Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-05-2013
Ran by Barbara (administrator) on 15-05-2013 22:04:17
Running from C:\Users\Barbara\Favorites\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(NTI Corporation) C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Users\Barbara\AppData\Local\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Conexant Systems, Inc) C:\Program Files\Conexant\SAII\SmartAudio.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Google Inc.) C:\Users\Barbara\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Barbara\AppData\Local\Google\Chrome\Application\chrome.exe
(Lenovo Group Limited) C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Google Inc.) C:\Users\Barbara\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Barbara\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files\Prey\platform\windows\cron.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(NTI Corporation) C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZtray.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\ACWLIcon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Users\Barbara\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Barbara\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Barbara\AppData\Local\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Barbara\Favorites\Downloads\FRST64.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2097960 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] TpShocks.exe [380776 2009-12-11] (Lenovo.)
HKLM\...\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t [307768 2009-11-17] ()
HKLM\...\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [62312 2010-04-20] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [36864 2009-10-13] ()
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation)
Winlogon\Notify\PFW:
HKCU\...\Run: [087BFA070BC68B68EF72E800FF7EF859CE1EC0E9._service_run] "C:\Users\Barbara\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service [1312720 2013-04-09] (Google Inc.)
HKLM-x32\...\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor [5998144 2012-09-24] (Lenovo Group Limited)
HKLM-x32\...\Run: [Prey Laptop Tracker] C:\Program Files\Prey\platform\windows\cron.exe --log [216635 2011-02-15] ()
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupNowEZtray] "C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZtray.exe" -k [580632 2011-09-23] (NTI Corporation)
HKLM-x32\...\Run: [AffixaPersonalSettings] "C:\Program Files (x86)\Affixa\AffixaHandler.exe" /APPLYPERSONAL [282848 2012-12-22] (Notably Good Ltd)
HKLM-x32\...\Run: [ACWLIcon] C:\Program Files (x86)\Lenovo\Access Connections\ACWLIcon.exe [181608 2010-04-22] (Lenovo)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKU\Default\...\RunOnce: [wlstart] %ProgramFiles(x86)%\Windows Live\Installer\wlstart.exe /nosearch /nohomepage [x]
HKU\Default\...\RunOnce: [] [x]
HKU\Default\...\RunOnce: [Lenovoautoqdrive] C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe /DRIVE=Q [159744 2009-03-24] ()
HKU\Default User\...\RunOnce: [wlstart] %ProgramFiles(x86)%\Windows Live\Installer\wlstart.exe /nosearch /nohomepage [x]
HKU\Default User\...\RunOnce: [] [x]
HKU\Default User\...\RunOnce: [Lenovoautoqdrive] C:\PROGRA~2\Common~1\Lenovo\Lenovo~1\LenovoAutorunreg.exe /DRIVE=Q [159744 2009-03-24] ()
HKU\GuestUser\...\Policies\system: [LogonHoursAction] 2
HKU\GuestUser\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.lnk
ShortcutTarget: Amazon Cloud Drive.lnk -> C:\Users\Barbara\AppData\Local\Apps\2.0\X2XRTH5L.08D\71V3PPR9.7Q5\amaz..tion_f2fa081ea2183235_0002.0000_52f6f5477bfc400b\AmazonCloudDrive.exe (No File)
Startup: C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
HKCU SearchScopes: DefaultScope {81836CCD-778B-4AF4-96A8-3F4110357DAE} URL =
SearchScopes: HKCU - {21BE64E7-7AC0-47BA-9FF3-204E68EA9A62} URL =
SearchScopes: HKCU - {81836CCD-778B-4AF4-96A8-3F4110357DAE} URL =
SearchScopes: HKCU - {88FB16D2-04EA-4ffe-8079-CFF68F1B9CE6} URL =
http://www.search-results.com/web?q...dis&prt=BDIE&chn=retail&geo=US&ver=4.0.0.1606
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: AffixaHandlerLib.BHO - {5adefb9e-b824-45e6-86e2-2b7941f5d6a3} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No File
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
PDF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B}
http://kitchenplanner.ikea.com/US/Core/Player/2020PlayerAX_IKEA_Win32.cab
PDF: HKLM-x32 {816BE035-1450-40D0-8A3B-BA7825A83A77}
http://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [20992] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
FireFox:
========
FF ProfilePath: C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\r9wplwpo.default
FF Homepage: hxxp://
www.easwaran.org/thoughts-for-the-day-quotes.html
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32:
google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.4 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Visualisateur 3D de 20-20 - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\r9wplwpo.default\Extensions\
2020Player_IKEA@2020Technologies.com
FF Extension: No Name - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\r9wplwpo.default\Extensions\morningCoffee@shaneliesegang
FF Extension: Affixa - Login Handler - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\r9wplwpo.default\Extensions\{732A141A-E40A-45c7-8F12-520284102A7D}
FF Extension: Affixa - Login Handler - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\r9wplwpo.default\Extensions\{732A141A-E40A-45c7-8F12-520284102A7E}
FF Extension: LeechBlock - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\r9wplwpo.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}
FF Extension: FoxTab - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\r9wplwpo.default\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF Extension: isreaditlater - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\r9wplwpo.default\Extensions\
isreaditlater@ideashower.com.xpi
FF Extension: morningCoffee - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\r9wplwpo.default\Extensions\
morningCoffee@shaneliesegang.xpi
FF Extension: No Name - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\r9wplwpo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\r9wplwpo.default\Extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}.xpi
Chrome:
=======
CHR Extension: (Google Drive) - C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Pandora) - C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl\1.0_0
CHR Extension: (Google Sheets) - C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\0.6_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (Skype Click to Call) - C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (Quick Note) - C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.8_0
CHR Extension: (Google Drawings) - C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme\0.7_0
CHR Extension: (Evernote Web Clipper) - C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.9.13_0
CHR Extension: (Yann Arthus-Bertrand) - C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\Extensions\plaekpceeonanmjojailaojkconcgofc\3_0
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143088 2013-05-07] (SUPERAntiSpyware.com)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-08] (Adobe Systems)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2012-09-24] (Lenovo.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
R2 NTI BackupNowEZSvr; C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe [45592 2011-09-23] (NTI Corporation)
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1019904 2009-08-28] (Lenovo Group Limited)
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1475896 2010-07-06] (Lenovo Group Limited)
==================== Drivers (Whitelisted) ====================
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S4 PCToolsFixToolInjDrv; C:\Program Files (x86)\PC Tools Security\pcttFixTool64.sys [55624 2011-05-24] ()
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2010-06-07] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [12728 2009-09-29] ()
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S1 StarOpen; No ImagePath
R1 TPPWRIF; System32\drivers\Tppwr64v.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-05-15 22:03 - 2013-05-15 22:03 - 00000000 ____D C:\FRST
2013-05-15 07:53 - 2013-04-05 00:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-15 07:53 - 2013-04-05 00:29 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-15 07:52 - 2013-04-05 02:52 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-15 07:52 - 2013-04-05 02:52 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-15 07:52 - 2013-04-05 02:52 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-15 07:52 - 2013-04-05 02:50 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-15 07:52 - 2013-04-05 02:50 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-15 07:52 - 2013-04-05 02:50 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-15 07:52 - 2013-04-05 02:50 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-15 07:52 - 2013-04-05 02:50 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-15 07:52 - 2013-04-05 02:50 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-15 07:52 - 2013-04-05 02:50 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-15 07:52 - 2013-04-05 02:50 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-15 07:52 - 2013-04-05 02:50 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-15 07:52 - 2013-04-05 02:50 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-15 07:52 - 2013-04-05 02:50 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-15 07:52 - 2013-04-05 01:28 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-15 07:52 - 2013-04-05 01:28 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-15 07:52 - 2013-04-05 01:26 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-15 07:52 - 2013-04-05 01:26 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-15 07:52 - 2013-04-05 01:26 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-15 07:52 - 2013-04-05 01:26 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-15 07:52 - 2013-04-05 01:26 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-15 07:52 - 2013-04-05 01:26 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-15 07:52 - 2013-04-05 01:26 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-15 07:52 - 2013-04-05 01:26 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-15 07:52 - 2013-04-05 01:26 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-15 07:52 - 2013-04-05 01:26 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-15 07:52 - 2013-04-05 01:26 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-15 07:52 - 2013-04-04 23:51 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-15 07:52 - 2013-04-04 23:38 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-14 14:57 - 2013-04-10 02:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-14 14:57 - 2013-04-10 02:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-14 14:57 - 2013-02-27 01:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-14 14:57 - 2013-02-27 01:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-14 14:57 - 2013-02-27 01:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-14 14:57 - 2013-02-27 00:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-14 14:57 - 2011-02-03 07:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-14 14:56 - 2013-04-09 23:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-14 14:56 - 2013-03-19 01:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-14 14:56 - 2013-03-19 01:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-14 14:56 - 2013-02-27 02:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-14 14:56 - 2013-02-27 01:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-14 14:56 - 2013-02-27 00:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-14 14:56 - 2013-02-27 00:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-13 22:53 - 2013-05-13 22:53 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-05-13 22:53 - 2013-05-13 22:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-05-13 22:32 - 2013-05-13 22:32 - 00001086 ____A C:\AdwCleaner[R2].txt
2013-05-13 20:42 - 2013-05-13 20:42 - 00025185 ____A C:\ComboFix.txt
2013-05-13 08:41 - 2013-05-13 08:41 - 00001577 ____A C:\Users\Barbara\Desktop\RKreport[2]_D_05132013_02d0841.txt
2013-05-13 08:39 - 2013-05-13 08:39 - 00001597 ____A C:\Users\Barbara\Desktop\RKreport[1]_S_05132013_02d0839.txt
2013-05-13 08:37 - 2013-05-13 08:40 - 00000000 ____D C:\Users\Barbara\Desktop\RK_Quarantine
2013-05-12 23:49 - 2013-05-12 23:49 - 00020031 ____A C:\Users\Barbara\Desktop\dds.txt
2013-05-12 23:49 - 2013-05-12 23:49 - 00013775 ____A C:\Users\Barbara\Desktop\attach.txt
2013-05-12 23:40 - 2013-05-12 23:40 - 00001819 ____A C:\Users\Barbara\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-05-12 23:40 - 2013-05-12 23:40 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-05-12 23:40 - 2013-05-12 23:40 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-05-12 23:39 - 2013-05-12 23:40 - 00000000 ____D C:\ProgramData\SUPERSetup
2013-05-12 22:35 - 2013-05-12 22:55 - 00002868 ____A C:\Users\Barbara\Desktop\unhide.txt
2013-05-12 22:19 - 2013-05-12 22:19 - 00002624 ____A C:\Users\Barbara\Desktop\Rkill.txt
2013-05-12 22:10 - 2013-05-12 22:11 - 00000174 ____A C:\Windows\DeleteOnReboot.bat
2013-05-12 22:09 - 2013-05-12 22:11 - 00002744 ____A C:\AdwCleaner[S1].txt
2013-05-12 22:08 - 2013-05-12 22:08 - 00002817 ____A C:\AdwCleaner[R1].txt
2013-05-12 20:06 - 2013-05-13 23:41 - 00073924 ____A C:\Windows\PFRO.log
2013-05-12 19:51 - 2011-06-26 02:45 - 00256000 ____A C:\Windows\PEV.exe
2013-05-12 19:51 - 2010-11-07 13:20 - 00208896 ____A C:\Windows\MBR.exe
2013-05-12 19:51 - 2009-04-20 00:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-05-12 19:51 - 2000-08-30 20:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-05-12 19:51 - 2000-08-30 20:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-05-12 19:51 - 2000-08-30 20:00 - 00098816 ____A C:\Windows\sed.exe
2013-05-12 19:51 - 2000-08-30 20:00 - 00080412 ____A C:\Windows\grep.exe
2013-05-12 19:51 - 2000-08-30 20:00 - 00068096 ____A C:\Windows\zip.exe
2013-05-12 19:49 - 2013-05-13 20:42 - 00000000 ___AD C:\Qoobox
2013-05-12 19:49 - 2013-05-12 20:11 - 00000000 ____D C:\Windows\erdnt
2013-05-12 19:00 - 2013-05-12 19:00 - 00000165 ____A C:\Users\Barbara\Documents\~$lowes lar charges 1.xlsx
2013-05-03 16:50 - 2013-05-03 16:50 - 00003388 ____A C:\Users\Barbara\.recently-used.xbel
2013-05-03 13:58 - 2013-05-03 13:58 - 00000000 ____D C:\Program Files (x86)\Canon
2013-05-03 13:58 - 2012-02-08 16:34 - 00320000 ____A (CANON INC.) C:\Windows\SysWOW64\CNC_BBL.dll
2013-05-03 13:58 - 2012-01-26 10:28 - 00081920 ____A C:\Windows\SysWOW64\CNC1764D.TBL
2013-05-03 13:58 - 2012-01-16 14:21 - 00103424 ____A (CANON INC.) C:\Windows\SysWOW64\CNC_BBU.dll
2013-05-03 13:58 - 2008-08-25 18:02 - 00015872 ____A (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2013-05-03 13:55 - 2012-04-16 05:00 - 00389120 ____A (CANON INC.) C:\Windows\System32\CNMLMBB.DLL
2013-05-03 13:55 - 2012-02-08 16:36 - 00363520 ____A (CANON INC.) C:\Windows\System32\CNC_BBL.dll
2013-05-03 13:55 - 2012-01-26 10:28 - 00081920 ____A C:\Windows\System32\CNC1764D.TBL
2013-05-03 13:55 - 2012-01-16 14:21 - 00287744 ____A (CANON INC.) C:\Windows\System32\CNC_BBC.dll
2013-05-03 13:55 - 2012-01-16 14:20 - 00106496 ____A (CANON INC.) C:\Windows\System32\CNC_BBI.dll
2013-05-03 13:55 - 2008-08-25 18:02 - 00017920 ____A (CANON INC.) C:\Windows\System32\CNHMCA6.dll
2013-04-30 15:55 - 2013-04-30 21:31 - 00013333 ____A C:\Users\Barbara\Documents\Property Summary.xlsx
2013-04-30 03:22 - 2013-04-30 03:22 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-04-30 03:22 - 2013-04-30 03:22 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-04-30 03:22 - 2013-04-30 03:22 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-04-30 03:22 - 2013-04-30 03:22 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-04-30 03:22 - 2013-04-30 03:22 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-04-30 03:22 - 2013-04-30 03:22 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-04-30 03:22 - 2013-04-30 03:22 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-04-30 03:22 - 2013-04-30 03:22 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-04-30 03:22 - 2013-04-30 03:22 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-04-30 03:22 - 2013-04-30 03:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-04-30 03:22 - 2013-04-30 03:22 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-04-30 03:22 - 2013-04-30 03:22 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-04-30 03:22 - 2013-04-30 03:22 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-04-30 03:22 - 2013-04-30 03:22 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-04-30 03:22 - 2013-04-30 03:22 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-04-30 03:22 - 2013-04-30 03:22 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-04-30 03:22 - 2013-04-30 03:22 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-04-30 03:22 - 2013-04-30 03:22 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-04-30 03:22 - 2013-04-30 03:22 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-04-30 03:22 - 2013-04-30 03:22 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-04-30 03:22 - 2013-04-30 03:22 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-04-30 03:22 - 2013-04-30 03:22 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-04-30 03:01 - 2013-04-30 03:25 - 00006999 ____A C:\Windows\IE10_main.log
2013-04-27 23:48 - 2013-04-27 23:52 - 00000000 ____D C:\Users\Barbara\Cloud Drive
2013-04-27 23:47 - 2013-04-27 23:47 - 00000000 ____D C:\Users\Barbara\AppData\Local\Amazon Cloud Drive
2013-04-27 23:42 - 2013-04-28 17:06 - 00000000 ____D C:\Users\Barbara\AppData\Local\Deployment
2013-04-27 23:42 - 2013-04-27 23:42 - 00000000 ____D C:\Users\Barbara\AppData\Local\Apps\2.0
2013-04-24 20:53 - 2013-05-15 22:02 - 00000384 ____A C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Barbara.job
2013-04-24 20:53 - 2013-05-15 19:34 - 00000378 ____A C:\Windows\Tasks\ReclaimerUpdateFiles_Barbara.job
2013-04-24 20:53 - 2013-05-14 22:33 - 00000374 ____A C:\Windows\Tasks\ReclaimerUpdateXML_Barbara.job
2013-04-24 07:41 - 2013-04-04 05:35 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-04-24 07:41 - 2013-04-04 05:30 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-04-24 07:41 - 2013-04-04 05:29 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-04-24 07:40 - 2013-04-24 07:41 - 00003915 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log
2013-04-23 20:09 - 2013-04-12 10:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-04-20 09:40 - 2013-04-20 09:40 - 00624584 ____A C:\Windows\Minidump\042013-32479-01.dmp
2013-04-19 22:47 - 2013-04-19 22:47 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2013-04-19 20:24 - 2013-04-19 20:27 - 00000000 ____D C:\Users\Barbara\.android
2013-04-19 20:24 - 2013-04-19 20:24 - 00000000 ____D C:\Users\Barbara\workspace
2013-04-19 20:10 - 2013-04-19 20:10 - 00000000 ____D C:\New Folder
2013-04-19 12:38 - 2012-08-29 02:24 - 00203104 ____A (DEVGURU Co., LTD.(
www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2013-04-19 12:38 - 2012-08-29 02:24 - 00102368 ____A (DEVGURU Co., LTD.(
www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
2013-04-19 12:38 - 2012-06-27 04:37 - 01490656 ____A (Microsoft Corporation) C:\Windows\System32\WdfCoInstaller01007.dll
2013-04-19 12:38 - 2012-06-27 04:37 - 00708168 ____A (Microsoft Corporation) C:\Windows\System32\WinUSBCoInstaller.dll
2013-04-19 12:36 - 2013-04-19 20:12 - 00000000 ____D C:\Verizon_Android
2013-04-19 12:36 - 2013-04-19 12:36 - 00000000 ____D C:\Users\Public\Documents\Verizon_Android
2013-04-19 12:35 - 2013-04-19 12:35 - 00000000 ____D C:\ProgramData\Samsung
2013-04-18 09:49 - 2013-04-18 09:49 - 00001191 ____A C:\Users\GuestUser\Desktop\WinASO Registry Optimizer.lnk
2013-04-18 09:49 - 2013-04-18 09:49 - 00001191 ____A C:\Users\Barbara\Desktop\WinASO Registry Optimizer.lnk