Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random Popup Messages Appearing - McAfee messages in IE


  • This topic is locked This topic is locked
7 replies to this topic

#1 frogmo

frogmo

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:47 AM

Posted 29 September 2014 - 10:10 AM

Lenovo laptop running Windows 8.1 getting random popup messages on the desktop.  When using Internet Explorer I get McAfee Secure messages in the browser window even through the computer is not running McAfee.  Thank you!

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17278
Run by Ilene at 9:55:40 on 2014-09-29
Microsoft Windows 8.1  6.3.9600.0.1252.1.1033.18.16296.14408 [GMT -5:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Symantec Endpoint Protection.cloud *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Symantec Endpoint Protection.cloud *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection.cloud *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\IDT\WDM\STacSV64.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\WLANExt.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\iDashboardsEval\server\bin\idashboardseval.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Surf Canyon\scbhmon.exe
C:\Program Files\Symantec.cloud\PlatformAgent\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Symantec.cloud\PlatformAgent32\ccSvcHst.exe
C:\Program Files\Symantec.cloud\AntiVirus\AVAgent.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
c:\program files\symantec.cloud\antivirus\ssDVAgent.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.4.0.40\ccSvcHst.exe
C:\WINDOWS\system32\taskhostex.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\skydrive.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Symantec.cloud\PlatformAgent\PAUI.exe
C:\Users\Ilene\AppData\Local\Akamai\netsession_win.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Users\Ilene\AppData\Local\Akamai\netsession_win.exe
C:\WINDOWS\system32\taskeng.exe
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\SettingSyncHost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\WindowsApps\Microsoft.LyncMX_16.0.1929.1162_x64__8wekyb3d8bbwe\LyncMX.exe
C:\WINDOWS\system32\taskeng.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Fast Search: {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.4.0.40\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.4.0.40\IPS\ipsbho.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.4.0.40\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.4.0.40\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [GoToMeeting] "C:\Users\Ilene\AppData\Local\Citrix\GoToMeeting\1350\g2mstart.exe" "/Trigger RunAtLogon"
uRun: [AOL Fast Start] "C:\Program Files (x86)\AOL Desktop 9.7a\AOL.EXE" -b
uRun: [Akamai NetSession Interface] "C:\Users\Ilene\AppData\Local\Akamai\netsession_win.exe"
mRun: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [HostManager] C:\Program Files (x86)\Common Files\AOL\1394944162\ee\AOLSoftware.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Ilene\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} - 
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T29L10NSP4EP2-2/webex/ieatgpc1.cab
TCP: NameServer = 10.0.0.2 10.0.0.1
TCP: Interfaces\{22D30DC6-553C-46A8-9E4C-B191D61D1FA7} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{78E6A77C-55B7-4E8E-8384-6C2545455728} : DHCPNameServer = 10.0.0.2 10.0.0.1
TCP: Interfaces\{78E6A77C-55B7-4E8E-8384-6C2545455728}\14274756023516C6F6E6D27657563747 : DHCPNameServer = 192.168.1.254 192.168.33.1
TCP: Interfaces\{78E6A77C-55B7-4E8E-8384-6C2545455728}\1446D6962716C637F534C65726 : DHCPNameServer = 192.168.10.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{78E6A77C-55B7-4E8E-8384-6C2545455728}\34F657274797162746F57455543545 : DHCPNameServer = 4.2.2.1
TCP: Interfaces\{78E6A77C-55B7-4E8E-8384-6C2545455728}\3536572616E65747 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{78E6A77C-55B7-4E8E-8384-6C2545455728}\76F676F696E666C696768647 : DHCPNameServer = 172.19.134.2
TCP: Interfaces\{78E6A77C-55B7-4E8E-8384-6C2545455728}\841607079764C616D696E676F6D27657563747 : DHCPNameServer = 192.168.7.254
TCP: Interfaces\{78E6A77C-55B7-4E8E-8384-6C2545455728}\E4544574541425 : DHCPNameServer = 192.168.1.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
AppInit_DLLs= c:\windows\syswow64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Fast Search: {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon64.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IgfxTray] "C:\WINDOWS\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\WINDOWS\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\WINDOWS\System32\igfxpers.exe"
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [DolbyTrayApp] c:\program files (x86)\Dolby Home Theater v4\pcee4.exe -autostart
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [OnekeyStudio] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe -start
x64-Run: [Energy Manager] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
x64-Run: [Lenovo Utility] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SymantecPaui] "C:\Program Files\Symantec.cloud\PlatformAgent\PAUI.exe"
x64-Run: [Logitech Download Assistant] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\LogiLDA.dll,LogiFetch
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-4-30 677360]
R0 IntelHSWPcc;IntelHSWPcc;C:\WINDOWS\System32\drivers\IntelPcc.sys [2013-5-1 100184]
R0 intelpep;Intel® Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2014-2-19 39768]
R0 nvpciflt;nvpciflt;C:\WINDOWS\System32\drivers\nvpciflt.sys [2013-12-26 32544]
R0 SymDS;Symantec Data Store;C:\WINDOWS\System32\drivers\NISx64\1404000.028\SymDS64.sys [2014-3-10 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\WINDOWS\System32\drivers\NISx64\1404000.028\SymEFA64.sys [2014-3-10 1139800]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2014-5-6 157016]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2013-8-22 76800]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [2014-9-12 1586904]
R1 ccSet_Cloud;CC Standalone Settings Manager;C:\Windows\SysWOW64\drivers\Symantec.cloud\ccSetx64.sys [2013-8-9 167072]
R1 ccSet_NIS;Endpoint Protection.cloud Settings Manager;C:\WINDOWS\System32\drivers\NISx64\1404000.028\ccSetx64.sys [2014-3-10 169048]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20140926.003\IDSviA64.sys [2014-9-26 633560]
R1 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\drivers\NISx64\1404000.028\Ironx64.sys [2014-3-10 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\drivers\NISx64\1404000.028\symnets.sys [2014-3-10 433752]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-7-29 772064]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-3-18 1124728]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-3-18 1161592]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-9-12 135984]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-4-6 2428088]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-4-30 15344]
R2 iDashboardsEval;iDashboards Evaluation Server;C:\Program Files (x86)\iDashboardsEval\server\bin\idashboardseval.exe [2014-6-16 102400]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-2-13 731648]
R2 Intel® Wireless Bluetooth® 4.0 Radio Management;Intel® Wireless Bluetooth® 4.0 Radio Management;C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-6-4 156104]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-9-12 169432]
R2 NIS;Endpoint Protection.cloud;C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.4.0.40\ccSvcHst.exe [2014-3-10 144368]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-2-16 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-2-16 16939296]
R2 scbhmon;Extension Security Monitor Service;C:\Program Files (x86)\Surf Canyon\scbhmon.exe [2014-4-9 30576]
R2 SsPaAdm;Symantec.cloud Cloud Agent;C:\Program Files\Symantec.cloud\PlatformAgent\ccSvcHst.exe [2013-8-9 191856]
R2 ssPaSetMgr;Symantec.cloud Scheduler;C:\Program Files\Symantec.cloud\PlatformAgent32\ccSvcHst.exe [2013-8-9 138272]
R2 ssSpnAv;Symantec.cloud Endpoint Protection;C:\Program Files\Symantec.cloud\AntiVirus\AVAgent.exe [2013-10-23 418192]
R2 VeriFaceSrv;VeriFaceSrv;C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [2013-9-12 68368]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2013-10-11 3671792]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\WINDOWS\System32\drivers\AcpiVpc.sys [2013-2-17 35600]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\WINDOWS\System32\drivers\AmpPal.sys [2013-7-29 165344]
R3 AmUStor;AM USB Stroage Driver;C:\WINDOWS\System32\drivers\AmUStor.sys [2012-10-3 95232]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2014-5-6 226304]
R3 btmhsf;btmhsf;C:\WINDOWS\System32\drivers\btmhsf.sys [2013-3-28 1366328]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-9-10 142640]
R3 ibtusb;Intel® Wireless Bluetooth® 4.0 + HS Adapter;C:\WINDOWS\System32\drivers\ibtusb.sys [2013-6-4 115656]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-14 27032]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\WINDOWS\System32\drivers\L1C63x64.sys [2013-8-22 129224]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2013-8-22 16384]
R3 NETwNb64;@oem38.inf,___ %NIC_Service_DispName_WINB_64%;___ Intel® Wireless Adapter Driver for Windows 8.1 - 64 Bit;C:\WINDOWS\System32\drivers\NETwbw02.sys [2013-10-14 3607520]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2014-2-16 39200]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2013-7-2 33008]
R3 vm331avs;Digital Camera 1;C:\WINDOWS\System32\drivers\vm331avs.sys [2013-9-12 1064704]
R3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2013-8-22 23040]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2014-8-13 227840]
S0 SymELAM;Symantec ELAM Driver;C:\WINDOWS\System32\drivers\NISx64\1404000.028\SymELAM.sys [2014-3-10 23448]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2013-8-22 782176]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\WINDOWS\System32\drivers\AmpPal.sys [2013-7-29 165344]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2013-8-22 37768]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2013-8-22 37768]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2013-8-22 17624]
S3 iaLPSSi_GPIO;Intel® Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2013-8-22 24568]
S3 iaLPSSi_I2C;Intel® Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2013-8-22 99320]
S3 iaStorAV;Intel® SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2013-8-22 651248]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2014-6-11 111616]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2013-12-14 39320]
S3 IntcDAud;Intel® Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2013-7-2 452088]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-2-13 820184]
S3 lfsvc;Windows Location Framework Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2013-8-22 37768]
S3 LSI_SAS3;LSI_SAS3;C:\WINDOWS\System32\drivers\lsi_sas3.sys [2013-8-22 81760]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-10-11 284912]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc63.sys [2013-8-22 87040]
S3 NETwNe64;Intel® Wireless Adapter Driver for Windows 8 - 64 Bit;C:\WINDOWS\System32\drivers\NETwew02.sys [2013-10-9 3648480]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2014-5-6 924504]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2014-2-19 146776]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2013-8-22 37768]
S3 SSIWEB8.3.6Apache;SSIWEB8.3.6Apache;C:\Program Files (x86)\Sawtooth Software\SSI Web 8.3.6\LocalWeb\bin\httpd.exe [2014-8-27 20549]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2013-11-14 57176]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2013-8-22 26976]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2014-7-28 54784]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2013-8-22 37768]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2014-5-14 123224]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2014-5-14 347880]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2013-8-22 37768]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2013-8-22 37768]
S3 wsvd;wsvd;C:\WINDOWS\System32\drivers\wsvd.sys [2013-9-12 102376]
.
=============== File Associations ===============
.
FileExt: .txt: textfile="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2014-09-29 14:08:35 122584 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2014-09-29 14:08:02 91352 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2014-09-29 14:08:02 64216 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2014-09-29 14:08:02 25816 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2014-09-29 14:08:00 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-28 13:30:55 262824 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10247.bin
2014-09-25 04:12:25 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-21 23:59:18 -------- d-----w- C:\Program Files\iPod
2014-09-21 23:59:17 -------- d-----w- C:\Program Files\iTunes
2014-09-21 23:59:17 -------- d-----w- C:\Program Files (x86)\iTunes
2014-09-14 17:02:57 2515264 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2014-09-14 16:54:26 146752 ----a-w- C:\WINDOWS\System32\drivers\msgpioclx.sys
2014-09-12 14:03:37 97280 ----a-w- C:\WINDOWS\System32\aepic.dll
2014-09-12 14:03:37 738816 ----a-w- C:\WINDOWS\System32\aepdu.dll
2014-09-12 14:03:37 527360 ----a-w- C:\WINDOWS\System32\aeinv.dll
2014-09-12 14:00:59 10747904 ----a-w- C:\Program Files\Internet Explorer\F12Resources.dll
2014-09-12 04:10:28 1212928 ----a-w- C:\WINDOWS\System32\schedsvc.dll
2014-09-12 04:08:16 875688 ----a-w- C:\WINDOWS\SysWow64\msvcr120_clr0400.dll
2014-09-12 04:08:15 869544 ----a-w- C:\WINDOWS\System32\msvcr120_clr0400.dll
2014-09-10 23:22:15 218200 ----a-w- C:\WINDOWS\SysWow64\unrar.dll
2014-09-10 23:22:05 -------- d-----w- C:\ProgramData\Uniblue
2014-09-10 23:17:25 -------- d-----w- C:\ProgramData\InstallSightSDK
2014-09-10 23:17:21 -------- d-----w- C:\Program Files (x86)\SPD
2014-09-10 23:17:16 159032 ----a-w- C:\WINDOWS\SysWow64\ATL90.dll
2014-09-10 23:17:07 -------- d-----w- C:\Program Files\PC Optimizer Pro
.
==================== Find3M  ====================
.
2014-09-12 14:01:52 2724864 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb
2014-09-12 14:01:48 2724864 ----a-w- C:\WINDOWS\System32\mshtml.tlb
2014-09-12 14:01:46 48640 ----a-w- C:\WINDOWS\System32\ieetwproxystub.dll
2014-09-12 14:01:46 4096 ----a-w- C:\WINDOWS\System32\ieetwcollectorres.dll
2014-09-12 14:01:46 111616 ----a-w- C:\WINDOWS\System32\ieetwcollector.exe
2014-09-12 14:01:45 51200 ----a-w- C:\WINDOWS\SysWow64\ieetwproxystub.dll
2014-09-12 14:01:45 139264 ----a-w- C:\WINDOWS\System32\ieUnatt.exe
2014-09-12 14:01:44 112128 ----a-w- C:\WINDOWS\SysWow64\ieUnatt.exe
2014-09-12 14:01:42 61952 ----a-w- C:\WINDOWS\SysWow64\iesetup.dll
2014-09-12 14:01:41 66048 ----a-w- C:\WINDOWS\System32\iesetup.dll
2014-09-02 20:06:15 706016 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2014-09-02 20:06:15 105440 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2014-08-23 07:48:28 2374784 ----a-w- C:\WINDOWS\explorer.exe
2014-08-23 07:13:24 2084520 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2014-08-23 06:10:58 68096 ----a-w- C:\WINDOWS\System32\UXInit.dll
2014-08-23 05:32:39 50176 ----a-w- C:\WINDOWS\SysWow64\UXInit.dll
2014-08-23 04:44:37 2860032 ----a-w- C:\WINDOWS\System32\actxprxy.dll
2014-08-23 04:34:00 13423104 ----a-w- C:\WINDOWS\System32\twinui.dll
2014-08-23 04:33:24 796672 ----a-w- C:\WINDOWS\System32\uDWM.dll
2014-08-23 04:31:32 1038336 ----a-w- C:\WINDOWS\SysWow64\actxprxy.dll
2014-08-23 04:20:49 11818496 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2014-08-23 00:42:19 4148224 ----a-w- C:\WINDOWS\System32\win32k.sys
2014-08-16 02:00:16 5833728 ----a-w- C:\WINDOWS\System32\jscript9.dll
2014-08-16 01:56:06 547328 ----a-w- C:\WINDOWS\System32\vbscript.dll
2014-08-16 01:54:40 83968 ----a-w- C:\WINDOWS\System32\MshtmlDac.dll
2014-08-16 01:45:12 4232704 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2014-08-16 01:43:34 758272 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2014-08-16 01:25:28 72704 ----a-w- C:\WINDOWS\System32\JavaScriptCollectionAgent.dll
2014-08-16 01:22:35 454656 ----a-w- C:\WINDOWS\SysWow64\vbscript.dll
2014-08-16 01:20:18 61952 ----a-w- C:\WINDOWS\SysWow64\MshtmlDac.dll
2014-08-16 01:11:26 597504 ----a-w- C:\WINDOWS\SysWow64\jscript9diag.dll
2014-08-16 01:03:45 2104832 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
2014-08-16 00:58:45 60416 ----a-w- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
2014-08-16 00:56:32 2310656 ----a-w- C:\WINDOWS\System32\wininet.dll
2014-08-16 00:44:59 2014208 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl
2014-08-16 00:20:06 1812992 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2014-08-13 12:07:54 428888 ----a-w- C:\WINDOWS\System32\drivers\FWPKCLNT.SYS
2014-08-07 02:12:27 1336624 ----a-w- C:\WINDOWS\System32\gdi32.dll
2014-08-02 03:56:08 1064448 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2014-08-02 03:11:49 918528 ----a-w- C:\WINDOWS\System32\MrmCoreR.dll
2014-07-30 01:56:08 299520 ----a-w- C:\WINDOWS\System32\WSDMon.dll
2014-07-29 05:22:47 205824 ----a-w- C:\WINDOWS\System32\tcpmon.dll
2014-07-28 19:52:00 6112072 ----a-w- C:\WINDOWS\System32\usbaaplrc.dll
2014-07-28 19:52:00 54784 ----a-w- C:\WINDOWS\System32\drivers\usbaapl64.sys
2014-07-24 15:28:38 468288 -c--a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2014-07-24 15:28:38 419648 -c--a-w- C:\WINDOWS\System32\drivers\usbhub.sys
2014-07-24 15:28:38 412992 -c--a-w- C:\WINDOWS\System32\drivers\spaceport.sys
2014-07-24 15:28:38 143680 -c--a-w- C:\WINDOWS\System32\drivers\usbccgp.sys
2014-07-24 15:28:35 280384 -c--a-w- C:\WINDOWS\System32\drivers\pci.sys
2014-07-24 15:23:21 1519488 ----a-w- C:\WINDOWS\System32\user32.dll
2014-07-24 15:23:21 125472 ----a-w- C:\WINDOWS\System32\dwmapi.dll
2014-07-24 15:20:37 645592 ----a-w- C:\WINDOWS\System32\SHCore.dll
2014-07-24 15:20:37 263400 ----a-w- C:\WINDOWS\System32\SystemSettingsAdminFlows.exe
2014-07-24 15:16:25 2574208 ----a-w- C:\WINDOWS\System32\WMVDECOD.DLL
2014-07-24 15:16:24 211216 ----a-w- C:\WINDOWS\System32\SndVol.exe
2014-07-24 15:07:53 7424320 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2014-07-24 15:07:52 2009920 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2014-07-24 15:05:56 1660048 ----a-w- C:\WINDOWS\System32\winload.efi
2014-07-24 15:05:56 1519560 ----a-w- C:\WINDOWS\System32\winload.exe
2014-07-24 15:05:56 1488008 ----a-w- C:\WINDOWS\System32\winresume.efi
2014-07-24 15:05:56 1356840 ----a-w- C:\WINDOWS\System32\winresume.exe
2014-07-24 15:03:56 882136 ----a-w- C:\WINDOWS\System32\mfplat.dll
2014-07-24 15:03:55 818624 ----a-w- C:\WINDOWS\System32\mfmp4srcsnk.dll
2014-07-24 15:03:55 233888 ----a-w- C:\WINDOWS\System32\mfps.dll
2014-07-24 15:03:54 2141920 ----a-w- C:\WINDOWS\System32\mfcore.dll
2014-07-24 15:03:53 360480 ----a-w- C:\WINDOWS\System32\mfreadwrite.dll
2014-07-24 15:03:53 205512 ----a-w- C:\WINDOWS\System32\mftranscode.dll
2014-07-24 14:57:08 475968 ----a-w- C:\WINDOWS\System32\drivers\netio.sys
2014-07-24 13:50:07 98048 ----a-w- C:\WINDOWS\SysWow64\dwmapi.dll
2014-07-24 13:48:15 2410976 ----a-w- C:\WINDOWS\SysWow64\WMVDECOD.DLL
2014-07-24 13:48:15 180208 ----a-w- C:\WINDOWS\SysWow64\SndVol.exe
2014-07-24 13:46:50 477200 ----a-w- C:\WINDOWS\SysWow64\SHCore.dll
2014-07-24 13:36:22 707536 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2014-07-24 13:36:22 674512 ----a-w- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
2014-07-24 13:36:20 355800 ----a-w- C:\WINDOWS\SysWow64\mfreadwrite.dll
2014-07-24 13:36:20 2145472 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2014-07-24 13:36:20 180720 ----a-w- C:\WINDOWS\SysWow64\mftranscode.dll
2014-07-24 13:29:45 2406400 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2014-07-24 11:51:24 7168 ----a-w- C:\WINDOWS\System32\KBDYAK.DLL
2014-07-24 11:51:22 7168 ----a-w- C:\WINDOWS\System32\KBDTT102.DLL
2014-07-24 11:51:18 8192 ----a-w- C:\WINDOWS\System32\KBDRUM.DLL
2014-07-24 11:51:05 7168 ----a-w- C:\WINDOWS\System32\KBDBASH.DLL
2014-07-24 11:47:55 132608 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2014-07-24 11:46:02 79872 ----a-w- C:\WINDOWS\System32\drivers\IPMIDrv.sys
2014-07-24 11:45:39 76800 -c--a-w- C:\WINDOWS\System32\drivers\hdaudbus.sys
2014-07-24 11:44:22 674816 ----a-w- C:\WINDOWS\System32\drivers\srv2.sys
2014-07-24 11:43:29 412160 ----a-w- C:\WINDOWS\System32\drivers\srv.sys
2014-07-24 11:42:22 126464 ----a-w- C:\WINDOWS\System32\drivers\NdisImPlatform.sys
2014-07-24 11:42:14 446976 ----a-w- C:\WINDOWS\System32\drivers\nwifi.sys
2014-07-24 11:42:01 1200640 -c--a-w- C:\WINDOWS\System32\drivers\bthport.sys
2014-07-24 11:41:43 118272 -c--a-w- C:\WINDOWS\System32\drivers\bthpan.sys
2014-07-24 11:41:23 115712 ----a-w- C:\WINDOWS\System32\drivers\bridge.sys
2014-07-24 11:22:12 308736 ----a-w- C:\WINDOWS\System32\compstui.dll
2014-07-24 11:06:38 220160 ----a-w- C:\WINDOWS\System32\iasnap.dll
2014-07-24 11:05:59 226816 ----a-w- C:\WINDOWS\System32\WebClnt.dll
2014-07-24 11:05:37 287232 ----a-w- C:\WINDOWS\System32\usbmon.dll
2014-07-24 11:04:36 141312 ----a-w- C:\WINDOWS\System32\wbem\netswitchteamcim.dll
2014-07-24 11:04:27 199168 ----a-w- C:\WINDOWS\System32\wbem\ndisimplatcim.dll
2014-07-24 10:52:10 7168 ----a-w- C:\WINDOWS\SysWow64\KBDYAK.DLL
2014-07-24 10:52:02 7168 ----a-w- C:\WINDOWS\SysWow64\KBDTT102.DLL
.
============= FINISH:  9:56:35.56 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:47 AM

Posted 02 October 2014 - 08:20 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

How is the computer running?
Wait for further instructions.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:47 AM

Posted 07 October 2014 - 09:05 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:47 AM

Posted 14 October 2014 - 08:18 AM

This topic has been re-opened at the request of the person who originally posted.

#5 frogmo

frogmo
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:47 AM

Posted 14 October 2014 - 08:22 AM

# AdwCleaner v4.000 - Report created 13/10/2014 at 15:51:44
# DB v2014-10-13.5
# Updated 12/10/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Ilene - ILENE-PC
# Running from : E:\adwcleaner_4.000.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\003
Folder Deleted : C:\Users\Ilene\AppData\Roaming\Activeris
Folder Deleted : C:\Users\Ilene\AppData\Local\iac
Folder Deleted : C:\Users\Ilene\AppData\LocalLow\iac
Folder Deleted : C:\Users\Ilene\Documents\Optimizer Pro
Folder Deleted : C:\Program Files\PC Optimizer Pro
Folder Deleted : C:\Users\Ilene\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
[!] Folder Deleted : C:\Program Files (x86)\Surf Canyon
Folder Deleted : C:\ProgramData\Uniblue
Folder Deleted : C:\Users\Ilene\AppData\Roaming\UpdaterEX
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Program Files (x86)\Viewpoint
Folder Deleted : C:\Users\Ilene\AppData\Local\visi_coupon
Folder Deleted : C:\Users\Ilene\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
[!] Folder Deleted : C:\Users\Ilene\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

***** [ Scheduled Tasks ] *****

Task Deleted : UpdaterEX

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\surfcanyon.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite
Key Deleted : HKLM\SOFTWARE\Classes\surfcanyon.BhoSite.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ActiverisAntiMalware_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ActiverisAntiMalware_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A3514F71-E63F-440B-8076-14226E21B2BF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9863E762-BACC-46E4-8CAA-2A6ADA06B65B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BA3105E9-5DE6-4A1E-A819-6F5046AB67F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FD58258C-84A6-4DEF-9793-019BE7F491A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\performersoft llc
Key Deleted : HKCU\Software\SoftwareUpdater
Key Deleted : HKCU\Software\spd
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKCU\Software\usyndication.com
Key Deleted : HKCU\Software\WSE Rocket
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Surf Canyon
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\firstsearch
Key Deleted : HKLM\SOFTWARE\InstallCore
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Surf Canyon
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Viewpoint
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Surf Canyon
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17278

-\\ Google Chrome v37.0.2062.124

*************************

AdwCleaner[R0].txt - [9699 octets] - [13/10/2014 15:47:07]
AdwCleaner[S0].txt - [9044 octets] - [13/10/2014 15:51:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9104 octets] ##########

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by Ilene (administrator) on ILENE-PC on 13-10-2014 16:05:10
Running from C:\Users\Ilene\Desktop\Farbar
Loaded Profile: Ilene (Available profiles: Ilene)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Apache Software Foundation) C:\Program Files (x86)\iDashboardsEval\server\bin\idashboardseval.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Symantec Corporation) C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.4.0.40\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Symantec Corporation) C:\Program Files\Symantec.cloud\PlatformAgent\ccSvcHst.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Symantec Corporation) C:\Program Files\Symantec.cloud\PlatformAgent32\ccSvcHst.exe
(Symantec Corporation) C:\Program Files\Symantec.cloud\AntiVirus\AVAgent.exe
(Symantec Corporation) C:\Program Files\Symantec.cloud\AntiVirus\ssDVAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.LyncMX_16.0.1929.1162_x64__8wekyb3d8bbwe\LyncMX.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Symantec Corporation) C:\Program Files\Symantec.cloud\PlatformAgent\PAUI.exe
(Akamai Technologies, Inc.) C:\Users\Ilene\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Symantec Corporation) C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.4.0.40\ccSvcHst.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
(Akamai Technologies, Inc.) C:\Users\Ilene\AppData\Local\Akamai\netsession_win.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [DolbyTrayApp] => c:\program files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2013-09-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80368 2013-09-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-20] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2986224 2013-06-20] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-07-04] (IDT, Inc.)
HKLM\...\Run: [SymantecPaui] => C:\Program Files\Symantec.cloud\PlatformAgent\PAUI.exe [3364768 2014-07-16] (Symantec Corporation)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1394944162\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3042027994-3867966013-3328877255-1002\...\Run: [GoToMeeting] => C:\Users\Ilene\AppData\Local\Citrix\GoToMeeting\1350\g2mstart.exe [40304 2014-03-25] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-3042027994-3867966013-3328877255-1002\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7a\AOL.EXE [72296 2014-04-08] (AOL Inc.)
HKU\S-1-5-21-3042027994-3867966013-3328877255-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Ilene\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3042027994-3867966013-3328877255-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3042027994-3867966013-3328877255-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3042027994-3867966013-3328877255-1002\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [156256 2013-12-26] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Ilene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 4620 series (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet 4620 series (Network).lnk -> C:\Program Files\HP\HP Officejet 4620 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Ilene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - {79FD0A72-FCD9-4E3E-92B4-18305A4745DC} URL = http://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dnldstr_14_30_ie&cd=2XzuyEtN2Y1L1QzuyDyE0B0E0FyByDyDyDzy0FtBzzyC0AyBtN0D0Tzu0SzytAyCtN1L2XzutAtFtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0E0BtCtBtD0A0EtGtAyBzz0FtG0EtB0E0CtGyEtC0ByCtGyDtCzy0CtByBzz0CzztC0BtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtC0A0Dzzzz0EzztGzzyEtByCtGyE0DtA0EtG0B0D0DyEtGtAtDzz0AyByC0DyD0FzzzztC2Q&cr=506615024&ir=
SearchScopes: HKLM-x32 - {274daec0-c4e8-4f30-9e5c-9424990769b9} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^0D^xdm009^S08309^us&si=XXXXXXXXXX&ptb=6FDC9026-D4B9-46AB-9A06-AB4ABFC34EAF&ind=2014021619&n=780b87f3&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {79FD0A72-FCD9-4E3E-92B4-18305A4745DC} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {AA6D3AD3-F2D2-4D15-8777-2CBFEF03D439} URL = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70a
SearchScopes: HKCU - URL http://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP5CC79744-EDBA-4D02-AFD3-59B42DEDB9C6&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKCU - {274daec0-c4e8-4f30-9e5c-9424990769b9} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^0D^xdm009^S08309^us&si=XXXXXXXXXX&ptb=6FDC9026-D4B9-46AB-9A06-AB4ABFC34EAF&ind=2014021619&n=780b87f3&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {79FD0A72-FCD9-4E3E-92B4-18305A4745DC} URL = http://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dnldstr_14_30_ie&cd=2XzuyEtN2Y1L1QzuyDyE0B0E0FyByDyDyDzy0FtBzzyC0AyBtN0D0Tzu0SzytAyCtN1L2XzutAtFtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0E0BtCtBtD0A0EtGtAyBzz0FtG0EtB0E0CtGyEtC0ByCtGyDtCzy0CtByBzz0CzztC0BtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtC0A0Dzzzz0EzztGzzyEtByCtGyE0DtA0EtG0B0D0DyEtGtAtDzz0AyByC0DyD0FzzzztC2Q&cr=506615024&ir=
SearchScopes: HKCU - {7E76501C-2BD6-4ADB-A3E3-C6636EC8C69E} URL = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70a
SearchScopes: HKCU - {9C69AF53-653E-4E26-B3F8-AE63C67F9061} URL = http://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20140520,20028,0,31,0
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/WBXclient-T29L10NSP4EP2-2/webex/ieatgpc1.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.2 10.0.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\Ilene\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: LWAPlugin15.8 -> C:\Users\Ilene\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Ilene\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF [2014-03-10]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn [2014-10-13]

Chrome:
=======
CHR Profile: C:\Users\Ilene\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Ilene\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-14]
CHR Extension: (Google Drive) - C:\Users\Ilene\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ilene\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (YouTube) - C:\Users\Ilene\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-14]
CHR Extension: (Google Search) - C:\Users\Ilene\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-14]
CHR Extension: (Google Wallet) - C:\Users\Ilene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-14]
CHR Extension: (Gmail) - C:\Users\Ilene\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 HPSLPSVC; C:\Users\Ilene\AppData\Local\Temp\7zS569E\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 iDashboardsEval; C:\Program Files (x86)\iDashboardsEval\server\bin\idashboardseval.exe [102400 2010-09-22] (Apache Software Foundation) [File not signed]
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156104 2013-06-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NIS; C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-20] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-20] (NVIDIA Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 SSIWEB8.3.6Apache; C:\Program Files (x86)\Sawtooth Software\SSI Web 8.3.6\LocalWeb\bin\httpd.exe [20549 2014-03-25] (Apache Software Foundation) [File not signed]
R2 SsPaAdm; C:\Program Files\Symantec.cloud\PlatformAgent\ccSvcHst.exe [191856 2013-08-09] (Symantec Corporation)
R2 ssPaSetMgr; C:\Program Files\Symantec.cloud\PlatformAgent32\ccSvcHst.exe [138272 2013-08-09] (Symantec Corporation)
R2 ssSpnAv; C:\Program Files\Symantec.cloud\AntiVirus\AVAgent.exe [418192 2013-10-23] (Symantec Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [337920 2013-07-04] (IDT, Inc.) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-09-12] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
S2 scbhmon; "C:\Program Files (x86)\Surf Canyon\scbhmon.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20141003.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1366328 2013-03-28] (Motorola Solutions, Inc.)
R1 ccSet_Cloud; C:\WINDOWS\SysWOW64\Drivers\Symantec.cloud\ccSetx64.sys [167072 2013-08-09] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [115656 2013-06-04] (Intel Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20141010.001\IDSvia64.sys [633560 2014-08-30] (Symantec Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [100184 2013-04-09] (Intel Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20141012.018\ENG64.SYS [129752 2014-10-09] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20141012.018\EX64.SYS [2137304 2014-10-09] (Symantec Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-09] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-06-20] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2013-03-04] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-03-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1064704 2013-05-31] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 usb3Hub; \SystemRoot\System32\drivers\usb3Hub.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-13 16:05 - 2014-10-13 16:05 - 00000000 ____D () C:\FRST
2014-10-13 15:57 - 2014-10-13 16:05 - 00000000 ____D () C:\Users\Ilene\Desktop\Farbar
2014-10-13 15:46 - 2014-10-13 15:51 - 00000000 ____D () C:\AdwCleaner
2014-10-12 16:22 - 2014-10-12 16:24 - 24106496 _____ () C:\Users\Ilene\Downloads\b2bmarketingfinalnn-130917114719-phpapp02.ppt
2014-10-12 13:22 - 2014-10-12 13:22 - 02565187 _____ () C:\Users\Ilene\Downloads\5hotomnichanneltrends-130515153845-phpapp02.pptx
2014-10-11 11:46 - 2014-10-11 11:46 - 00003618 _____ () C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet 4620 series
2014-10-11 11:46 - 2014-10-11 11:46 - 00002267 _____ () C:\Users\Public\Desktop\HP Officejet 4620 series.lnk
2014-10-11 11:46 - 2014-10-11 11:46 - 00001204 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Officejet 4620 series.lnk
2014-10-11 11:46 - 2014-10-11 11:46 - 00000982 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2014-10-11 11:46 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPM6412.dll
2014-10-11 11:37 - 2014-10-11 11:37 - 00000000 ____D () C:\Users\Ilene\AppData\Local\Hewlett-Packard
2014-10-11 11:37 - 2014-10-11 11:37 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-10-11 11:36 - 2014-10-11 11:36 - 05152768 _____ () C:\Users\Ilene\Downloads\HPSupportSolutionsFramework-11.51.0027.msi
2014-10-10 09:52 - 2014-10-10 09:52 - 02268813 _____ () C:\Users\Ilene\Documents\IMG_2696.mov
2014-10-06 16:32 - 2014-10-06 16:32 - 00505143 _____ () C:\Users\Ilene\Documents\Quester Onsite Presentation - 10 5ilk.pptx
2014-10-04 14:59 - 2014-10-04 14:59 - 00000000 ____D () C:\Users\Ilene\AppData\Local\Macroplant_LLC
2014-10-04 14:58 - 2014-10-04 14:58 - 00001006 _____ () C:\Users\Public\Desktop\iExplorer.lnk
2014-10-04 14:58 - 2014-10-04 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iExplorer
2014-10-04 14:58 - 2014-10-04 14:58 - 00000000 ____D () C:\Program Files (x86)\iExplorer
2014-10-04 14:57 - 2014-10-04 14:57 - 11220680 _____ (Macroplant LLC ) C:\Users\Ilene\Downloads\iExplorer_Setup_3401.exe
2014-10-03 12:35 - 2014-10-03 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-10-03 12:35 - 2014-10-03 12:35 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-10-02 08:54 - 2014-10-02 08:54 - 00008338 _____ () C:\Users\Ilene\Documents\pmiaware1002.xlsx
2014-10-02 08:17 - 2014-10-02 08:17 - 00023062 _____ () C:\Users\Ilene\Documents\pmitrainingdata1002.xlsx
2014-10-02 08:05 - 2014-10-02 08:05 - 00011674 _____ () C:\Users\Ilene\Documents\pmiconcepttest1002.xlsx
2014-10-02 07:56 - 2014-10-02 07:56 - 00019533 _____ () C:\Users\Ilene\Documents\pmidemosandterms1002.xlsx
2014-10-02 07:17 - 2014-10-02 07:17 - 00026370 _____ () C:\Users\Ilene\Documents\pmitrainingandstandards.xlsx
2014-10-01 22:36 - 2014-10-01 22:36 - 00010133 _____ () C:\Users\Ilene\Documents\pmiprojectmgmt.xlsx
2014-10-01 22:26 - 2014-10-01 22:26 - 00012879 _____ () C:\Users\Ilene\Documents\pmitraining.xlsx
2014-10-01 22:15 - 2014-10-01 22:15 - 00013310 _____ () C:\Users\Ilene\Documents\concepttest1stresults.spv
2014-10-01 22:15 - 2014-10-01 22:15 - 00011350 _____ () C:\Users\Ilene\Documents\pmifirstconceetresults.xlsx
2014-10-01 11:36 - 2014-10-02 09:03 - 00000000 ____D () C:\Users\Ilene\AppData\Local\join.me
2014-10-01 11:36 - 2014-10-01 11:36 - 00001124 _____ () C:\Users\Ilene\Desktop\join.me.lnk
2014-10-01 11:36 - 2014-10-01 11:36 - 00001124 _____ () C:\Users\Ilene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\join.me.lnk
2014-10-01 01:58 - 2014-10-13 15:02 - 00000000 ____D () C:\Users\Ilene\AppData\Local\C1AA206F-F602-4DAF-8047-4965AA980335.aplzod
2014-09-30 23:06 - 2014-09-30 23:06 - 00001766 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-30 23:06 - 2014-09-30 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-30 23:05 - 2014-09-30 23:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-30 23:05 - 2014-09-30 23:05 - 00000000 ____D () C:\Program Files\iTunes
2014-09-30 23:05 - 2014-09-30 23:05 - 00000000 ____D () C:\Program Files\iPod
2014-09-30 23:05 - 2014-09-30 23:05 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-30 15:41 - 2014-09-30 15:41 - 00056320 _____ () C:\Users\Ilene\Documents\Copy of EARHARTTABPLAN818.xls
2014-09-30 10:08 - 2014-10-03 12:35 - 00001958 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-09-30 10:08 - 2014-10-03 12:35 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-09-29 09:56 - 2014-09-29 09:56 - 00031351 _____ () C:\Users\Ilene\Desktop\dds.txt
2014-09-29 09:56 - 2014-09-29 09:56 - 00005847 _____ () C:\Users\Ilene\Desktop\attach.txt
2014-09-29 09:08 - 2014-09-29 09:09 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-29 09:08 - 2014-09-29 09:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-29 09:08 - 2014-09-29 09:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-29 09:08 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-29 09:08 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-09-29 09:08 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-29 09:05 - 2014-09-29 09:06 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ilene\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-27 11:43 - 2014-09-27 11:43 - 00000000 ____D () C:\Users\Ilene\Documents\tabplantraining928
2014-09-24 23:09 - 2014-09-24 23:10 - 112794960 _____ (Apple Inc.) C:\Users\Ilene\Downloads\iTunes64Setup (2).exe
2014-09-23 15:58 - 2014-09-23 15:58 - 00266414 _____ () C:\Users\Ilene\Documents\pmirevisedschedule923.pptx
2014-09-22 14:54 - 2014-09-22 14:58 - 00000000 ____D () C:\Users\Ilene\Documents\RegularPetraFITs2014
2014-09-22 14:54 - 2014-09-22 14:54 - 00665214 _____ () C:\Users\Ilene\Documents\RegularPetraFITs2014.zip
2014-09-22 09:26 - 2014-09-22 09:27 - 07790592 _____ () C:\Users\Ilene\Desktop\LWAPlugin64BitInstaller32.msi
2014-09-21 18:53 - 2014-09-21 18:53 - 112794960 _____ (Apple Inc.) C:\Users\Ilene\Downloads\iTunes64Setup (1).exe
2014-09-18 14:37 - 2014-10-10 23:51 - 00512512 _____ () C:\Users\Ilene\Desktop\WACSurveyTrend Spotters.pps
2014-09-18 11:22 - 2014-10-12 13:12 - 00000000 ____D () C:\Users\Ilene\Documents\walmartpriceperceptions918
2014-09-16 11:40 - 2014-09-16 11:40 - 02730758 _____ () C:\Users\Ilene\Documents\Foot Locker Brand Report Wave 7091514toclientrevised.pptx
2014-09-15 22:28 - 2014-09-15 22:28 - 00044356 _____ () C:\Users\Ilene\Documents\Foot Locker Quant Results CL091014 (Autosaved).xlsx
2014-09-14 12:03 - 2014-08-23 02:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-14 12:03 - 2014-08-23 02:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-14 12:03 - 2014-08-23 01:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-14 12:03 - 2014-08-23 00:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-14 12:03 - 2014-08-22 23:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-14 12:03 - 2014-08-22 23:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-14 12:03 - 2014-08-22 23:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-14 12:03 - 2014-08-22 23:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-14 12:03 - 2014-08-22 23:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-14 12:03 - 2014-07-29 20:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-14 12:03 - 2014-07-29 00:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-14 12:03 - 2014-07-24 10:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-14 12:03 - 2014-07-24 10:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-14 12:03 - 2014-07-24 08:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-14 12:03 - 2014-07-24 04:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-14 12:03 - 2014-07-24 04:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-14 12:03 - 2014-07-24 02:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-14 12:03 - 2014-07-24 02:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-14 12:03 - 2014-07-24 02:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-14 12:03 - 2014-07-24 02:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-14 12:03 - 2014-07-24 02:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-14 12:03 - 2014-07-24 02:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-14 12:03 - 2014-06-14 01:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-14 12:02 - 2014-07-24 10:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-14 12:02 - 2014-07-24 10:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-14 12:02 - 2014-07-24 10:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-14 12:02 - 2014-07-24 10:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-14 12:02 - 2014-07-24 10:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-14 12:02 - 2014-07-24 10:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-14 12:02 - 2014-07-24 10:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-14 12:02 - 2014-07-24 10:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-14 12:02 - 2014-07-24 10:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-14 12:02 - 2014-07-24 10:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-14 12:02 - 2014-07-24 10:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-14 12:02 - 2014-07-24 10:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-14 12:02 - 2014-07-24 10:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-14 12:02 - 2014-07-24 10:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-14 12:02 - 2014-07-24 10:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-14 12:02 - 2014-07-24 10:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-14 12:02 - 2014-07-24 10:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-14 12:02 - 2014-07-24 10:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-14 12:02 - 2014-07-24 10:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-14 12:02 - 2014-07-24 10:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-14 12:02 - 2014-07-24 10:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-14 12:02 - 2014-07-24 10:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-14 12:02 - 2014-07-24 10:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-14 12:02 - 2014-07-24 09:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-14 12:02 - 2014-07-24 09:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-14 12:02 - 2014-07-24 08:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-14 12:02 - 2014-07-24 08:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-14 12:02 - 2014-07-24 08:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-14 12:02 - 2014-07-24 08:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-14 12:02 - 2014-07-24 08:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-14 12:02 - 2014-07-24 08:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-14 12:02 - 2014-07-24 08:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-14 12:02 - 2014-07-24 08:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-14 12:02 - 2014-07-24 08:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-14 12:02 - 2014-07-24 06:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-14 12:02 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-14 12:02 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-14 12:02 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-14 12:02 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-14 12:02 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-14 12:02 - 2014-07-24 06:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-14 12:02 - 2014-07-24 06:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-14 12:02 - 2014-07-24 06:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-14 12:02 - 2014-07-24 06:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-14 12:02 - 2014-07-24 06:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-14 12:02 - 2014-07-24 06:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-14 12:02 - 2014-07-24 06:42 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-14 12:02 - 2014-07-24 06:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-14 12:02 - 2014-07-24 06:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-14 12:02 - 2014-07-24 06:41 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-14 12:02 - 2014-07-24 06:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-14 12:02 - 2014-07-24 06:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-14 12:02 - 2014-07-24 06:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-14 12:02 - 2014-07-24 06:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-14 12:02 - 2014-07-24 06:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-14 12:02 - 2014-07-24 06:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-14 12:02 - 2014-07-24 06:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-14 12:02 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-14 12:02 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-14 12:02 - 2014-07-24 05:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-14 12:02 - 2014-07-24 05:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-14 12:02 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-14 12:02 - 2014-07-24 05:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-14 12:02 - 2014-07-24 05:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-14 12:02 - 2014-07-24 05:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-14 12:02 - 2014-07-24 05:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-14 12:02 - 2014-07-24 05:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-14 12:02 - 2014-07-24 05:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-14 12:02 - 2014-07-24 05:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-14 12:02 - 2014-07-24 05:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-14 12:02 - 2014-07-24 05:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-14 12:02 - 2014-07-24 05:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-14 12:02 - 2014-07-24 05:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-14 12:02 - 2014-07-24 05:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-14 12:02 - 2014-07-24 05:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-14 12:02 - 2014-07-24 05:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-14 12:02 - 2014-07-24 05:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-14 12:02 - 2014-07-24 04:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-14 12:02 - 2014-07-24 04:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-14 12:02 - 2014-07-24 04:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-14 12:02 - 2014-07-24 04:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-14 12:02 - 2014-07-24 04:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-14 12:02 - 2014-07-24 04:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-14 12:02 - 2014-07-24 04:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-14 12:02 - 2014-07-24 04:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-14 12:02 - 2014-07-24 04:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-14 12:02 - 2014-07-24 04:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-14 12:02 - 2014-07-24 04:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-14 12:02 - 2014-07-24 04:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-14 12:02 - 2014-07-24 04:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-14 12:02 - 2014-07-24 04:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-14 12:02 - 2014-07-24 04:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-14 12:02 - 2014-07-24 04:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-14 12:02 - 2014-07-24 04:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-14 12:02 - 2014-07-24 04:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-14 12:02 - 2014-07-24 04:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-14 12:02 - 2014-07-24 04:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-14 12:02 - 2014-07-24 04:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-14 12:02 - 2014-07-24 04:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-14 12:02 - 2014-07-24 04:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-14 12:02 - 2014-07-24 04:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-14 12:02 - 2014-07-24 04:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-14 12:02 - 2014-07-24 03:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-14 12:02 - 2014-07-24 03:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-14 12:02 - 2014-07-24 03:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-14 12:02 - 2014-07-24 03:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-14 12:02 - 2014-07-24 03:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-14 12:02 - 2014-07-24 03:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-14 12:02 - 2014-07-24 03:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-14 12:02 - 2014-07-24 03:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-14 12:02 - 2014-07-24 03:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-14 12:02 - 2014-07-24 03:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-14 12:02 - 2014-07-24 03:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-14 12:02 - 2014-07-24 03:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-14 12:02 - 2014-07-24 03:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-14 12:02 - 2014-07-24 03:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-14 12:02 - 2014-07-24 03:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-14 12:02 - 2014-07-24 03:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-14 12:02 - 2014-07-24 03:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-14 12:02 - 2014-07-24 03:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-14 12:02 - 2014-07-24 03:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 12:02 - 2014-07-24 03:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-14 12:02 - 2014-07-24 03:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-14 12:02 - 2014-07-24 03:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-14 12:02 - 2014-07-24 03:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-14 12:02 - 2014-07-24 03:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-14 12:02 - 2014-07-24 03:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-14 12:02 - 2014-07-24 03:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-14 12:02 - 2014-07-24 03:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-14 12:02 - 2014-07-24 03:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-14 12:02 - 2014-07-24 03:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-14 12:02 - 2014-07-24 03:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-14 12:02 - 2014-07-24 03:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-14 12:02 - 2014-07-24 03:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-14 12:02 - 2014-07-24 03:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-14 12:02 - 2014-07-24 03:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-14 12:02 - 2014-07-24 03:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 12:02 - 2014-07-24 03:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-14 12:02 - 2014-07-24 03:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-14 12:02 - 2014-07-24 03:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-14 12:02 - 2014-07-24 03:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-14 12:02 - 2014-07-24 03:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-14 12:02 - 2014-07-24 03:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-14 12:02 - 2014-07-24 03:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-14 12:02 - 2014-07-24 03:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-14 12:02 - 2014-07-24 03:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-14 12:02 - 2014-07-24 03:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-14 12:02 - 2014-07-24 03:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-14 12:02 - 2014-07-24 03:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-14 12:02 - 2014-07-24 03:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-14 12:02 - 2014-07-24 03:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-14 12:02 - 2014-07-24 03:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-14 12:02 - 2014-07-24 02:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-14 12:02 - 2014-07-24 02:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-14 12:02 - 2014-07-24 02:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-14 12:02 - 2014-07-24 02:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-14 12:02 - 2014-07-24 02:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-14 12:02 - 2014-07-24 02:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-14 12:02 - 2014-07-24 02:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-14 12:02 - 2014-07-24 02:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-14 12:02 - 2014-07-24 02:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-14 12:02 - 2014-07-24 02:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-14 12:02 - 2014-07-24 02:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-14 12:02 - 2014-07-24 02:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-14 12:02 - 2014-07-24 02:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-14 12:02 - 2014-07-23 23:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-14 12:02 - 2014-07-23 23:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-14 12:02 - 2014-07-12 00:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-14 12:02 - 2014-07-12 00:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-14 12:02 - 2014-07-11 23:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-14 12:02 - 2014-07-11 23:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-14 12:02 - 2014-07-11 23:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-14 12:02 - 2014-07-09 18:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-14 12:02 - 2014-07-04 07:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-14 12:02 - 2014-07-04 05:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-14 12:02 - 2014-07-04 05:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-14 12:02 - 2014-07-04 05:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-14 12:02 - 2014-07-04 05:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-14 12:02 - 2014-07-04 04:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-14 12:02 - 2014-07-04 04:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-14 12:02 - 2014-06-27 01:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-14 12:02 - 2014-06-25 19:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-14 12:02 - 2014-06-25 19:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-14 12:02 - 2014-06-19 18:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-14 12:02 - 2014-06-18 21:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-14 12:02 - 2014-06-14 00:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-14 12:02 - 2014-06-07 07:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-14 12:02 - 2014-06-07 05:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-14 12:02 - 2014-06-05 09:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-14 12:02 - 2014-06-05 05:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-14 12:02 - 2014-06-05 04:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-14 12:02 - 2014-05-31 00:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-14 12:02 - 2014-05-30 23:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-14 12:02 - 2014-05-29 01:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-14 12:02 - 2014-05-29 00:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-14 12:02 - 2014-05-29 00:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-14 12:02 - 2014-05-28 23:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-14 12:02 - 2014-05-26 02:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-14 12:02 - 2014-05-10 05:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-14 12:02 - 2014-05-10 03:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-14 12:02 - 2014-05-05 23:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-14 12:02 - 2014-05-05 19:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-14 12:02 - 2014-03-24 21:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-14 12:02 - 2014-03-24 21:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-14 12:02 - 2014-03-24 20:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-14 12:02 - 2014-03-24 20:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-14 11:54 - 2014-08-14 19:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-13 14:16 - 2014-09-13 14:16 - 00335323 _____ () C:\Users\Ilene\Documents\Output8.spv

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-13 16:04 - 2014-02-16 17:06 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3042027994-3867966013-3328877255-1002
2014-10-13 16:02 - 2014-03-10 14:58 - 00000000 ____D () C:\ProgramData\Symantec.cloud
2014-10-13 16:02 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-13 16:01 - 2014-02-20 01:53 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B56BA8A3-1B8D-4893-96D7-2E2695002D1B}
2014-10-13 15:57 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-13 15:55 - 2014-05-14 14:13 - 00002174 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-13 15:55 - 2014-05-14 14:12 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-13 15:55 - 2014-04-16 09:42 - 00000000 ___DO () C:\Users\Ilene\SkyDrive
2014-10-13 15:53 - 2014-05-14 17:05 - 00194170 _____ () C:\WINDOWS\PFRO.log
2014-10-13 15:53 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-13 15:52 - 2014-04-12 18:41 - 01623021 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-13 15:52 - 2013-09-12 18:21 - 00014848 _____ () C:\WINDOWS\system32\VfService.trf
2014-10-13 15:52 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-13 15:49 - 2013-11-14 02:28 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-13 15:22 - 2014-05-14 14:12 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-13 14:36 - 2014-03-25 16:31 - 00000580 _____ () C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3042027994-3867966013-3328877255-1002.job
2014-10-13 13:13 - 2014-07-29 17:05 - 00000000 ____D () C:\Users\Ilene\Documents\pmi august 2014
2014-10-13 08:57 - 2014-07-02 10:07 - 00004974 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ILENE-PC-Ilene Ilene-PC
2014-10-13 05:55 - 2013-08-22 09:44 - 00380504 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-13 05:48 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-12 21:44 - 2014-09-04 14:25 - 00000000 ____D () C:\Users\Ilene\Documents\walmartmigration904
2014-10-12 19:56 - 2014-02-16 16:59 - 00000000 ____D () C:\Users\Ilene\AppData\Local\Packages
2014-10-12 13:02 - 2014-03-03 15:48 - 00000000 ____D () C:\Users\Ilene\Documents\research papers 2014
2014-10-11 12:28 - 2014-04-02 11:45 - 00000000 ____D () C:\Users\Ilene\AppData\Local\HP
2014-10-11 11:51 - 2014-04-02 11:56 - 00000000 ____D () C:\Users\Ilene\AppData\Roaming\HpUpdate
2014-10-11 11:46 - 2014-04-02 11:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-10-11 11:46 - 2014-04-02 11:55 - 00000000 ____D () C:\Program Files (x86)\HP
2014-10-11 11:45 - 2014-04-02 11:55 - 00000000 ____D () C:\Program Files\HP
2014-10-11 11:45 - 2014-02-24 10:25 - 00000000 ____D () C:\ProgramData\HP
2014-10-10 15:45 - 2014-07-22 09:59 - 00000000 ____D () C:\Users\Ilene\Documents\Footlocker Summer 2014
2014-10-10 08:28 - 2014-04-01 14:09 - 00000000 ____D () C:\Users\Ilene\AppData\Local\CrashDumps
2014-10-09 14:40 - 2014-03-10 06:33 - 00000000 ____D () C:\Users\Ilene\Documents\quester business
2014-10-09 13:31 - 2014-02-19 22:49 - 00000000 ____D () C:\Users\Ilene
2014-10-09 10:10 - 2014-07-10 13:10 - 00000000 ____D () C:\Users\Ilene\Documents\samsung project earhart
2014-10-08 09:10 - 2014-08-15 10:13 - 00000000 ____D () C:\Users\Ilene\Documents\samsung smart tv
2014-10-06 15:58 - 2014-03-04 10:15 - 00000000 ____D () C:\Users\Ilene\Documents\proposals 2011
2014-10-05 17:56 - 2014-02-27 08:14 - 00000000 ____D () C:\Users\Ilene\Documents\Proposals2014
2014-10-04 16:15 - 2014-03-05 01:18 - 00000000 ____D () C:\Users\Ilene\Documents\ilk personal 014
2014-10-03 13:23 - 2014-04-02 13:06 - 00000000 ____D () C:\Users\Ilene\AppData\Local\Deployment
2014-10-02 07:11 - 2014-04-13 16:13 - 00000000 ____D () C:\Users\Ilene\AppData\Roaming\Apple Computer
2014-10-01 07:42 - 2014-07-10 08:45 - 00000000 ____D () C:\Users\Ilene\Documents\beth tikvah business
2014-10-01 01:57 - 2014-04-13 16:14 - 00000000 ____D () C:\Users\Ilene\AppData\Local\Apple Computer
2014-09-30 10:09 - 2014-07-10 13:45 - 00000000 ____D () C:\Users\Ilene\AppData\Local\Adobe
2014-09-30 10:08 - 2013-09-12 18:19 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-29 12:38 - 2014-03-25 16:31 - 00003580 _____ () C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3042027994-3867966013-3328877255-1002
2014-09-29 09:58 - 2014-04-22 12:55 - 00012830 _____ () C:\WINDOWS\setupact.log
2014-09-29 09:14 - 2014-04-01 11:51 - 00000000 ____D () C:\temp
2014-09-29 09:04 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-09-25 06:51 - 2014-05-14 14:12 - 00000000 ____D () C:\Users\Ilene\AppData\Local\Google
2014-09-24 23:55 - 2014-04-13 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2014-09-24 23:55 - 2014-04-13 18:01 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-09-24 23:53 - 2014-05-13 15:54 - 00000000 ____D () C:\ProgramData\Fighters
2014-09-24 23:40 - 2014-04-01 11:47 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-09-24 23:39 - 2013-09-12 18:04 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-24 23:38 - 2014-06-17 11:35 - 00000000 ____D () C:\ProgramData\Sisense
2014-09-24 23:37 - 2014-09-10 18:17 - 00000000 ____D () C:\ProgramData\InstallSightSDK
2014-09-24 23:36 - 2014-09-10 18:17 - 00000000 ____D () C:\Program Files (x86)\SPD
2014-09-24 23:25 - 2014-07-10 09:17 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-24 23:16 - 2014-02-19 23:09 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-24 09:20 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-23 22:05 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-22 10:37 - 2014-02-16 16:59 - 00000000 ____D () C:\Users\Ilene\AppData\Local\VirtualStore
2014-09-16 17:37 - 2014-05-20 09:14 - 00000000 ____D () C:\Users\Ilene\Documents\cargill
2014-09-16 07:29 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\schemas
2014-09-15 22:30 - 2013-11-14 02:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-15 22:30 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-15 22:30 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-15 22:30 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-15 22:30 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-15 22:30 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-15 22:30 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-15 22:30 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-15 22:30 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-15 22:30 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-15 22:28 - 2014-09-03 16:40 - 00050328 _____ () C:\Users\Ilene\Documents\footlocker903.sps
2014-09-14 00:33 - 2014-09-10 13:42 - 00029674 _____ () C:\Users\Ilene\Documents\footlockerbrandimagery910.sps
2014-09-13 14:08 - 2014-09-10 14:57 - 00028182 _____ () C:\Users\Ilene\Documents\footlockerbrandpersonality.sps

Some content of TEMP:
====================
C:\Users\Ilene\AppData\Local\Temp\AcsInstall.dll
C:\Users\Ilene\AppData\Local\Temp\air18B7.exe
C:\Users\Ilene\AppData\Local\Temp\airB6A8.exe
C:\Users\Ilene\AppData\Local\Temp\ct_2005.exe
C:\Users\Ilene\AppData\Local\Temp\HPInstaller.exe
C:\Users\Ilene\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Ilene\AppData\Local\Temp\ndqir_rl.dll
C:\Users\Ilene\AppData\Local\Temp\Quarantine.exe
C:\Users\Ilene\AppData\Local\Temp\SHFOLDER.DLL
C:\Users\Ilene\AppData\Local\Temp\sqlite3.dll
C:\Users\Ilene\AppData\Local\Temp\SymCCIS.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-09 09:48

==================== End Of Log ============================

 

Attached Files



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:47 AM

Posted 14 October 2014 - 01:23 PM

Download your McAfee product removal tools from this site and run it.

List of anti-malware product removal tools
http://answers.microsoft.com/en-us/protect/forum/mse-protect_start/list-of-anti-malware-product-removal-tools/407bf6da-c05d-4546-8788-0aa4c25a1f91
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File
SearchScopes: HKLM - {79FD0A72-FCD9-4E3E-92B4-18305A4745DC} URL = http://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dnldstr_14_30_ie&cd=2XzuyEtN2Y1L1QzuyDyE0B0E0FyByDyDyDzy0FtBzzyC0AyBtN0D0Tzu0SzytAyCtN1L2XzutAtFtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0E0BtCtBtD0A0EtGtAyBzz0FtG0EtB0E0CtGyEtC0ByCtGyDtCzy0CtByBzz0CzztC0BtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtC0A0Dzzzz0EzztGzzyEtByCtGyE0DtA0EtG0B0D0DyEtGtAtDzz0AyByC0DyD0FzzzztC2Q&cr=506615024&ir=
SearchScopes: HKLM-x32 - {274daec0-c4e8-4f30-9e5c-9424990769b9} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^0D^xdm009^S08309^us&si=XXXXXXXXXX&ptb=6FDC9026-D4B9-46AB-9A06-AB4ABFC34EAF&ind=2014021619&n=780b87f3&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {79FD0A72-FCD9-4E3E-92B4-18305A4745DC} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - URL http://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP5CC79744-EDBA-4D02-AFD3-59B42DEDB9C6&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKCU - {274daec0-c4e8-4f30-9e5c-9424990769b9} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^0D^xdm009^S08309^us&si=XXXXXXXXXX&ptb=6FDC9026-D4B9-46AB-9A06-AB4ABFC34EAF&ind=2014021619&n=780b87f3&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {79FD0A72-FCD9-4E3E-92B4-18305A4745DC} URL = http://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dnldstr_14_30_ie&cd=2XzuyEtN2Y1L1QzuyDyE0B0E0FyByDyDyDzy0FtBzzyC0AyBtN0D0Tzu0SzytAyCtN1L2XzutAtFtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0E0BtCtBtD0A0EtGtAyBzz0FtG0EtB0E0CtGyEtC0ByCtGyDtCzy0CtByBzz0CzztC0BtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtC0A0Dzzzz0EzztGzzyEtByCtGyE0DtA0EtG0B0D0DyEtGtAtDzz0AyByC0DyD0FzzzztC2Q&cr=506615024&ir=
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
S2 scbhmon; "C:\Program Files (x86)\Surf Canyon\scbhmon.exe" [X]
S3 usb3Hub; \SystemRoot\System32\drivers\usb3Hub.sys [X]
EmptyTemp:
REBOOT:

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/
===

How is the computer performing now?

Edited by nasdaq, 14 October 2014 - 01:24 PM.


#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:47 AM

Posted 20 October 2014 - 08:35 AM

Are you still with me?

#8 frogmo

frogmo
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:47 AM

Posted 20 October 2014 - 08:41 AM

Yes I am still here.  Unfortunately I do not have access to the computer at the moment and won't for another week.  You can lock this thread if needed and I'll let you know when it can be unlocked.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users