Jump to content

Pop up ads and hyperlinks on webpages


bemo53

Recommended Posts

Hello. When a webpage is open I often had a small square pop up video ad in the lower left corner. Most webpages have hyperlinks to them that did not have them before. And ads pop up over websites I'm looking at.  I have downloaded malwarebytes and it was able to find over 50 items. I just did a scan on malwarebytes and did not come up with anything.

 

I have Windows 8. I downloaded dds.scr and dds.com but neither will open. A warning from Windows Security pops up then a message saying "DDS is not meant to run in 'Compatibility Mode' The program shall now exit.

 

Is it weird that it used "shall??" :)  Anyway looking for any help possible.

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin.... :)

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2014 01
Ran by Rebecca (administrator) on BECKYLAPTOP on 12-01-2014 11:21:20
Running from C:\Users\Rebecca\Desktop
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Akamai Technologies, Inc.) C:\Users\Rebecca\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Akamai Technologies, Inc.) C:\Users\Rebecca\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13535304 2013-05-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] - C:\Windows\RTFTrack.exe [6339656 2013-05-17] (Realtek semiconductor)
HKLM\...\Run: [bTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7830328 2013-05-21] (Motorola Solutions, Inc.)
HKLM\...\Run: [Energy Manager] - C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2013-11-15] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] - C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80368 2013-11-15] (Lenovo(beijing) Limited)
HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2986224 2013-06-20] (Synaptics Incorporated)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Rebecca\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
MountPoints2: {612e0ad0-5df6-11e3-be7d-0c8bfdcade19} - "E:\VZW_Software_upgrade_assistant.exe"
HKU\UpdatusUser\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
AppInit_DLLs: C:\windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://home.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://home.lenovo.com
SearchScopes: HKLM - DefaultScope {B7FC8FB8-0DD4-463D-A547-E2FAF915D097} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM - {B7FC8FB8-0DD4-463D-A547-E2FAF915D097} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - DefaultScope {B7FC8FB8-0DD4-463D-A547-E2FAF915D097} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {B7FC8FB8-0DD4-463D-A547-E2FAF915D097} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - DefaultScope {B7FC8FB8-0DD4-463D-A547-E2FAF915D097} URL =
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869
SearchScopes: HKCU - {B7FC8FB8-0DD4-463D-A547-E2FAF915D097} URL =
BHO: TidyNetwork - {00C083BB-A2D1-3037-C5EB-871EC2323D74} - C:\Program Files (x86)\TidyNetwork\petn64.dll No File
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.16 68.105.29.16

FireFox:
========
FF ProfilePath: C:\Users\Rebecca\AppData\Roaming\Mozilla\Firefox\Profiles\6sf5b1jt.default
FF user.js: detected! => C:\Users\Rebecca\AppData\Roaming\Mozilla\Firefox\Profiles\6sf5b1jt.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 - C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: MyWordTool - C:\Users\Rebecca\AppData\Roaming\Mozilla\Firefox\Profiles\6sf5b1jt.default\Extensions\emily@wilford.biz [2014-01-09]
FF Extension: TidyNetwork - C:\Users\Rebecca\AppData\Roaming\Mozilla\Firefox\Profiles\6sf5b1jt.default\Extensions\TidyNetwork@TidyNetwork [2014-01-09]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-12-05]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []

Chrome:
=======

CHR Extension: (Google Docs) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-12-04]
CHR Extension: (Google Drive) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 [2013-12-04]
CHR Extension: (YouTube) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-12-04]
CHR Extension: (Google Search) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-12-04]
CHR Extension: (MyWordTool) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\djgojpphcoccgjoafgdhiomafpcopmfn\1_0 [2014-01-09]
CHR Extension: (TidyNetwork ) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhkmkaghgjceljbpjloiepinipofcfmo\5.0.0.0_0 [2014-01-09]
CHR Extension: (Norton Identity Protection) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.2.3_0 [2013-12-11]
CHR Extension: (Google Wallet) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 [2013-12-21]
CHR Extension: (Gmail) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 [2013-12-04]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx [2013-12-10]

==================== Services (Whitelisted) =================

U2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
U2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies)
U2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
U3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
U2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
U2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156616 2013-06-26] (Intel Corporation)
U2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-05-30] ()
U2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
U2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
U2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
U3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
U2 N360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation)
U2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
U2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
U2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-11-15] ()
U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
U2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

U0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
U3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
U1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20131218.001\BHDrvx64.sys [1526488 2013-12-17] (Symantec Corporation)
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
U3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2013-04-23] (Motorola Solutions, Inc.)
U1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
U1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-05] (Symantec Corporation)
U3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-05] (Symantec Corporation)
U1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies)
U0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies)
U3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
U3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
U0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
U3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [115656 2013-06-03] (Intel Corporation)
U1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140110.001\IDSvia64.sys [521944 2013-12-13] (Symantec Corporation)
U3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-05-30] ()
U3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-05-30] ()
U0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-11] (Microsoft Corporation)
U3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-05-30] ()
U0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
U3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-05-09] (Intel Corporation)
U3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140111.005\ENG64.SYS [126040 2013-12-05] (Symantec Corporation)
U3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140111.005\EX64.SYS [2099288 2013-12-05] (Symantec Corporation)
U3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
U3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
U3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
U3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation)
U3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
U3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [411208 2013-06-06] (Realsil Semiconductor Corporation)
U3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-17] (Realtek Semiconductor Corp.)
U3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-11] (Microsoft Corporation)
U3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-06-20] (Synaptics Incorporated)
U3 SRTSP; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
U1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
U0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-12-11] (Microsoft Corporation)
U0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
U0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
U0 SymELAM; C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
U3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-05] (Symantec Corporation)
U1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
U1 SymNetS; C:\Windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
U3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows ® Win 7 DDK provider)
U3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
U3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-01-10] ()
U3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
U2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-12 11:21 - 2014-01-12 11:21 - 00022845 _____ C:\Users\Rebecca\Desktop\FRST.txt
2014-01-12 11:21 - 2014-01-12 11:21 - 00000000 ___SH C:\DkHyperbootSync
2014-01-12 11:21 - 2014-01-12 11:21 - 00000000 ____D C:\FRST
2014-01-12 11:20 - 2014-01-12 11:20 - 02075136 _____ (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe
2014-01-12 11:18 - 2014-01-12 11:18 - 01219584 _____ (Farbar) C:\Users\Rebecca\Desktop\FRST.exe
2014-01-12 10:46 - 2014-01-12 10:46 - 00688992 _____ (Swearware) C:\Users\Rebecca\Desktop\dds.com
2014-01-12 10:44 - 2014-01-12 10:44 - 00688992 _____ (Swearware) C:\Users\Rebecca\Desktop\dds.scr
2014-01-10 08:49 - 2014-01-10 08:49 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2014-01-10 08:36 - 2014-01-10 08:36 - 00001132 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-10 08:36 - 2014-01-10 08:36 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes
2014-01-10 08:36 - 2014-01-10 08:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-10 08:36 - 2014-01-10 08:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-10 08:36 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-01-10 08:34 - 2014-01-10 08:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Rebecca\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-10 07:34 - 2014-01-10 07:34 - 00000000 ____D C:\WINDOWS\SysWOW64\N360_BACKUP
2014-01-09 19:02 - 2014-01-11 21:21 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\vlc
2014-01-09 18:58 - 2014-01-09 18:58 - 00000000 ____D C:\WINDOWS\LastGood
2014-01-09 18:54 - 2014-01-09 18:55 - 03053496 _____ (Symantec Corporation) C:\Users\Rebecca\Downloads\NPE.exe
2014-01-09 18:31 - 2014-01-09 18:31 - 00001093 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-09 18:31 - 2014-01-09 18:31 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2014-01-09 18:27 - 2014-01-10 08:47 - 00000000 ____D C:\Program Files (x86)\TidyNetwork
2014-01-09 18:27 - 2014-01-09 18:27 - 00004000 _____ C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-01-09 18:27 - 2014-01-09 18:27 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyWordTool
2014-01-09 18:26 - 2014-01-09 18:26 - 79450976 _____ C:\Users\Rebecca\Downloads\vlcmediaplayer-setup.exe
2013-12-29 20:05 - 2013-12-29 20:05 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-12-22 21:56 - 2014-01-01 08:58 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps
2013-12-22 05:16 - 2013-12-22 05:16 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Rosetta Stone
2013-12-22 05:00 - 2013-12-22 05:00 - 00001146 _____ C:\Users\Public\Desktop\Rosetta Stone TOTALe.lnk
2013-12-22 05:00 - 2013-12-22 05:00 - 00000000 ____D C:\ProgramData\RosettaStoneLtdServices
2013-12-22 05:00 - 2013-12-22 05:00 - 00000000 ____D C:\ProgramData\Rosetta Stone Backups
2013-12-22 05:00 - 2013-12-22 05:00 - 00000000 ____D C:\ProgramData\Rosetta Stone
2013-12-22 05:00 - 2013-12-22 05:00 - 00000000 ____D C:\Program Files (x86)\RosettaStoneLtdServices
2013-12-22 05:00 - 2013-12-22 05:00 - 00000000 ____D C:\Program Files (x86)\Rosetta Stone
2013-12-22 04:59 - 2013-12-22 05:04 - 00000000 ____D C:\ProgramData\FLEXnet
2013-12-21 22:06 - 2013-12-21 22:15 - 123115992 _____ (Rosetta Stone, Ltd.) C:\Users\Rebecca\Setup-4.5.5.0.exe
2013-12-21 22:05 - 2013-12-21 22:05 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Akamai
2013-12-21 22:04 - 2013-12-21 22:05 - 10028912 _____ (Akamai Technologies, Inc.) C:\Users\Rebecca\Downloads\installer.exe
2013-12-20 15:00 - 2013-12-20 15:00 - 00819136 _____ (Google Inc.) C:\Users\Rebecca\Downloads\googledrivesync.exe
2013-12-20 11:58 - 2013-12-20 11:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-14 07:58 - 2013-12-16 09:51 - 00000000 ____D C:\Users\Rebecca\Documents\CELP
2013-12-13 09:46 - 2013-12-13 10:50 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Apple Computer
2013-12-13 09:46 - 2013-12-13 09:46 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Apple Computer
2013-12-13 09:46 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2013-12-13 09:45 - 2013-12-13 09:46 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-13 09:45 - 2013-12-13 09:46 - 00000000 ____D C:\Program Files\iTunes
2013-12-13 09:45 - 2013-12-13 09:46 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-13 09:45 - 2013-12-13 09:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Apple
2013-12-13 09:45 - 2013-12-13 09:45 - 00000000 ____D C:\ProgramData\Apple Computer
2013-12-13 09:45 - 2013-12-13 09:45 - 00000000 ____D C:\ProgramData\Apple
2013-12-13 09:45 - 2013-12-13 09:45 - 00000000 ____D C:\Program Files\iPod
2013-12-13 09:45 - 2013-12-13 09:45 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-12-13 09:45 - 2013-12-13 09:45 - 00000000 ____D C:\Program Files\Bonjour
2013-12-13 09:45 - 2013-12-13 09:45 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-12-13 09:45 - 2013-12-13 09:45 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-12-13 09:16 - 2013-12-13 09:18 - 100400976 _____ (Apple Inc.) C:\Users\Rebecca\Downloads\iTunes64Setup.exe

==================== One Month Modified Files and Folders =======

2014-01-12 11:21 - 2014-01-12 11:21 - 00022845 _____ C:\Users\Rebecca\Desktop\FRST.txt
2014-01-12 11:21 - 2014-01-12 11:21 - 00000000 ___SH C:\DkHyperbootSync
2014-01-12 11:21 - 2014-01-12 11:21 - 00000000 ____D C:\FRST
2014-01-12 11:20 - 2014-01-12 11:20 - 02075136 _____ (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe
2014-01-12 11:18 - 2014-01-12 11:18 - 01219584 _____ (Farbar) C:\Users\Rebecca\Desktop\FRST.exe
2014-01-12 11:14 - 2013-12-04 16:04 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-12 11:12 - 2013-12-11 13:08 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{544922E0-C58F-405B-90C2-026AA5CDEE17}
2014-01-12 11:05 - 2013-12-05 13:29 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-12 11:00 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-12 10:46 - 2014-01-12 10:46 - 00688992 _____ (Swearware) C:\Users\Rebecca\Desktop\dds.com
2014-01-12 10:44 - 2014-01-12 10:44 - 00688992 _____ (Swearware) C:\Users\Rebecca\Desktop\dds.scr
2014-01-12 08:57 - 2013-12-11 11:18 - 01253576 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-11 21:21 - 2014-01-09 19:02 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\vlc
2014-01-11 20:14 - 2013-09-29 20:04 - 00865408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-11 20:12 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-11 11:27 - 2013-12-04 15:53 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-182601591-3174554765-3755035503-1002
2014-01-10 08:51 - 2013-12-11 12:29 - 00000000 __RDO C:\Users\Rebecca\SkyDrive
2014-01-10 08:51 - 2013-12-04 16:05 - 00002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-10 08:50 - 2013-12-04 16:04 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 08:49 - 2014-01-10 08:49 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2014-01-10 08:49 - 2013-11-15 17:07 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2014-01-10 08:49 - 2013-08-22 06:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-10 08:48 - 2013-11-15 17:21 - 00002560 _____ C:\WINDOWS\system32\VfService.trf
2014-01-10 08:48 - 2013-09-29 19:55 - 00056896 _____ C:\WINDOWS\PFRO.log
2014-01-10 08:48 - 2013-08-22 05:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2014-01-10 08:47 - 2014-01-09 18:27 - 00000000 ____D C:\Program Files (x86)\TidyNetwork
2014-01-10 08:36 - 2014-01-10 08:36 - 00001132 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-10 08:36 - 2014-01-10 08:36 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes
2014-01-10 08:36 - 2014-01-10 08:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-10 08:36 - 2014-01-10 08:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-10 08:35 - 2014-01-10 08:34 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Rebecca\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-10 07:34 - 2014-01-10 07:34 - 00000000 ____D C:\WINDOWS\SysWOW64\N360_BACKUP
2014-01-09 18:58 - 2014-01-09 18:58 - 00000000 ____D C:\WINDOWS\LastGood
2014-01-09 18:58 - 2013-08-22 05:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2014-01-09 18:57 - 2013-12-04 16:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-09 18:57 - 2012-07-26 00:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2014-01-09 18:55 - 2014-01-09 18:54 - 03053496 _____ (Symantec Corporation) C:\Users\Rebecca\Downloads\NPE.exe
2014-01-09 18:31 - 2014-01-09 18:31 - 00001093 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-09 18:31 - 2014-01-09 18:31 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2014-01-09 18:27 - 2014-01-09 18:27 - 00004000 _____ C:\WINDOWS\System32\Tasks\TidyNetwork Update
2014-01-09 18:27 - 2014-01-09 18:27 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyWordTool
2014-01-09 18:26 - 2014-01-09 18:26 - 79450976 _____ C:\Users\Rebecca\Downloads\vlcmediaplayer-setup.exe
2014-01-09 18:26 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\Resources
2014-01-01 08:58 - 2013-12-22 21:56 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps
2013-12-29 20:12 - 2013-12-05 15:10 - 00000000 ____D C:\ProgramData\tmp
2013-12-29 20:05 - 2013-12-29 20:05 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-12-27 18:05 - 2013-08-22 06:46 - 00337566 _____ C:\WINDOWS\setupact.log
2013-12-22 05:16 - 2013-12-22 05:16 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Rosetta Stone
2013-12-22 05:04 - 2013-12-22 04:59 - 00000000 ____D C:\ProgramData\FLEXnet
2013-12-22 05:01 - 2013-12-11 11:24 - 00000000 ____D C:\Users\Rebecca
2013-12-22 05:00 - 2013-12-22 05:00 - 00001146 _____ C:\Users\Public\Desktop\Rosetta Stone TOTALe.lnk
2013-12-22 05:00 - 2013-12-22 05:00 - 00000000 ____D C:\ProgramData\RosettaStoneLtdServices
2013-12-22 05:00 - 2013-12-22 05:00 - 00000000 ____D C:\ProgramData\Rosetta Stone Backups
2013-12-22 05:00 - 2013-12-22 05:00 - 00000000 ____D C:\ProgramData\Rosetta Stone
2013-12-22 05:00 - 2013-12-22 05:00 - 00000000 ____D C:\Program Files (x86)\RosettaStoneLtdServices
2013-12-22 05:00 - 2013-12-22 05:00 - 00000000 ____D C:\Program Files (x86)\Rosetta Stone
2013-12-21 22:15 - 2013-12-21 22:06 - 123115992 _____ (Rosetta Stone, Ltd.) C:\Users\Rebecca\Setup-4.5.5.0.exe
2013-12-21 22:05 - 2013-12-21 22:05 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Akamai
2013-12-21 22:05 - 2013-12-21 22:04 - 10028912 _____ (Akamai Technologies, Inc.) C:\Users\Rebecca\Downloads\installer.exe
2013-12-20 21:00 - 2013-12-11 14:11 - 00000000 ____D C:\Users\Rebecca\Documents\Hiring 2014
2013-12-20 15:00 - 2013-12-20 15:00 - 00819136 _____ (Google Inc.) C:\Users\Rebecca\Downloads\googledrivesync.exe
2013-12-20 13:16 - 2013-12-04 15:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Packages
2013-12-20 11:58 - 2013-12-20 11:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 08:21 - 2013-12-04 16:03 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Mozilla
2013-12-16 09:51 - 2013-12-14 07:58 - 00000000 ____D C:\Users\Rebecca\Documents\CELP
2013-12-16 07:25 - 2013-12-05 10:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-16 07:24 - 2013-12-05 10:45 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-13 10:50 - 2013-12-13 09:46 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Apple Computer
2013-12-13 09:46 - 2013-12-13 09:46 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Apple Computer
2013-12-13 09:46 - 2013-12-13 09:45 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-13 09:46 - 2013-12-13 09:45 - 00000000 ____D C:\Program Files\iTunes
2013-12-13 09:46 - 2013-12-13 09:45 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-13 09:45 - 2013-12-13 09:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Apple
2013-12-13 09:45 - 2013-12-13 09:45 - 00000000 ____D C:\ProgramData\Apple Computer
2013-12-13 09:45 - 2013-12-13 09:45 - 00000000 ____D C:\ProgramData\Apple
2013-12-13 09:45 - 2013-12-13 09:45 - 00000000 ____D C:\Program Files\iPod
2013-12-13 09:45 - 2013-12-13 09:45 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-12-13 09:45 - 2013-12-13 09:45 - 00000000 ____D C:\Program Files\Bonjour
2013-12-13 09:45 - 2013-12-13 09:45 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-12-13 09:45 - 2013-12-13 09:45 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-12-13 09:18 - 2013-12-13 09:16 - 100400976 _____ (Apple Inc.) C:\Users\Rebecca\Downloads\iTunes64Setup.exe
2013-12-13 09:11 - 2013-12-11 11:14 - 00000000 ___DC C:\WINDOWS\Panther

Files to move or delete:
====================
C:\Users\Rebecca\Setup-4.5.5.0.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-29 20:17

==================== End Of Log ============================

Addition.txt

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

 

  • Double click on AdwCleaner.exe to run the tool.
  • Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Uncheck any elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review.
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted (if necessary):
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

 

Next,

 

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Full scan

Make sure that everything is checked, and click Remove Selected on any found items.

 

Post the produced log, also give update on any remaining issues or concerns...

 

Kevin

Fixlist.txt

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-01-2014 01
Ran by Rebecca at 2014-01-12 15:11:00 Run:2
Running from C:\Users\Rebecca\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
C:\Users\Rebecca\Setup-4.5.5.0.exe
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade
AlternateDataStreams: C:\Users\Rebecca\SkyDrive:ms-properties
End

*****************

"C:\Users\Rebecca\Setup-4.5.5.0.exe" => File/Directory not found.
"C:\WINDOWS\system32\Drivers\btmhsf.sys" => ":Microsoft_Appcompat_ReinstallUpgrade" ADS not found.
"C:\Users\Rebecca\SkyDrive" => ":ms-properties" ADS not found.

==== End of Fixlog ====

Link to post
Share on other sites

# AdwCleaner v3.017 - Report created 12/01/2014 at 15:18:34
# Updated 12/01/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Rebecca - BECKYLAPTOP
# Running from : C:\Users\Rebecca\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\TidyNetwork
Folder Deleted : C:\Users\Rebecca\AppData\Roaming\Mozilla\Firefox\Profiles\6sf5b1jt.default\Extensions\tidynetwork@tidynetwork
File Deleted : C:\Users\Rebecca\AppData\Roaming\Mozilla\Firefox\Profiles\6sf5b1jt.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Rebecca\AppData\Roaming\Mozilla\Firefox\Profiles\6sf5b1jt.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1664 octets] - [12/01/2014 15:14:45]
AdwCleaner[s0].txt - [1490 octets] - [12/01/2014 15:18:34]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1550 octets] ##########
 

Link to post
Share on other sites

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.10.05

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Rebecca :: BECKYLAPTOP [administrator]

Protection: Enabled

1/12/2014 3:23:34 PM
mbam-log-2014-01-12 (15-23-34).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 514363
Time elapsed: 1 hour(s), 12 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

Link to post
Share on other sites

We still need to run an online AV scan to ensure there are no remnants of any infection left on your system that we may have missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    Click Start
  • When asked, allow the add/on to be installed
    Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

 

When the scan is complete

 

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

 

If threats were found

 

  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish

 

close program

 

copy and paste the report in next reply

 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

Post those two logs, also let me know if any remaining issues or concerns...

 

Kevin

Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.78  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender   
Norton 360         
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Adobe Flash Player     11.9.900.170  
 Adobe Reader XI  
 Mozilla Firefox (26.0)
 Google Chrome 31.0.1650.63  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 

Link to post
Share on other sites

What is the status of your system now, are there any remaining issues or concerns?

 

Many free 3rd party applications may come with unwanted bundled extras. If you are offered an "advanced" option as opposed to a "default" option during the install, take "advanced" that option will usually let you opt out on the bundled unwanted extras.

You can navigate to and delete the entry flagged by ESET, if you do not want to keep it.

Link to post
Share on other sites

Hi Kevin,

 

The square box ad in the left corner has come back once, and I've had at least one pop up ad. The computer is only a month old and it's been slowing down during videos etc. I uninstalled VLC and deleted the file found by ESET. I'll restart and see how things go.

Link to post
Share on other sites

Is the ad issue the same with any browser or just specific to one browser? If the issue has returned run the following:

 

Download Zoek.zip from here http://www.hijackthis.nl/smeenk/220813/zoek.zip and save that zip file to your Desktop. Make sure to select direct on the word “Zip”

 

Double click zip file and extract to your  Desktop:

 

 

Zoekd.jpg

 

 

you will now have 3 versions of the tool on the Desktop:

 

 

Zoeke.jpg

 

Before running Zoek make sure all Browsers are closed and Security is turned OFF. Check at the following link: http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/]

 

Double click on each in turn until one version of Zoek will run (accept UAC) The following window will open:

 

 

Zoekb.jpg

 

 

Copy and paste the following script from the code box and paste into the field.

 

 

standardsearch;autoruns;autoclean;emptyclsid;emptyalltemp;installedprogs;  

 

 

Select the "Run Script" tab. The following window will open:

 

 

 

Zoekc.jpg

 

 

 

Please be patient and do not use the PC when the scan is in progress.

 

When complete you maybe asked to re-boot your PC, if so please do

 

Zoekf.jpg

 

Post the produced log in your next reply…..

Link to post
Share on other sites

Zoek.exe v5.0.0.0 Updated 12-Januari-2014
Tool run by Rebecca on Tue 01/14/2014 at 16:50:08.88.
Microsoft Windows 8.1 6.3.9600  x64
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode No Internet Access Detected
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rebecca\Desktop\zoek\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

1/14/2014 4:52:04 PM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-182601591-3174554765-3755035503-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{00C083BB-A2D1-3037-C5EB-871EC2323D74} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C083BB-A2D1-3037-C5EB-871EC2323D74} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-182601591-3174554765-3755035503-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_USERS\S-1-5-21-182601591-3174554765-3755035503-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{00C083BB-A2D1-3037-C5EB-871EC2323D74} deleted successfully

==== Installed Programs ======================

Adobe Flash Player 11 Plugin  
Adobe Reader XI (11.0.05)  
Akamai NetSession Interface  
Apple Application Support  
Apple Mobile Device Support  
Apple Software Update  
Bonjour  
Dolby Home Theater v4  
Energy Manager  
ExpressCache  
FreeRide Games  
Google Chrome  
Google Update Helper  
Intel AppUp(SM) center  
Intel® Management Engine Components  
Intel® PRO/Wireless Driver  
Intel® Processor Graphics  
Intel® PROSet/Wireless Software for Bluetooth® Technology  
Intel® Rapid Storage Technology  
Intel® SDK for OpenCL - CPU Only Runtime Package  
Intel® Smart Connect Technology 4.1 x64  
Intel® Update Manager  
Intel® WiDi  
Intelr PROSet/Wireless Software  
Intelr PROSet/Wireless WiFi Software  
Intelr Trusted Connect Service Client  
iTunes  
Lenovo EasyCamera  
Lenovo Experience Improvement  
Lenovo OneKey Recovery  
Lenovo Photos  
Lenovo VeriFace  
Lenovo YouCam  
Malwarebytes Anti-Malware version 1.75.0.1300  
Microsoft Office Home and Student 2013 - en-us  
Microsoft SkyDrive  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Motion Control  
Mozilla Firefox 26.0 (x86 en-US)  
Mozilla Maintenance Service  
Nitro Pro 8  
Norton 360  
NVIDIA Control Panel 327.02  
NVIDIA Graphics Driver 327.02  
NVIDIA Install Application  
NVIDIA Optimus 1.11.3  
NVIDIA PhysX  
NVIDIA PhysX System Software 9.12.1031  
NVIDIA Update 1.11.3  
NVIDIA Update Components  
Office 15 Click-to-Run Extensibility Component  
Office 15 Click-to-Run Licensing Component  
Office 15 Click-to-Run Localization Component  
Realtek Card Reader  
Realtek Ethernet Controller Driver  
Realtek High Definition Audio Driver  
Rosetta Stone Ltd Services  
Rosetta Stone TOTALe  
Shared C Run-time for x64  
StageLight version 1.0.0.3508  
SugarSync Manager  
Synaptics Pointing Device Driver  
UserGuide  
Windows Driver Package - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776)  
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733)  

==== Running Processes ======================

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
C:\windows\SysWOW64\NLSSRV32.EXE
C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Users\Rebecca\AppData\Local\Akamai\netsession_win.exe
C:\Users\Rebecca\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
C:\Users\Rebecca\Desktop\zoek\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\ProgramData\Package Cache deleted
C:\windows\SysNative\tasks\TidyNetwork Update deleted
C:\Users\Rebecca\AppData\Roaming\Mozilla\Firefox\Profiles\6sf5b1jt.default\extensions\emily@wilford.biz deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 7945 MB
CPU Info: Intel® Core i7-4500U CPU @ 1.80GHz
CPU Speed: 2464.0 MHz
Sound Card: Speakers (Realtek High Definiti |
Display Adapters: Intel® HD Graphics Family | Intel® HD Graphics Family | Intel® HD Graphics Family | NVIDIA GeForce GT 730M
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1536 X 864 - 32 bit
Network: Network Present
Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth Device (Personal Area Network) | Realtek PCIe GBE Family Controller | Intel® Wireless-N 7260
CD / DVD Drives: No optical drives found.
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  890.4GB | D:  25.0GB
Hard Disks - Free: C:  844.1GB | D:  21.3GB
Manufacturer *: LENOVO
BIOS Info: AT/AT COMPATIBLE |  | LENOVO - 1
Time Zone: Pacific Standard Time
Motherboard *: LENOVO Plum 5A
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Virus: Norton 360 On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: Norton 360 disabled (Outdated)
Firewall: Norton 360 disabled
Default Browser: Firefox    26.0
Internet Explorer Version: 11.0.9600.16476
Mozilla Firefox version: 26.0 (x86 en-US)
Google Chrome version: 31.0.1650.63
Adobe Reader version: 11.0.04.63
Flash Player version: 11.9.900.170

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\Rebecca\AppData\Local\Temp ====
====== C:\WINDOWS\SysWOW64 =====
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2014-01-10 16:49:15    8265CD5C67D0A35DFC40F3D1A8AC994C    94656    ----a-w-    C:\WINDOWS\Sysnative\WPRO_41_2001woem.tmp
====== C:\WINDOWS\Sysnative\drivers =====
2014-01-10 16:36:37    0BB97D43299910CBFBA59C461B99B910    25928    ----a-w-    C:\WINDOWS\Sysnative\drivers\mbam.sys
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-01-10 02:31:19    --------    d-----w-    C:\PROGRA~2\VideoLAN
2013-12-22 13:04:28    --------    d-----w-    C:\PROGRA~2\COMMON~1\Macrovision Shared
2013-12-22 13:00:40    --------    d-----w-    C:\PROGRA~2\Rosetta Stone
2013-12-22 13:00:20    --------    d-----w-    C:\PROGRA~2\RosettaStoneLtdServices
======= C: =====
====== C:\Users\Rebecca\AppData\Roaming ======
2014-01-13 19:20:09    --------    d-----w-    C:\Users\Rebecca\AppData\Local\ElevatedDiagnostics
2014-01-10 02:28:39    --------    d-----w-    C:\Users\Rebecca\AppData\Local\Programs
2014-01-10 02:27:57    --------    d-----w-    C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyWordTool
2014-01-01 16:32:10    --------    d-----w-    C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft
2013-12-23 05:56:33    --------    d-----w-    C:\Users\Rebecca\AppData\Local\CrashDumps
2013-12-22 13:16:14    --------    d-----w-    C:\Users\Rebecca\AppData\Roaming\Rosetta Stone
2013-12-22 06:05:38    --------    d-----w-    C:\Users\Rebecca\AppData\Local\Akamai
2013-12-20 19:58:34    --------    d-s---w-    C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft
====== C:\Users\Rebecca ======
2014-01-13 18:20:08    E8D3E34FFDAF21DF7C09CBBBA5763237    2347384    ----a-w-    C:\Users\Rebecca\Desktop\esetsmartinstaller_enu.exe
2014-01-12 23:11:25    246FE58EFFD357B2078842708155E46C    1236282    ----a-w-    C:\Users\Rebecca\Desktop\AdwCleaner.exe
2014-01-12 19:20:05    81FBA729C5731F722C4AD0F29D949229    2075136    ----a-w-    C:\Users\Rebecca\Desktop\FRST64.exe
2014-01-12 19:18:46    5CCC1F9BD7CE202689E178883755E395    1219584    ----a-w-    C:\Users\Rebecca\Desktop\FRST.exe
2014-01-12 18:46:46    8B968045D75783A09592C3105F2865DA    688992    ----a-w-    C:\Users\Rebecca\Desktop\dds.com
2014-01-10 16:34:25    683FDD3D773C58B262DC07CD0C6CE938    10285040    ----a-w-    C:\Users\Rebecca\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-10 02:54:49    8B6ADC24198ADA73886011164593C36C    3053496    ----a-w-    C:\Users\Rebecca\Downloads\NPE.exe
2013-12-22 13:00:40    --------    d-----w-    C:\ProgramData\Rosetta Stone Backups
2013-12-22 13:00:40    --------    d-----w-    C:\ProgramData\Rosetta Stone
2013-12-22 13:00:40    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone
2013-12-22 13:00:20    --------    d-----w-    C:\ProgramData\RosettaStoneLtdServices
2013-12-22 12:59:57    --------    d-----w-    C:\ProgramData\FLEXnet

====== C: exe-files ==
2014-01-15 00:23:41    E7D8C7748AAED52F1700D048A0087158    1907896    ----a-w-    C:\Program Files\Microsoft Office 15\Data\ClientUpdateDir\integratedoffice.exe
2014-01-14 23:41:28    02F4D77F2B1CAA08373732876F08B48C    548536    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOSQM.EXE
2014-01-14 23:41:23    85752D8DDA1CDDC368EEA9C6966D6FB9    3685544    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\XLICONS.EXE
2014-01-14 23:41:23    120A8C96BDACA0E996EECA1C4249DA3C    840400    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DW20.EXE
2014-01-14 23:41:21    639299F6C2DEFC95D32C7E31F3FDCE2C    3015336    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\WORDICON.EXE
2014-01-14 23:40:59    51E80A4215C91A46527A6D228FC41F92    78576    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
2014-01-14 23:40:57    6F9EC2DAD5C2A7D2A6DB55D56B1DEC48    6847704    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CMigrate.exe
2014-01-14 23:40:51    D7FD2973A893C9FA7EA28601E8B4D924    39584    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesX64\Microsoft Office\Office15\AppSharingHookController64.exe
2014-01-14 23:40:39    286F022920B7CC5517FE26F44D8F0450    5117144    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CMigrate.exe
2014-01-14 23:40:32    4AC57AC05DA1416F09007F531BFA1C1D    9555120    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\PDFREFLOW.EXE
2014-01-14 23:40:20    9E3D974459750742C522CDA7219F9553    871088    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\protocolhandler.exe
2014-01-14 23:40:18    FC8A57867331A885888BF10A567C03F7    3509416    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\PPTICO.EXE
2014-01-14 23:40:11    5422FAE4C8AE9022A0A6F2D61C2891D9    471784    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DWTRIG20.EXE
2014-01-14 23:40:01    2A04D9554504C9805ABD8F3042CF41CE    614568    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOICONS.EXE
2014-01-14 23:38:27    2162E8E0CEA552E3D065BB89CFA3FC64    1046232    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
2014-01-14 23:37:30    F7650D69291A0C4279CE810C18E0905B    496832    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\MSOUC.EXE
2014-01-14 23:37:30    F0880D165AD001E330D6B83A9342F544    228544    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\CLVIEW.EXE
2014-01-14 23:37:28    ED1993B0AB3C052FA41CB13DFFF3F9B0    478936    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\SELFCERT.EXE
2014-01-14 23:37:28    AB898EC1FFD8B8B3494EE5F383189421    448704    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\MSOSYNC.EXE
2014-01-14 23:37:26    042C55F9E4AB4F24CAD326D171071EF6    21888160    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\excelcnv.exe
2014-01-14 23:37:23    AC5207389149F97C62B068E01D8D0065    4522176    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\GRAPH.EXE
2014-01-14 23:37:22    BCC72321A7A78B43D416488083D30429    515312    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\IEContentService.exe
2014-01-14 23:37:18    60901242B582AA7A4BAFA33BB7B00D2A    569592    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\ORGCHART.EXE
2014-01-14 23:37:18    23B463D92C869A3858D652DAC23952FD    1026728    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\misc.exe
2014-01-14 23:37:17    A81D08D5FD2C6D05460C3D7A2ADC2C7D    526024    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\VPREVIEW.EXE
2014-01-14 23:34:07    A343694339F33F68AFCE279A5A23388F    566480    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\Integration\Integrator.exe
2014-01-14 23:27:13    D492087C8BC54DEAC2F293AB770E6625    1746600    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\ONENOTE.EXE
2014-01-14 23:26:01    44BEB5BCABCFC46BE32C4AC191CF943E    1923232    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\WINWORD.EXE
2014-01-14 23:25:36    FF7238051E8A7A4F1832071F9E549ECA    25623712    ----a-w-    C:\Program Files\Microsoft Office 15\Data\Updates\Apply\PackageFiles\root\office15\EXCEL.EXE
2014-01-13 18:20:08    E8D3E34FFDAF21DF7C09CBBBA5763237    2347384    ----a-w-    C:\Users\Rebecca\Desktop\esetsmartinstaller_enu.exe
2014-01-12 23:11:25    246FE58EFFD357B2078842708155E46C    1236282    ----a-w-    C:\Users\Rebecca\Desktop\AdwCleaner.exe
2014-01-12 23:10:58    D41D8CD98F00B204E9800998ECF8427E    0    ----a-w-    C:\Users\Rebecca\AppData\Local\Microsoft\Windows\INetCache\IE\SHBXYCCB\FRST64[1].exe
2014-01-12 19:20:05    81FBA729C5731F722C4AD0F29D949229    2075136    ----a-w-    C:\Users\Rebecca\Desktop\FRST64.exe
2014-01-12 19:18:46    5CCC1F9BD7CE202689E178883755E395    1219584    ----a-w-    C:\Users\Rebecca\Desktop\FRST.exe
2014-01-10 16:34:25    683FDD3D773C58B262DC07CD0C6CE938    10285040    ----a-w-    C:\Users\Rebecca\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-10 02:54:49    8B6ADC24198ADA73886011164593C36C    3053496    ----a-w-    C:\Users\Rebecca\Downloads\NPE.exe
=== C: other files ==
2014-01-14 23:04:48    19764658C1468C2C0CEF133D28414A6B    591360    ----a-w-    C:\Windows\LastGood\system32\DRIVERS\Rt630x64.sys
2014-01-12 18:46:46    8B968045D75783A09592C3105F2865DA    688992    ----a-w-    C:\Users\Rebecca\Desktop\dds.com
2014-01-10 16:36:37    0BB97D43299910CBFBA59C461B99B910    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-182601591-3174554765-3755035503-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="C:\Users\Rebecca\AppData\Local\Akamai\netsession_win.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"YouCam Tray"="C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe /s"
"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"
"Intel AppUp(SM) center"="C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="C:\Users\Rebecca\AppData\Local\Akamai\netsession_win.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4"
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"
"Persistence"="C:\WINDOWS\system32\igfxpers.exe"
"RtsFT"="RTFTrack.exe"
"BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp"
"Energy Manager"="C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"Lenovo Utility"="C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\windows\\system32\\nvinitx.dll "

==== Startup Folders ======================

2013-11-16 01:04:47    2065    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/10/2013 11:05 AM]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12/04/2013 04:04 PM]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12/04/2013 04:04 PM]
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [06/20/2013 01:29 PM]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\Dolby Selector" [C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2" ["C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe"]
"C:\WINDOWS\SysNative\tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon" ["C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe"]
"C:\WINDOWS\SysNative\tasks\Lenovo Motion Control" [CallApp.vbs]
"C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\WSCStub.exe"]
"C:\WINDOWS\SysNative\tasks\Synaptics TouchPad Enhancements" ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{544922E0-C58F-405B-90C2-026AA5CDEE17}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Lenovo\Experience Improvement" [C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe]
"C:\WINDOWS\SysNative\tasks\Norton 360\Norton Error Analyzer" [C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton 360\Norton Error Processor" [C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\SymErr.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn" [01/14/2014 03:06 PM]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Rebecca\AppData\Roaming\Mozilla\Firefox\Profiles\6sf5b1jt.default
F891089A6AB9E12FEDEBCC5EC0F40D66    - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll -    Shockwave Flash
18CF51689186AEB9D1D149AEB0E92D03    - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -    Microsoft Office 2013
EE8D96E7899D12FC3AA5DB2034C0853C    - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll -    Shockwave Flash


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx[12/09/2013 01:38 AM]

Google Docs - Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
MyWordTool - Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\djgojpphcoccgjoafgdhiomafpcopmfn
name TidyNetwork - Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhkmkaghgjceljbpjloiepinipofcfmo
Norton Identity Protection - Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Google Wallet - Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://lenovo13.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{B7FC8FB8-0DD4-463D-A547-E2FAF915D097}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://lenovo13.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{B7FC8FB8-0DD4-463D-A547-E2FAF915D097} Unknown  Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-182601591-3174554765-3755035503-1002\Software\Microsoft\Internet Explorer\SearchScopes\{B7FC8FB8-0DD4-463D-A547-E2FAF915D097} deleted successfully

==== Deleting CLSID Registry Values ======================


==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Rebecca\AppData\Local\Akamai\netsession_win.exe"
O4 - Global Startup: iSCTsysTray.lnk = C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe


O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} (ExentInf1 Class) -
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrcmSetSecurity - Intel - C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: ExpressCache - Condusiv Technologies - C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel® Wireless Bluetooth® 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\windows\SysWOW64\NLSSRV32.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RosettaStoneDaemon - Rosetta Stone Ltd. - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

==== Sysinternals Autoruns Log ======================

HKLM\System\CurrentControlSet\Services
   AdobeARMservice
     "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
     Adobe Acrobat Updater keeps your Adobe software up to date.
     Adobe Systems Incorporated
     1.7.4.0
     c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
     4/4/2013 1:05 PM
   AdobeFlashPlayerUpdateSvc
     C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
     This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes.
     Adobe Systems Incorporated
     11.9.900.170
     c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
     12/1/2013 10:09 AM
   Apple Mobile Device
     "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
     Provides the interface to Apple mobile devices.
     Apple Inc.
     17.323.0.9
     c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe
     5/17/2012 7:06 PM
   Bluetooth Device Monitor
     "C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
     A process to monitor Bluetooth radio state and configure Bluetooth remote folders.
     Motorola Solutions, Inc.
     3.1.1306.352
     c:\program files (x86)\intel\bluetooth\devmonsrv.exe
     6/23/2013 6:26 AM
   Bluetooth OBEX Service
     "C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
     Provides Bluetooth File Transfer Protocol support.
     Motorola Solutions, Inc.
     3.1.1306.340
     c:\program files (x86)\intel\bluetooth\obexsrv.exe
     4/23/2013 3:05 AM
   Bonjour Service
     "C:\Program Files\Bonjour\mDNSResponder.exe"
     Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence.
     Apple Inc.
     3.0.0.10
     c:\program files\bonjour\mdnsresponder.exe
     8/30/2011 9:52 PM
   BrcmSetSecurity
     "C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe"
     BrcmSetSecurity
     Intel
     1.0.0.1
     c:\program files\intel corporation\intel widi\brcmsetsecurity.exe
     4/16/2013 5:04 PM
   cphs
     %SystemRoot%\SysWow64\IntelCpHeciSvc.exe
     Intel® Content Protection HECI Service - enables communication with the Content Protection FW
     Intel Corporation
     9.0.20.9000
     c:\windows\syswow64\intelcphecisvc.exe
     6/13/2013 3:35 PM
   EvtEng
     "C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
     Manages the event trace messages for all the Intelr PROSet/Wireless Software components.
     Intel® Corporation
     16.1.0.0
     c:\program files\intel\wifi\bin\evteng.exe
     8/28/2013 3:05 PM
   ExpressCache
     "C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe"
     ExpressCache Service
     Condusiv Technologies
     1.0.100.0
     c:\program files\condusiv technologies\expresscache\expresscache.exe
     1/8/2013 8:01 AM
   FLEXnet Licensing Service
     "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
     This service performs licensing functions on behalf of FLEXnet enabled products.
     Acresso Software Inc.
     11.7.0.0
     c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
     6/7/2009 3:25 PM
   gupdate
     "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
     Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it.
     Google Inc.
     1.3.21.103
     c:\program files (x86)\google\update\googleupdate.exe
     2/15/2012 6:43 PM
   gupdatem
     "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc
     Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it.
     Google Inc.
     1.3.21.103
     c:\program files (x86)\google\update\googleupdate.exe
     2/15/2012 6:43 PM
   IAStorDataMgrSvc
     "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"
     Provides storage event notification and manages communication between the storage driver and user space applications.
     Intel Corporation
     12.5.4.1001
     c:\program files\intel\intel® rapid storage technology\iastordatamgrsvc.exe
     4/29/2013 4:04 PM
   Intel® Capability Licensing Service Interface
     "C:\Program Files\Intel\iCLS Client\HeciServer.exe"
     Version: 1.27.798.1
     Intel® Corporation
     1.27.798.1
     c:\program files\intel\icls client\heciserver.exe
     2/13/2013 3:46 AM
   Intel® Capability Licensing Service TCP IP Interface
     "C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe"
     Version: 1.27.798.1
     Intel® Corporation
     1.27.798.1
     c:\program files\intel\icls client\socketheciserver.exe
     2/13/2013 3:47 AM
   Intel® ME Service
     "C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe"
     Intelr Manageability Engine Service (Intelr ME Service)
     Intel Corporation
     9.5.0.1428
     c:\program files (x86)\intel\intel® management engine components\fwservice\intelmefwservice.exe
     3/15/2013 9:59 AM
   Intel® Wireless Bluetooth® 4.0 Radio Management
     "C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe"
     Manage Intel® Wireless Bluetooth® 4.0 radio state
     Intel Corporation
     3.0.1323.2
     c:\program files (x86)\intel\bluetooth\ibtrksrv.exe
     6/5/2013 6:21 AM
   iPod Service
     "C:\Program Files\iPod\bin\iPodService.exe"
     iPod hardware management services
     Apple Inc.
     11.1.3.8
     c:\program files\ipod\bin\ipodservice.exe
     11/1/2013 10:57 PM
   ISCTAgent
     "C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe"
     Refreshes online content while system is asleep.
     4.1.42.2308
     c:\program files\intel\intel® smart connect technology agent\isctagent.exe
     5/30/2013 3:43 PM
   jhi_service
     "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"
     Intel® Dynamic Application Loader Host Interface Service - Allows applications to access the local Intel ® DAL
     Intel Corporation
     9.5.0.1428
     c:\program files (x86)\intel\intel® management engine components\dal\jhi_service.exe
     3/15/2013 9:56 AM
   LMS
     "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
     Intel® Management and Security Application Local Management Service - Provides OS-related Intel® ME functionality.
     Intel Corporation
     9.5.0.1428
     c:\program files (x86)\intel\intel® management engine components\lms\lms.exe
     3/15/2013 10:02 AM
   MBAMScheduler
     "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
     Malwarebytes Anti-Malware scheduler
     Malwarebytes Corporation
     1.70.0.0
     c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe
     2/28/2013 12:38 PM
   MBAMService
     "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
     Malwarebytes Anti-Malware service
     Malwarebytes Corporation
     1.70.0.0
     c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe
     2/28/2013 12:38 PM
   MozillaMaintenance
     "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
     The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled.
     Mozilla Foundation
     26.0.0.5087
     c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
     12/5/2013 9:09 AM
   MyWiFiDHCPDNS
     "C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe"
     Wireless PAN DHCP and DNS Server
     16.1.0.0
     c:\program files\intel\wifi\bin\pandhcpdns.exe
     8/28/2013 2:47 PM
   N360
     "C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\diMaster.dll" /prefetch:1
     Norton 360
     Symantec Corporation
     12.11.0.16
     c:\program files (x86)\norton 360\engine\21.1.0.18\n360.exe
     10/2/2013 4:33 PM
   NitroDriverReadSpool8
     "C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe"
     Nitro PDF Driver Read Spool 8
     Nitro PDF Software
     7.0.0.1
     c:\program files\common files\nitro\pro\8.0\nitropdfdriverservice8x64.exe
     12/12/2012 2:16 AM
   nlsX86cc
     C:\windows\SysWOW64\NLSSRV32.EXE
     Nalpeiron Licensing Service
     Nalpeiron Ltd.
     6.3.9.1
     c:\windows\syswow64\nlssrv32.exe
     11/8/2012 5:20 PM
   nvsvc
     "C:\WINDOWS\system32\nvvsvc.exe"
     Provides system and desktop level support to the NVIDIA display driver
     NVIDIA Corporation
     8.17.13.2702
     c:\windows\system32\nvvsvc.exe
     8/29/2013 2:26 PM
   nvUpdatusService
     "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
     NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server.
     NVIDIA Corporation
     1.14.17.0
     c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe
     8/29/2013 1:26 PM
   RegSrvc
     "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
     Provides registry access to all Intelr PROSet/Wireless Software components
     Intel® Corporation
     16.1.0.0
     c:\program files\common files\intel\wirelesscommon\regsrvc.exe
     8/28/2013 2:47 PM
   RosettaStoneDaemon
     "C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe"
     Rosetta Stone Ltd. application
     Rosetta Stone Ltd.
     1.0.4.0
     c:\program files (x86)\rosettastoneltdservices\rosettastonedaemon.exe
     6/11/2012 9:46 AM
   VeriFaceSrv
     "C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe"
     c:\program files (x86)\lenovo\lenovo veriface\vfconnectorservice.exe
     5/22/2013 2:04 AM
   ZeroConfigService
     "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
     Manages the zero configuration service for all the Intelr PROSet/Wireless Software components.
     Intelr Corporation
     16.1.0.0
     c:\program files\intel\wifi\bin\zeroconfigservice.exe
     8/28/2013 3:00 PM

HKLM\System\CurrentControlSet\Services
   3ware
     System32\drivers\3ware.sys
     LSI 3ware SCSI Storport Driver
     LSI
     5.1.0.51
     c:\windows\system32\drivers\3ware.sys
     4/11/2013 2:49 PM
   ACPIVPC
     \SystemRoot\System32\drivers\AcpiVpc.sys
     ACPI Virtual Power Controller Driver
     Lenovo Corporation
     6.1.2601.5
     c:\windows\system32\drivers\acpivpc.sys
     2/16/2013 5:52 PM
   ADP80XX
     System32\drivers\ADP80XX.SYS
     PMC-Sierra Storport  Driver For SPC8x6G SAS/SATA controller
     PMC-Sierra
     1.0.0.254
     c:\windows\system32\drivers\adp80xx.sys
     7/12/2013 1:47 PM
   amdsata
     System32\drivers\amdsata.sys
     AHCI 1.3 Device Driver
     Advanced Micro Devices
     1.1.4.14
     c:\windows\system32\drivers\amdsata.sys
     7/8/2013 2:54 PM
   amdsbs
     System32\drivers\amdsbs.sys
     AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform
     AMD Technologies Inc.
     3.7.1540.43
     c:\windows\system32\drivers\amdsbs.sys
     12/11/2012 1:21 PM
   amdxata
     System32\drivers\amdxata.sys
     Storage Filter Driver
     Advanced Micro Devices
     1.1.4.14
     c:\windows\system32\drivers\amdxata.sys
     7/8/2013 2:45 PM
   arcsas
     System32\drivers\arcsas.sys
     Adaptec SAS RAID WS03 Driver
     PMC-Sierra, Inc.
     7.2.0.30261
     c:\windows\system32\drivers\arcsas.sys
     7/8/2013 4:50 PM
   b06bdrv
     System32\drivers\bxvbda.sys
     Broadcom NetXtreme II GigE VBD
     Broadcom Corporation
     7.4.14.0
     c:\windows\system32\drivers\bxvbda.sys
     2/4/2013 11:47 AM
   bcmfn2
     \SystemRoot\System32\drivers\bcmfn2.sys
     BCM Function 2  Device Driver
     Windows ® Win 7 DDK provider
     6.3.9391.6
     c:\windows\system32\drivers\bcmfn2.sys
     8/2/2013 3:59 PM
   BHDrvx64
     \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140110.001\BHDrvx64.sys
     SONAR Engine Driver
     Symantec Corporation
     8.1.1.2
     c:\program files (x86)\norton 360\nortondata\21.1.0.18\definitions\bashdefs\20140110.001\bhdrvx64.sys
     12/5/2013 2:05 PM
   btmhsf
     \SystemRoot\system32\DRIVERS\btmhsf.sys
     Bluetooth HighSpeed Filter Driver
     Motorola Solutions, Inc.
     3.1.1306.340
     c:\windows\system32\drivers\btmhsf.sys
     4/23/2013 3:29 AM
   ccSet_N360
     \SystemRoot\system32\drivers\N360x64\1501000.012\ccSetx64.sys
     Common Client Settings Driver
     Symantec Corporation
     12.11.0.13
     c:\windows\system32\drivers\n360x64\1501000.012\ccsetx64.sys
     9/23/2013 7:58 PM
   dg_ssudbus
     \SystemRoot\system32\DRIVERS\ssudbus.sys
     SAMSUNG USB Composite Device Driver (MSS Ver.3)
     DEVGURU Co., LTD.(www.devguru.co.kr)
     2.11.5.0
     c:\windows\system32\drivers\ssudbus.sys
     10/13/2013 10:21 PM
   ebdrv
     System32\drivers\evbda.sys
     Broadcom NetXtreme II 10 GigE VBD
     Broadcom Corporation
     7.4.33.1
     c:\windows\system32\drivers\evbda.sys
     4/8/2013 6:30 AM
   eeCtrl
     \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
     Symantec Eraser Control Driver
     Symantec Corporation
     113.1.2.11
     c:\program files (x86)\common files\symantec shared\eengine\eectrl64.sys
     10/9/2013 12:50 PM
   EraserUtilRebootDrv
     \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
     Symantec Eraser Utility Driver
     Symantec Corporation
     113.1.2.11
     c:\program files (x86)\common files\symantec shared\eengine\eraserutilrebootdrv.sys
     10/9/2013 12:50 PM
   excfs
     system32\DRIVERS\excfs.sys
     ExpressCache Filesystem Filter Driver
     Condusiv Technologies
     1.0.100.0
     c:\windows\system32\drivers\excfs.sys
     1/8/2013 8:00 AM
   excsd
     system32\DRIVERS\excsd.sys
     ExpressCache Driver
     Condusiv Technologies
     1.0.100.0
     c:\windows\system32\drivers\excsd.sys
     1/8/2013 8:00 AM
   GEARAspiWDM
     \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
     CD DVD Filter
     GEAR Software Inc.
     2.2.3.0
     c:\windows\system32\drivers\gearaspiwdm.sys
     5/3/2012 11:56 AM
   HpSAMD
     System32\drivers\HpSAMD.sys
     Smart Array SAS/SATA Controller Media Driver
     Hewlett-Packard Company
     8.0.4.0
     c:\windows\system32\drivers\hpsamd.sys
     3/26/2013 1:36 PM
   iaLPSSi_GPIO
     \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys
     Intel® Serial IO GPIO Controller Driver
     Intel Corporation
     1.1.163.0
     c:\windows\system32\drivers\ialpssi_gpio.sys
     6/26/2013 6:22 AM
   iaLPSSi_I2C
     \SystemRoot\System32\drivers\iaLPSSi_I2C.sys
     Intel® Serial IO I2C Controller Driver
     Intel Corporation
     1.1.163.0
     c:\windows\system32\drivers\ialpssi_i2c.sys
     6/26/2013 6:22 AM
   iaStorA
     System32\drivers\iaStorA.sys
     Intel Rapid Storage Technology driver - x64
     Intel Corporation
     12.5.4.1001
     c:\windows\system32\drivers\iastora.sys
     4/29/2013 4:03 PM
   iaStorAV
     System32\drivers\iaStorAV.sys
     Intel Rapid Storage Technology driver (inbox) - x64
     Intel Corporation
     12.0.1.1018
     c:\windows\system32\drivers\iastorav.sys
     7/31/2013 4:00 PM
   iaStorV
     System32\drivers\iaStorV.sys
     Intel Matrix Storage Manager driver - x64
     Intel Corporation
     8.6.2.1019
     c:\windows\system32\drivers\iastorv.sys
     4/11/2011 10:48 AM
   ibtusb
     \SystemRoot\system32\DRIVERS\ibtusb.sys
     Intel® Wireless Bluetooth® Filter Driver
     Intel Corporation
     3.0.1322.2
     c:\windows\system32\drivers\ibtusb.sys
     5/29/2013 9:41 AM
   IDSVia64
     \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140113.001\IDSvia64.sys
     Symantec Intrusion Prevention Driver
     Symantec Corporation
     12.0.4.5
     c:\program files (x86)\norton 360\nortondata\21.1.0.18\definitions\ipsdefs\20140113.001\idsvia64.sys
     12/5/2013 5:53 PM
   igfx
     \SystemRoot\system32\DRIVERS\igdkmd64.sys
     Intel Graphics Kernel Mode Driver
     Intel Corporation
     10.18.10.3316
     c:\windows\system32\drivers\igdkmd64.sys
     10/1/2013 9:06 AM
   ikbevent
     \SystemRoot\system32\DRIVERS\ikbevent.sys
     Intel Keyboard Class Upper Filter Driver
     1.0.9.0
     c:\windows\system32\drivers\ikbevent.sys
     1/8/2013 11:34 AM
   imsevent
     \SystemRoot\system32\DRIVERS\imsevent.sys
     Intel Mouse Class Upper Filter Driver
     1.0.9.0
     c:\windows\system32\drivers\imsevent.sys
     1/8/2013 11:33 AM
   intaud_WaveExtensible
     \SystemRoot\system32\drivers\intelaud.sys
     Intelr WiDi Solution
     Intel Corporation
     4.5.30.0
     c:\windows\system32\drivers\intelaud.sys
     9/26/2013 1:38 PM
   IntcAzAudAddService
     \SystemRoot\system32\drivers\RTKVHD64.sys
     Realtek® High Definition Audio Function Driver
     Realtek Semiconductor Corp.
     6.0.1.6899
     c:\windows\system32\drivers\rtkvhd64.sys
     5/7/2013 4:10 AM
   IntcDAud
     \SystemRoot\system32\DRIVERS\IntcDAud.sys
     Intel® Display Audio Driver
     Intel® Corporation
     6.16.0.3112
     c:\windows\system32\drivers\intcdaud.sys
     5/22/2013 6:52 AM
   ISCT
     \SystemRoot\System32\drivers\ISCTD64.sys
     Intel® Smart Connect Technology Device Driver
     1.0.8.0
     c:\windows\system32\drivers\isctd64.sys
     11/27/2012 11:52 AM
   iwdbus
     \SystemRoot\System32\drivers\iwdbus.sys
     Intelr WiDi Solution
     Intel Corporation
     4.5.30.0
     c:\windows\system32\drivers\iwdbus.sys
     9/26/2013 1:38 PM
   LSI_SAS
     System32\drivers\lsi_sas.sys
     LSI Fusion-MPT SAS Driver (StorPort)
     LSI Corporation
     1.34.3.82
     c:\windows\system32\drivers\lsi_sas.sys
     3/28/2013 9:42 AM
   LSI_SAS2
     System32\drivers\lsi_sas2.sys
     LSI SAS Gen2 Driver (StorPort)
     LSI Corporation
     2.0.60.82
     c:\windows\system32\drivers\lsi_sas2.sys
     3/28/2013 9:45 AM
   LSI_SAS3
     System32\drivers\lsi_sas3.sys
     LSI SAS Gen3 Driver (StorPort)
     LSI Corporation
     2.50.65.1
     c:\windows\system32\drivers\lsi_sas3.sys
     3/15/2013 3:38 PM
   LSI_SSS
     System32\drivers\lsi_sss.sys
     LSI SSS PCIe/Flash Driver (StorPort)
     LSI Corporation
     2.10.61.81
     c:\windows\system32\drivers\lsi_sss.sys
     3/15/2013 3:39 PM
   MBAMProtector
     \??\C:\WINDOWS\system32\drivers\mbam.sys
     Malwarebytes Anti-Malware
     Malwarebytes Corporation
     1.60.2.0
     c:\windows\system32\drivers\mbam.sys
     2/28/2013 12:33 PM
   megasas
     System32\drivers\megasas.sys
     MEGASAS RAID Controller Driver for Windows
     LSI Corporation
     6.3.9466.0
     c:\windows\system32\drivers\megasas.sys
     7/23/2013 1:08 PM
   megasr
     System32\drivers\megasr.sys
     LSI MegaRAID Software RAID Driver
     LSI Corporation, Inc.
     15.2.2013.129
     c:\windows\system32\drivers\megasr.sys
     6/3/2013 2:02 PM
   MEIx64
     \SystemRoot\system32\DRIVERS\TeeDriverx64.sys
     Intel® Management Engine Interface
     Intel Corporation
     9.5.2.1489
     c:\windows\system32\drivers\teedriverx64.sys
     4/23/2013 9:36 AM
   mvumis
     System32\drivers\mvumis.sys
     Marvell Flash Controller Driver
     Marvell Semiconductor, Inc.
     1.0.5.1015
     c:\windows\system32\drivers\mvumis.sys
     3/20/2013 9:14 AM
   NAVENG
     \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140114.002\ENG64.SYS
     AV Engine
     Symantec Corporation
     20131.1.5.61
     c:\program files (x86)\norton 360\nortondata\21.1.0.18\definitions\virusdefs\20140114.002\eng64.sys
     8/22/2013 12:38 PM
   NAVEX15
     \??\C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140114.002\EX64.SYS
     AV Engine
     Symantec Corporation
     20131.1.5.61
     c:\program files (x86)\norton 360\nortondata\21.1.0.18\definitions\virusdefs\20140114.002\ex64.sys
     8/22/2013 12:36 PM
   NETwNb64
     \SystemRoot\system32\DRIVERS\NETwbw02.sys
     Intelr Wireless WiFi Link Driver
     Intel Corporation
     16.5.3.6
     c:\windows\system32\drivers\netwbw02.sys
     9/18/2013 11:40 PM
   NETwNe64
     \SystemRoot\system32\DRIVERS\Netwew02.sys
     Intelr Wireless WiFi Link Driver
     Intel Corporation
     16.1.5.2
     c:\windows\system32\drivers\netwew02.sys
     8/29/2013 11:20 PM
   nvlddmkm
     \SystemRoot\system32\DRIVERS\nvlddmkm.sys
     NVIDIA Windows Kernel Mode Driver, Version 327.02
     NVIDIA Corporation
     9.18.13.2702
     c:\windows\system32\drivers\nvlddmkm.sys
     8/29/2013 1:39 PM
   nvpciflt
     system32\DRIVERS\nvpciflt.sys
     NVIDIA Windows Kernel Mode Driver, Version 327.02
     NVIDIA Corporation
     9.18.13.2702
     c:\windows\system32\drivers\nvpciflt.sys
     8/29/2013 1:39 PM
   nvraid
     System32\drivers\nvraid.sys
     NVIDIAr nForce RAID Driver
     NVIDIA Corporation
     10.6.0.22
     c:\windows\system32\drivers\nvraid.sys
     9/12/2011 4:01 PM
   nvstor
     System32\drivers\nvstor.sys
     NVIDIAr nForce Sata Performance Driver
     NVIDIA Corporation
     10.6.0.22
     c:\windows\system32\drivers\nvstor.sys
     9/12/2011 3:53 PM
   RTL8168
     \SystemRoot\system32\DRIVERS\Rt630x64.sys
     Realtek 8101E/8168/8169 NDIS 6.30 64-bit Driver                
     Realtek                                            
     8.15.410.2013
     c:\windows\system32\drivers\rt630x64.sys
     4/9/2013 7:07 PM
   RTSPER
     \SystemRoot\system32\DRIVERS\RtsPer.sys
     RTS PCIE READER Driver
     Realsil Semiconductor Corporation
     6.2.9200.21232
     c:\windows\system32\drivers\rtsper.sys
     6/6/2013 12:23 AM
   rtsuvc
     \SystemRoot\system32\DRIVERS\rtsuvc.sys
     Realtek UVC Driver for XP/Vista/Win7/Win8
     Realtek Semiconductor Corp.
     6.2.9200.10234
     c:\windows\system32\drivers\rtsuvc.sys
     5/17/2013 5:45 AM
   secdrv
     secdrv
     Macrovision SECURITY Driver
     Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
     4.3.86.0
     c:\windows\system32\drivers\secdrv.sys
     9/13/2006 5:18 AM
   SiSRaid2
     System32\drivers\SiSRaid2.sys
     SiS RAID Stor Miniport Driver
     Silicon Integrated Systems Corp.
     5.1.1039.2600
     c:\windows\system32\drivers\sisraid2.sys
     9/24/2008 10:28 AM
   SiSRaid4
     System32\drivers\sisraid4.sys
     SiS AHCI Stor-Miniport Driver
     Silicon Integrated Systems
     5.1.1039.3600
     c:\windows\system32\drivers\sisraid4.sys
     10/1/2008 1:56 PM
   SmbDrvI
     \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
     Synaptics SMBus Driver
     Synaptics Incorporated
     16.6.4.19
     c:\windows\system32\drivers\smb_driver_intel.sys
     6/20/2013 11:46 AM
   SRTSP
     \SystemRoot\system32\drivers\N360x64\1501000.012\SRTSP64.SYS
     Symantec AutoProtect
     Symantec Corporation
     14.5.1.8
     c:\windows\system32\drivers\n360x64\1501000.012\srtsp64.sys
     9/25/2013 4:23 PM
   SRTSPX
     \SystemRoot\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS
     Symantec AutoProtect
     Symantec Corporation
     14.5.0.55
     c:\windows\system32\drivers\n360x64\1501000.012\srtspx64.sys
     7/26/2013 6:45 PM
   ssudmdm
     \SystemRoot\system32\DRIVERS\ssudmdm.sys
     @oem79.inf,%ssud.Service.Desc%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
     DEVGURU Co., LTD.(www.devguru.co.kr)
     2.11.5.0
     c:\windows\system32\drivers\ssudmdm.sys
     10/13/2013 10:21 PM
   stexstor
     System32\drivers\stexstor.sys
     Promise SuperTrak EX Series Driver for Windows x64
     Promise Technology, Inc.
     5.1.0.10
     c:\windows\system32\drivers\stexstor.sys
     11/26/2012 4:02 PM
   SymDS
     system32\drivers\N360x64\1501000.012\SYMDS64.SYS
     Symantec Data Store
     Symantec Corporation
     2.3.0.20
     c:\windows\system32\drivers\n360x64\1501000.012\symds64.sys
     7/30/2013 3:29 PM
   SymEFA
     system32\drivers\N360x64\1501000.012\SYMEFA64.SYS
     Symantec Extended File Attributes
     Symantec Corporation
     4.3.1.3
     c:\windows\system32\drivers\n360x64\1501000.012\symefa64.sys
     8/30/2013 8:02 PM
   SymELAM
     system32\drivers\N360x64\1501000.012\SymELAM.sys
     Symantec ELAM
     Symantec Corporation
     1.0.0.111
     c:\windows\system32\drivers\n360x64\1501000.012\symelam.sys
     6/4/2012 5:04 PM
   SymEvent
     \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS
     Symantec Event Library
     Symantec Corporation
     12.9.5.2
     c:\windows\system32\drivers\symevent64x86.sys
     7/26/2013 6:26 PM
   SymIRON
     \SystemRoot\system32\drivers\N360x64\1501000.012\Ironx64.SYS
     Iron Driver
     Symantec Corporation
     4.0.0.51
     c:\windows\system32\drivers\n360x64\1501000.012\ironx64.sys
     7/29/2013 4:59 PM
   SymNetS
     \SystemRoot\system32\drivers\N360x64\1501000.012\SYMNETS.SYS
     Network Security Driver
     Symantec Corporation
     14.0.2.4
     c:\windows\system32\drivers\n360x64\1501000.012\symnets.sys
     9/23/2013 6:41 PM
   SynTP
     \SystemRoot\system32\DRIVERS\SynTP.sys
     Synaptics Touchpad Driver
     Synaptics Incorporated
     16.6.4.19
     c:\windows\system32\drivers\syntp.sys
     6/20/2013 11:45 AM
   usb3Hub
     \SystemRoot\System32\drivers\usb3Hub.sys
     usb3hub.sys
     Windows ® Win 7 DDK provider
     1.0.40.15875
     c:\windows\system32\drivers\usb3hub.sys
     4/12/2013 9:46 PM
   viaide
     System32\drivers\viaide.sys
     VIA Generic PCI IDE Bus Driver
     VIA Technologies, Inc.
     6.0.6000.170
     c:\windows\system32\drivers\viaide.sys
     8/22/2013 3:40 AM
   vsmraid
     System32\drivers\vsmraid.sys
     VIA RAID DRIVER FOR AMD-X86-64
     VIA Technologies Inc.,Ltd
     7.0.9200.6320
     c:\windows\system32\drivers\vsmraid.sys
     1/23/2013 12:35 PM
   VSTXRAID
     System32\drivers\vstxraid.sys
     VIA StorX RAID Controller Driver
     VIA Corporation
     8.0.9200.8110
     c:\windows\system32\drivers\vstxraid.sys
     1/21/2013 11:00 AM
   WPRO_41_2001
     system32\drivers\WPRO_41_2001.sys
     c:\windows\system32\drivers\wpro_41_2001.sys
     11/7/2011 1:04 PM
   wsvd
     \SystemRoot\system32\DRIVERS\wsvd.sys
     CyberLink Virtual Disk Driver
     "CyberLink
     5.7.1.613
     c:\windows\system32\drivers\wsvd.sys
     6/13/2012 1:10 AM
   X5XSEx_Pr148
     \??\C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys
     X5XSEx Kernel Mode Driver
     Exent Technologies Ltd.
     8.0.1.0
     c:\program files (x86)\freeride games\x5xsex_pr148.sys
     8/2/2012 4:51 AM

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
   VfCredProv
     HKCR\CLSID\{d0869df6-64b0-4289-b483-9bff61394420}
     c:\program files (x86)\lenovo\lenovo veriface\vfcredprov.dll
     5/22/2013 3:12 AM

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
   igfxcui
     igfxdev.dll
     igfxdev Module
     Intel Corporation
     8.15.10.3316
     c:\windows\system32\igfxdev.dll
     10/1/2013 9:03 AM

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
   Nitro PDF Port Monitor
     nitrolocalmon2.dll
     Windows NT Nitro Print PDF Interface Driver
     Nitro PDF Software
     7.0.0.1
     c:\windows\system32\nitrolocalmon2.dll
     12/12/2012 2:24 AM

HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries
   mdnsNSP
     C:\Program Files (x86)\Bonjour\mdnsNSP.dll
     Bonjour Namespace Provider
     Apple Inc.
     3.0.0.10
     c:\program files (x86)\bonjour\mdnsnsp.dll
     8/30/2011 9:44 PM

HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64
   mdnsNSP
     C:\Program Files\Bonjour\mdnsNSP.dll
     Bonjour Namespace Provider
     Apple Inc.
     3.0.0.10
     c:\program files\bonjour\mdnsnsp.dll
     8/30/2011 9:53 PM

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
   C:\windows\system32\nvinitx.dll
     NVIDIA shim initialization dll, Version 327.02
     NVIDIA Corporation
     9.18.13.2702
     c:\windows\system32\nvinitx.dll
     8/29/2013 1:32 PM

HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
   _Wow64cpu
     Wow64cpu.dll
     File not found: C:\WINDOWS\syswow64\Wow64cpu.dll
     
   _Wow64win
     Wow64win.dll
     File not found: C:\WINDOWS\syswow64\Wow64win.dll
     
   _Wow64
     Wow64.dll
     File not found: C:\WINDOWS\syswow64\Wow64.dll
    

Link to post
Share on other sites

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   RTHDVCPL
     "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
     Realtek HD Audio Manager
     Realtek Semiconductor
     1.0.0.863
     c:\program files\realtek\audio\hda\ravcpl64.exe
     5/6/2013 11:21 PM
   RtHDVBg_Dolby
     "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
     HD Audio Background Process
     Realtek Semiconductor
     1.0.0.149
     c:\program files\realtek\audio\hda\ravbg64.exe
     4/24/2013 1:01 AM
   IgfxTray
     "C:\WINDOWS\system32\igfxtray.exe"
     igfxTray Module
     Intel Corporation
     8.15.10.3316
     c:\windows\system32\igfxtray.exe
     10/1/2013 9:03 AM
   HotKeysCmds
     "C:\WINDOWS\system32\hkcmd.exe"
     hkcmd Module
     Intel Corporation
     8.15.10.3316
     c:\windows\system32\hkcmd.exe
     10/1/2013 9:04 AM
   Persistence
     "C:\WINDOWS\system32\igfxpers.exe"
     persistence Module
     Intel Corporation
     8.15.10.3316
     c:\windows\system32\igfxpers.exe
     10/1/2013 9:03 AM
   RtsFT
     RTFTrack.exe
     RTFTrack
     Realtek semiconductor
     1.5.3.0
     c:\windows\rtftrack.exe
     4/18/2013 3:24 AM
   BTMTrayAgent
     rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
     Bluetooth Shell Extension
     Motorola Solutions, Inc.
     3.1.1306.346
     c:\program files (x86)\intel\bluetooth\btmshellex.dll
     5/20/2013 11:32 PM
   Energy Manager
     C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
     Lenovo Energy Manager
     Lenovo(beijing) Limited
     1.0.0.27
     c:\program files (x86)\lenovo\energy manager\energy manager.exe
     6/7/2013 9:29 PM
   Lenovo Utility
     C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
     Lenovo Utility
     Lenovo(beijing) Limited
     1.0.0.27
     c:\program files (x86)\lenovo\energy manager\utility.exe
     6/18/2013 9:26 PM
   SynTPEnh
     %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
     Synaptics TouchPad Enhancements
     Synaptics Incorporated
     16.6.4.19
     c:\program files\synaptics\syntp\syntpenh.exe
     6/20/2013 12:08 PM

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
   YouCam Tray
     "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
     CyberLink YouCam Tray
     CyberLink Corp.
     4.1.3214.21149
     c:\program files (x86)\lenovo\youcam\youcamtray.exe
     8/14/2012 4:34 AM
   mcui_exe
     "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
     File not found: C:\Program Files\McAfee.com\Agent\mcagent.exe
     
   Intel AppUp(SM) center
     "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
     Intel Services Manager
     Intel Corporation
     1.14.1.36458
     c:\program files (x86)\intel\intelappstore\bin\ismagent.exe
     5/24/2012 4:46 AM
   Adobe ARM
     "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
     Adobe Reader and Acrobat Manager
     Adobe Systems Incorporated
     1.7.4.0
     c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
     4/4/2013 1:05 PM
   APSDaemon
     "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
     Apple Push
     Apple Inc.
     2.2.9.2
     c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe
     4/16/2013 7:13 PM
   iTunesHelper
     "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
     iTunesHelper
     Apple Inc.
     11.1.3.8
     c:\program files (x86)\itunes\ituneshelper.exe
     11/1/2013 10:56 PM

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
   iSCTsysTray.lnk
     C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
     ISCT SysTray
     Intel Corporation
     4.1.42.2308
     c:\program files\intel\intel® smart connect technology agent\isctsystray8.exe
     5/30/2013 3:44 PM

HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
   Themes Setup
     /UserInstall
     File not found: /UserInstall
     
   Windows Desktop Update
     U
     File not found: U
     

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
   Akamai NetSession Interface
     "C:\Users\Rebecca\AppData\Local\Akamai\netsession_win.exe"
     Akamai NetSession Client
     Akamai Technologies, Inc.
     1.8.9.2
     c:\users\rebecca\appdata\local\akamai\netsession_win.exe
     6/4/2013 4:47 PM

Task Scheduler
   \Adobe Flash Player Updater
     "C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe"
     Adober Flashr Player Update Service 11.9 r900
     Adobe Systems Incorporated
     11.9.900.170
     c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
     12/1/2013 10:09 AM
   \Dolby Selector
     "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
     Dolby Profile Selector
     Dolby Laboratories Inc.
     7.2.8000.17
     c:\program files (x86)\dolby home theater v4\pcee4.exe
     8/31/2012 6:19 PM
   \GoogleUpdateTaskMachineCore
     "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
     Google Installer
     Google Inc.
     1.3.21.103
     c:\program files (x86)\google\update\googleupdate.exe
     2/15/2012 6:43 PM
   \GoogleUpdateTaskMachineUA
     "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler
     Google Installer
     Google Inc.
     1.3.21.103
     c:\program files (x86)\google\update\googleupdate.exe
     2/15/2012 6:43 PM
   \ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2
     "C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe" --domain-id e57b59e7-5862-4250-9ce0-76fb411dc0d2 --caller scheduler-impersonate
     Intel® Update Manager Launcher
     Intel Corporation
     1.6.0.416
     c:\program files (x86)\intel\intel® update manager\bin\bootstrap.exe
     2/27/2013 4:26 AM
   \ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon
     "C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe" --domain-id e57b59e7-5862-4250-9ce0-76fb411dc0d2 --caller winlogon-impersonate
     Intel® Update Manager Launcher
     Intel Corporation
     1.6.0.416
     c:\program files (x86)\intel\intel® update manager\bin\bootstrap.exe
     2/27/2013 4:26 AM
   \Lenovo Motion Control
     "CallApp.vbs"
     File not found: CallApp.vbs
     
   \Norton WSC Integration
     "C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\WSCStub.exe" /taskschd
     WSCStub
     Symantec Corporation
     21.1.0.18
     c:\program files (x86)\norton 360\engine\21.1.0.18\wscstub.exe
     10/8/2013 12:02 AM
   \Synaptics TouchPad Enhancements
     "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
     Synaptics TouchPad Enhancements
     Synaptics Incorporated
     16.6.4.19
     c:\program files\synaptics\syntp\syntpenh.exe
     6/20/2013 12:08 PM
   \Lenovo\Experience Improvement
     "C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe"
     Lenovo Experience Improvement
     Lenovo
     1.0.4.0
     c:\program files\lenovo\experienceimprovement\lenovoexperienceimprovement.exe
     6/3/2013 9:09 AM
   \Microsoft\Windows\NetTrace\GatherNetworkInfo
     "%windir%\system32\gatherNetworkInfo.vbs"
     c:\windows\system32\gathernetworkinfo.vbs
     7/18/2013 7:53 AM
   \Norton 360\Norton Error Analyzer
     "C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\SymErr.exe" /analyze
     Symantec Error Reporting
     Symantec Corporation
     5.0.0.20
     c:\program files (x86)\norton 360\engine\21.1.0.18\symerr.exe
     8/1/2013 1:01 PM
   \Norton 360\Norton Error Processor
     "C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\SymErr.exe" /submit
     Symantec Error Reporting
     Symantec Corporation
     5.0.0.20
     c:\program files (x86)\norton 360\engine\21.1.0.18\symerr.exe
     8/1/2013 1:01 PM

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
   Norton Identity Protection
     HKCR\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
     coIEPlugIn
     Symantec Corporation
     2014.6.0.27
     c:\program files (x86)\norton 360\engine\21.1.0.18\coieplg.dll
     10/5/2013 7:21 PM
   Norton Vulnerability Protection
     HKCR\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}
     IPS Browser Helper DLL
     Symantec Corporation
     12.0.1.3
     c:\program files (x86)\norton 360\engine\21.1.0.18\ips\ipsbho.dll
     9/12/2013 11:06 PM

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
   Norton Identity Protection
     HKCR\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
     coIEPlugIn
     Symantec Corporation
     2014.6.0.27
     c:\program files (x86)\norton 360\engine\21.1.0.18\coieplg.dll
     10/5/2013 7:21 PM
   Norton Vulnerability Protection
     HKCR\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}
     IPS Browser Helper DLL
     Symantec Corporation
     12.0.1.3
     c:\program files (x86)\norton 360\engine\21.1.0.18\ips\ipsbho.dll
     9/12/2013 11:06 PM

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers
   BUContextMenu
     HKCR\CLSID\{F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB}
     Backup Shell
     Symantec Corporation
     8.1.0.7
     c:\program files (x86)\norton 360\engine64\21.1.0.18\bushell.dll
     10/3/2013 6:57 PM
   NP8ShellExtension
     HKCR\CLSID\{9C4B85B8-956C-49BF-9BA5-101384E562B2}
     Nitro Pro ShellExtension
     Nitro PDF
     8.0.10.7
     c:\program files\common files\nitro\pro\8.0\npshellextension64.dll
     12/12/2012 2:09 AM
   SugarSync
     HKCR\CLSID\{305BC11B-5175-492B-B569-866547FCDA40}
     SugarSync Explorer Shell Extensions
     SugarSync, Inc.
     1.0.0.1
     c:\program files (x86)\sugarsync\sugarsyncshellext_x64.dll
     5/14/2012 9:39 AM
   Symantec.Norton.Antivirus.IEContextMenu
     HKCR\CLSID\{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}
     Norton Internet Security Shell Extension Module
     Symantec Corporation
     21.1.0.18
     c:\program files (x86)\norton 360\engine64\21.1.0.18\navshext.dll
     10/8/2013 12:34 AM

HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers
   Symantec.Norton.Antivirus.IEContextMenu
     HKCR\CLSID\{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}
     Norton Internet Security Shell Extension Module
     Symantec Corporation
     21.1.0.18
     c:\program files (x86)\norton 360\engine64\21.1.0.18\navshext.dll
     10/8/2013 12:34 AM

HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers
   BuPropertySheet
     HKCR\CLSID\{B59987EA-25FE-44B4-8802-E4DE67073D8C}
     Backup Shell
     Symantec Corporation
     8.1.0.7
     c:\program files (x86)\norton 360\engine64\21.1.0.18\bushell.dll
     10/3/2013 6:57 PM

HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
   MBAMShlExt
     HKCR\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
     Malwarebytes Anti-Malware
     Malwarebytes Corporation
     1.70.0.0
     c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll
     2/28/2013 12:39 PM

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
   igfxcui
     HKCR\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}
     igfxpph Module
     Intel Corporation
     8.15.10.3316
     c:\windows\system32\igfxpph.dll
     10/1/2013 9:04 AM
   NvCplDesktopContext
     HKCR\CLSID\{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}
     NVIDIA Display Shell Extension
     NVIDIA Corporation
     1.2.0.1
     c:\windows\system32\nvshext.dll
     8/29/2013 2:26 PM

HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers
   PDF Shell Extension
     HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}
     PDF Shell Extension
     Adobe Systems, Inc.
     11.0.3.37
     c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll
     5/11/2013 1:34 AM

HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers
   BUContextMenu
     HKCR\CLSID\{F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB}
     Backup Shell
     Symantec Corporation
     8.1.0.7
     c:\program files (x86)\norton 360\engine64\21.1.0.18\bushell.dll
     10/3/2013 6:57 PM
   MBAMShlExt
     HKCR\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
     Malwarebytes Anti-Malware
     Malwarebytes Corporation
     1.70.0.0
     c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll
     2/28/2013 12:39 PM
   SugarSync
     HKCR\CLSID\{305BC11B-5175-492B-B569-866547FCDA40}
     SugarSync Explorer Shell Extensions
     SugarSync, Inc.
     1.0.0.1
     c:\program files (x86)\sugarsync\sugarsyncshellext_x64.dll
     5/14/2012 9:39 AM
   Symantec.Norton.Antivirus.IEContextMenu
     HKCR\CLSID\{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}
     Norton Internet Security Shell Extension Module
     Symantec Corporation
     21.1.0.18
     c:\program files (x86)\norton 360\engine64\21.1.0.18\navshext.dll
     10/8/2013 12:34 AM

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
   OverlayExcluded
     HKCR\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}
     Backup Shell
     Symantec Corporation
     8.1.0.7
     c:\program files (x86)\norton 360\engine64\21.1.0.18\bushell.dll
     10/3/2013 6:57 PM
   OverlayPending
     HKCR\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}
     Backup Shell
     Symantec Corporation
     8.1.0.7
     c:\program files (x86)\norton 360\engine64\21.1.0.18\bushell.dll
     10/3/2013 6:57 PM
   OverlayProtected
     HKCR\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}
     Backup Shell
     Symantec Corporation
     8.1.0.7
     c:\program files (x86)\norton 360\engine64\21.1.0.18\bushell.dll
     10/3/2013 6:57 PM
   SugarSyncBackedUp
     HKCR\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}
     SugarSync Explorer Shell Extensions
     SugarSync, Inc.
     1.0.0.1
     c:\program files (x86)\sugarsync\sugarsyncshellext_x64.dll
     5/14/2012 9:39 AM
   SugarSyncPending
     HKCR\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}
     SugarSync Explorer Shell Extensions
     SugarSync, Inc.
     1.0.0.1
     c:\program files (x86)\sugarsync\sugarsyncshellext_x64.dll
     5/14/2012 9:39 AM
   SugarSyncRoot
     HKCR\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}
     SugarSync Explorer Shell Extensions
     SugarSync, Inc.
     1.0.0.1
     c:\program files (x86)\sugarsync\sugarsyncshellext_x64.dll
     5/14/2012 9:39 AM
   SugarSyncShared
     HKCR\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}
     SugarSync Explorer Shell Extensions
     SugarSync, Inc.
     1.0.0.1
     c:\program files (x86)\sugarsync\sugarsyncshellext_x64.dll
     5/14/2012 9:39 AM

HKLM\Software\Microsoft\Internet Explorer\Toolbar
   Norton Toolbar
     HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
     coIEPlugIn
     Symantec Corporation
     2014.6.0.27
     c:\program files (x86)\norton 360\engine64\21.1.0.18\coieplg.dll
     10/5/2013 7:17 PM

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar
   Norton Toolbar
     HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
     coIEPlugIn
     Symantec Corporation
     2014.6.0.27
     c:\program files (x86)\norton 360\engine\21.1.0.18\coieplg.dll
     10/5/2013 7:21 PM

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32
   msacm.l3acm
     C:\Windows\System32\l3codeca.acm
     MPEG Layer-3 Audio Codec for MSACM
     Fraunhofer Institut Integrierte Schaltungen IIS
     1.9.0.401
     c:\windows\system32\l3codeca.acm
     8/22/2013 3:32 AM

HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32
   msacm.l3acm
     C:\Windows\SysWOW64\l3codeca.acm
     MPEG Layer-3 Audio Codec for MSACM
     Fraunhofer Institut Integrierte Schaltungen IIS
     1.9.0.401
     c:\windows\syswow64\l3codeca.acm
     8/21/2013 8:03 PM
   vidc.cvid
     iccvid.dll
     Cinepakr Codec
     Radius Inc.
     1.10.0.12
     c:\windows\syswow64\iccvid.dll
     8/21/2013 8:03 PM

 

HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance
   WD Secure Source Filter
     HKCR\CLSID\{017D800B-03E0-437C-8DBB-D323B7742201}
     Intelr WiDi Secure Video Source Filter.
     Intel Corporation
     4.1.17.0
     c:\program files\intel corporation\intel widi\wdsecuresourcefilter.dll
     4/16/2013 5:04 PM
   DS Video Buffer Filter
     HKCR\CLSID\{235AC8DB-C868-4DB4-ADF8-AF7DFA7A7917}
     WiDiAgent.dll COM object.
     Intel Corporation
     4.1.17.0
     c:\program files\intel corporation\intel widi\dsbuffer_video.ax
     4/16/2013 5:05 PM
   Intelr AAC encoder
     HKCR\CLSID\{7B6B74F8-7F23-4EFD-8E6B-3355047ECA6E}
     c:\program files\intel corporation\intel widi\intelaac.dll
     4/16/2013 5:04 PM
   Intelr Mux Renderer
     HKCR\CLSID\{90AFC55A-B693-4425-8B8E-758518C9922B}
     Intel® TS Mux / Network Renderer
     Intel Corporation
     4.1.17.0
     c:\program files\intel corporation\intel widi\intelmux.dll
     4/16/2013 5:04 PM
   WD Audio Filter
     HKCR\CLSID\{D1802B27-3F23-4E2E-8D82-D7B503D478F7}
     WiDi Audio Source Filter.
     Intel Corporation
     4.1.17.0
     c:\program files\intel corporation\intel widi\wdaudiofilter.dll
     4/16/2013 5:05 PM
   WDSource Filter
     HKCR\CLSID\{E61493B8-581A-4F7F-A8B2-8ECE783DE44B}
     WiDi Video Source Filter.
     Intel Corporation
     4.1.17.0
     c:\program files\intel corporation\intel widi\wdsourcefilter.dll
     4/16/2013 5:05 PM
   WD Silence Filter
     HKCR\CLSID\{EA44F73E-1D2F-42ED-BA88-D0F95078725E}
     c:\program files\intel corporation\intel widi\wdsilencefilter.dll
     4/16/2013 5:03 PM
   IntelrWiDi H264 encoder
     HKCR\CLSID\{FB852B8D-3BAC-4413-AE8B-E7FF8F3FCA41}
     c:\program files\intel corporation\intel widi\h264hwenc.dll
     4/16/2013 5:03 PM

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Rebecca\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Rebecca\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Rebecca\AppData\Local\Mozilla\Firefox\Profiles\6sf5b1jt.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=106 folders=44 88925371 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Rebecca\AppData\Local\Temp  will be emptied at reboot
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Rebecca\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Tue 01/14/2014 at 17:05:36.53 ======================

Link to post
Share on other sites

Does the issue still occur after Zoek was run, if so do the following..

 

Close all browsers, select start, into the search box type firefox -safemode  Firefox will now run with all addons etc disabled, does the add problem still happen.

 

Safemode is not available for Chrome, this browser has to be run "incognito" instructions here: https://support.google.com/chrome/answer/95464?hl=en-GB Does the ad issue still happen incognito....

Link to post
Share on other sites

Do you mean to run the browsers in safemode? do the ads cease in that mode? If that is the case maybe better to reset FireFox and Chrome to default settings...

 

Instructions for that action follow...

 

Firefox - https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-most-problems

 

Chrome - https://support.google.com/chrome/answer/3296214?hl=en

 

Let me know if the ads cease or conctinue..

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.