Jump to content

Recommended Posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01

Ran by Nava Fader (administrator) on NAVAFADER-THINK on 20-02-2015 10:35:38

Running from C:\Users\Nava Fader\Downloads

Loaded Profiles: Nava Fader (Available profiles: Nava Fader)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser not detected!)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(USTechSupport) C:\Program Files\Early Detection Center 4.0\Early Detection Center 4.0\vsserv.exe

(AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe

(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe

(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware2\mbamscheduler.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware2\mbamservice.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware2\mbam.exe

(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe

(USTechSupport) C:\Program Files\Early Detection Center 4.0\Early Detection Center 4.0\updatesrv.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe

(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe

(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe

() C:\Users\Nava Fader\AppData\Local\Amazon Music\Amazon Music Helper.exe

(Amazon Digital Services, LLC.) C:\Users\Nava Fader\AppData\Local\Apps\2.0\MRPPNAKN.9BN\HW0CW03L.V6T\amaz..tion_f2fa081ea2183235_0002.0004_3a745590ee7bc2f9\AmazonCloudDrive.exe

(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Sun Microsystems, Inc.) C:\Users\Nava Fader\AppData\Local\Apps\2.0\MRPPNAKN.9BN\HW0CW03L.V6T\amaz..tion_f2fa081ea2183235_0002.0004_3a745590ee7bc2f9\LocalServiceJre\bin\AmazonCloudDriveW.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe

(USTechSupport) C:\Program Files\Early Detection Center 4.0\Early Detection Center 4.0\bdagent.exe

() C:\Program Files (x86)\Google\Update\Install\{C9941CFB-0A95-43E3-94C4-465F9A682BAD}\40.0.2214.115_40.0.2214.111_chrome_updater.exe

(Google Inc.) C:\Windows\Temp\CR_4ED60.tmp\setup.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\nacl64.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\nacl64.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)

HKLM-x32\...\Run: [iMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133400 2012-03-06] (Intel Corporation)

HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [1091376 2012-01-17] (Lenovo)

HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)

HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-04-14] (Intel Corporation)

Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-584824992-1758515214-1796455018-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)

HKU\S-1-5-21-584824992-1758515214-1796455018-1000\...\Run: [Amazon Music] => C:\Users\Nava Fader\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()

HKU\S-1-5-21-584824992-1758515214-1796455018-1000\...\RunOnce: [uninstall C:\Users\Nava Fader\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nava Fader\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64"

HKU\S-1-5-21-584824992-1758515214-1796455018-1000\...\MountPoints2: E - E:\LaunchU3.exe -a

HKU\S-1-5-21-584824992-1758515214-1796455018-1000\...\MountPoints2: {084eb60c-708e-11e4-b1a1-08edb9e2a2ae} - E:\iStudio.exe

HKU\S-1-5-21-584824992-1758515214-1796455018-1000\...\MountPoints2: {62a180c6-c72e-11e1-ba81-806e6f6e6963} - Q:\LenovoQDrive.exe

HKU\S-1-5-21-584824992-1758515214-1796455018-1000\...\MountPoints2: {877485df-204c-11e2-be3a-08edb9e2a2ae} - E:\LaunchU3.exe -a

Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll ACGina

Startup: C:\Users\Nava Fader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.appref-ms ()

ShellIconOverlayIdentifiers: [sugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => No File

ShellIconOverlayIdentifiers: [sugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => No File

ShellIconOverlayIdentifiers: [sugarSyncRoot] -> {39D54CC2-69CF-43b4-B167-577D25E7F496} => No File

ShellIconOverlayIdentifiers: [sugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => No File

ShellIconOverlayIdentifiers: [sugarSyncSharedPending] -> {F7395C2E-A5D8-4a32-9536-5C6A9F1DC450} => No File

BootExecute: autocheck autochk * 굔┽f錀畍瑬卩牴湩彧潂瑯硅捥瑵䭥祥1qZPr9격┽f蠀autocheck autochk * 겪┽f言굔┽f錀畍瑬卩牴湩彧潂瑯硅捥瑵䭥祥1t겯┽f退瀐ʭ

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =

HKU\S-1-5-21-584824992-1758515214-1796455018-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://facebook.com

BHO: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL (AuthenTec Inc.)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - TrueSuite Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL (AuthenTec Inc.)

Toolbar: HKLM-x32 - TrueSuite Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll (AuthenTec, Inc)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-584824992-1758515214-1796455018-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nava Fader\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client

FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2012-07-06]

FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client

Chrome:

=======

CHR HomePage: Default ->

CHR StartupUrls: Default -> "https://www.facebook.com/"

CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}

CHR Profile: C:\Users\Nava Fader\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Docs) - C:\Users\Nava Fader\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-29]

CHR Extension: (Google Drive) - C:\Users\Nava Fader\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-29]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nava Fader\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-21]

CHR Extension: (YouTube) - C:\Users\Nava Fader\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-29]

CHR Extension: (Google Search) - C:\Users\Nava Fader\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-29]

CHR Extension: (Caroline Gardner) - C:\Users\Nava Fader\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlajhhigpcohfpjjmnbifacfbdoponci [2014-09-20]

CHR Extension: (Google Wallet) - C:\Users\Nava Fader\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-18]

CHR Extension: (Gmail) - C:\Users\Nava Fader\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-29]

CHR HKLM-x32\...\Chrome\Extension: [clglhglbidpdbjffpfcldkifhdegdfle] - C:\Program Files\Lenovo Fingerprint Reader\x86\tschrome.crx [2013-04-01]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8447848 2011-11-09] (DisplayLink Corp.)

R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [169776 2012-01-17] (Lenovo)

R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139944 2013-08-07] (AuthenTec, Inc)

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-06] ()

S4 Intel® Small Business Advantage; C:\Program Files (x86)\Intel\Intel® Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [49376 2012-02-27] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation)

S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-12-05] (Lenovo)

R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [199160 2013-07-17] (Lenovo Group Limited)

R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)

S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware2\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware2\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)

R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401704 2013-07-22] (AuthenTec, Inc.)

S4 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]

R2 UPDATESRV; C:\Program Files\Early Detection Center 4.0\Early Detection Center 4.0\updatesrv.exe [66008 2012-12-26] (USTechSupport)

R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-10] (Symantec Corporation)

R2 VSSERV; C:\Program Files\Early Detection Center 4.0\Early Detection Center 4.0\vsserv.exe [1644816 2012-11-20] (USTechSupport)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [705552 2012-10-10] (BitDefender)

S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [587024 2012-10-10] (BitDefender)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-02] (AVG Technologies)

S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [165688 2012-09-25] (Broadcom Corporation.)

R1 bdfwfpf; C:\Program Files\Common Files\Early Detection Center 4.0\Early Detection Center 4.0 Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)

S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82384 2012-09-21] (BitDefender SRL)

R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)

R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)

S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-10-23] (Symantec Corporation)

S3 EraserUtilDrv11220; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys [138912 2012-10-23] (Symantec Corporation)

S3 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70416 2012-01-17] (Windows ® Win 7 DDK provider)

R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [145696 2012-08-29] (BitDefender LLC)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-20] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)

R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-26] (Realtek Semiconductor Corp.)

R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2013-04-26] (Synaptics Incorporated)

S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2013-04-30] (support.com, Inc)

S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-05-11] ()

R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)

R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)

U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]

S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-20 10:35 - 2015-02-20 10:36 - 00024290 _____ () C:\Users\Nava Fader\Downloads\FRST.txt

2015-02-20 10:34 - 2015-02-20 10:35 - 00000000 ____D () C:\FRST

2015-02-20 10:34 - 2015-02-20 10:34 - 02086912 _____ (Farbar) C:\Users\Nava Fader\Downloads\FRST64.exe

2015-02-20 10:25 - 2015-02-20 10:25 - 00284680 _____ () C:\Windows\Minidump\022015-22666-01.dmp

2015-02-20 10:20 - 2015-02-20 10:20 - 00000000 ____D () C:\ProgramData\LHService

2015-02-19 19:29 - 2015-02-19 19:29 - 00000000 ____D () C:\ProgramData\LockHunter

2015-02-19 19:28 - 2015-02-19 19:28 - 00000000 ____D () C:\Users\Nava Fader\AppData\Roaming\LockHunter

2015-02-19 19:28 - 2015-02-19 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LockHunter

2015-02-19 19:28 - 2015-02-19 19:28 - 00000000 ____D () C:\Program Files\LockHunter

2015-02-19 19:27 - 2015-02-19 19:27 - 03029032 _____ (Crystal Rich Ltd ) C:\Users\Nava Fader\Downloads\lockhuntersetup_3-1-1.exe

2015-02-19 19:15 - 2015-02-19 19:15 - 00000000 ____D () C:\Users\Nava Fader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker

2015-02-19 19:15 - 2015-02-19 19:15 - 00000000 ____D () C:\Program Files (x86)\Unlocker

2015-02-19 19:11 - 2015-02-19 19:11 - 24489269 _____ () C:\Users\Nava Fader\Downloads\setup_free.exe

2015-02-19 19:09 - 2015-02-19 19:10 - 00792480 _____ (Dnldstr_Aggregator) C:\Users\Nava Fader\Downloads\Free_Download_Setup.exe

2015-02-19 17:10 - 2015-02-19 17:11 - 16905496 _____ (Lenovo ) C:\Users\Nava Fader\Downloads\systemupdate3.16-2013-7-10.exe

2015-02-16 16:01 - 2015-02-16 16:01 - 12575504 _____ ( ) C:\Users\Nava Fader\Downloads\systemupdate506-01-15-2015.exe

2015-02-16 15:59 - 2015-02-16 15:59 - 50449456 _____ (Microsoft Corporation) C:\Users\Nava Fader\Downloads\dotNetFx40_Full_x86_x64.exe

2015-02-16 13:44 - 2015-02-16 13:44 - 00001230 _____ () C:\Users\Nava Fader\Desktop\Amazon Music.lnk

2015-02-16 13:42 - 2015-02-16 13:43 - 39565896 _____ (Amazon) C:\Users\Nava Fader\Downloads\AmazonMusicInstaller.exe

2015-02-13 15:47 - 2015-02-13 15:47 - 00316819 _____ () C:\Users\Nava Fader\Desktop\statewide register page 2.jpeg

2015-02-13 15:46 - 2015-02-13 15:46 - 00575859 _____ () C:\Users\Nava Fader\Desktop\statewide register page 1.jpeg

2015-02-13 15:45 - 2015-02-13 15:45 - 00583396 _____ () C:\Users\Nava Fader\Desktop\instructions for state wide register.jpeg

2015-02-13 15:43 - 2015-02-13 15:43 - 00363955 _____ () C:\Users\Nava Fader\Desktop\police check.jpeg

2015-02-12 06:33 - 2015-01-22 23:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-02-12 06:33 - 2015-01-22 23:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-02-12 06:33 - 2015-01-22 22:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-02-12 06:33 - 2015-01-22 22:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-02-11 18:53 - 2015-01-14 00:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-02-11 18:53 - 2015-01-14 00:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-02-11 18:53 - 2015-01-11 22:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-02-11 18:53 - 2015-01-11 22:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-02-11 18:53 - 2015-01-11 21:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-02-11 18:53 - 2015-01-11 21:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-02-11 18:53 - 2015-01-11 21:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-02-11 18:53 - 2015-01-11 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-02-11 18:53 - 2015-01-11 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-02-11 18:53 - 2015-01-11 21:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-02-11 18:53 - 2015-01-11 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-02-11 18:53 - 2015-01-11 21:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2015-02-11 18:53 - 2015-01-11 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-02-11 18:53 - 2015-01-11 21:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-02-11 18:53 - 2015-01-11 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2015-02-11 18:53 - 2015-01-11 21:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2015-02-11 18:53 - 2015-01-11 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-02-11 18:53 - 2015-01-11 21:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-02-11 18:53 - 2015-01-11 21:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-02-11 18:53 - 2015-01-11 21:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2015-02-11 18:53 - 2015-01-11 20:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2015-02-11 18:53 - 2015-01-11 20:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-02-11 18:53 - 2015-01-11 20:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2015-02-11 18:53 - 2015-01-11 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-02-11 18:53 - 2015-01-11 20:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-02-11 18:53 - 2015-01-11 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-02-11 18:53 - 2015-01-11 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-02-11 18:53 - 2015-01-11 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-02-11 18:53 - 2015-01-11 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-02-11 18:53 - 2015-01-11 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-02-11 18:53 - 2015-01-11 20:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-02-11 18:53 - 2015-01-11 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-02-11 18:53 - 2015-01-11 20:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2015-02-11 18:53 - 2015-01-11 20:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-02-11 18:53 - 2015-01-11 20:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-02-11 18:53 - 2015-01-11 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-02-11 18:53 - 2015-01-11 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-02-11 18:53 - 2015-01-11 19:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-02-11 18:52 - 2015-01-12 22:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2015-02-11 18:52 - 2015-01-12 21:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2015-02-11 18:52 - 2015-01-11 22:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-02-11 18:52 - 2015-01-11 21:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-02-11 18:52 - 2015-01-11 21:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-02-11 18:52 - 2015-01-11 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-02-11 18:52 - 2015-01-11 21:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-02-11 18:52 - 2015-01-11 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-02-11 18:52 - 2015-01-11 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-02-11 18:52 - 2015-01-11 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-02-11 18:52 - 2015-01-11 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-02-11 18:52 - 2015-01-11 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-02-11 18:52 - 2015-01-11 20:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-02-11 18:52 - 2015-01-11 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2015-02-11 18:52 - 2015-01-11 20:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-02-11 18:52 - 2015-01-11 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-02-11 18:52 - 2015-01-10 01:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-02-11 18:52 - 2015-01-10 01:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-02-11 18:52 - 2015-01-10 01:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-02-11 18:52 - 2015-01-10 01:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-02-11 18:52 - 2015-01-10 01:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-02-11 18:52 - 2015-01-10 01:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-02-11 18:52 - 2015-01-10 01:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-02-11 18:52 - 2015-01-10 01:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2015-02-11 18:52 - 2015-01-10 01:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2015-02-11 18:52 - 2015-01-10 01:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2015-02-11 18:52 - 2015-01-10 01:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2015-02-11 18:52 - 2015-01-10 01:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2015-02-11 18:52 - 2015-01-10 01:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2015-02-11 18:52 - 2015-01-10 01:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2015-02-11 18:51 - 2015-01-15 03:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-02-11 18:51 - 2015-01-15 03:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-02-11 18:51 - 2015-01-15 03:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-02-11 18:51 - 2015-01-15 03:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-02-11 18:51 - 2015-01-15 03:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-02-11 18:51 - 2015-01-15 03:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-02-11 18:51 - 2015-01-15 03:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-02-11 18:51 - 2015-01-15 03:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-02-11 18:51 - 2015-01-15 03:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-02-11 18:51 - 2015-01-15 03:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-02-11 18:51 - 2015-01-15 03:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-02-11 18:51 - 2015-01-15 02:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2015-02-11 18:51 - 2015-01-15 02:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2015-02-11 18:51 - 2015-01-15 02:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2015-02-11 18:51 - 2015-01-15 02:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2015-02-11 18:51 - 2015-01-15 02:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2015-02-11 18:51 - 2015-01-15 02:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2015-02-11 18:51 - 2015-01-14 23:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2015-02-11 18:50 - 2015-01-14 01:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-02-11 18:50 - 2015-01-14 01:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-02-11 18:50 - 2015-01-14 01:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-02-11 18:50 - 2015-01-14 01:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-02-11 18:50 - 2015-01-14 00:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2015-02-11 18:50 - 2015-01-14 00:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2015-02-11 18:50 - 2015-01-14 00:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2015-02-11 18:45 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll

2015-02-11 18:45 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll

2015-02-11 18:44 - 2015-01-08 21:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-02-09 21:45 - 2015-02-09 21:45 - 24280004 _____ () C:\Users\Nava Fader\Downloads\withoutpiano (1).wav

2015-02-09 20:31 - 2015-02-09 20:32 - 24280004 _____ () C:\Users\Nava Fader\Desktop\withoutpiano.wav

2015-02-09 19:48 - 2015-02-09 19:49 - 24280004 _____ () C:\Users\Nava Fader\Downloads\isaac's alergie song.wav

2015-02-08 17:22 - 2015-02-16 12:31 - 00000000 ____D () C:\Users\Nava Fader\Desktop\best movie pics

2015-02-08 10:51 - 2015-02-16 12:19 - 00000000 ____D () C:\Users\Nava Fader\Desktop\movie pics

2015-02-08 09:36 - 2015-02-08 09:36 - 00003012 _____ () C:\Windows\System32\Tasks\{427651B1-3DC4-48C5-BA50-65DBCF696823}

2015-02-07 17:35 - 2015-02-19 18:58 - 00000000 ____D () C:\Users\Nava Fader\Documents\toth j

2015-02-05 00:23 - 2015-02-05 00:24 - 00000000 ____D () C:\Program Files (x86)\GUMEFBF.tmp

2015-01-26 07:00 - 2015-01-26 07:00 - 00004704 _____ () C:\Users\Nava Fader\Downloads\17 library schedule.xlsx

2015-01-24 11:39 - 2015-01-24 11:39 - 00005508 _____ () C:\Users\Nava Fader\Downloads\Outcasts9781101538340.odm

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-20 10:36 - 2012-07-06 00:55 - 01780814 _____ () C:\Windows\WindowsUpdate.log

2015-02-20 10:35 - 2009-07-13 23:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-02-20 10:35 - 2009-07-13 23:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-02-20 10:28 - 2013-12-11 18:32 - 00000000 ____D () C:\Users\Nava Fader\AppData\Local\Deployment

2015-02-20 10:28 - 2012-07-06 01:16 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-02-20 10:27 - 2014-11-04 12:17 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-02-20 10:27 - 2012-07-06 01:16 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-02-20 10:26 - 2014-02-27 18:53 - 00130536 _____ () C:\Windows\setupact.log

2015-02-20 10:26 - 2012-11-19 20:47 - 00000424 _____ () C:\Windows\Tasks\USTechSupport Update Notifier Logon.job

2015-02-20 10:26 - 2012-07-06 00:57 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job

2015-02-20 10:26 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-02-20 10:25 - 2014-03-12 16:15 - 586256068 _____ () C:\Windows\MEMORY.DMP

2015-02-20 10:25 - 2013-09-13 15:55 - 00000000 ____D () C:\Windows\Minidump

2015-02-20 10:21 - 2014-03-23 09:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-02-19 19:09 - 2012-07-06 00:57 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job

2015-02-19 16:39 - 2012-07-06 01:25 - 00000000 ____D () C:\Windows\System32\Tasks\TVT

2015-02-19 16:39 - 2012-07-06 01:06 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools

2015-02-19 16:39 - 2012-07-06 01:02 - 00000000 ____D () C:\Program Files (x86)\Lenovo

2015-02-18 15:59 - 2012-12-26 15:31 - 00000000 ____D () C:\Users\Nava Fader\AppData\Roaming\Skype

2015-02-16 16:06 - 2014-09-12 18:02 - 00083968 ___SH () C:\Users\Nava Fader\Documents\Thumbs.db

2015-02-16 15:31 - 2012-10-27 11:46 - 00000000 ____D () C:\Users\Nava Fader\Documents\Subs sent as attachments

2015-02-16 11:11 - 2014-01-30 21:04 - 00429568 _____ () C:\Users\Nava Fader\Documents\submissions current.xls

2015-02-15 16:21 - 2014-06-30 20:32 - 00000020 ____H () C:\ProgramData\PKP_DLdw.DAT

2015-02-15 16:19 - 2014-06-30 20:30 - 00000020 ____H () C:\ProgramData\PKP_DLdu.DAT

2015-02-14 16:57 - 2013-01-22 16:57 - 00000464 _____ () C:\Windows\Tasks\USTSPCO-USTSPCOOneClickCare.job

2015-02-13 15:47 - 2014-08-28 11:52 - 00280576 ___SH () C:\Users\Nava Fader\Desktop\Thumbs.db

2015-02-13 04:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache

2015-02-12 03:26 - 2009-07-13 23:45 - 00446232 _____ () C:\Windows\system32\FNTCACHE.DAT

2015-02-11 15:25 - 2013-07-14 02:00 - 00000000 ____D () C:\Windows\system32\MRT

2015-02-11 15:18 - 2013-01-22 17:07 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-02-09 19:54 - 2009-07-14 00:13 - 00783424 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-02-09 16:24 - 2014-11-21 20:05 - 00000000 ____D () C:\Users\Nava Fader\AppData\Local\Game Dev Tycoon

2015-02-08 11:34 - 2012-10-27 10:33 - 00000000 ____D () C:\Users\Nava Fader\AppData\Local\Windows Live

2015-02-08 09:27 - 2015-01-07 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo

2015-02-08 04:53 - 2012-07-05 08:37 - 00000000 ____D () C:\ProgramData\Lenovo

2015-02-05 00:23 - 2012-07-06 01:16 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-02-05 00:23 - 2012-07-06 01:16 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-01-26 19:25 - 2012-12-02 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2015-01-26 07:01 - 2012-10-25 18:57 - 00000000 ____D () C:\Users\Nava Fader\AppData\Roaming\SoftGrid Client

2015-01-24 09:45 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2015-01-14 16:33 - 2015-01-14 16:37 - 879969098 _____ () C:\Users\Nava Fader\AppData\Roaming\.minecraft.zip

2014-07-22 18:52 - 2014-07-22 18:52 - 0000000 ___RH () C:\Users\Nava Fader\AppData\Roaming\882413ee40a5086459c42e3f95cea1a32

2012-10-21 13:26 - 2012-10-27 16:38 - 0008923 _____ () C:\Users\Nava Fader\AppData\Roaming\AbsoluteReminder.xml

2014-06-30 20:30 - 2014-06-30 20:30 - 0000268 ___RH () C:\Users\Nava Fader\AppData\Roaming\Image Units

2014-06-30 20:32 - 2014-06-30 20:32 - 0000268 ___RH () C:\Users\Nava Fader\AppData\Roaming\Importer

2014-02-26 19:54 - 2014-03-31 13:59 - 0000078 _____ () C:\Users\Nava Fader\AppData\Roaming\WB.CFG

2013-05-31 17:23 - 2013-05-31 17:23 - 0003584 _____ () C:\Users\Nava Fader\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-12-15 15:37 - 2014-12-15 15:37 - 0007678 _____ () C:\Users\Nava Fader\AppData\Local\recently-used.xbel

2013-01-19 22:59 - 2014-08-13 15:06 - 0007602 _____ () C:\Users\Nava Fader\AppData\Local\resmon.resmoncfg

2013-07-10 12:13 - 2013-07-10 12:13 - 0404466 _____ () C:\ProgramData\1373476157.bdinstall.bin

2013-09-11 20:31 - 2013-09-11 20:31 - 0082454 _____ () C:\ProgramData\1378949468.bdinstall.bin

2014-01-04 12:00 - 2014-01-04 12:00 - 0209459 _____ () C:\ProgramData\1388854764.bdinstall.bin

2014-01-08 12:54 - 2014-01-08 12:54 - 0414453 _____ () C:\ProgramData\1389203483.bdinstall.bin

2014-09-12 16:49 - 2014-09-12 16:49 - 0103930 _____ () C:\ProgramData\1410558536.bdinstall.bin

2014-09-12 16:50 - 2014-09-12 16:50 - 0104598 _____ () C:\ProgramData\1410558591.bdinstall.bin

2014-09-12 16:50 - 2014-09-12 16:50 - 0104509 _____ () C:\ProgramData\1410558640.bdinstall.bin

2014-09-12 16:52 - 2014-09-12 16:52 - 0104407 _____ () C:\ProgramData\1410558699.bdinstall.bin

2014-09-12 17:51 - 2014-09-12 17:51 - 0045644 _____ () C:\ProgramData\1410562275.bdinstall.bin

2014-09-12 17:52 - 2014-09-12 17:52 - 0045499 _____ () C:\ProgramData\1410562364.bdinstall.bin

2014-09-12 17:54 - 2014-09-12 17:54 - 0044136 _____ () C:\ProgramData\1410562441.bdinstall.bin

2014-09-12 18:24 - 2014-09-12 18:24 - 0045639 _____ () C:\ProgramData\1410564146.bdinstall.bin

2014-09-12 18:27 - 2014-09-12 18:27 - 0044135 _____ () C:\ProgramData\1410564417.bdinstall.bin

2014-09-19 18:02 - 2014-09-19 18:02 - 0045029 _____ () C:\ProgramData\1411167698.bdinstall.bin

2014-09-20 20:22 - 2014-09-20 20:22 - 0106686 _____ () C:\ProgramData\1411262327.bdinstall.bin

2013-02-15 19:05 - 2013-02-15 19:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2014-06-30 20:30 - 2014-06-30 20:30 - 0000268 ___RH () C:\ProgramData\Installer Plugin

2014-06-30 20:32 - 2014-06-30 20:32 - 0000268 ___RH () C:\ProgramData\Internet Plug-Ins

2014-05-02 18:20 - 2014-07-05 11:46 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

2014-06-30 20:30 - 2015-02-15 16:19 - 0000020 ____H () C:\ProgramData\PKP_DLdu.DAT

2014-06-30 20:32 - 2015-02-15 16:21 - 0000020 ____H () C:\ProgramData\PKP_DLdw.DAT

Some content of TEMP:

====================

C:\Users\Nava Fader\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe

C:\Users\Nava Fader\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Nava Fader\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll

Some zero byte size files/folders:

==========================

C:\Windows\SysWOW64\dlumd10.dll

C:\Windows\SysWOW64\dlumd11.dll

C:\Windows\SysWOW64\dlumd9.dll

C:\Windows\System32\dlumd10.dll

C:\Windows\System32\dlumd11.dll

C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-13 00:31

==================== End Of Log ============================

Addition.txt

Link to post
Share on other sites

  • 2 months later...
  • Root Admin

We're sorry. It looks like your topic was somehow overlooked. Due to the length of time we'll go ahead and close this topic now but if you still actually need help please send a private message to one of the Moderators and we'll assist you.

Thank you and sorry we missed your topic.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.