:05 - 2015-01-11 20:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2015-02-15 16:05 - 2015-01-11 20:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2015-02-15 16:05 - 2015-01-11 19:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2015-02-15 16:05 - 2015-01-11 19:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2015-02-15 16:05 - 2014-11-21 21:49 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec 2015-02-15 16:05 - 2014-11-21 21:06 - 00340992 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec 2015-02-15 16:05 - 2014-11-21 21:06 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll 2015-02-15 16:05 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2015-02-15 16:05 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2015-02-15 16:05 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2015-02-15 16:05 - 2014-10-31 00:12 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe 2015-02-15 16:05 - 2014-10-31 00:12 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe 2015-02-15 16:05 - 2014-10-31 00:10 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe 2015-02-15 16:05 - 2014-10-31 00:09 - 00064512 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll 2015-02-15 16:05 - 2014-10-31 00:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe 2015-02-15 16:05 - 2014-10-31 00:06 - 00237568 _____ (Microsoft Corporation) C:\windows\system32\url.dll 2015-02-15 16:05 - 2014-10-31 00:06 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2015-02-15 16:05 - 2014-10-31 00:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2015-02-15 16:05 - 2014-10-30 23:57 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2015-02-15 16:05 - 2014-10-30 23:56 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2015-02-15 16:05 - 2014-10-30 23:54 - 00132096 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll 2015-02-15 16:05 - 2014-10-30 23:53 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2015-02-15 16:05 - 2014-10-30 23:52 - 00108544 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll 2015-02-15 16:05 - 2014-10-30 23:51 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2015-02-15 16:05 - 2014-10-30 23:51 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2015-02-15 16:05 - 2014-10-30 23:50 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2015-02-15 16:05 - 2014-10-30 23:40 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll 2015-02-15 16:05 - 2014-10-30 23:30 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2015-02-15 16:05 - 2014-10-30 23:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll 2015-02-15 16:05 - 2014-10-30 23:29 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx 2015-02-15 16:05 - 2014-10-30 23:28 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll 2015-02-15 16:05 - 2014-10-30 23:25 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2015-02-15 16:05 - 2014-10-30 23:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll 2015-02-15 16:05 - 2014-10-30 23:19 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll 2015-02-15 16:05 - 2014-10-30 22:42 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll 2015-02-15 16:05 - 2014-10-30 22:28 - 00137728 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe 2015-02-15 16:05 - 2014-10-30 22:28 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe 2015-02-15 16:05 - 2014-10-30 22:27 - 00152064 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe 2015-02-15 16:05 - 2014-10-30 22:26 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll 2015-02-15 16:05 - 2014-10-30 22:25 - 00011264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe 2015-02-15 16:05 - 2014-10-30 22:24 - 00235520 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll 2015-02-15 16:05 - 2014-10-30 22:24 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2015-02-15 16:05 - 2014-10-30 22:23 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2015-02-15 16:05 - 2014-10-30 22:16 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2015-02-15 16:05 - 2014-10-30 22:15 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2015-02-15 16:05 - 2014-10-30 22:14 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll 2015-02-15 16:05 - 2014-10-30 22:13 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2015-02-15 16:05 - 2014-10-30 22:13 - 00099328 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll 2015-02-15 16:05 - 2014-10-30 22:12 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2015-02-15 16:05 - 2014-10-30 22:11 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2015-02-15 16:05 - 2014-10-30 22:03 - 00027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll 2015-02-15 16:05 - 2014-10-30 21:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-02-15 16:05 - 2014-10-30 21:56 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll 2015-02-15 16:05 - 2014-10-30 21:56 - 00090624 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll 2015-02-15 16:05 - 2014-10-30 21:56 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx 2015-02-15 16:05 - 2014-10-30 21:53 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2015-02-15 16:05 - 2014-10-30 21:53 - 00052736 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll 2015-02-15 16:05 - 2014-10-30 21:48 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll 2015-02-15 16:05 - 2014-10-30 21:26 - 01042944 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll 2015-02-15 16:05 - 2014-10-30 21:24 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll 2015-02-15 15:15 - 2014-09-07 22:07 - 02497344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2015-02-15 15:15 - 2014-08-30 19:15 - 21197152 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2015-02-15 15:15 - 2014-08-30 17:59 - 18723112 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll 2015-02-15 15:15 - 2014-08-23 00:14 - 13424128 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll 2015-02-15 15:15 - 2014-08-23 00:04 - 11820544 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll 2015-02-15 15:14 - 2014-09-10 01:25 - 00474432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys 2015-02-15 15:14 - 2014-09-07 22:07 - 00428864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS 2015-02-15 15:14 - 2014-09-04 17:30 - 00822272 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll 2015-02-15 15:14 - 2014-09-04 17:21 - 01053184 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll 2015-02-15 15:14 - 2014-09-03 22:05 - 00836176 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll 2015-02-15 15:14 - 2014-09-03 21:22 - 00670384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll 2015-02-15 15:14 - 2014-09-03 20:01 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll 2015-02-15 15:14 - 2014-09-03 19:32 - 00334336 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll 2015-02-15 15:14 - 2014-09-03 19:10 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\winbici.dll 2015-02-15 15:14 - 2014-08-30 19:17 - 00148800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS 2015-02-15 15:14 - 2014-08-30 17:05 - 00615424 _____ (Microsoft Corporation) C:\windows\system32\FXSCOMEX.dll 2015-02-15 15:14 - 2014-08-30 16:58 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\FXSAPI.dll 2015-02-15 15:14 - 2014-08-30 16:04 - 00941568 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll 2015-02-15 15:14 - 2014-08-30 15:53 - 00239104 _____ (Microsoft Corporation) C:\windows\SysWOW64\FXSAPI.dll 2015-02-15 15:14 - 2014-08-30 15:17 - 00799744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll 2015-02-15 15:14 - 2014-08-27 19:21 - 02480128 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll 2015-02-15 15:14 - 2014-08-27 19:06 - 02030592 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll 2015-02-15 15:14 - 2014-08-22 23:50 - 02714112 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers.dll 2015-02-15 15:14 - 2014-08-01 19:51 - 00545792 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll 2015-02-15 15:14 - 2014-08-01 19:35 - 00485376 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll 2015-02-15 14:34 - 2014-09-27 02:13 - 00104336 _____ (Microsoft Corporation) C:\windows\system32\ncryptsslp.dll 2015-02-15 14:34 - 2014-09-27 00:24 - 00088800 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncryptsslp.dll 2015-02-15 14:34 - 2014-09-26 22:30 - 00185856 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll 2015-02-15 14:33 - 2014-10-09 20:58 - 00027456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys 2015-02-15 14:33 - 2014-10-08 02:34 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll 2015-02-15 14:33 - 2014-10-08 02:24 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\rfxvmt.dll 2015-02-15 14:33 - 2014-10-08 00:23 - 03547648 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll 2015-02-15 14:31 - 2015-01-15 17:43 - 00563504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys 2015-02-15 14:31 - 2015-01-15 17:43 - 00177984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2015-02-15 14:31 - 2015-01-13 23:22 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll 2015-02-15 14:31 - 2015-01-13 22:53 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll 2015-02-15 14:31 - 2014-10-28 21:51 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2015-02-15 14:31 - 2014-10-28 21:50 - 00736768 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2015-02-15 14:31 - 2014-10-28 21:06 - 00736768 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll 2015-02-15 14:31 - 2014-10-28 21:06 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll 2015-02-15 14:31 - 2014-10-28 20:31 - 01441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2015-02-15 14:28 - 2015-01-10 04:10 - 07472960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-02-15 14:28 - 2015-01-10 04:10 - 01733440 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2015-02-15 14:28 - 2015-01-10 03:28 - 01498360 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll 2015-02-15 14:28 - 2014-10-28 21:02 - 00285184 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll 2015-02-15 14:28 - 2014-10-28 21:02 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll 2015-02-15 14:28 - 2014-10-28 20:57 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll 2015-02-15 14:28 - 2014-10-28 20:15 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll 2015-02-15 14:28 - 2014-10-28 20:15 - 00005632 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll 2015-02-15 14:28 - 2014-10-28 20:14 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe 2015-02-15 14:28 - 2014-10-28 20:13 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe 2015-02-15 14:28 - 2014-10-28 20:13 - 00008704 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe 2015-02-15 14:26 - 2014-08-23 02:48 - 02374784 _____ (Microsoft Corporation) C:\windows\explorer.exe 2015-02-15 14:26 - 2014-08-23 02:13 - 02084520 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe 2015-02-15 14:26 - 2014-08-23 01:10 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll 2015-02-15 14:26 - 2014-08-23 00:32 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll 2015-02-15 14:26 - 2014-08-22 23:33 - 00796672 _____ (Microsoft Corporation) C:\windows\system32\uDWM.dll 2015-02-15 14:26 - 2014-08-15 23:08 - 01507648 _____ (Microsoft Corporation) C:\windows\system32\propsys.dll 2015-02-15 14:26 - 2014-08-15 22:58 - 01112512 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll 2015-02-15 14:26 - 2014-08-15 22:16 - 01205976 _____ (Microsoft Corporation) C:\windows\SysWOW64\propsys.dll 2015-02-15 14:26 - 2014-08-15 20:31 - 00838144 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll 2015-02-15 14:26 - 2014-08-15 20:04 - 00359424 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll 2015-02-15 14:26 - 2014-08-15 19:58 - 00287744 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll 2015-02-15 14:26 - 2014-08-15 19:53 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\httpprxm.dll 2015-02-15 14:26 - 2014-08-15 19:46 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\ProximityService.dll 2015-02-15 14:26 - 2014-08-15 19:45 - 00267776 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll 2015-02-15 14:26 - 2014-08-15 19:43 - 00321024 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll 2015-02-15 14:26 - 2014-08-15 19:43 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\adhsvc.dll 2015-02-15 14:26 - 2014-08-15 19:31 - 00914432 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll 2015-02-15 14:26 - 2014-08-15 19:31 - 00286208 _____ (Microsoft Corporation) C:\windows\system32\pcsvDevice.dll 2015-02-15 14:26 - 2014-08-15 19:29 - 00249344 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-02-15 14:26 - 2014-08-15 19:23 - 01106432 _____ (Microsoft Corporation) C:\windows\system32\SearchFolder.dll 2015-02-15 14:26 - 2014-08-15 19:22 - 00717824 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveTelemetry.dll 2015-02-15 14:26 - 2014-08-15 19:22 - 00286208 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveShell.dll 2015-02-15 14:26 - 2014-08-15 19:19 - 00189952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-02-15 14:26 - 2014-08-15 19:18 - 04758528 _____ (Microsoft Corporation) C:\windows\system32\SyncEngine.dll 2015-02-15 14:26 - 2014-08-15 19:17 - 08757760 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Search.dll 2015-02-15 14:26 - 2014-08-15 19:14 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\SkyDriveShell.dll 2015-02-15 14:26 - 2014-08-15 19:13 - 06649344 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll 2015-02-15 14:26 - 2014-08-15 19:13 - 05902848 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Search.dll 2015-02-15 14:26 - 2014-08-15 19:13 - 00840192 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFolder.dll 2015-02-15 14:26 - 2014-08-15 19:11 - 00920064 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll 2015-02-15 14:26 - 2014-08-15 19:10 - 01120768 _____ (Microsoft Corporation) C:\windows\system32\SkyDrive.exe 2015-02-15 14:26 - 2014-08-15 19:08 - 05777408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll 2015-02-15 14:26 - 2014-08-15 19:07 - 00756224 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll 2015-02-15 14:26 - 2014-06-09 17:13 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe 2015-02-15 14:26 - 2014-06-09 17:13 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe 2015-02-15 14:25 - 2014-11-09 21:29 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupStatusProvider.dll 2015-02-15 14:25 - 2014-11-09 20:51 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\DeviceSetupStatusProvider.dll 2015-02-15 14:25 - 2014-10-30 18:39 - 01970432 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll 2015-02-15 14:25 - 2014-10-30 18:38 - 01612992 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll 2015-02-15 14:25 - 2014-10-12 21:43 - 00238912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys 2015-02-15 14:25 - 2014-10-12 21:43 - 00153920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys 2015-02-15 14:25 - 2014-10-12 21:43 - 00086336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys 2015-02-15 14:25 - 2014-10-12 21:43 - 00039744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelpep.sys 2015-02-15 14:24 - 2014-09-21 23:38 - 01519488 _____ (Microsoft Corporation) C:\windows\system32\user32.dll 2015-02-15 14:24 - 2014-09-21 22:06 - 00258368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys 2015-02-15 14:24 - 2014-09-21 22:06 - 00114496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdNisDrv.sys 2015-02-15 14:24 - 2014-09-21 21:49 - 00035320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys 2015-02-15 14:24 - 2014-09-18 19:16 - 01346048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll 2015-02-15 14:24 - 2014-09-02 17:08 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\winshfhc.dll 2015-02-15 14:24 - 2014-09-02 17:08 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\winshfhc.dll 2015-02-15 14:23 - 2014-12-19 03:57 - 00788680 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll 2015-02-15 14:23 - 2014-12-19 03:25 - 00602776 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll 2015-02-15 14:23 - 2014-10-12 21:33 - 00116032 _____ (Microsoft Corporation) C:\windows\system32\consent.exe 2015-02-15 14:23 - 2014-10-10 19:58 - 03320320 _____ (Microsoft Corporation) C:\windows\system32\msi.dll 2015-02-15 14:23 - 2014-10-10 19:53 - 03607040 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll 2015-02-15 14:23 - 2014-10-08 02:30 - 00110080 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll 2015-02-15 14:23 - 2014-10-08 02:09 - 00428032 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll 2015-02-15 14:23 - 2014-10-08 01:27 - 00325120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll 2015-02-15 14:23 - 2014-10-08 00:32 - 02773504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll 2015-02-15 14:23 - 2014-10-08 00:19 - 02459136 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll 2015-02-15 14:22 - 2014-12-08 20:50 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll 2015-02-15 14:21 - 2014-12-08 22:45 - 00393728 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll 2015-02-15 14:21 - 2014-12-08 20:56 - 00538624 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll 2015-02-15 14:21 - 2014-12-08 18:12 - 00391526 _____ () C:\windows\system32\ApnDatabase.xml 2015-02-15 14:20 - 2015-01-13 17:11 - 01762840 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll 2015-02-15 14:20 - 2015-01-13 17:04 - 01489072 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll 2015-02-15 14:20 - 2014-07-15 13:16 - 03048880 _____ (Microsoft Corporation) C:\windows\system32\WpcMon.exe 2015-02-15 14:20 - 2014-07-15 03:29 - 03118080 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll 2015-02-15 14:20 - 2014-07-15 03:22 - 02861056 _____ (Microsoft Corporation) C:\windows\system32\WpcWebSync.dll 2015-02-15 14:20 - 2014-07-15 03:03 - 02344448 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll 2015-02-15 14:19 - 2014-12-11 21:04 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe 2015-02-15 14:19 - 2014-12-11 19:51 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ahcache.sys 2015-02-15 14:19 - 2014-08-01 19:18 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll 2015-02-15 14:18 - 2015-01-10 02:00 - 00430080 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2015-02-15 14:18 - 2015-01-10 01:38 - 00359424 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2015-02-15 14:18 - 2014-12-19 01:26 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys 2015-02-15 14:18 - 2014-09-03 19:12 - 00590336 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll 2015-02-15 14:18 - 2014-09-03 19:01 - 00514048 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll 2015-02-15 14:15 - 2015-01-19 13:42 - 01487976 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll 2015-02-15 14:15 - 2014-08-23 00:18 - 02149376 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll 2015-02-15 14:15 - 2014-08-23 00:03 - 01346048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll 2015-02-15 14:10 - 2014-10-23 00:48 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\packager.dll 2015-02-15 14:10 - 2014-10-23 00:05 - 00072192 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll 2015-02-15 14:10 - 2014-05-19 01:31 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\drvcfg.exe 2015-02-15 14:10 - 2014-05-19 01:21 - 00110592 _____ (Microsoft Corporation) C:\windows\system32\drvinst.exe 2015-02-15 14:10 - 2014-05-19 00:23 - 00098816 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvinst.exe 2015-02-15 14:09 - 2014-10-31 18:57 - 01091072 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll 2015-02-15 14:09 - 2014-10-31 18:47 - 00790528 _____ (Microsoft Corporation) C:\windows\SysWOW64\MrmCoreR.dll 2015-02-15 14:00 - 2014-12-05 22:17 - 00360448 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll 2015-02-15 14:00 - 2014-12-05 20:41 - 00391680 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll 2015-02-15 14:00 - 2014-10-30 17:37 - 00129536 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe 2015-02-15 14:00 - 2014-10-30 17:34 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe 2015-02-15 14:00 - 2014-10-28 20:24 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll 2015-02-15 14:00 - 2014-10-28 20:01 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll 2015-02-15 13:56 - 2014-07-11 23:17 - 00623616 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe 2015-02-15 13:55 - 2015-01-10 03:22 - 04175872 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2015-02-15 13:53 - 2014-12-08 14:42 - 00535640 _____ (Microsoft Corporation) C:\windows\system32\wer.dll 2015-02-15 13:53 - 2014-12-08 14:42 - 00531616 _____ (Microsoft Corporation) C:\windows\system32\ci.dll 2015-02-15 13:53 - 2014-12-08 14:42 - 00448792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll 2015-02-15 13:53 - 2014-12-08 14:42 - 00413248 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll 2015-02-15 13:53 - 2014-12-08 14:42 - 00372408 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll 2015-02-15 13:53 - 2014-12-08 14:42 - 00108944 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll 2015-02-15 13:53 - 2014-12-08 14:42 - 00038264 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe 2015-02-15 13:53 - 2014-12-08 14:42 - 00033584 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe 2015-02-15 13:53 - 2014-12-05 20:35 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll 2015-02-15 13:53 - 2014-10-28 23:00 - 00465320 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe 2015-02-15 13:53 - 2014-10-28 23:00 - 00139984 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe 2015-02-15 13:53 - 2014-10-28 22:52 - 00500016 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll 2015-02-15 13:53 - 2014-10-28 22:52 - 00482872 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll 2015-02-15 13:53 - 2014-10-28 22:52 - 00394120 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll 2015-02-15 13:53 - 2014-10-28 22:52 - 00272248 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe 2015-02-15 13:53 - 2014-10-28 22:12 - 00413136 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe 2015-02-15 13:53 - 2014-10-28 22:12 - 00136296 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe 2015-02-15 13:53 - 2014-10-28 22:07 - 00424544 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll 2015-02-15 13:53 - 2014-10-28 22:07 - 00370424 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll 2015-02-15 13:53 - 2014-10-28 22:07 - 00344536 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll 2015-02-15 13:53 - 2014-10-28 21:44 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll 2015-02-15 13:53 - 2014-10-28 20:59 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\werdiagcontroller.dll 2015-02-15 13:53 - 2014-10-28 20:02 - 00911360 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll 2015-02-15 13:51 - 2014-11-09 18:19 - 00991232 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2015-02-15 13:51 - 2014-11-09 18:19 - 00806400 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2015-02-15 13:51 - 2014-11-09 18:18 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll 2015-02-15 13:51 - 2014-11-09 18:18 - 00208896 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll 2015-02-15 13:46 - 2014-07-23 22:20 - 00875688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll 2015-02-15 13:46 - 2014-07-23 22:20 - 00869544 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll 2015-02-13 21:52 - 2014-02-12 06:16 - 00010577 _____ () C:\Users\Vicki\Documents\2013-14 PTA board contacts.xlsx 2015-02-13 21:52 - 2013-04-19 08:04 - 00002537 _____ () C:\Users\Vicki\Documents\SYMPHONY LIST.csv 2015-02-13 21:52 - 2013-04-14 12:13 - 00002751 _____ () C:\Users\Vicki\Documents\msn chat.txt 2015-02-13 21:52 - 2013-04-11 11:58 - 00149230 _____ () C:\Users\Vicki\Documents\cc_20130411_125757.reg 2015-02-13 21:52 - 2013-04-06 23:39 - 00008354 _____ () C:\Users\Vicki\Documents\alex grades.xlsx 2015-02-13 21:52 - 2013-03-03 22:39 - 00032004 _____ () C:\Users\Vicki\Documents\Production 1.dmsm 2015-02-13 21:52 - 2013-03-03 22:39 - 00026624 _____ () C:\Users\Vicki\Documents\Production 1.dat 2015-02-13 21:52 - 2013-01-19 00:34 - 00009227 _____ () C:\Users\Vicki\Documents\2012 party count.xlsx 2015-02-13 21:52 - 2012-10-13 23:26 - 00024064 _____ () C:\Users\Vicki\Documents\trig62012-sk (Autosaved).xls 2015-02-13 21:52 - 2012-06-17 21:20 - 00000000 _____ () C:\Users\Vicki\Documents\~PI1750.tmp 2015-02-13 21:50 - 2015-02-13 21:52 - 00000000 ____D () C:\Users\Vicki\Documents\WPHS PTA TIGERTALES 2015-02-13 21:50 - 2015-02-13 21:50 - 00000000 ____D () C:\Users\Vicki\Documents\wizard world 2015-02-13 21:50 - 2015-02-13 21:50 - 00000000 ____D () C:\Users\Vicki\Documents\Visual Studio 2010 2015-02-13 21:49 - 2015-02-27 07:14 - 00000000 ____D () C:\Users\Vicki\Documents\RESUME 2015-02-13 21:49 - 2015-02-13 21:50 - 00000000 ____D () C:\Users\Vicki\Documents\VILLANOVA Business Analyst 2015-02-13 21:49 - 2015-02-13 21:49 - 00000000 ____D () C:\Users\Vicki\Documents\TORI 2015-02-13 21:49 - 2015-02-13 21:49 - 00000000 ____D () C:\Users\Vicki\Documents\TomTom 2015-02-13 21:49 - 2015-02-13 21:49 - 00000000 ____D () C:\Users\Vicki\Documents\Roxio 2015-02-13 21:49 - 2015-02-13 21:49 - 00000000 ____D () C:\Users\Vicki\Documents\PTA WEB 2015-02-13 21:49 - 2015-02-13 21:49 - 00000000 ____D () C:\Users\Vicki\Documents\PTA COUNCIL 2015-02-13 21:49 - 2015-02-13 21:49 - 00000000 ____D () C:\Users\Vicki\Documents\PTA 2015-02-13 21:49 - 2015-02-13 21:49 - 00000000 ____D () C:\Users\Vicki\Documents\My Weblog Posts 2015-02-13 21:48 - 2015-02-13 21:49 - 00000000 ____D () C:\Users\Vicki\Documents\My Scans 2015-02-13 21:48 - 2015-02-13 21:48 - 00000000 ___SD () C:\Users\Vicki\Documents\My Data Sources 2015-02-13 21:48 - 2015-02-13 21:48 - 00000000 ____D () C:\Users\Vicki\Documents\HOME 2015-02-13 21:48 - 2015-02-13 21:48 - 00000000 ____D () C:\Users\Vicki\Documents\Georgia Tech 2015-02-13 21:48 - 2015-02-13 21:48 - 00000000 ____D () C:\Users\Vicki\Documents\FSU Housing 2015-02-13 21:48 - 2015-02-13 21:48 - 00000000 ____D () C:\Users\Vicki\Documents\flowery-banner 2015-02-13 21:48 - 2015-02-13 21:48 - 00000000 ____D () C:\Users\Vicki\Documents\Fax 2015-02-13 21:48 - 2013-07-31 23:47 - 00000000 ____D () C:\Users\Vicki\Documents\MSN Photo Show 2015-02-13 21:46 - 2015-02-27 07:14 - 00000000 ____D () C:\Users\Vicki\Documents\BABOK 2015-02-13 21:46 - 2015-02-13 21:46 - 00000000 ____D () C:\Users\Vicki\Documents\CyberLink 2015-02-13 21:46 - 2015-02-13 21:46 - 00000000 ____D () C:\Users\Vicki\Documents\Corel Digital Studio 2010 2015-02-13 21:46 - 2015-02-13 21:46 - 00000000 ____D () C:\Users\Vicki\Documents\BlackBerry 2015-02-13 21:46 - 2015-01-10 18:24 - 00000000 ____D () C:\Users\Vicki\Documents\BLACKBERRY-3200 2015-02-13 21:46 - 2012-04-19 23:55 - 00000000 ____D () C:\Users\Vicki\Documents\Blio 2015-02-13 21:40 - 2015-02-13 21:46 - 00000000 ____D () C:\Users\Vicki\Documents\ALEX 2015-02-13 21:31 - 2015-02-27 07:37 - 00004972 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for VICKI-PC-Vicki Vicki-PC 2015-02-13 21:31 - 2015-02-13 21:31 - 00003096 _____ () C:\windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2491684161-953214207-2461470077-1001 2015-02-13 21:31 - 2015-02-13 21:31 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive 2015-02-13 21:27 - 2015-02-13 21:27 - 00000000 _____ () C:\Users\Vicki\agent.log 2015-02-13 21:25 - 2015-02-13 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-02-13 21:24 - 2015-02-21 16:42 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2015-02-13 21:20 - 2015-02-28 19:21 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-02-13 21:20 - 2015-02-28 19:00 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2015-02-13 21:20 - 2015-02-13 21:20 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-02-13 21:20 - 2015-02-13 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-02-13 21:20 - 2015-02-13 21:20 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-02-13 21:20 - 2015-02-13 21:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-02-13 21:20 - 2014-11-21 07:08 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2015-02-13 21:20 - 2014-11-21 07:07 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2015-02-13 21:12 - 2015-02-13 21:12 - 00000000 __SHD () C:\Users\Vicki\AppData\Local\EmieUserList 2015-02-13 21:12 - 2015-02-13 21:12 - 00000000 __SHD () C:\Users\Vicki\AppData\Local\EmieSiteList 2015-02-13 21:10 - 2015-02-28 19:00 - 00001871 _____ () C:\Users\Public\Desktop\McAfee All Access – Total Protection.lnk 2015-02-13 21:10 - 2015-02-28 19:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2015-02-13 21:10 - 2015-02-27 07:20 - 00000000 __RSD () C:\Users\Vicki\Documents\McAfee Vaults 2015-02-13 21:10 - 2015-02-13 21:11 - 00000000 ____D () C:\Program Files (x86)\SafeKey 2015-02-13 21:10 - 2015-02-13 21:10 - 00000000 ____D () C:\Users\Vicki\AppData\Local\McAfee File Lock 2015-02-13 21:10 - 2015-02-13 21:10 - 00000000 ____D () C:\Program Files (x86)\McAfee.com 2015-02-13 21:10 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\windows\system32\Drivers\HipShieldK.sys 2015-02-13 21:10 - 2013-09-09 11:11 - 00074560 _____ (McAfee, Inc.) C:\windows\system32\Drivers\McPvDrv.sys 2015-02-13 21:09 - 2015-02-27 07:16 - 00000000 ____D () C:\Program Files (x86)\McAfee 2015-02-13 21:09 - 2015-02-13 21:09 - 00000000 ____D () C:\Program Files\McAfee.com 2015-02-13 21:03 - 2015-02-13 21:10 - 00000000 ____D () C:\Program Files\Common Files\McAfee 2015-02-13 21:03 - 2014-06-20 10:30 - 00189912 _____ (McAfee, Inc.) C:\windows\system32\mfevtps.exe 2015-02-13 20:55 - 2015-02-28 19:03 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2491684161-953214207-2461470077-1001 2015-02-13 20:55 - 2015-02-28 18:54 - 00003926 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{4A33092B-D08B-4D71-8FCD-0423876D57DA} 2015-02-13 20:54 - 2015-02-27 07:17 - 00000000 ___DO () C:\Users\Vicki\OneDrive 2015-02-13 20:53 - 2015-02-16 18:33 - 00000000 ____D () C:\Users\Vicki\AppData\Local\Lenovo 2015-02-13 20:51 - 2015-02-13 20:51 - 00000000 ____D () C:\Users\Vicki\AppData\Roaming\Macromedia 2015-02-13 20:51 - 2015-02-13 20:51 - 00000000 ____D () C:\Users\Vicki\AppData\Roaming\Intel Corporation 2015-02-13 20:50 - 2015-02-28 18:58 - 00052061 _____ () C:\Users\Vicki\AppData\Local\BTServer.log 2015-02-13 20:50 - 2015-02-25 08:32 - 00000000 ____D () C:\Users\Vicki\AppData\Local\Packages 2015-02-13 20:50 - 2015-02-22 22:03 - 00000000 ____D () C:\Users\Vicki 2015-02-13 20:50 - 2015-02-13 21:24 - 00000000 ____D () C:\Users\Vicki\AppData\Local\VirtualStore 2015-02-13 20:50 - 2015-02-13 20:50 - 00001453 _____ () C:\Users\Vicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-02-13 20:50 - 2015-02-13 20:50 - 00000020 ___SH () C:\Users\Vicki\ntuser.ini 2015-02-13 20:50 - 2015-02-13 20:50 - 00000000 ____D () C:\Users\Vicki\Documents\My Bluetooth 2015-02-13 20:50 - 2015-02-13 20:50 - 00000000 ____D () C:\Users\Vicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2015-02-13 20:50 - 2015-02-13 20:50 - 00000000 ____D () C:\Users\Vicki\AppData\Roaming\Adobe 2015-02-13 20:50 - 2015-02-13 20:50 - 00000000 ____D () C:\Users\Vicki\AppData\Local\LenovoBrowserGuard 2015-02-13 20:50 - 2015-02-04 15:30 - 00000000 ___RD () C:\Users\Vicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-02-13 20:50 - 2014-08-23 16:39 - 00000000 ___RD () C:\Users\Vicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-02-13 20:50 - 2014-03-18 04:55 - 00000369 _____ () C:\Users\Vicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2015-02-13 20:50 - 2014-03-18 04:55 - 00000369 _____ () C:\Users\Vicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2015-02-13 20:50 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Vicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-02-13 20:50 - 2013-08-22 10:36 - 00000000 ____D () C:\Users\Vicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-02-04 16:41 - 2015-02-04 16:41 - 00033346 _____ () C:\windows\PLDDATA.XML 2015-02-04 16:41 - 2015-02-04 16:41 - 00000073 _____ () C:\windows\SYSINFO.TXT 2015-02-04 16:41 - 2015-02-04 16:41 - 00000018 _____ () C:\windows\59423166.007 2015-02-04 16:29 - 2015-02-13 20:50 - 00497961 ____H () C:\windows\modules.log 2015-02-04 16:23 - 2015-02-28 19:18 - 00000000 ____D () C:\ProgramData\LU 2015-02-04 16:22 - 2015-02-04 16:22 - 05332420 _____ () C:\windows\MFGSTAT.zip 2015-02-04 16:22 - 2015-02-04 16:22 - 00000000 ____D () C:\Program Files\Adobe Photo 2015-02-04 16:21 - 2015-02-13 21:31 - 00000000 ____D () C:\ProgramData\Office2013 2015-02-04 16:21 - 2015-02-13 20:51 - 00000000 ____D () C:\ProgramData\Energy Manager 2015-02-04 16:21 - 2015-02-04 16:21 - 00000000 ____D () C:\Program Files\Lenovo PhotoMasterImport 2015-02-04 16:21 - 2015-02-04 16:21 - 00000000 ____D () C:\Program Files\DIFX 2015-02-04 16:21 - 2015-02-04 16:20 - 00198192 _____ (Lenovo(beijing) Limited) C:\windows\system32\LenovoWiFiHotspotSvr.exe 2015-02-04 16:20 - 2015-02-04 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photo Master 2015-02-04 16:19 - 2015-02-17 20:49 - 00000000 ____D () C:\ProgramData\CyberLink 2015-02-04 16:19 - 2015-02-16 18:28 - 00007984 _____ () C:\windows\SysWOW64\VisualDiscovery.ini 2015-02-04 16:19 - 2015-02-16 18:28 - 00005440 _____ () C:\windows\SysWOW64\VisualDiscoveryOff.ini 2015-02-04 16:19 - 2015-02-16 18:28 - 00005440 _____ () C:\windows\system32\VisualDiscoveryOff.ini 2015-02-04 16:19 - 2015-02-04 16:20 - 00000000 ____D () C:\ProgramData\install_clap 2015-02-04 16:18 - 2015-02-27 07:15 - 00002560 _____ () C:\windows\system32\VfService.trf 2015-02-04 16:18 - 2015-02-04 16:18 - 01336624 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll 2015-02-04 16:18 - 2015-02-04 16:18 - 01064448 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll 2015-02-04 16:18 - 2015-02-04 16:18 - 00299520 _____ (Microsoft Corporation) C:\windows\system32\WSDMon.dll 2015-02-04 16:18 - 2015-02-04 16:18 - 00205824 _____ (Microsoft Corporation) C:\windows\system32\tcpmon.dll 2015-02-04 16:18 - 2015-02-04 16:18 - 00146752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msgpioclx.sys 2015-02-04 16:18 - 2015-02-04 16:18 - 00000000 __SHD () C:\UserGuidePDF 2015-02-04 16:17 - 2015-02-04 16:21 - 00000000 ____D () C:\ProgramData\Downloaded Installations 2015-02-04 16:17 - 2015-02-04 16:17 - 00003332 _____ () C:\windows\System32\Tasks\Lenovo Smart Voice 2015-02-04 16:17 - 2015-02-04 16:17 - 00001318 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartVoiceToast.lnk 2015-02-04 16:17 - 2015-02-04 16:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10 2015-02-04 16:17 - 2015-02-04 16:17 - 00000000 ____D () C:\Program Files\Lenovo PhoneCompanion 2015-02-04 16:17 - 2015-02-04 16:17 - 00000000 ____D () C:\Program Files (x86)\Cyberlink 2015-02-04 16:17 - 2015-02-04 15:27 - 00000011 _____ () C:\windows\WIN8_1_64 2015-02-04 16:16 - 2015-02-04 16:17 - 00000000 ____D () C:\Program Files\CyberLink 2015-02-04 16:14 - 2015-02-14 03:27 - 00000000 ____D () C:\ProgramData\McAfee 2015-02-04 16:14 - 2015-02-13 21:10 - 00000000 ____D () C:\Program Files\mcafee 2015-02-04 16:13 - 2015-02-04 16:13 - 00000000 ____D () C:\ProgramData\Nitro 2015-02-04 16:12 - 2015-02-16 18:30 - 00000000 ____D () C:\ProgramData\Lenovo 2015-02-04 16:12 - 2015-02-13 20:50 - 00000000 ____D () C:\Program Files (x86)\LenovoBrowserGuard 2015-02-04 16:12 - 2015-02-04 16:12 - 00000000 ____D () C:\ProgramData\OneKey Recovery 2015-02-04 16:12 - 2015-02-04 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Reach 2015-02-04 16:12 - 2012-06-13 20:10 - 00102376 _____ ("CyberLink) C:\windows\system32\Drivers\wsvd.sys 2015-02-04 16:11 - 2015-02-27 07:21 - 00000000 ____D () C:\windows\System32\Tasks\Lenovo 2015-02-04 16:11 - 2015-02-16 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2015-02-04 16:11 - 2015-02-16 18:30 - 00000000 ____D () C:\Program Files\Lenovo 2015-02-04 16:11 - 2015-02-04 16:19 - 00000000 ____D () C:\ProgramData\Temp 2015-02-04 16:11 - 2015-02-04 16:11 - 00000000 ____D () C:\windows\Downloaded Installations 2015-02-04 16:11 - 2015-02-04 16:11 - 00000000 ____D () C:\ProgramData\LenovoTransition 2015-02-04 16:11 - 2015-02-04 16:11 - 00000000 ____D () C:\Program Files (x86)\New Folder 2015-02-04 16:10 - 2015-02-16 18:37 - 00000000 ____D () C:\Program Files (x86)\Lenovo 2015-02-04 16:10 - 2015-02-04 16:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2015-02-04 16:10 - 2014-06-08 22:29 - 00000426 _____ () C:\windows\setup.cmd 2015-02-04 16:10 - 2013-03-01 09:13 - 02356592 _____ (Microsoft Corporation) C:\windows\system32\WudfUpdate_01011.dll 2015-02-04 15:44 - 2015-02-04 15:44 - 00000060 _____ () C:\windows\PEIS_PreloadData.ini 2015-02-04 15:40 - 2015-02-04 15:40 - 00015796 _____ () C:\windows\system32\results.xml 2015-02-04 15:38 - 2015-02-04 16:20 - 00000000 ____D () C:\ProgramData\Package Cache 2015-02-04 15:38 - 2015-02-04 15:38 - 00001390 _____ () C:\windows\Synaptics.log 2015-02-04 15:38 - 2015-02-04 15:38 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf 2015-02-04 15:38 - 2015-02-04 15:38 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf 2015-02-04 15:38 - 2015-02-04 15:38 - 00000000 ____D () C:\Program Files\Synaptics 2015-02-04 15:37 - 2015-02-04 15:38 - 00000000 ____D () C:\ProgramData\Realtek 2015-02-04 15:37 - 2015-02-04 15:37 - 00000000 ____D () C:\Program Files (x86)\Cisco 2015-02-04 15:37 - 2014-08-14 23:28 - 03558104 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtwlane.sys 2015-02-04 15:37 - 2014-06-11 19:49 - 00051656 _____ () C:\windows\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8812ae_new.dll 2015-02-04 15:37 - 2014-06-11 19:49 - 00049048 _____ () C:\windows\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192ee_new.dll 2015-02-04 15:37 - 2014-06-11 19:49 - 00049048 _____ () C:\windows\system32\rtl8761a_bcut_bt40_fw_asic_rom_patch_new.dll 2015-02-04 15:37 - 2014-06-11 19:49 - 00047116 _____ () C:\windows\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_new.dll 2015-02-04 15:37 - 2014-06-11 19:49 - 00043860 _____ () C:\windows\system32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192eu_new.dll 2015-02-04 15:37 - 2014-05-13 18:16 - 00037284 _____ () C:\windows\system32\rlt8723a_chip_bt40_fw_asic_rom_patch.dll 2015-02-04 15:37 - 2014-05-06 17:44 - 00046460 _____ () C:\windows\system32\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll 2015-02-04 15:37 - 2014-04-18 11:52 - 00573144 _____ (Realtek Semiconductor Corporation) C:\windows\system32\Drivers\RtkBtfilter.sys 2015-02-04 15:37 - 2014-03-27 19:43 - 00031276 _____ () C:\windows\system32\rtl8821a_mp_chip_bt40_fw_asic_rom_patch_new.dll 2015-02-04 15:37 - 2014-03-24 15:37 - 00422400 _____ (Realtek) C:\windows\SwUSB.exe 2015-02-04 15:37 - 2014-02-21 12:49 - 00002652 _____ () C:\windows\PidVid_List.txt 2015-02-04 15:37 - 2014-01-21 06:10 - 09105624 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\rtsuvc.sys 2015-02-04 15:37 - 2014-01-21 06:10 - 06340312 _____ (Realtek semiconductor) C:\windows\RTFTrack.exe 2015-02-04 15:37 - 2014-01-21 06:10 - 02628312 _____ (Realtek Semiconductor Corp.) C:\windows\RtCamU64.exe 2015-02-04 15:37 - 2014-01-21 06:10 - 01157563 _____ () C:\windows\FTDataP.xml 2015-02-04 15:37 - 2014-01-21 06:10 - 00946032 _____ () C:\windows\FTData.xml 2015-02-04 15:37 - 2014-01-21 06:10 - 00817241 _____ () C:\windows\FTDataR1.xml 2015-02-04 15:37 - 2014-01-21 06:10 - 00817191 _____ () C:\windows\FTDataR0.xml 2015-02-04 15:37 - 2014-01-21 06:10 - 00472792 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtCamX64.dll 2015-02-04 15:37 - 2014-01-21 06:10 - 00419032 _____ (Realtek Semiconductor Corp.) C:\windows\SysWOW64\RtCamX.dll 2015-02-04 15:37 - 2013-10-18 19:42 - 00048856 _____ () C:\windows\runSW.exe 2015-02-04 15:37 - 2013-05-20 19:55 - 00006752 _____ () C:\windows\system32\rtl8723b_chip_bt40_fw_asic_rom_patch.dll 2015-02-04 15:37 - 2013-04-23 16:55 - 00003372 _____ () C:\windows\system32\bt_only_chip_bt40_fw_asic_rom_patch.dll 2015-02-04 15:37 - 2013-04-02 02:19 - 00574464 _____ (Realtek Semiconductor Corp. ) C:\windows\system32\Rtlihvs.dll 2015-02-04 15:37 - 2010-12-01 12:31 - 00451072 _____ () C:\windows\SysWOW64\ISSRemoveSP.exe 2015-02-04 15:36 - 2015-02-04 15:36 - 00003016 _____ () C:\windows\System32\Tasks\UMonitor Task 2015-02-04 15:36 - 2014-04-29 08:00 - 00000973 ____N () C:\windows\SysWOW64\ProductName.ini 2015-02-04 15:36 - 2014-04-17 03:38 - 00111336 _____ (GenesysLogic) C:\windows\system32\Drivers\GeneStor.sys 2015-02-04 15:36 - 2014-04-15 01:56 - 00000184 ____N () C:\windows\SysWOW64\IconCfg0.ini 2015-02-04 15:36 - 2014-04-15 01:56 - 00000184 _____ () C:\windows\system32\IconCfg0.ini 2015-02-04 15:36 - 2014-02-25 22:13 - 00053248 _____ () C:\windows\SysWOW64\UMonit64.exe 2015-02-04 15:36 - 2013-12-17 22:35 - 00839896 _____ (Realtek ) C:\windows\system32\Drivers\Rt630x64.sys 2015-02-04 15:36 - 2013-12-17 22:35 - 00073800 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll 2015-02-04 15:36 - 2013-11-14 04:46 - 00002863 ____N () C:\windows\SysWOW64\parameter.log 2015-02-04 15:36 - 2013-09-26 19:46 - 00172097 _____ () C:\windows\SysWOW64\NoMSGuninstall.exe 2015-02-04 15:36 - 2012-11-28 22:26 - 05623808 _____ (Genesys) C:\windows\system32\GeneIcon.dll 2015-02-04 15:36 - 2011-05-29 21:13 - 00001519 ____N () C:\windows\SysWOW64\_IconCfg0.ini 2015-02-04 15:35 - 2015-02-04 16:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-02-04 15:35 - 2015-02-04 15:37 - 00000000 ____D () C:\Program Files (x86)\Realtek 2015-02-04 15:35 - 2015-02-04 15:36 - 00000000 ___HD () C:\Program Files (x86)\Temp 2015-02-04 15:35 - 2015-02-04 15:35 - 00000000 ____H () C:\ProgramData\DP45977C.lfl 2015-02-04 15:35 - 2015-02-04 15:35 - 00000000 ____D () C:\windows\SysWOW64\RTCOM 2015-02-04 15:35 - 2015-02-04 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek 2015-02-04 15:35 - 2015-02-04 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby 2015-02-04 15:35 - 2015-02-04 15:35 - 00000000 ____D () C:\Program Files\Realtek 2015-02-04 15:35 - 2015-02-04 15:35 - 00000000 ____D () C:\Program Files\Dolby Digital Plus 2015-02-04 15:35 - 2014-03-04 07:31 - 03882456 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys 2015-02-04 15:35 - 2014-03-04 07:27 - 02831576 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll 2015-02-04 15:35 - 2014-03-04 04:19 - 00627928 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtDataProc64.dll 2015-02-04 15:35 - 2014-03-04 04:00 - 56684544 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoRes64.dat 2015-02-04 15:35 - 2014-03-04 01:57 - 00837014 _____ () C:\windows\system32\Drivers\RTAIODAT.DAT 2015-02-04 15:35 - 2014-03-04 01:11 - 02794200 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkAPO64.dll 2015-02-04 15:35 - 2014-03-03 07:21 - 01019608 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll 2015-02-04 15:35 - 2014-02-27 03:46 - 00947928 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll 2015-02-04 15:35 - 2014-02-18 07:32 - 00002440 _____ () C:\windows\system32\Drivers\SAMSFPA.DAT 2015-02-04 15:35 - 2014-02-18 05:12 - 01042520 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPOShell64.dll 2015-02-04 15:35 - 2014-02-18 04:04 - 02770976 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll 2015-02-04 15:35 - 2014-02-16 07:30 - 14742104 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioRealtek64.dll 2015-02-04 15:35 - 2014-02-16 07:30 - 02101848 _____ (Waves Audio Ltd.) C:\windows\system32\WavesGUILib64.dll 2015-02-04 15:35 - 2014-02-16 07:30 - 02040920 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioEQ64.dll 2015-02-04 15:35 - 2014-02-16 07:30 - 01933400 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioRealtek264.dll 2015-02-04 15:35 - 2014-02-05 22:28 - 05804772 _____ () C:\windows\system32\Drivers\rtvienna.dat 2015-02-04 15:35 - 2014-01-27 22:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll 2015-02-04 15:35 - 2014-01-20 06:11 - 02080472 ____N (Realtek Semiconductor Corp.) C:\windows\RtlExUpd.dll 2015-02-04 15:35 - 2013-12-04 03:27 - 01958616 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl 2015-02-04 15:35 - 2013-10-15 14:43 - 00209096 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll 2015-02-04 15:35 - 2013-10-10 23:47 - 00113576 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll 2015-02-04 15:35 - 2013-09-09 15:02 - 06217904 _____ (Dolby Laboratories) C:\windows\system32\DDPP64A.dll 2015-02-04 15:35 - 2013-09-09 15:02 - 00313520 _____ (Dolby Laboratories) C:\windows\system32\DDPO64A.dll 2015-02-04 15:35 - 2013-09-09 15:01 - 01938608 _____ (Dolby Laboratories) C:\windows\system32\DDPD64A.dll 2015-02-04 15:35 - 2013-09-09 15:01 - 00260272 _____ (Dolby Laboratories) C:\windows\system32\DDPA64.dll 2015-02-04 15:35 - 2013-08-14 02:36 - 00662784 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxVolumeSDAPO.dll 2015-02-04 15:35 - 2013-08-14 02:35 - 00663296 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO30.dll 2015-02-04 15:35 - 2012-11-13 22:41 - 00378000 _____ (Realtek Semiconductor) C:\windows\system32\RtkGuiCompLib.dll 2015-02-04 15:35 - 2012-08-31 06:18 - 07164176 _____ (Dolby Laboratories) C:\windows\system32\R4EEP64A.dll 2015-02-04 15:35 - 2012-08-31 06:17 - 00434960 _____ (Dolby Laboratories) C:\windows\system32\R4EED64A.dll 2015-02-04 15:35 - 2012-08-31 06:17 - 00141584 _____ (Dolby Laboratories) C:\windows\system32\R4EEL64A.dll 2015-02-04 15:35 - 2012-08-31 06:17 - 00124176 _____ (Dolby Laboratories) C:\windows\system32\R4EEA64A.dll 2015-02-04 15:35 - 2012-08-31 06:17 - 00075024 _____ (Dolby Laboratories) C:\windows\system32\R4EEG64A.dll 2015-02-04 15:35 - 2012-03-07 22:47 - 00108640 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAR64.dll
  7. fcignarella
    Results from the Fabar scan additions g from C:\Users\Vicki\AppData\Local\Microsoft\Windows\INetCache\IE\T3MGIUWO Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden Canon CanoScan 9000F II On-screen Manual (HKLM-x32\...\Canon CanoScan 9000F II On-screen Manual) (Version: 7.5.0 - Canon Inc.) Canon CanoScan 9000F Mark II User Registration (HKLM-x32\...\Canon CanoScan 9000F Mark II User Registration) (Version: - Canon Inc.‎) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.) CanoScan 9000F Mark II Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9604) (Version: - Canon Inc.) CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.32.00 - Lenovo Inc.) Hidden Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc) Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo) Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.0 - Genesys Logic) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.74 - Google Inc.) Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3383 - Intel Corporation) Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.4.1000 - Intel Corporation) Lenovo Browser Guard (HKLM-x32\...\LenovoBrowserGuard) (Version: 2.16.50.5 - ClientConnect LTD) Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.32.00 - Lenovo Group Limited) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.) Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.19.0 - Lenovo) Lenovo Flex 2 Demo (HKLM-x32\...\{8300CA15-AD32-4C12-A6D4-121DEBCA11CC}) (Version: 1.0.0 - Lenovo) Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.) Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden Lenovo Motion Control (HKLM-x32\...\InstallShield_{0D740B00-2307-44AC-B91B-F3E67444ECA6}) (Version: 2.0.1.0107 - PointGrab) Lenovo Motion Control (x32 Version: 2.0.1.0107 - PointGrab) Hidden Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.1.0.2326 - CyberLink Corp.) Hidden Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Lenovo PhoneCompanion (x32 Version: 1.2.0.0 - Lenovo) Hidden Lenovo Reach (HKLM-x32\...\{3245D8C8-7FE0-4FD4-B04B-2720A333D592}) (Version: 1.1.3.7 - Stoneware, Inc.) Lenovo Recommends (HKLM-x32\...\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}) (Version: 1.5.014.0211 - Lenovo) Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.4 - Lenovo) Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.1.14.1221 - Lenovo) Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.59 - Lenovo) Lenovo Updates (x32 Version: 1.1.0.59 - Lenovo) Hidden Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo) Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - ) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) McAfee All Access – Total Protection (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.) McAfee SafeKey(uninstall only) (HKLM-x32\...\SafeKey) (Version: 2.1.10 - McAfee, Inc.) McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.191 - McAfee, Inc.) Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4693.1002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2491684161-953214207-2461470077-1001\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4693.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.816.818.061114 - REALTEK Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.20.243 - REALTEK Semiconductor Corp.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.87 - Synaptics Incorporated) UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo) User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo) Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2491684161-953214207-2461470077-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Vicki\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 15-02-2015 23:33:08 Windows Update 25-02-2015 10:42:43 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {06148C98-7732-40F4-B49D-7A44D3F8757D} - System32\Tasks\UMonitor Task => C:\windows\SysWOW64\UMonit64.exe [2014-02-25] () Task: {131E9AEF-CC88-4561-943B-FA84AA2E77A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-16] (Google Inc.) Task: {4A0177DB-B29D-4BFA-ADEB-38147B7F7828} - System32\Tasks\Microsoft Office 15 Sync Maintenance for VICKI-PC-Vicki Vicki-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-02-21] (Microsoft Corporation) Task: {526C55F3-3508-42D2-B961-576575D36678} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-08-18] (Lenovo) Task: {5F89B1B1-0303-4AD0-8A48-FAE0A5DC5067} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo) Task: {5FBF105E-AEBB-46EE-873E-94DDD37B1695} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-21] (Microsoft Corporation) Task: {73460C36-92F8-47E3-9DF6-67C300CD5ABD} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2491684161-953214207-2461470077-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe Task: {85A4F7B9-4549-4267-9659-8E220086786B} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {8DC17881-D2B2-489A-983F-F5D85D290010} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-16] (Google Inc.) Task: {94C17B35-D629-4E5C-9E10-C6FE19FD6FB7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation) Task: {ACDC5B47-6D03-44B3-ABAD-9B54916A4D9C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-01-29] (Microsoft Corporation) Task: {AEC80CC1-0932-461A-9169-130F95D77987} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2015-02-04] (Lenovo) Task: {BA6526F7-E52E-4855-A576-FEE5015AA37D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation) Task: {D40139B4-F96A-4563-8287-3CFDD6C36180} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2015-02-13] (Lenovo) Task: {E40B9410-4E1A-4C85-A5E2-EC5859AC9E47} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-11-21] () Task: {FFDDA55A-D6E6-4D9E-BEF4-D2847D46684D} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2015-02-04 15:37 - 2014-05-06 17:41 - 00094208 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe 2015-02-13 21:24 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2015-02-22 16:58 - 2012-03-28 07:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2015-02-04 16:10 - 2014-01-09 21:27 - 00019440 _____ () C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe 2015-02-04 16:17 - 2012-04-24 05:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2015-02-04 16:18 - 2015-02-04 16:18 - 00067856 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe 2015-02-04 16:18 - 2015-02-04 16:18 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll 2015-02-04 16:11 - 2015-02-04 16:11 - 00061200 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll 2015-02-04 16:11 - 2015-02-04 16:11 - 00294672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe 2015-02-04 15:36 - 2014-02-25 22:13 - 00053248 _____ () C:\windows\SysWOW64\UMonit64.exe 2015-02-04 16:11 - 2015-02-04 16:11 - 00109328 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe 2014-03-26 15:50 - 2015-02-04 16:21 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll 2015-02-04 16:11 - 2014-01-09 21:30 - 00044016 _____ () C:\Program Files (x86)\Lenovo\Lenovo Recommends\Util.dll 2015-02-16 17:46 - 2015-02-16 17:46 - 00632320 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Security\c7f6d022c5d5aec4891cb6b3b9934336\Windows.Security.ni.dll 2015-02-16 17:46 - 2015-02-16 17:46 - 00207872 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.System\a4efa88b742703220e527956d8ab4e84\Windows.System.ni.dll 2015-02-16 17:46 - 2015-02-16 17:46 - 01259520 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Networking\8f0dd293f95c402613c49fb2fac85bdd\Windows.Networking.ni.dll 2015-02-16 17:46 - 2015-02-16 17:46 - 00363520 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\6382e6f5ad8b7a9db4f5cd4817e70319\Windows.Foundation.ni.dll 2015-02-04 16:17 - 2015-02-04 16:17 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe 2015-02-04 16:10 - 2014-07-09 20:19 - 00592880 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe 2015-02-04 16:10 - 2014-07-09 20:19 - 00397296 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe 2015-02-16 13:05 - 2015-02-16 13:05 - 02394624 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt\Facebook.exe 2015-02-20 10:49 - 2015-02-20 10:49 - 10501632 _____ () C:\Users\Vicki\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook\eff57947f2d527a4d30599471bd8a2a4\Facebook.ni.exe 2015-02-20 10:48 - 2015-02-20 10:48 - 05185024 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.UI.Xaml\873b701d9b42e91132f08a6f05c4361a\Windows.UI.Xaml.ni.dll 2015-02-20 10:48 - 2015-02-20 10:48 - 01134592 _____ () C:\Users\Vicki\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-Win8-Base\8a9f4d141ea60649eb4ac5dc3eae33d2\Facebook-Win8-Base.ni.dll 2015-02-20 10:48 - 2015-02-20 10:48 - 00619520 _____ () C:\Users\Vicki\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-Base\a1e018847a9bbd02df0c31d4d2044695\Facebook-Base.ni.dll 2015-02-20 10:48 - 2015-02-20 10:48 - 01112576 _____ () C:\Users\Vicki\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-Models\6345c048bbd973b5b6935da559c99955\Facebook-Models.ni.dll 2015-02-20 10:48 - 2015-02-20 10:48 - 05790720 _____ () C:\Users\Vicki\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-Services\f8229d2b8e40c929a92d58b800fa8d1e\Facebook-Services.ni.dll 2015-02-20 10:46 - 2015-02-20 10:46 - 01782784 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\3f4dc590466037f015f65bc07d1ea923\Windows.ApplicationModel.ni.dll 2015-02-20 10:46 - 2015-02-20 10:46 - 01278464 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Storage\f9ac074d298db459c5eff6d3256861c8\Windows.Storage.ni.dll 2015-02-20 10:49 - 2015-02-20 10:49 - 01492992 _____ () C:\Users\Vicki\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Bing.Maps\da17719ac327a528f002ca1420a4abca\Bing.Maps.ni.dll 2015-02-20 10:48 - 2015-02-20 10:48 - 02019840 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Devices\0b4b3f23bdebd1d056b32b31e2f746bb\Windows.Devices.ni.dll 2015-02-20 10:48 - 2015-02-20 10:48 - 01459712 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\4bd80968bf666252841ca7792faaff11\Windows.UI.ni.dll 2015-02-20 10:47 - 2015-02-20 10:47 - 00467456 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Graphics\ea818a24554fc2db9a73de1e79afb286\Windows.Graphics.ni.dll 2015-02-20 10:47 - 2015-02-20 10:47 - 00521216 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Data\fae2b750f87849ca11806d20b2504bf2\Windows.Data.ni.dll 2015-02-20 10:49 - 2015-02-20 10:49 - 00021504 _____ () C:\Users\Vicki\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook-No02b98c3e#\ad3ee8ea231e42a87d3bfbbf64e06b7e\Facebook-Notifications.ni.dll 2015-02-20 10:49 - 2015-02-20 10:49 - 00592896 _____ () C:\Users\Vicki\AppData\Local\Packages\facebook.facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Notificatioc5a47191#\3b0f4eefb2f4c55dbed371d125599081\NotificationsExtensions.ni.dll 2015-02-16 17:46 - 2015-02-16 17:46 - 00347136 _____ () C:\windows\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\94e2bc13589233f9d2cc54292717b8cf\Windows.Globalization.ni.dll 2015-02-13 21:25 - 2015-02-21 10:49 - 08898728 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2015-02-13 21:24 - 2015-02-21 10:49 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll 2015-02-04 16:11 - 2015-02-04 16:11 - 00105744 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\1366\TransitionLib.dll 2015-02-04 16:11 - 2015-02-04 16:11 - 00102160 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll 2014-01-07 18:03 - 2014-01-07 18:03 - 02440512 _____ () C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterFilter.ax 2015-02-04 16:17 - 2015-02-04 16:17 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll 2015-02-04 15:34 - 2013-09-03 18:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Vicki\OneDrive:ms-properties AlternateDataStreams: C:\Users\Vicki\Documents\Production 1.dmsm:Roxio EMC Stream ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2491684161-953214207-2461470077-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vicki\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-2491684161-953214207-2461470077-500 - Administrator - Disabled) Guest (S-1-5-21-2491684161-953214207-2461470077-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2491684161-953214207-2461470077-1003 - Limited - Enabled) Vicki (S-1-5-21-2491684161-953214207-2461470077-1001 - Administrator - Enabled) => C:\Users\Vicki ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/28/2015 06:58:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Explorer.EXE, version: 6.3.9600.17284, time stamp: 0x53f816dc Faulting module name: McPvNs.dll, version: 3.8.713.2, time stamp: 0x522de439 Exception code: 0xc0000005 Fault offset: 0x0000000000044058 Faulting process id: 0x13c8 Faulting application start time: 0xExplorer.EXE0 Faulting application path: Explorer.EXE1 Faulting module path: Explorer.EXE2 Report Id: Explorer.EXE3 Faulting package full name: Explorer.EXE4 Faulting package-relative application ID: Explorer.EXE5 Error: (02/26/2015 11:04:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17416, time stamp: 0x5452eed9 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x062e1000 Faulting process id: 0x324c Faulting application start time: 0xIEXPLORE.EXE0 Faulting application path: IEXPLORE.EXE1 Faulting module path: IEXPLORE.EXE2 Report Id: IEXPLORE.EXE3 Faulting package full name: IEXPLORE.EXE4 Faulting package-relative application ID: IEXPLORE.EXE5 Error: (02/25/2015 09:19:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Facebook.exe, version: 0.0.0.1, time stamp: 0x53e2b340 Faulting module name: Windows.UI.Xaml.dll, version: 6.3.9600.17238, time stamp: 0x53d0d45c Exception code: 0xc000041d Fault offset: 0x000000000093724c Faulting process id: 0x2090 Faulting application start time: 0xFacebook.exe0 Faulting application path: Facebook.exe1 Faulting module path: Facebook.exe2 Report Id: Facebook.exe3 Faulting package full name: Facebook.exe4 Faulting package-relative application ID: Facebook.exe5 Error: (02/25/2015 09:19:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Facebook.exe, version: 0.0.0.1, time stamp: 0x53e2b340 Faulting module name: Windows.UI.Xaml.dll, version: 6.3.9600.17238, time stamp: 0x53d0d45c Exception code: 0xc0000005 Fault offset: 0x000000000093724c Faulting process id: 0x2090 Faulting application start time: 0xFacebook.exe0 Faulting application path: Facebook.exe1 Faulting module path: Facebook.exe2 Report Id: Facebook.exe3 Faulting package full name: Facebook.exe4 Faulting package-relative application ID: Facebook.exe5 Error: (02/25/2015 09:19:54 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: Facebook.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: exception code c0000005, exception address 00007FF8756F724C Stack: Error: (02/25/2015 08:40:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Facebook.exe, version: 0.0.0.1, time stamp: 0x53e2b340 Faulting module name: Windows.UI.Xaml.dll, version: 6.3.9600.17238, time stamp: 0x53d0d45c Exception code: 0xc0000005 Fault offset: 0x000000000093724c Faulting process id: 0x3154 Faulting application start time: 0xFacebook.exe0 Faulting application path: Facebook.exe1 Faulting module path: Facebook.exe2 Report Id: Facebook.exe3 Faulting package full name: Facebook.exe4 Faulting package-relative application ID: Facebook.exe5 Error: (02/25/2015 08:40:43 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: Facebook.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: exception code c0000005, exception address 00007FF8756F724C Stack: Error: (02/25/2015 08:24:33 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program PhotoScreensaver.scr version 6.3.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1c4c Start Time: 01d05151861ce61f Termination Time: 8 Application Path: C:\windows\system32\PhotoScreensaver.scr Report Id: 36cefcb9-bd56-11e4-8268-acd1b8139b6e Faulting package full name: Faulting package-relative application ID: Error: (02/25/2015 11:12:16 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Facebook.exe, version: 0.0.0.1, time stamp: 0x53e2b340 Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e Exception code: 0xe0434352 Fault offset: 0x000000000000606c Faulting process id: 0x140c Faulting application start time: 0xFacebook.exe0 Faulting application path: Facebook.exe1 Faulting module path: Facebook.exe2 Report Id: Facebook.exe3 Faulting package full name: Facebook.exe4 Faulting package-relative application ID: Facebook.exe5 Error: (02/25/2015 11:12:15 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: Facebook.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Reflection.TargetInvocationException Stack: at System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean) at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[]) at System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo) at GalaSoft.MvvmLight.Helpers.WeakAction`1[[system.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Execute(System.__Canon) at GalaSoft.MvvmLight.Messaging.Messenger.SendToList[[system.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.__Canon, System.Collections.Generic.IEnumerable`1<WeakActionAndToken>, System.Type, System.Object) at GalaSoft.MvvmLight.Messaging.Messenger.SendToTargetOrType[[system.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.__Canon, System.Type, System.Object) at GalaSoft.MvvmLight.Messaging.Messenger.Send[[system.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.__Canon) System errors: ============= Error: (02/28/2015 06:57:53 PM) (Source: DCOM) (EventID: 10010) (User: VICKI-PC) Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (02/27/2015 11:15:16 AM) (Source: bowser) (EventID: 8003) (User: ) Description: The master browser has received a server announcement from the computer WDMYCLOUD that believes that it is the master browser for the domain on transport NetBT_Tcpip_{0B5872DB-BF80-4B8E-8779-690A349574F1}. The master browser is stopping or an election is being forced. Error: (02/27/2015 07:15:00 AM) (Source: DCOM) (EventID: 10010) (User: VICKI-PC) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (02/27/2015 07:14:56 AM) (Source: DCOM) (EventID: 10010) (User: VICKI-PC) Description: {9AA46009-3CE0-458A-A354-715610A075E6} Error: (02/27/2015 07:14:56 AM) (Source: DCOM) (EventID: 10010) (User: VICKI-PC) Description: {9AA46009-3CE0-458A-A354-715610A075E6} Error: (02/27/2015 07:14:55 AM) (Source: DCOM) (EventID: 10010) (User: VICKI-PC) Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793} Error: (02/27/2015 07:14:55 AM) (Source: DCOM) (EventID: 10010) (User: VICKI-PC) Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793} Error: (02/27/2015 07:14:32 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105. Error: (02/25/2015 07:14:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The McAfee Validation Trust Protection Service service terminated unexpectedly. It has done this 1 time(s). Error: (02/25/2015 06:52:01 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105. Microsoft Office Sessions: ========================= Error: (02/28/2015 06:58:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Explorer.EXE6.3.9600.1728453f816dcMcPvNs.dll3.8.713.2522de439c0000005000000000004405813c801d0528761218fd5C:\windows\Explorer.EXEC:\Program Files\McAfee\MAT\McPvNs.dlla174c04e-bfa5-11e4-8269-54ee7540a6fd Error: (02/26/2015 11:04:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: IEXPLORE.EXE11.0.9600.174165452eed9unknown0.0.0.000000000c0000005062e1000324c01d0510030b2f05aC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknownbd8eee28-be35-11e4-8268-acd1b8139b6e Error: (02/25/2015 09:19:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Facebook.exe0.0.0.153e2b340Windows.UI.Xaml.dll6.3.9600.1723853d0d45cc000041d000000000093724c209001d051653ff7c9ffC:\Program Files\WindowsApps\Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt\Facebook.exeC:\Windows\System32\Windows.UI.Xaml.dllf421c502-bd5d-11e4-8268-acd1b8139b6eFacebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp Error: (02/25/2015 09:19:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Facebook.exe0.0.0.153e2b340Windows.UI.Xaml.dll6.3.9600.1723853d0d45cc0000005000000000093724c209001d051653ff7c9ffC:\Program Files\WindowsApps\Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt\Facebook.exeC:\Windows\System32\Windows.UI.Xaml.dllf38a831c-bd5d-11e4-8268-acd1b8139b6eFacebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp Error: (02/25/2015 09:19:54 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: Facebook.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: exception code c0000005, exception address 00007FF8756F724C Stack: Error: (02/25/2015 08:40:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Facebook.exe0.0.0.153e2b340Windows.UI.Xaml.dll6.3.9600.1723853d0d45cc0000005000000000093724c315401d05115d6168913C:\Program Files\WindowsApps\Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt\Facebook.exeC:\Windows\System32\Windows.UI.Xaml.dll79e4f996-bd58-11e4-8268-acd1b8139b6eFacebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp Error: (02/25/2015 08:40:43 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: Facebook.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: exception code c0000005, exception address 00007FF8756F724C Stack: Error: (02/25/2015 08:24:33 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: PhotoScreensaver.scr6.3.9600.163841c4c01d05151861ce61f8C:\windows\system32\PhotoScreensaver.scr36cefcb9-bd56-11e4-8268-acd1b8139b6e Error: (02/25/2015 11:12:16 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Facebook.exe0.0.0.153e2b340KERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606c140c01d050f490a34955C:\Program Files\WindowsApps\Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt\Facebook.exeC:\windows\system32\KERNELBASE.dll1013c58c-bd09-11e4-8268-acd1b8139b6eFacebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp Error: (02/25/2015 11:12:15 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: Facebook.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Reflection.TargetInvocationException Stack: at System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean) at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[]) at System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo) at GalaSoft.MvvmLight.Helpers.WeakAction`1[[system.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Execute(System.__Canon) at GalaSoft.MvvmLight.Messaging.Messenger.SendToList[[system.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.__Canon, System.Collections.Generic.IEnumerable`1<WeakActionAndToken>, System.Type, System.Object) at GalaSoft.MvvmLight.Messaging.Messenger.SendToTargetOrType[[system.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.__Canon, System.Type, System.Object) at GalaSoft.MvvmLight.Messaging.Messenger.Send[[system.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.__Canon) ==================== Memory info =========================== Processor: Intel® Core i7-4510U CPU @ 2.00GHz Percentage of memory in use: 39% Total physical RAM: 8100.01 MB Available physical RAM: 4918.47 MB Total Pagefile: 16292.01 MB Available Pagefile: 12353.17 MB Total Virtual: 131072 MB Available Virtual: 131071.84 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:424.58 GB) (Free:180.85 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.79 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 38E02EC7) Partition: GPT Partition Type. ==================== End Of Log ============================
  8. fcignarella
    Here are the results of the root kit scan: Malwarebytes Anti-Rootkit BETA 1.09.1.1004 www.malwarebytes.org Database version: main: v2015.02.28.06 rootkit: v2015.02.25.01 Windows 8.1 x64 NTFS Internet Explorer 11.0.9600.17631 Vicki :: VICKI-PC [administrator] 2/28/2015 7:00:58 PM mbar-log-2015-02-28 (19-00-58).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 335441 Time elapsed: 5 minute(s), 41 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected)
  9. fcignarella
    Thank you i am traveling this week and will speak with my wife to run your instructions... and post the results tomorrow thanks again
  10. fcignarella
    to add I must have done something because malwarebytes was blocking I tried to fix and now it is not blocking anymore so I screwed something up
  11. fcignarella
    I seem to have been infected as some of the other users with this malware. I ran the tool after reading some of the posts and I am uploading the result files FRST.Txt and Addition.txt. Thanks in advance for your support regards frank FRST.txt Addition.txt
  12. fcignarella
    I seem to be having the same issue as some other posts i have read that being that Malewarebytes won't run even after going through all of the 13 Chamelon test. After reading some of the other posts I downloaded rkill/iexplore ran that and below are the results but still wont start. Any help would be appreciated Program started at: 07/19/2014 04:42:04 PM in x64 mode. Windows Version: Windows 7 Home Premium Service Pack 1 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * Windows Defender Disabled [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware" = dword:00000001 Checking Windows Service Integrity: * Windows Defender (WinDefend) is not Running. Startup Type set to: Manual Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * No issues found. Program finished at: 07/19/2014 04:42:42 PM Execution time: 0 hours(s), 0 minute(s), and 38 seconds(s)
  13. fcignarella
    I am having the same issue Malewarebytes wont run went through all 13 Chamelon test no good, downloaded iexplore ran that below are the results but still wont start. Any help would be appreciated Program started at: 07/19/2014 04:42:04 PM in x64 mode. Windows Version: Windows 7 Home Premium Service Pack 1 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * Windows Defender Disabled [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware" = dword:00000001 Checking Windows Service Integrity: * Windows Defender (WinDefend) is not Running. Startup Type set to: Manual Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * No issues found. Program finished at: 07/19/2014 04:42:42 PM Execution time: 0 hours(s), 0 minute(s), and 38 seconds(s)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.