OCD, thank you for the instructions. The logs you asked for are provided below. Please note that I uninstalled RogueKiller couple of days ago, so I do not have any logs to provide. If that would be helpful, I will reinstall. Also, after I run FRST to fix, the fixlist.txt file was removed (I am assuming it was deleted). Is that the expected behaviour?
Thanx!
-------------------------------------------------------------------------
checkup.txt
Results of screen317's Security Check version 0.99.89
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Symantec Endpoint Protection
(On Access scanning disabled!)
Error obtaining update status for antivirus!
`````````Anti-malware/Other Utilities Check:`````````
Panda Cloud Cleaner
Java 7 Update 55
Java version out of Date!
Adobe Flash Player 15.0.0.189
Mozilla Firefox (33.0)
Google Chrome 38.0.2125.104
Google Chrome 38.0.2125.111
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 9%
````````````````````End of Log``````````````````````
-------------------------------------------------------------------------
AdwCleaner[S1].txt
# AdwCleaner v3.311 - Report created 01/11/2014 at 21:32:27
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : ds - ERMIS
# Running from : C:\Users\ds\Downloads\tmp\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.0 (x86 en-US)
[ File : C:\Users\ds\AppData\Roaming\Mozilla\Firefox\Profiles\tu8g3et3.default\prefs.js ]
-\\ Google Chrome v38.0.2125.111
[ File : C:\Users\ds\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R1].txt - [928 octets] - [01/11/2014 21:30:26]
AdwCleaner[S1].txt - [850 octets] - [01/11/2014 21:32:27]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [909 octets] ##########
-------------------------------------------------------------------------
AdwCleaner[S2].txt
# AdwCleaner v3.311 - Report created 02/11/2014 at 20:02:00
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : ds - ERMIS
# Running from : C:\Users\ds\Downloads\tmp\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.0 (x86 en-US)
[ File : C:\Users\ds\AppData\Roaming\Mozilla\Firefox\Profiles\tu8g3et3.default\prefs.js ]
-\\ Google Chrome v38.0.2125.111
[ File : C:\Users\ds\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R1].txt - [928 octets] - [01/11/2014 20:30:26]
AdwCleaner[R2].txt - [1046 octets] - [02/11/2014 20:00:46]
AdwCleaner[S1].txt - [988 octets] - [01/11/2014 20:32:27]
AdwCleaner[S2].txt - [969 octets] - [02/11/2014 20:02:00]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1028 octets] ##########
-------------------------------------------------------------------------
Fixlog.txt
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-11-2014
Ran by ds at 2014-11-06 15:04:28 Run:1
Running from C:\Users\ds\Desktop
Loaded Profile: ds (Available profiles: ds)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
End Processes:
Toolbar: HKLM-x32 - No Name - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
CHR HomePage: Default -> chrome://blanck/
CHR StartupUrls: Default -> "hxxp://astromenda.com/?f=7&a=ast_dnldstr_14_39_ff&cd=2XzuyEtN2Y1L1Qzu0FtD0D0E0FtC0DtD0Czy0AyDtCzz0AtDtN0D0Tzu0StCtDtDtBtN1L2XzutAtFtBtFtCtFyCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByCtD0AyCtBtCyDtG0A0A0EyDtG0ByD0A0CtG0D0D0DyBtGyE0EtD0Ezy0A0C0AzztD0E0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0CtA0EyB0E0EyDtGyD0BtAzytGyE0CtAyEtG0ByBtCzytGtD0B0F0Bzy0EyB0CtD0C0Azy2Q&cr=1970078723&ir="
CHR DefaultSearchKeyword: Default -> startpage.com
CHR DefaultSearchURL: Default -> https://startpage.co...q={searchTerms}
EmptyTemp:
Hosts:
End
*****************
End Processes: => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{A13C2648-91D4-4bf3-BC6D-0079707C4389} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{A13C2648-91D4-4bf3-BC6D-0079707C4389}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
"HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => Key not found.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSearchURL deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 39.9 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
-------------------------------------------------------------------------
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-11-2014
Ran by ds (administrator) on ERMIS on 06-11-2014 15:08:55
Running from C:\Users\ds\Desktop
Loaded Profile: ds (Available profiles: ds)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel® Corporation) C:\Program Files\Intel\CAM\bin\CAMService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
() C:\Program Files (x86)\SSH Communications Security\SSH Tectia\SSH Tectia Client\ssh-broker-gui.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\SSH Communications Security\SSH Tectia\SSH Tectia Broker\ssh-broker-g3.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla\Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla\Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-01-14] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [388160 2012-03-30] (Lenovo Group Limited)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63832 2014-03-14] (Lenovo)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [113656 2013-07-02] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ccApp] => C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115560 2009-07-08] (Symantec Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-2914558355-170091057-212511320-1000\...\Run: [Google Update] => C:\Users\ds\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-28] (Google Inc.)
HKU\S-1-5-21-2914558355-170091057-212511320-1000\...\MountPoints2: {4592eac6-9288-11e2-9491-806e6f6e6963} - Q:\LenovoQDrive.exe
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGina
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Tectia Connection Broker.lnk
ShortcutTarget: Tectia Connection Broker.lnk -> C:\Program Files (x86)\SSH Communications Security\SSH Tectia\SSH Tectia Client\ssh-broker-gui.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...er=9&ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blanck
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...ng}&rlz=1I7LENP
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.we...ex/ieatgpc1.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.124.25
FireFox:
========
FF ProfilePath: C:\Users\ds\AppData\Roaming\Mozilla\Firefox\Profiles\tu8g3et3.default
FF DefaultSearchEngine: Startpage (SSL)
FF SelectedSearchEngine: Startpage (SSL)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\ds\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\ds\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\ds\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\ds\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\ds\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: vsee.com/VSeeDetection -> C:\Users\ds\AppData\Roaming\VSeeInstall\npVSeeDetection.dll (VSee Lab)
FF Plugin ProgramFiles/Appdata: C:\Users\ds\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\ds\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\ds\AppData\Roaming\Mozilla\Firefox\Profiles\tu8g3et3.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\ds\AppData\Roaming\Mozilla\Firefox\Profiles\tu8g3et3.default\searchplugins\startpage-ssl.xml
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\ds\AppData\Roaming\Mozilla\Firefox\Profiles\tu8g3et3.default\Extensions\donottrackplus@abine.com [2014-11-01]
FF Extension: Webmail Ad Blocker - C:\Users\ds\AppData\Roaming\Mozilla\Firefox\Profiles\tu8g3et3.default\Extensions\gmailnoads@mywebber.com.xpi [2014-10-28]
FF Extension: Download Status Bar - C:\Users\ds\AppData\Roaming\Mozilla\Firefox\Profiles\tu8g3et3.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2014-10-28]
FF Extension: Adblock Plus - C:\Users\ds\AppData\Roaming\Mozilla\Firefox\Profiles\tu8g3et3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-28]
FF Extension: BetterPrivacy - C:\Users\ds\AppData\Roaming\Mozilla\Firefox\Profiles\tu8g3et3.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-10-28]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-03-22]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn [2014-11-02]
FF HKLM-x32\...\Firefox\Extensions: [VIP3X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: No Name - C:\Program Files (x86)\Symantec\VIP Access Client [2013-03-21]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla\Firefox\firefox.exe
Chrome:
=======
CHR DefaultSuggestURL: Default ->
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll ()
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla\Firefox\plugins\np-mswmp.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Citrix Online Web Deployment Plugin 1.0.0.104) - C:\Users\ds\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
CHR Plugin: (Google Update) - C:\Users\ds\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\ds\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\ds\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\ds\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Profile: C:\Users\ds\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ds\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-30]
CHR Extension: (AdBlock Plus) - C:\Users\ds\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhbihjkbifdakjlfjkpfeadmgefejcdk [2014-10-17]
CHR Extension: (Webmail Ad Blocker) - C:\Users\ds\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2014-10-17]
CHR Extension: (AdRemover for Google Chrome™) - C:\Users\ds\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcefmojpghnaceadnghednjhbmphipkb [2014-10-17]
CHR Extension: (Google Wallet) - C:\Users\ds\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
CHR Extension: (Norton Security Toolbar) - C:\Users\ds\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2013-10-24]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 CAMService; C:\Program Files\Intel\CAM\bin\CAMService.exe [1243344 2014-08-12] (Intel® Corporation)
R2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2009-07-08] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2009-07-08] (Symantec Corporation)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [319536 2014-09-10] (Lenovo.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2009-07-13] (Symantec Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 Media Center 19 Service; C:\Program Files (x86)\J River\Media Center 19\JRService.exe [495176 2013-08-30] (JRiver, Inc.) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-08-18] ()
S2 NCO; C:\Program Files (x86)\Norton Safe Web Lite\Engine\2014.7.3.12\NST.exe [130104 2014-06-26] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [File not signed]
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [File not signed]
R2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3197256 2009-09-17] (Symantec Corporation)
S4 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [411976 2009-09-17] (Symantec Corporation)
R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2012-03-05] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2477304 2009-09-17] (Symantec Corporation)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [75336 2014-07-14] (Symantec Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3817168 2014-08-18] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 A2DDA; C:\USERS\DS\DOWNLOADS\EMSISOFT\BIN\a2ddax64.sys [26176 2014-10-23] (Emsisoft GmbH)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07030.00C\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 cleanhlp; C:\Users\ds\Downloads\Emsisoft\bin\cleanhlp64.sys [57024 2014-10-23] (Emsisoft GmbH)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-08-27] (Symantec Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20141105.035\eng64.sys [129752 2014-08-11] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20141105.035\ex64.sys [2137304 2014-08-11] (Symantec Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [443952 2009-08-25] (Symantec Corporation)
R1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [443952 2009-08-25] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [481840 2009-08-25] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [481840 2009-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2009-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32304 2009-08-25] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172592 2013-03-29] (Symantec Corporation)
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [62512 2009-05-27] (Symantec Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-10-29] ()
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [52784 2009-09-17] (Symantec Corporation)
R3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [233120 2012-09-27] (Symantec Corporation)
S0 ycsgvj; No ImagePath
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-06 15:08 - 2014-11-06 15:09 - 00029358 _____ () C:\Users\ds\Desktop\FRST.txt
2014-11-06 09:05 - 2014-11-06 09:05 - 00000000 ____D () C:\Users\ds\AppData\Roaming\TeamViewer
2014-11-06 06:41 - 2014-11-06 06:41 - 00854448 _____ () C:\Users\ds\Desktop\SecurityCheck.exe
2014-11-05 17:12 - 2014-11-06 15:05 - 00000671 _____ () C:\Windows\setupact.log
2014-11-05 17:12 - 2014-11-05 17:12 - 00000334 _____ () C:\Windows\PFRO.log
2014-11-05 17:12 - 2014-11-05 17:12 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-04 08:51 - 2014-11-04 09:31 - 00000000 ____D () C:\Users\ds\Downloads\MP3
2014-11-01 20:35 - 2014-11-01 20:35 - 00000000 ____D () C:\Windows\ERUNT
2014-11-01 20:24 - 2014-10-31 20:48 - 01706359 _____ (Thisisu) C:\Users\ds\Desktop\JRT_NEW.exe
2014-10-30 21:42 - 2010-08-30 07:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-10-30 21:34 - 2014-11-03 15:06 - 00000000 ____D () C:\AdwCleaner
2014-10-30 21:24 - 2014-11-06 15:08 - 00000000 ____D () C:\FRST
2014-10-30 20:58 - 2014-11-05 17:11 - 00000000 ____D () C:\Windows\Minidump
2014-10-30 20:35 - 2014-11-03 15:00 - 02114560 _____ (Farbar) C:\Users\ds\Desktop\FRST64.exe
2014-10-30 13:46 - 2014-10-30 13:46 - 00000000 ____D () C:\Users\ds\AppData\Local\Tvsukernel
2014-10-30 09:51 - 2014-10-30 09:51 - 00001288 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-10-30 09:51 - 2014-10-30 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-10-30 08:42 - 2014-10-31 06:59 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-10-30 08:42 - 2014-10-31 06:40 - 00000000 ____D () C:\Users\ds\AppData\Roaming\Panda Security
2014-10-30 08:41 - 2014-10-31 06:40 - 00000000 ____D () C:\ProgramData\Panda Security
2014-10-29 22:17 - 2014-10-29 22:17 - 00000000 _____ () C:\autoexec.bat
2014-10-29 22:14 - 2014-10-30 21:12 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-29 22:14 - 2014-10-29 22:14 - 00000000 ____D () C:\ProgramData\Licenses
2014-10-29 21:09 - 2014-10-29 21:09 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-10-29 20:52 - 2014-10-31 06:30 - 00000000 ____D () C:\Windows\system32\log
2014-10-29 15:51 - 2014-10-29 15:51 - 00000000 _____ () C:\Users\ds\Sti_Trace.log
2014-10-29 07:28 - 2014-10-29 07:28 - 00000000 ____D () C:\Users\ds\AppData\Local\Norman Malware Cleaner
2014-10-29 07:25 - 2014-10-29 07:26 - 00000000 ____D () C:\Users\ds\Downloads\LG
2014-10-29 07:25 - 2014-10-29 07:25 - 00000000 ____D () C:\Users\ds\Downloads\Python
2014-10-29 07:25 - 2014-10-29 07:25 - 00000000 ____D () C:\Users\ds\Downloads\Brother
2014-10-29 07:24 - 2014-10-29 07:25 - 00000000 ____D () C:\Users\ds\Downloads\Cisco
2014-10-29 07:24 - 2014-10-29 07:24 - 00000000 ____D () C:\Users\ds\Downloads\HP
2014-10-29 05:19 - 2014-10-31 13:22 - 00131328 _____ () C:\Users\ds\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-28 12:28 - 2014-11-06 14:33 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2914558355-170091057-212511320-1000UA.job
2014-10-28 12:28 - 2014-11-06 13:33 - 00000844 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2914558355-170091057-212511320-1000Core.job
2014-10-28 12:28 - 2014-10-28 12:28 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2914558355-170091057-212511320-1000UA
2014-10-28 12:28 - 2014-10-28 12:28 - 00003464 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2914558355-170091057-212511320-1000Core
2014-10-28 12:19 - 2014-10-28 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-10-28 12:19 - 2014-10-28 12:19 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-10-28 12:05 - 2014-11-06 14:10 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-28 12:05 - 2014-10-28 12:19 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-10-28 12:05 - 2014-10-28 12:05 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-28 12:05 - 2014-10-28 12:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-28 12:05 - 2014-10-28 12:05 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-28 11:55 - 2014-11-03 17:34 - 00000000 ____D () C:\Users\ds\AppData\Roaming\Mozilla
2014-10-28 11:55 - 2014-10-28 11:55 - 00000000 ____D () C:\Users\ds\AppData\Local\Mozilla
2014-10-28 11:55 - 2014-10-28 11:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-28 11:30 - 2014-10-28 12:28 - 00000000 ____D () C:\Users\ds\Downloads\Firefox
2014-10-26 10:55 - 2014-09-05 14:22 - 00077088 _____ (Lenovo.) C:\Windows\system32\ibmpmsvc.exe
2014-10-26 10:55 - 2014-09-05 14:22 - 00072480 _____ (Lenovo.) C:\Windows\system32\ibmpmctl.exe
2014-10-26 10:55 - 2014-09-05 14:22 - 00059128 _____ (Lenovo.) C:\Windows\system32\Drivers\ibmpmdrv.sys
2014-10-26 10:55 - 2014-09-05 14:22 - 00040224 _____ (Lenovo.) C:\Windows\system32\tpinspm.dll
2014-10-26 08:11 - 2014-10-26 08:12 - 00000000 ____D () C:\Users\ds\Downloads\AVG
2014-10-25 11:24 - 2014-10-25 11:29 - 00000000 ____D () C:\Users\ds\Downloads\VCF2XLS
2014-10-24 17:51 - 2014-10-24 17:51 - 00001520 _____ () C:\EamClean.log
2014-10-24 17:33 - 2014-10-24 17:33 - 00001997 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-10-24 17:13 - 2014-10-26 08:02 - 00000000 ____D () C:\Users\ds\Downloads\Emsisoft
2014-10-24 17:12 - 2014-10-29 07:28 - 00000000 ____D () C:\Users\ds\Downloads\NormanMalwareCleaner
2014-10-23 14:38 - 2014-10-23 14:38 - 00000000 ____D () C:\Users\ds\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-10-23 11:48 - 2014-10-23 11:48 - 00000000 ____D () C:\Users\ds\Downloads\Comodo
2014-10-23 06:56 - 2014-11-03 09:09 - 00000000 ____D () C:\Users\ds\Downloads\MalwareBytes
2014-10-19 20:49 - 2014-10-19 20:49 - 00002766 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-10-19 20:48 - 2014-10-19 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-19 20:48 - 2014-10-19 20:48 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-19 06:34 - 2014-10-19 06:34 - 00000000 ____D () C:\NPE
2014-10-19 06:16 - 2014-10-19 06:36 - 00000000 ____D () C:\Users\ds\AppData\Local\NPE
2014-10-19 06:03 - 2014-10-19 06:30 - 00000000 ____D () C:\Users\ds\Downloads\Symantec
2014-10-16 08:25 - 2014-08-18 22:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-16 08:25 - 2014-08-18 22:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-16 08:25 - 2014-08-18 22:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-16 08:25 - 2014-08-18 22:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-16 08:25 - 2014-08-18 22:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-16 08:25 - 2014-08-18 22:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-16 08:25 - 2014-08-18 22:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-16 08:25 - 2014-08-18 22:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-16 08:25 - 2014-08-18 22:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-16 08:25 - 2014-08-18 22:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-16 08:25 - 2014-08-18 21:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-16 08:25 - 2014-08-18 21:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-16 08:25 - 2014-08-18 21:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-16 08:25 - 2014-07-06 21:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-16 08:25 - 2014-07-06 21:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-16 08:25 - 2014-07-06 21:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-16 08:25 - 2014-07-06 21:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-16 08:25 - 2014-07-06 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-16 08:25 - 2014-07-06 21:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-16 08:25 - 2014-07-06 21:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-16 08:25 - 2014-07-06 21:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-16 08:25 - 2014-07-06 21:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-16 08:25 - 2014-07-06 21:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-16 08:25 - 2014-07-06 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-16 08:25 - 2014-07-06 20:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-16 08:25 - 2014-07-06 20:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-16 08:25 - 2014-07-06 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-16 08:25 - 2014-07-06 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-16 08:25 - 2014-07-06 20:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-16 08:25 - 2014-07-06 20:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-16 08:25 - 2014-07-06 20:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-16 08:25 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-16 08:25 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-16 08:25 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-16 08:25 - 2014-06-27 19:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-16 08:25 - 2014-06-27 19:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-16 08:25 - 2014-06-27 19:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-16 06:02 - 2014-10-09 21:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 06:02 - 2014-10-09 21:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 06:02 - 2014-10-09 21:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 06:02 - 2014-10-06 21:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 06:02 - 2014-10-06 21:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 06:02 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 06:02 - 2014-09-25 17:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 06:02 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 06:02 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 06:02 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 06:02 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 06:02 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 06:02 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 06:02 - 2014-09-18 20:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 06:02 - 2014-09-18 20:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 06:02 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 06:02 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 06:02 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 06:02 - 2014-09-18 20:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 06:02 - 2014-09-18 20:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 06:02 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 06:02 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 06:02 - 2014-09-18 20:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 06:02 - 2014-09-18 20:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 06:02 - 2014-09-18 20:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 06:02 - 2014-09-18 20:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 06:02 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 06:02 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 06:02 - 2014-09-18 20:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 06:02 - 2014-09-18 20:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 06:02 - 2014-09-18 20:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 06:02 - 2014-09-18 20:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 06:02 - 2014-09-18 20:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 06:02 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 06:02 - 2014-09-18 20:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 06:02 - 2014-09-18 20:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 06:02 - 2014-09-18 20:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 06:02 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 06:02 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 06:02 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 06:02 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 06:02 - 2014-09-18 19:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 06:02 - 2014-09-18 19:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 06:02 - 2014-09-18 19:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 06:02 - 2014-09-18 19:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 06:02 - 2014-09-18 19:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 06:02 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 06:02 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 06:02 - 2014-09-18 19:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 06:02 - 2014-09-18 19:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 06:02 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 06:02 - 2014-09-18 19:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 06:02 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 06:02 - 2014-09-18 19:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 06:02 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 06:02 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 06:02 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 06:02 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 06:02 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 06:02 - 2014-08-28 21:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 06:02 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 06:02 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 06:02 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 06:02 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 06:02 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 06:02 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 06:02 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 06:02 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 06:02 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 06:02 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 06:02 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 06:01 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 06:01 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 06:01 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 06:01 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 06:01 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 06:01 - 2014-09-04 21:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 06:01 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 06:01 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 06:01 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 06:01 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 06:01 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 06:01 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 06:01 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 06:01 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 06:01 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-06 15:06 - 2013-03-21 15:48 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-06 15:06 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-06 15:04 - 2013-03-21 19:36 - 01506618 _____ () C:\Windows\WindowsUpdate.log
2014-11-06 15:01 - 2009-07-13 23:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-06 15:01 - 2009-07-13 23:45 - 00031296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-06 15:00 - 2014-04-11 11:38 - 00000000 ____D () C:\Users\ds\Downloads\tmp
2014-11-06 14:59 - 2013-03-21 15:48 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-06 14:58 - 2009-07-14 00:13 - 00786622 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-06 14:51 - 2013-03-22 13:43 - 00000000 ____D () C:\Users\ds\AppData\Roaming\Skype
2014-11-06 14:42 - 2014-03-31 11:55 - 00000544 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2914558355-170091057-212511320-1000.job
2014-11-06 13:00 - 2013-08-15 16:19 - 00000000 ____D () C:\Users\ds\Documents\Outlook Files
2014-11-06 08:46 - 2014-02-07 10:39 - 00000000 ____D () C:\Users\ds\AppData\Roaming\VSeeInstall
2014-11-06 08:46 - 2014-02-07 10:39 - 00000000 ____D () C:\Users\ds\AppData\Roaming\VSee
2014-11-06 06:08 - 2013-03-21 16:49 - 00000000 ____D () C:\Users\ds\AppData\Local\Adobe
2014-11-06 06:01 - 2014-02-28 09:54 - 00000000 ____D () C:\Users\ds\Downloads\CCleaner
2014-11-05 17:11 - 2013-10-24 15:15 - 00000000 ____D () C:\Users\ds\AppData\Local\CrashDumps
2014-11-03 21:30 - 2013-03-22 10:11 - 00000000 ____D () C:\Users\ds\AppData\Roaming\FileZilla
2014-11-03 09:19 - 2013-11-02 07:28 - 00000132 _____ () C:\Users\ds\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-11-01 20:33 - 2009-07-13 23:45 - 04974624 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-30 13:46 - 2013-03-22 07:18 - 00000000 ____D () C:\Windows\System32\Tasks\TVT
2014-10-30 09:02 - 2013-12-23 15:11 - 00000000 ____D () C:\Program Files (x86)\BitLord 2
2014-10-30 06:25 - 2010-11-20 22:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 15:51 - 2013-03-21 16:11 - 00000000 ____D () C:\Users\ds
2014-10-29 08:02 - 2013-12-13 17:02 - 00000000 ____D () C:\Users\ds\Downloads\Acer
2014-10-29 07:23 - 2014-01-16 09:22 - 00000000 ____D () C:\Users\ds\Downloads\Coreinfo
2014-10-28 12:28 - 2013-03-21 16:22 - 00000000 ____D () C:\Users\ds\AppData\Local\Google
2014-10-28 11:55 - 2013-03-22 05:34 - 00001225 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-28 11:55 - 2013-03-22 05:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla
2014-10-28 11:48 - 2013-03-22 06:22 - 00000000 ____D () C:\Users\ds\AppData\Roaming\Google
2014-10-26 10:43 - 2013-03-21 19:41 - 00003020 _____ () C:\Windows\System32\Tasks\PMTask
2014-10-26 10:43 - 2009-07-13 22:20 - 00000000 __RSD () C:\Windows\Media
2014-10-25 16:27 - 2014-03-03 09:07 - 00000000 ____D () C:\Users\ds\AppData\Roaming\LSC
2014-10-25 10:34 - 2013-10-05 10:08 - 00000000 ____D () C:\Users\ds\Documents\LG PC Suite IV
2014-10-24 17:52 - 2009-07-14 00:08 - 00032644 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-24 17:33 - 2013-03-21 19:38 - 00000000 ____D () C:\Windows\System32\Tasks\Lenovo
2014-10-24 17:32 - 2013-03-21 19:42 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-10-24 17:32 - 2013-03-21 19:36 - 00000000 ____D () C:\Program Files\Lenovo
2014-10-19 20:52 - 2011-02-15 04:42 - 00000000 ____D () C:\Windows\Panther
2014-10-19 09:58 - 2013-05-20 16:56 - 00000000 ____D () C:\Users\ds\AppData\Roaming\.purple
2014-10-19 06:54 - 2013-03-21 17:01 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64
2014-10-19 06:16 - 2013-03-21 15:50 - 00000000 ____D () C:\ProgramData\Norton
2014-10-19 05:54 - 2013-03-21 15:48 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-19 05:54 - 2013-03-21 15:48 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-16 17:30 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 08:46 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 08:46 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-16 08:11 - 2014-04-25 08:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 06:10 - 2013-03-22 05:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 06:08 - 2013-07-15 17:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 06:02 - 2013-03-22 07:06 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 05:32 - 2014-09-28 17:15 - 00000096 _____ () C:\Users\ds\AppData\Roaming\WB.CFG
2014-10-15 11:22 - 2014-03-31 11:55 - 00003558 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2914558355-170091057-212511320-1000
2014-10-09 15:15 - 2013-09-06 15:19 - 00000132 _____ () C:\Users\ds\AppData\Roaming\Adobe GIF Format CS5 Prefs
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-05 02:03
==================== End Of Log ============================