Jump to content

ak14

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I mean that the symptoms are the same as I described originally.
  2. Results of screen317's Security Check version 0.99.89 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 71 Java version out of Date! Adobe Flash Player 15.0.0.152 Mozilla Firefox 32.0.3 Firefox out of Date! Google Chrome 38.0.2125.104 Google Chrome 38.0.2125.111 ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````
  3. ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=40e9e6f057aec9478039730668bd55e7 # engine=21119 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=false # utc_time=2014-11-16 11:33:33 # local_time=2014-11-16 03:33:33 (-0800, Pacific Standard Time) # country="United States" # lang=1033 # osver=6.2.9200 NT # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 0 6398732 0 0 # scanned=24605 # found=2 # cleaned=0 # scan_time=533 sh=85C2E758DADB8A93064CA5CEDF96BC69C021B84C ft=1 fh=1f9bbc275addc6d3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1311062009-36715212-3114003710-1001\$R4DUW7B.exe" sh=0A75721B87275CA9C53AAE14A3D90E4B63FC0742 ft=1 fh=c1d2c9d66908a615 vn="a variant of MSIL/Adware.iBryte.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lucy\AppData\Local\Search Extensions\Client.exe.vir"
  4. I don't think there's anything to update. The machine shows the same behavior it did when we started. I accidentally installed BrowserSafeguard with RocketTab. Uninstalling using Programs & Features does not work. Also tried Revo Uninstaller but the program doesn't show up at all there. My dad managed to keep it from running at startup by deleting some registry keys, but I still see it listed in Programs & Features and I want to be sure it is gone from my system. What do I need to do? I should add that browsersafeguard with rockettab only shows up in the user account I was originally running the tests on. The administrator account is unaffected. Have you noticed anything in the logs I have posted so far?
  5. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2014 Ran by Jeff at 2014-11-15 15:13:11 Running from C:\Users\Lucy\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 5600 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden 5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden 5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) ActiveState Komodo Edit 8.5.3 (HKLM-x32\...\{E65B87D8-30C4-4FB0-8C24-AFD64950A881}) (Version: 8.5.3 - ActiveState Software Inc.) Adobe Acrobat XI Pro (HKLM-x32\...\{23D3F585-AE29-4670-8E3E-64A0EFB29240}) (Version: 11.0 - Adobe Systems Incorporated) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems) Adobe Audition CC 2014 (HKLM-x32\...\{F3388E10-EFA9-4A80-B28E-2E647F8D00C4}) (Version: 7.1.0 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated) Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated) Adobe Edge Code CC (HKLM-x32\...\{641F742F-1497-51B4-F481-1037096A90A0}) (Version: 0.97 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.1.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.5 64-bit (HKLM\...\{19BBD0F3-7A31-480D-8A23-19AE28035E9C}) (Version: 5.5.0 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.1.0 - Adobe Systems Incorporated) AIO_CDB_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden Amazon Cloud Player (HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC) Amazon Kindle (HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Amazon Kindle) (Version: - Amazon) Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) bl (x32 Version: 1.0.0 - Your Company Name) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden calibre (HKLM-x32\...\{ABCDCEDE-BB81-4169-8A5B-3776D7DBCDC5}) (Version: 1.42.0 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.) Dell Digital Delivery (HKLM-x32\...\{03A9F528-A754-460F-B2C1-AC125A147114}) (Version: 2.8.5000.0 - Dell Products, LP) Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.) Dell System Detect (HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\9204f5692a8faf3b) (Version: 5.6.0.4 - Dell) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.) Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden Dropbox (HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.) DSC/AA Factory Installer (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden DVDFab 9.1.5.9 (25/07/2014) (HKLM-x32\...\DVDFab 9 US_is1) (Version: - Fengtao Software Inc.) Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION) Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.3.0 - SEIKO EPSON CORPORATION) Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation) Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.51.00 - SEIKO EPSON CORPORATION) Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.30.00 - SEIKO EPSON Corp.) EPSON WF-3620 Series Printer Uninstall (HKLM\...\EPSON WF-3620 Series) (Version: - SEIKO EPSON Corporation) Epson WF-3620 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson WF-3620 User’s Guide_is1) (Version: 1.0 - ) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION) Evernote v. 5.6.4 (HKLM-x32\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.) Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff) Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse) foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - ) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Innovative Millennium (HKLM-x32\...\Innovative Millennium) (Version: 1.0.0.0 - Innovative Interfaces) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.13.1402 - Intel Corporation) Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation) Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation) iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation) KeePass Password Safe 1.27 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.27 - Dominik Reichl) Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Mavis Beacon Teaches Typing Platinum 20 (HKLM-x32\...\{58F9D852-9443-4955-A1ED-12C9E0504DD0}) (Version: 20.00.0000 - Broderbund) MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) Mp3tag v2.64 (HKLM-x32\...\Mp3tag) (Version: v2.64 - Florian Heidenreich) MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.) Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation) NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA PhysX System Software 9.13.0325 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0325 - NVIDIA Corporation) NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) ph (x32 Version: 1.0.0 - Your Company Name) Hidden Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.) Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) ShareX 9.3.1 (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 9.3.1 - ShareX Developers) Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION) SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden Spotify (HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Spotify) (Version: 0.9.13.24.g5dbb3103 - Spotify AB) Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden Subsonic (HKLM-x32\...\Subsonic) (Version: - ) SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 6.5.38.0 - 2BrightSparks) TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.) TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) XAMPP (HKLM-x32\...\xampp) (Version: 1.8.2-6 - Bitnami) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 30-10-2014 04:11:44 Scheduled Checkpoint 03-11-2014 05:17:13 Installed EpsonNet Print 05-11-2014 05:55:43 Installed Software Updater 08-11-2014 22:02:51 Windows Update 12-11-2014 05:30:56 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0711DEE6-68A7-489F-94F2-9EB4708D8D8E} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {110D1E11-C1E3-436F-B7CC-13094C23A9E0} - System32\Tasks\EPSON WF-3620 Series Invitation {7F847599-713C-41FD-9943-03D5940A6824} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {20F7F339-2AC0-4FA6-A334-5F3F92ED38FA} - System32\Tasks\EPSON WF-3620 Series Update {F786A631-072D-4D7F-A38A-EFA0E61E7CF9} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {296BE6B7-7753-4677-9BEB-921B8CA7E754} - System32\Tasks\EPSON WF-3620 Series Invitation {F786A631-072D-4D7F-A38A-EFA0E61E7CF9} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {4156E0E9-54AA-41E0-A9B8-FD2BE37643D8} - System32\Tasks\AdobeAAMUpdater-1.0-upstairs-office-Jeff => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated) Task: {53E3CF9D-BE85-4022-AD92-BFAE64AFE791} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.) Task: {74573C65-E219-42B1-923B-15143C55BBF3} - System32\Tasks\EPSON WF-3620 Series Update {7F847599-713C-41FD-9943-03D5940A6824} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {7A358956-281D-4D92-8D1B-19F09C145739} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.) Task: {A836FA1C-18F1-465A-9D3E-FA436AC4B15A} - System32\Tasks\AdobeAAMUpdater-1.0-upstairs-office-Tracy => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated) Task: {B295500F-53A7-4063-A1AC-20443D0BF19E} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-02] (CyberLink Corp.) Task: {C2D780D1-9650-4F2C-8493-506DDE8ACDBA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => c:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {C4930F57-5044-4F7D-90BD-BB10A6C37E43} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.) Task: {C7A79EF0-EB81-4C90-A1CF-1E0A3C5CC10D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd) Task: {D736C959-E7CE-4D2B-B570-54D2227396F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.) Task: {D7BFC918-BD65-4E82-B581-B5DEA654437B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.) Task: {DD48053F-CF9A-4751-A613-A496605BDBED} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-11] (Microsoft Corporation) Task: {F4FAB109-1A38-4CFA-A2AE-33C3EC968ACA} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-02] (CyberLink) Task: {F9DEFB81-55FC-4E09-B612-0549F91A4C19} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] () Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {7F847599-713C-41FD-9943-03D5940A6824}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {7F847599-713C-41FD-9943-03D5940A6824}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-12-02 20:56 - 2012-04-24 18:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2014-09-21 04:42 - 2014-09-21 04:42 - 00259584 _____ () C:\Program Files (x86)\Subsonic\subsonic-service.exe 2014-03-29 16:42 - 2014-03-04 05:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-09-26 13:41 - 2014-09-26 13:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2014-05-01 11:29 - 2014-05-01 11:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2012-12-28 13:39 - 2012-12-28 13:39 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2012-12-28 13:36 - 2012-12-28 13:36 - 00084480 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll 2012-12-28 13:41 - 2012-12-28 13:41 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe 2014-09-21 04:42 - 2014-09-21 04:42 - 00253952 _____ () C:\Program Files (x86)\Subsonic\subsonic-agent.exe 2012-12-28 13:42 - 2012-12-28 13:42 - 00384128 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ContactsApi.dll 2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-12-02 20:45 - 2013-07-16 17:39 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll 2014-11-15 15:11 - 2014-11-15 15:11 - 00043008 _____ () c:\users\jeff\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8pg0mh.dll 2013-08-23 11:01 - 2013-08-23 11:01 - 25100288 _____ () C:\Users\Jeff\AppData\Roaming\Dropbox\bin\libcef.dll 2014-08-26 15:47 - 2014-08-26 15:47 - 00436576 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll 2014-08-26 15:47 - 2014-08-26 15:47 - 00318304 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll 2013-12-02 20:54 - 2012-06-07 19:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Jeff\SkyDrive:ms-properties AlternateDataStreams: C:\Users\Jeff\Documents\Matt, Jennifer, Olive and Theo Contact Info.eml:OECustomProperty AlternateDataStreams: C:\Users\Jeff\Documents\REVIEW_ QUALLS ON LIKHACHEV, _REFLECTIONS ON THE RUSSIAN SOUL_.eml:OECustomProperty AlternateDataStreams: C:\Users\Jeff\Documents\Re_ help w_ Dziga Vertov research.eml:OECustomProperty AlternateDataStreams: C:\Users\Lucy\Documents\Science project sources.docx:AFP_AfpInfo ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "BCSSync" HKLM\...\StartupApproved\Run32: => "RemoteControl10" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKCU\...\StartupApproved\Run: => "DellSystemDetect" HKCU\...\StartupApproved\Run: => "Amazon Cloud Player" HKCU\...\StartupApproved\Run: => "TomTomHOME.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-1311062009-36715212-3114003710-500 - Administrator - Disabled) Amos (S-1-5-21-1311062009-36715212-3114003710-1008 - Limited - Enabled) => C:\Users\Amos Guest (S-1-5-21-1311062009-36715212-3114003710-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1311062009-36715212-3114003710-1007 - Limited - Enabled) Jeff (S-1-5-21-1311062009-36715212-3114003710-1001 - Administrator - Enabled) => C:\Users\Jeff Lucy (S-1-5-21-1311062009-36715212-3114003710-1009 - Limited - Enabled) => C:\Users\Lucy Tracy (S-1-5-21-1311062009-36715212-3114003710-1010 - Limited - Enabled) => C:\Users\Tracy ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s). Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel® Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s). Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s). Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel® ME Service service terminated unexpectedly. It has done this 1 time(s). Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The IconMan_R service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel® Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s). Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The TomTomHOMEService service terminated unexpectedly. It has done this 1 time(s). Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The TightVNC Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The ZAtheros Wlan Agent service terminated unexpectedly. It has done this 1 time(s). Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-11-15 11:31:57.378 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-13 17:23:36.534 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-12 20:37:11.468 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-10 16:49:08.329 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-10 16:49:08.022 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-08 19:46:31.044 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-01 18:34:03.303 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-01 18:34:03.178 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-01 18:34:02.584 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-01 18:34:02.444 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel® Core i5-4440 CPU @ 3.10GHz Percentage of memory in use: 23% Total physical RAM: 8143.23 MB Available physical RAM: 6206.89 MB Total Pagefile: 9423.23 MB Available Pagefile: 7272.38 MB Total Virtual: 131072 MB Available Virtual: 131071.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:917.26 GB) (Free:752.35 GB) NTFS Drive e: (Disk 2) (Fixed) (Total:1397.26 GB) (Free:1264.17 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: D5D3F389) Partition: GPT Partition Type. ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 1397.3 GB) (Disk ID: 18AC11E4) Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  6. Here are the logfiles from the administrator account Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014Ran by Jeff (administrator) on UPSTAIRS-OFFICE on 15-11-2014 15:12:17Running from C:\Users\Lucy\DownloadsLoaded Profile: Jeff (Available profiles: Jeff & Amos & Lucy & Tracy)Platform: Windows 8.1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe() C:\Program Files (x86)\Subsonic\subsonic-service.exe() C:\Program Files (x86)\Subsonic\subsonic-service.exe(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe(Spotify Ltd) C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKEE.EXE(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKEE.EXE(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe() C:\Program Files (x86)\Subsonic\subsonic-agent.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe(Dropbox, Inc.) C:\Users\Jeff\AppData\Roaming\Dropbox\bin\Dropbox.exe(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-05-10] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)HKLM\...\Run: [btPreLoad] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] ()HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2014-05-26] (SEIKO EPSON CORPORATION)HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2014-05-26] (SEIKO EPSON CORPORATION)HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)HKLM\...\Policies\Explorer\Run: [btvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] ( (Qualcomm Atheros Commnucations))HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Run: [DellSystemDetect] => C:\Users\Jeff\AppData\Local\Apps\2.0\WOEOCOXL.X14\QWV3R6TE.8EW\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe [258160 2014-03-29] (Dell)HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Run: [Amazon Cloud Player] => C:\Users\Jeff\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Run: [spotify Web Helper] => C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-10-03] (Spotify Ltd)HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnkShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Subsonic.lnkShortcutTarget: Subsonic.lnk -> C:\Program Files (x86)\Subsonic\subsonic-agent.exe ()Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnkShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJBHKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJBSearchScopes: HKLM - {113E9388-C4CC-4613-805D-B9816761A470} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJBSearchScopes: HKLM-x32 - {113E9388-C4CC-4613-805D-B9816761A470} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJBSearchScopes: HKCU - {113E9388-C4CC-4613-805D-B9816761A470} URL = BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)Tcpip\Parameters: [DhcpNameServer] 192.168.11.1 FireFox:========FF ProfilePath: C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\nd57xi6a.defaultFF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)FF Extension: DownloadHelper - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\nd57xi6a.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-28]FF Extension: Default Full Zoom Level - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\nd57xi6a.default\Extensions\{D9A7CBEC-DE1A-444f-A092-844461596C4D} [2014-09-28]FF Extension: NoScript - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\nd57xi6a.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-08-16]FF Extension: Web Developer - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\nd57xi6a.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-10-19]FF Extension: Adblock Plus - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\nd57xi6a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-14]FF Extension: LibX - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\nd57xi6a.default\Extensions\{d75de36c-af0d-4dc2-b63a-0d482d4b9815}.xpi [2014-07-24]FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtnFF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-03-29]FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK Chrome: =======CHR HomePage: Default -> hxxp://www.netvibes.com/privatepage/3#Start_PageCHR StartupUrls: Default -> "hxxp://www.netvibes.com/privatepage/3#Start_Page"CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}CHR Profile: C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Entanglement Web App) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-03-29]CHR Extension: (Awesome Screenshot App) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\afkccfnochoebimhhniekgcegeeiepmi [2014-07-18]CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-05-23]CHR Extension: (Google Docs) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-29]CHR Extension: (Google Drive) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-29]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]CHR Extension: (ColorZilla) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2014-03-29]CHR Extension: (YouTube) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-29]CHR Extension: (Adblock Plus) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-29]CHR Extension: (Google Search) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-29]CHR Extension: (Email this page (by Google)) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbeoemfhkdniadbojeencpkgmobndpai [2014-03-29]CHR Extension: (Swap My Cookies) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\dffhipnliikkblkhpjapbecpmoilcama [2014-03-29]CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2014-03-29]CHR Extension: (NYTimes) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmphppfkcfflgglcokcbdkofpfegoel [2014-03-29]CHR Extension: (Gmail Offline) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-03-29]CHR Extension: (Zotero Connector) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2014-03-29]CHR Extension: (Google Play Music) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-10-06]CHR Extension: (LibX for Google Chrome ) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkfoaiikoedjcjlpnnaidojhfchiafk [2014-03-29]CHR Extension: (Pixlr Editor) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2014-03-29]CHR Extension: (Google Play Music) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2014-03-29]CHR Extension: (SourceKit) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\iieeldjdihkpoapgipfkeoddjckopgjg [2014-03-29]CHR Extension: (StackEdit) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiooodelglhkcpgbajoejffhijaclcdg [2014-03-29]CHR Extension: (Dropbox) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-03-29]CHR Extension: (Cookies) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\iphcomljdfghbkdcfndaijbokpgddeno [2014-03-29]CHR Extension: (Viewport Resizer) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\kapnjjcfcncngkadhpmijlkblpibdcgm [2014-04-05]CHR Extension: (ChromeVox) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgejglhpjiefppelpmljglcjbhoiplfn [2014-03-29]CHR Extension: (ShiftEdit) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgmndephhjcabhhjfcmncnhbmgbkpij [2014-03-29]CHR Extension: (Poppit!) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-03-29]CHR Extension: (Cloud9) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbdmccoknlfggadpfkmcpnamfnbkmkcp [2014-03-29]CHR Extension: (OneDrive) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2014-03-29]CHR Extension: (RSS Subscription Extension (by Google)) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2014-03-29]CHR Extension: (Google Wallet) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-29]CHR Extension: (imo free video calls and text) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi [2014-03-29]CHR Extension: (Check My Links) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf [2014-03-29]CHR Extension: (Gmail) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-29]CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-07-16] (Intel Corporation)S3 iumsvc; c:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-07-16] (Intel Corporation)R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-13] (Microsoft Corporation)S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-05] (Microsoft Corporation)R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [224840 2013-05-10] (Realtek Semiconductor)R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-15] (DEVGURU Co., LTD.)S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)R2 Subsonic; C:\Program Files (x86)\Subsonic\subsonic-service.exe [259584 2014-09-21] () [File not signed]R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-24] (Windows ® Win 7 DDK provider)S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-24] (Windows ® Win 7 DDK provider)S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-15 15:11 - 2014-11-15 15:11 - 00000000 ___RD () C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices2014-11-15 15:11 - 2014-11-15 15:11 - 00000000 ____D () C:\Users\Lucy\Downloads\FRST-OlderVersion2014-11-15 15:10 - 2014-11-15 15:10 - 00000927 _____ () C:\Users\Public\frst.txt2014-11-15 15:07 - 2014-11-15 15:07 - 00000000 ___RD () C:\Users\Lucy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices2014-11-15 11:10 - 2014-11-15 11:10 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll2014-11-15 11:10 - 2014-11-15 11:10 - 00000000 ____D () C:\Program Files\Java2014-11-15 11:09 - 2014-11-15 11:09 - 92658088 _____ (Oracle Corporation) C:\Users\Jeff\Downloads\jre-8u25-windows-x64.exe2014-11-15 11:07 - 2014-11-15 11:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-11-13 20:28 - 2014-11-13 20:28 - 02140160 _____ () C:\Users\Lucy\Downloads\AdwCleaner.exe2014-11-13 20:23 - 2014-11-13 20:23 - 00000621 _____ () C:\Users\Lucy\Desktop\JRT.txt2014-11-13 20:20 - 2014-11-13 20:20 - 01706808 _____ (Thisisu) C:\Users\Lucy\Downloads\JRT (1).exe2014-11-13 20:00 - 2014-11-13 20:00 - 00000000 ___RD () C:\Users\Amos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices2014-11-12 21:51 - 2014-11-12 21:51 - 00029143 _____ () C:\Users\Lucy\Downloads\Addition.txt2014-11-12 21:50 - 2014-11-15 15:12 - 00030305 _____ () C:\Users\Lucy\Downloads\FRST.txt2014-11-12 21:49 - 2014-11-15 15:12 - 00000000 ____D () C:\FRST2014-11-12 21:38 - 2014-11-15 15:11 - 02116608 _____ (Farbar) C:\Users\Lucy\Downloads\FRST64.exe2014-11-12 21:29 - 2014-11-12 21:32 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2014-11-12 21:29 - 2014-11-12 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-11-12 21:29 - 2014-11-12 21:29 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-11-12 21:29 - 2014-11-12 21:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-11-12 21:29 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2014-11-12 21:29 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys2014-11-12 21:29 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2014-11-12 21:28 - 2014-11-12 21:28 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Amos\Downloads\mbam-setup-2.0.3.1025.exe2014-11-11 21:30 - 2014-10-12 18:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe2014-11-11 21:30 - 2014-10-10 16:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll2014-11-11 21:30 - 2014-10-10 16:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll2014-11-11 21:30 - 2014-10-09 17:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys2014-11-11 21:30 - 2014-10-09 17:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys2014-11-11 21:30 - 2014-10-09 17:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys2014-11-11 21:30 - 2014-10-07 23:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll2014-11-11 21:30 - 2014-10-07 23:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll2014-11-11 21:30 - 2014-10-07 23:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll2014-11-11 21:30 - 2014-10-07 23:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll2014-11-11 21:30 - 2014-10-07 23:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll2014-11-11 21:30 - 2014-10-07 23:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll2014-11-11 21:30 - 2014-10-07 22:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll2014-11-11 21:30 - 2014-10-07 22:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll2014-11-11 21:30 - 2014-10-07 22:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll2014-11-11 21:30 - 2014-10-07 22:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll2014-11-11 21:30 - 2014-10-07 22:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll2014-11-11 21:30 - 2014-10-07 22:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll2014-11-11 21:30 - 2014-10-07 21:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll2014-11-11 21:30 - 2014-10-07 21:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll2014-11-11 21:30 - 2014-10-07 21:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll2014-11-11 21:30 - 2014-09-26 23:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll2014-11-11 21:30 - 2014-09-26 21:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll2014-11-11 21:30 - 2014-09-26 19:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll2014-11-11 21:30 - 2014-09-26 19:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll2014-11-11 21:30 - 2014-09-26 19:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll2014-11-11 21:30 - 2014-09-21 20:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll2014-11-11 21:30 - 2014-09-21 19:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys2014-11-11 21:30 - 2014-09-21 19:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys2014-11-11 21:30 - 2014-09-21 18:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys2014-11-11 21:30 - 2014-09-18 16:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll2014-11-11 21:30 - 2014-09-02 14:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll2014-11-11 21:30 - 2014-09-02 14:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll2014-11-11 21:29 - 2014-10-30 21:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2014-11-11 21:29 - 2014-10-30 21:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe2014-11-11 21:29 - 2014-10-30 21:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe2014-11-11 21:29 - 2014-10-30 21:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe2014-11-11 21:29 - 2014-10-30 21:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll2014-11-11 21:29 - 2014-10-30 21:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe2014-11-11 21:29 - 2014-10-30 21:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll2014-11-11 21:29 - 2014-10-30 21:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll2014-11-11 21:29 - 2014-10-30 21:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll2014-11-11 21:29 - 2014-10-30 21:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll2014-11-11 21:29 - 2014-10-30 21:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll2014-11-11 21:29 - 2014-10-30 21:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec2014-11-11 21:29 - 2014-10-30 21:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll2014-11-11 21:29 - 2014-10-30 20:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll2014-11-11 21:29 - 2014-10-30 20:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll2014-11-11 21:29 - 2014-10-30 20:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll2014-11-11 21:29 - 2014-10-30 20:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll2014-11-11 21:29 - 2014-10-30 20:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll2014-11-11 21:29 - 2014-10-30 20:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll2014-11-11 21:29 - 2014-10-30 20:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe2014-11-11 21:29 - 2014-10-30 20:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe2014-11-11 21:29 - 2014-10-30 20:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll2014-11-11 21:29 - 2014-10-30 20:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll2014-11-11 21:29 - 2014-10-30 20:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll2014-11-11 21:29 - 2014-10-30 20:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll2014-11-11 21:29 - 2014-10-30 20:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll2014-11-11 21:29 - 2014-10-30 20:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll2014-11-11 21:29 - 2014-10-30 20:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx2014-11-11 21:29 - 2014-10-30 20:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll2014-11-11 21:29 - 2014-10-30 20:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll2014-11-11 21:29 - 2014-10-30 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll2014-11-11 21:29 - 2014-10-30 20:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll2014-11-11 21:29 - 2014-10-30 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll2014-11-11 21:29 - 2014-10-30 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll2014-11-11 21:29 - 2014-10-30 20:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll2014-11-11 21:29 - 2014-10-30 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll2014-11-11 21:29 - 2014-10-30 20:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll2014-11-11 21:29 - 2014-10-30 20:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll2014-11-11 21:29 - 2014-10-30 20:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll2014-11-11 21:29 - 2014-10-30 20:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe2014-11-11 21:29 - 2014-10-30 20:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl2014-11-11 21:29 - 2014-10-30 19:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll2014-11-11 21:29 - 2014-10-30 19:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll2014-11-11 21:29 - 2014-10-30 19:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll2014-11-11 21:29 - 2014-10-30 19:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2014-11-11 21:29 - 2014-10-30 19:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll2014-11-11 21:29 - 2014-10-30 19:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll2014-11-11 21:29 - 2014-10-30 19:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe2014-11-11 21:29 - 2014-10-30 19:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe2014-11-11 21:29 - 2014-10-30 19:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe2014-11-11 21:29 - 2014-10-30 19:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll2014-11-11 21:29 - 2014-10-30 19:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe2014-11-11 21:29 - 2014-10-30 19:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll2014-11-11 21:29 - 2014-10-30 19:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll2014-11-11 21:29 - 2014-10-30 19:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll2014-11-11 21:29 - 2014-10-30 19:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec2014-11-11 21:29 - 2014-10-30 19:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll2014-11-11 21:29 - 2014-10-30 19:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll2014-11-11 21:29 - 2014-10-30 19:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll2014-11-11 21:29 - 2014-10-30 19:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll2014-11-11 21:29 - 2014-10-30 19:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll2014-11-11 21:29 - 2014-10-30 19:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll2014-11-11 21:29 - 2014-10-30 19:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll2014-11-11 21:29 - 2014-10-30 19:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll2014-11-11 21:29 - 2014-10-30 19:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll2014-11-11 21:29 - 2014-10-30 19:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll2014-11-11 21:29 - 2014-10-30 19:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe2014-11-11 21:29 - 2014-10-30 19:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll2014-11-11 21:29 - 2014-10-30 19:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll2014-11-11 21:29 - 2014-10-30 19:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll2014-11-11 21:29 - 2014-10-30 18:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll2014-11-11 21:29 - 2014-10-30 18:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll2014-11-11 21:29 - 2014-10-30 18:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll2014-11-11 21:29 - 2014-10-30 18:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx2014-11-11 21:29 - 2014-10-30 18:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll2014-11-11 21:29 - 2014-10-30 18:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll2014-11-11 21:29 - 2014-10-30 18:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll2014-11-11 21:29 - 2014-10-30 18:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll2014-11-11 21:29 - 2014-10-30 18:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll2014-11-11 21:29 - 2014-10-30 18:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll2014-11-11 21:29 - 2014-10-30 18:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll2014-11-11 21:29 - 2014-10-30 18:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll2014-11-11 21:29 - 2014-10-30 18:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll2014-11-11 21:29 - 2014-10-30 18:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll2014-11-11 21:29 - 2014-10-30 18:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll2014-11-11 21:29 - 2014-10-30 18:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl2014-11-11 21:29 - 2014-10-30 18:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll2014-11-11 21:29 - 2014-10-30 18:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll2014-11-11 21:29 - 2014-10-30 18:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll2014-11-11 21:29 - 2014-10-30 18:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll2014-11-11 21:29 - 2014-10-30 18:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll2014-11-11 21:29 - 2014-10-30 18:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll2014-11-11 21:29 - 2014-10-18 01:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe2014-11-11 21:29 - 2014-10-18 00:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll2014-11-11 21:29 - 2014-10-18 00:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll2014-11-11 21:29 - 2014-10-17 23:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll2014-11-11 21:29 - 2014-10-17 22:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll2014-11-11 21:29 - 2014-10-17 22:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll2014-11-11 21:29 - 2014-10-17 22:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe2014-11-11 21:29 - 2014-10-17 22:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll2014-11-11 21:29 - 2014-10-17 22:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll2014-11-11 21:29 - 2014-10-17 22:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll2014-11-11 21:29 - 2014-10-17 22:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll2014-11-11 21:29 - 2014-10-17 22:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll2014-11-11 21:29 - 2014-10-17 22:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll2014-11-11 21:29 - 2014-10-17 22:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe2014-11-11 21:29 - 2014-10-17 22:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll2014-11-11 21:29 - 2014-10-17 22:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll2014-11-11 21:29 - 2014-10-16 23:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll2014-11-11 21:29 - 2014-10-16 22:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll2014-11-11 21:28 - 2014-10-22 21:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll2014-11-11 21:28 - 2014-10-22 21:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll2014-11-11 21:28 - 2014-10-06 22:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll2014-11-11 21:28 - 2014-10-06 22:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll2014-11-11 21:28 - 2014-10-06 22:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll2014-11-11 21:28 - 2014-10-06 22:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe2014-11-11 21:28 - 2014-10-06 22:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll2014-11-11 21:28 - 2014-10-06 19:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll2014-11-11 21:28 - 2014-10-06 19:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll2014-11-11 21:28 - 2014-10-06 19:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll2014-11-11 21:28 - 2014-10-06 19:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys2014-11-11 21:28 - 2014-10-06 17:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll2014-11-11 21:28 - 2014-10-06 17:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll2014-11-11 21:28 - 2014-09-09 22:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys2014-11-11 21:28 - 2014-09-07 19:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys2014-11-11 21:28 - 2014-09-07 19:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS2014-11-11 21:28 - 2014-09-07 14:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml2014-11-11 21:28 - 2014-09-04 14:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll2014-11-11 21:28 - 2014-09-04 14:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll2014-11-11 21:28 - 2014-09-03 19:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll2014-11-11 21:28 - 2014-09-03 18:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll2014-11-11 21:28 - 2014-09-03 17:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll2014-11-11 21:28 - 2014-09-03 16:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll2014-11-11 21:28 - 2014-08-30 16:17 - 00148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS2014-11-11 21:28 - 2014-08-30 16:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll2014-11-11 21:28 - 2014-08-30 14:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll2014-11-11 21:28 - 2014-08-30 14:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll2014-11-11 21:28 - 2014-08-30 13:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll2014-11-11 21:28 - 2014-08-30 13:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll2014-11-11 21:28 - 2014-08-30 12:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll2014-11-11 21:28 - 2014-08-30 12:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll2014-11-11 21:28 - 2014-08-27 18:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe2014-11-11 21:28 - 2014-08-27 16:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll2014-11-11 21:28 - 2014-08-27 16:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll2014-11-11 21:28 - 2014-08-22 21:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll2014-11-11 21:28 - 2014-08-22 21:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll2014-11-11 21:28 - 2014-08-22 21:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll2014-11-11 21:28 - 2014-08-22 21:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll2014-11-11 21:28 - 2014-08-22 20:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll2014-11-11 21:28 - 2014-08-01 16:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll2014-11-11 21:28 - 2014-08-01 16:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll2014-11-09 12:46 - 2014-11-09 12:46 - 00000000 ___RD () C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices2014-11-09 11:04 - 2014-11-09 11:04 - 00000000 ____D () C:\Users\Amos\AppData\Roaming\Epson2014-11-09 11:04 - 2014-11-09 11:04 - 00000000 _____ () C:\Users\Amos\Sti_Trace.log2014-11-08 19:34 - 2014-11-11 16:25 - 00000000 ____D () C:\Users\Jeff\Downloads\cale-vintage violence2014-11-07 10:47 - 2014-11-07 10:47 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\Epson2014-11-07 10:47 - 2014-11-07 10:47 - 00000000 _____ () C:\Users\Tracy\Sti_Trace.log2014-11-06 20:51 - 2014-11-06 20:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lucy\Downloads\revosetup (1).exe2014-11-06 20:40 - 2014-11-06 20:40 - 00000302 _____ () C:\Users\Lucy\Documents\cc_20141106_204022.reg2014-11-06 20:18 - 2014-11-06 20:18 - 00000135 _____ () C:\Users\Public\regkey.txt2014-11-06 20:14 - 2014-11-06 20:14 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC2014-11-06 20:14 - 2014-11-06 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner2014-11-06 20:14 - 2014-11-06 20:14 - 00000000 ____D () C:\Program Files\CCleaner2014-11-06 20:13 - 2014-11-06 20:14 - 04976456 _____ (Piriform Ltd) C:\Users\Jeff\Downloads\ccsetup419.exe2014-11-06 20:07 - 2014-11-06 20:07 - 01706939 _____ (Thisisu) C:\Users\Lucy\Downloads\JRT.exe2014-11-06 20:07 - 2014-11-06 20:07 - 00000000 ____D () C:\WINDOWS\ERUNT2014-11-06 20:05 - 2014-11-06 20:05 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lucy\Downloads\revosetup.exe2014-11-06 20:05 - 2014-11-06 20:05 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group2014-11-06 19:55 - 2014-11-13 20:32 - 00000000 ____D () C:\AdwCleaner2014-11-06 19:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll2014-11-06 19:54 - 2014-11-06 19:55 - 01375089 _____ () C:\Users\Jeff\Downloads\AdwCleaner.exe2014-11-06 19:39 - 2014-11-06 19:39 - 00000000 __SHD () C:\Users\Lucy\AppData\Local\EmieUserList2014-11-06 19:39 - 2014-11-06 19:39 - 00000000 __SHD () C:\Users\Lucy\AppData\Local\EmieSiteList2014-11-06 19:25 - 2014-11-06 19:25 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\Mozilla2014-11-06 19:25 - 2014-11-06 19:25 - 00000000 ____D () C:\Users\Lucy\AppData\Local\Mozilla2014-11-05 21:35 - 2014-11-06 20:23 - 00000365 _____ () C:\Users\Lucy\Sti_Trace.log2014-11-05 21:35 - 2014-11-05 21:35 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\Epson2014-11-04 21:58 - 2014-11-04 21:59 - 03545416 _____ () C:\Users\Jeff\Downloads\EpsonConnect130.exe2014-11-04 20:58 - 2014-11-04 20:58 - 00000069 _____ () C:\Users\Jeff\Documents\DesignLibrary_Photoshop.log2014-11-04 18:40 - 2014-11-04 18:40 - 00010240 _____ () C:\Users\Jeff\Downloads\Doodle.xls2014-11-03 21:13 - 2014-11-04 18:26 - 00002555 _____ () C:\Users\Jeff\Sti_Trace.log2014-11-02 21:36 - 2014-11-15 14:36 - 00000951 _____ () C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}.job2014-11-02 21:36 - 2014-11-15 14:36 - 00000765 _____ () C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}.job2014-11-02 21:36 - 2014-11-02 21:36 - 00003982 _____ () C:\WINDOWS\System32\Tasks\EPSON WF-3620 Series Update {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}2014-11-02 21:36 - 2014-11-02 21:36 - 00003796 _____ () C:\WINDOWS\System32\Tasks\EPSON WF-3620 Series Invitation {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}2014-11-02 21:27 - 2014-11-02 21:27 - 00000045 _____ () C:\WINDOWS\WF-3620.ini2014-11-02 21:21 - 2014-11-15 14:21 - 00000951 _____ () C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {7F847599-713C-41FD-9943-03D5940A6824}.job2014-11-02 21:21 - 2014-11-15 14:21 - 00000765 _____ () C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {7F847599-713C-41FD-9943-03D5940A6824}.job2014-11-02 21:21 - 2014-11-02 21:21 - 00003982 _____ () C:\WINDOWS\System32\Tasks\EPSON WF-3620 Series Update {7F847599-713C-41FD-9943-03D5940A6824}2014-11-02 21:21 - 2014-11-02 21:21 - 00003796 _____ () C:\WINDOWS\System32\Tasks\EPSON WF-3620 Series Invitation {7F847599-713C-41FD-9943-03D5940A6824}2014-11-02 21:20 - 2014-11-02 21:20 - 00000000 ____D () C:\Program Files\Common Files\EPSON2014-11-02 21:18 - 2014-11-04 17:38 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Epson2014-11-02 21:18 - 2014-11-02 21:18 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\InstallShield2014-11-02 21:18 - 2014-11-02 21:18 - 00000000 ____D () C:\Program Files\EPSON2014-11-02 21:17 - 2014-11-04 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON2014-11-02 21:17 - 2014-11-04 21:59 - 00000000 ____D () C:\Program Files (x86)\EPSON Software2014-11-02 21:17 - 2014-11-04 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software2014-11-02 21:17 - 2014-11-04 21:58 - 00000000 ____D () C:\Program Files (x86)\epson2014-11-02 21:17 - 2014-11-02 21:17 - 00000948 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk2014-11-02 21:17 - 2014-11-02 21:17 - 00000000 ____D () C:\Program Files\EpsonNet2014-11-02 21:17 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll2014-11-02 21:17 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll2014-11-02 21:17 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll2014-11-02 21:17 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll2014-11-02 21:17 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll2014-11-02 21:17 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll2014-11-02 21:17 - 2012-07-24 00:00 - 00466432 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxw2ud.dll2014-11-02 21:17 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe2014-11-02 21:17 - 2010-11-22 13:27 - 00147472 _____ (TWAIN Working Group) C:\WINDOWS\SysWOW64\twaindsm.dll2014-11-02 21:16 - 2014-11-02 21:38 - 00000000 ____D () C:\ProgramData\EPSON2014-11-02 21:16 - 2013-10-22 04:04 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMBKEE.DLL2014-11-02 21:16 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YD4BKEE.DLL2014-11-02 21:16 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL2014-11-02 21:07 - 2014-11-02 21:09 - 223238432 _____ () C:\Users\Jeff\Downloads\epson15400.exe2014-11-01 15:57 - 2014-11-08 19:34 - 00000000 ____D () C:\Users\Jeff\Downloads\filles de kilimanjaro2014-11-01 11:20 - 2014-09-03 16:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll2014-11-01 11:20 - 2014-09-03 15:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll2014-11-01 11:20 - 2014-09-03 15:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll2014-11-01 11:19 - 2014-08-15 20:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll2014-11-01 11:19 - 2014-08-15 20:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll2014-11-01 11:19 - 2014-08-15 19:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll2014-11-01 11:19 - 2014-08-15 19:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll2014-11-01 11:19 - 2014-08-15 19:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll2014-11-01 11:19 - 2014-08-15 17:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll2014-11-01 11:19 - 2014-08-15 17:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll2014-11-01 11:19 - 2014-08-15 16:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll2014-11-01 11:19 - 2014-08-15 16:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll2014-11-01 11:19 - 2014-08-15 16:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll2014-11-01 11:19 - 2014-08-15 16:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll2014-11-01 11:19 - 2014-08-15 16:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll2014-11-01 11:19 - 2014-08-15 16:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll2014-11-01 11:19 - 2014-08-15 16:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll2014-11-01 11:19 - 2014-08-15 16:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll2014-11-01 11:19 - 2014-08-15 16:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll2014-11-01 11:19 - 2014-08-15 16:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll2014-11-01 11:19 - 2014-08-15 16:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll2014-11-01 11:19 - 2014-08-15 16:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll2014-11-01 11:19 - 2014-08-15 16:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll2014-11-01 11:19 - 2014-08-15 16:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll2014-11-01 11:19 - 2014-08-15 16:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll2014-11-01 11:19 - 2014-08-15 16:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll2014-11-01 11:19 - 2014-08-15 16:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll2014-11-01 11:19 - 2014-08-15 16:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll2014-11-01 11:19 - 2014-08-15 16:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll2014-11-01 11:19 - 2014-08-15 16:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll2014-11-01 11:19 - 2014-08-15 16:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe2014-11-01 11:19 - 2014-08-15 16:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll2014-11-01 11:19 - 2014-08-15 16:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll2014-11-01 11:18 - 2014-09-03 16:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll2014-11-01 11:18 - 2014-09-03 16:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll2014-11-01 11:02 - 2014-11-01 11:02 - 00001632 _____ () C:\Users\Jeff\Downloads\URLLink (2).acsm2014-11-01 10:54 - 2014-11-01 10:54 - 00001661 _____ () C:\Users\Jeff\Downloads\URLLink (1).acsm2014-11-01 10:50 - 2014-11-01 10:50 - 00001673 _____ () C:\Users\Jeff\Downloads\URLLink.acsm2014-10-27 20:25 - 2014-10-27 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subsonic2014-10-27 19:36 - 2014-10-27 19:37 - 50032017 _____ () C:\Users\Jeff\Downloads\subsonic-5.0-setup.exe2014-10-21 19:31 - 2014-10-21 19:31 - 00000000 ____D () C:\Users\Amos\AppData\Local\Apple Computer2014-10-19 18:57 - 2014-10-19 18:57 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk2014-10-19 18:57 - 2014-10-19 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2014-10-19 18:56 - 2014-10-19 18:56 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A72014-10-19 18:56 - 2014-10-19 18:56 - 00000000 ____D () C:\Program Files\iTunes2014-10-19 18:56 - 2014-10-19 18:56 - 00000000 ____D () C:\Program Files\iPod2014-10-19 18:56 - 2014-10-19 18:56 - 00000000 ____D () C:\Program Files (x86)\iTunes2014-10-18 09:17 - 2014-10-18 09:17 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe2014-10-18 09:17 - 2014-10-18 09:17 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe2014-10-18 09:17 - 2014-10-18 09:17 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe2014-10-18 09:17 - 2014-10-18 09:17 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll2014-10-18 09:17 - 2014-10-18 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java2014-10-18 09:17 - 2014-10-18 09:17 - 00000000 ____D () C:\Program Files (x86)\Java2014-10-18 09:05 - 2014-10-18 09:05 - 00895742 _____ () C:\Users\Jeff\Documents\EDS_new_and_changed_BIBS_update_2014-10-18.out2014-10-18 08:59 - 2014-10-18 08:59 - 00249343 _____ () C:\Users\Tracy\Downloads\HOMEWORK PERIOD 1 FRIDAY.pptx2014-10-16 20:25 - 2014-10-23 21:23 - 00000000 ____D () C:\Users\Jeff\Downloads\cheap trick - budoka ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-15 15:12 - 2014-03-29 09:39 - 00000938 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2014-11-15 15:11 - 2014-03-29 18:49 - 00000000 ___RD () C:\Users\Jeff\Dropbox2014-11-15 15:11 - 2014-03-29 18:45 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Dropbox2014-11-15 15:10 - 2014-03-29 16:41 - 01688614 _____ () C:\WINDOWS\WindowsUpdate.log2014-11-15 15:10 - 2014-03-29 09:39 - 00000934 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2014-11-15 15:00 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\sru2014-11-15 14:44 - 2013-11-13 23:28 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI2014-11-15 14:36 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp2014-11-15 14:19 - 2013-12-02 20:58 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery2014-11-15 14:15 - 2014-03-29 07:50 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1311062009-36715212-3114003710-10012014-11-15 11:10 - 2014-03-31 15:39 - 00000000 ____D () C:\ProgramData\Oracle2014-11-15 11:08 - 2014-08-16 16:16 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Adobe2014-11-15 11:08 - 2014-03-29 23:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2014-11-15 11:07 - 2014-03-29 18:47 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2014-11-15 11:06 - 2014-03-29 07:45 - 00000000 ____D () C:\Users\Jeff\Documents\Bluetooth Folder2014-11-13 20:45 - 2014-04-23 19:54 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1311062009-36715212-3114003710-10092014-11-13 20:41 - 2014-03-29 21:50 - 00000000 ____D () C:\Users\Lucy\Documents\Bluetooth Folder2014-11-13 20:33 - 2014-03-29 16:42 - 00000000 ____D () C:\ProgramData\NVIDIA2014-11-13 20:33 - 2013-11-13 23:20 - 00054178 _____ () C:\WINDOWS\PFRO.log2014-11-13 20:33 - 2013-08-22 06:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT2014-11-13 20:00 - 2014-03-30 09:44 - 00000000 ___RD () C:\Users\Amos\Google Drive2014-11-13 17:09 - 2014-03-29 18:23 - 00000000 ___RD () C:\Users\Jeff\SkyDrive2014-11-12 21:43 - 2013-08-22 05:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI2014-11-12 20:59 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\rescache2014-11-12 20:07 - 2014-03-29 09:39 - 00003910 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA2014-11-12 20:07 - 2014-03-29 09:39 - 00003674 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore2014-11-11 22:19 - 2013-08-22 06:44 - 05085920 _____ () C:\WINDOWS\system32\FNTCACHE.DAT2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\WINDOWS\ToastData2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Windows Defender2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender2014-11-11 21:42 - 2014-03-29 19:07 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-11-11 21:42 - 2012-07-25 23:59 - 00000000 ____D () C:\WINDOWS\CbsTemp2014-11-11 21:40 - 2014-03-29 08:37 - 00000000 ____D () C:\WINDOWS\system32\MRT2014-11-11 21:32 - 2014-03-29 08:37 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2014-11-11 20:29 - 2013-08-22 06:46 - 00325036 _____ () C:\WINDOWS\setupact.log2014-11-11 16:37 - 2014-03-31 19:57 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\FileZilla2014-11-09 12:46 - 2014-03-29 21:45 - 00000000 ____D () C:\Users\Tracy\AppData\Local\Adobe2014-11-09 11:13 - 2014-03-30 09:44 - 00001739 _____ () C:\Users\Amos\Desktop\Google Drive.lnk2014-11-09 11:04 - 2014-03-29 21:48 - 00000000 ____D () C:\Users\Amos2014-11-08 12:16 - 2014-07-09 11:47 - 00000000 ____D () C:\WINDOWS\Minidump2014-11-07 11:10 - 2014-03-31 13:13 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1311062009-36715212-3114003710-10102014-11-07 10:47 - 2014-03-29 21:44 - 00000000 ____D () C:\Users\Tracy2014-11-07 04:06 - 2014-03-30 09:35 - 00002048 _____ () C:\Users\Public\Desktop\Google Docs.lnk2014-11-07 04:06 - 2014-03-30 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive2014-11-05 21:35 - 2014-03-29 21:49 - 00000000 ____D () C:\Users\Lucy2014-11-04 21:58 - 2013-12-02 20:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-11-04 20:58 - 2014-03-29 07:44 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Adobe2014-11-04 18:27 - 2014-03-29 18:36 - 00000000 ____D () C:\Users\Jeff\Documents\My Scans2014-11-04 17:39 - 2014-03-29 16:46 - 00000000 ____D () C:\Users\Jeff2014-11-02 16:37 - 2014-03-30 21:50 - 00000000 ____D () C:\subsonic2014-11-02 15:49 - 2014-03-30 09:49 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1311062009-36715212-3114003710-10082014-11-02 15:25 - 2014-03-29 21:48 - 00000000 ____D () C:\Users\Amos\Documents\Bluetooth Folder2014-11-01 12:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\WinStore2014-11-01 12:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\MediaViewer2014-11-01 12:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\FileManager2014-11-01 12:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\Camera2014-11-01 12:36 - 2014-04-17 18:36 - 00000000 ____D () C:\Users\Jeff\Calibre2014-11-01 11:03 - 2014-03-29 09:49 - 00000000 ____D () C:\Users\Jeff\Documents\My Digital Editions2014-10-30 03:25 - 2014-03-29 18:30 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe2014-10-29 20:07 - 2014-03-29 09:39 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-10-29 16:55 - 2014-09-11 20:43 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe2014-10-29 16:55 - 2014-09-11 20:43 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl2014-10-27 20:25 - 2014-03-30 21:50 - 00000000 ____D () C:\Program Files (x86)\Subsonic2014-10-27 19:21 - 2014-06-23 08:29 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Mp3tag2014-10-26 20:29 - 2014-03-29 21:45 - 00000000 ____D () C:\Users\Tracy\Documents\Bluetooth Folder2014-10-26 11:08 - 2014-07-11 10:51 - 00000136 _____ () C:\WINDOWS\ODBC.INI2014-10-26 11:03 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery2014-10-21 19:31 - 2014-04-01 16:46 - 00000000 ____D () C:\Users\Amos\AppData\Roaming\Apple Computer2014-10-19 18:56 - 2014-09-30 19:17 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692014-10-19 18:56 - 2014-03-30 21:12 - 00000000 ____D () C:\Program Files\Common Files\Apple2014-10-18 09:20 - 2014-07-11 09:46 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Spotify2014-10-18 09:20 - 2014-07-11 09:45 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Spotify Some content of TEMP:====================C:\Users\Amos\AppData\Local\Temp\i4jdel0.exeC:\Users\Jeff\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8pg0mh.dllC:\Users\Jeff\AppData\Local\Temp\i4jdel0.exeC:\Users\Jeff\AppData\Local\Temp\Quarantine.exeC:\Users\Jeff\AppData\Local\Temp\sqlite3.dllC:\Users\Lucy\AppData\Local\Temp\i4jdel0.exeC:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite.dllC:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite28667.dllC:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite45019.dllC:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite49016.dllC:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite58053.dllC:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite60367.dllC:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite65808.dllC:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite68057.dllC:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite74580.dllC:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite78681.dllC:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite80226.dllC:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite85250.dllC:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite85456.dllC:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite87378.dllC:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite88696.dllC:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite96587.dllC:\Users\Tracy\AppData\Local\Temp\i4jdel0.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-10 16:40 ==================== End Of Log ============================
  7. Family Security is set on this account. Does that include a proxy server? If not, then it shouldn't be there. Here are the logs ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.3.7 (11.08.2014:1)OS: Windows 8.1 x64Ran by Jeff on Thu 11/13/2014 at 20:22:03.72~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Thu 11/13/2014 at 20:23:40.47End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v4.101 - Report created 13/11/2014 at 20:32:29# Updated 09/11/2014 by Xplode# Database : 2014-11-13.1 [Live]# Operating System : Windows 8.1 (64 bits)# Username : Jeff - UPSTAIRS-OFFICE# Running from : C:\Users\Lucy\Downloads\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Lucy\AppData\Local\Search Extensions[#] Folder Deleted : C:\Users\Lucy\AppData\Roaming\LinkeyFile Deleted : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorageFile Deleted : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17416 -\\ Mozilla Firefox v32.0.2 (x86 en-US) -\\ Google Chrome v38.0.2125.111 [C:\Users\Amos\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}[C:\Users\Amos\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}[C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}[C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}[C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}[C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms} ************************* AdwCleaner[R0].txt - [2160 octets] - [06/11/2014 19:55:23]AdwCleaner[R1].txt - [2259 octets] - [13/11/2014 20:30:07]AdwCleaner[s0].txt - [2239 octets] - [06/11/2014 19:57:31]AdwCleaner[s1].txt - [2204 octets] - [13/11/2014 20:32:29] ########## EOF - \AdwCleaner\AdwCleaner[s1].txt - [2264 octets] ##########
  8. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2014 Ran by Lucy at 2014-11-12 21:51:07 Running from C:\Users\Lucy\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 5600 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden 5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden 5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) ActiveState Komodo Edit 8.5.3 (HKLM-x32\...\{E65B87D8-30C4-4FB0-8C24-AFD64950A881}) (Version: 8.5.3 - ActiveState Software Inc.) Adobe Acrobat XI Pro (HKLM-x32\...\{23D3F585-AE29-4670-8E3E-64A0EFB29240}) (Version: 11.0 - Adobe Systems Incorporated) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems) Adobe Audition CC 2014 (HKLM-x32\...\{F3388E10-EFA9-4A80-B28E-2E647F8D00C4}) (Version: 7.1.0 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated) Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated) Adobe Edge Code CC (HKLM-x32\...\{641F742F-1497-51B4-F481-1037096A90A0}) (Version: 0.97 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.1.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.5 64-bit (HKLM\...\{19BBD0F3-7A31-480D-8A23-19AE28035E9C}) (Version: 5.5.0 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.1.0 - Adobe Systems Incorporated) AIO_CDB_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) bl (x32 Version: 1.0.0 - Your Company Name) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) BrowserSafeguard with RocketTab (HKU\S-1-5-21-1311062009-36715212-3114003710-1009\...\RocketTab) (Version: - BrowserSafeguard with RocketTab) <==== ATTENTION BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden calibre (HKLM-x32\...\{ABCDCEDE-BB81-4169-8A5B-3776D7DBCDC5}) (Version: 1.42.0 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.) Dell Digital Delivery (HKLM-x32\...\{03A9F528-A754-460F-B2C1-AC125A147114}) (Version: 2.8.5000.0 - Dell Products, LP) Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.) Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden DSC/AA Factory Installer (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden DVDFab 9.1.5.9 (25/07/2014) (HKLM-x32\...\DVDFab 9 US_is1) (Version: - Fengtao Software Inc.) Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION) Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.3.0 - SEIKO EPSON CORPORATION) Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation) Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.51.00 - SEIKO EPSON CORPORATION) Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.30.00 - SEIKO EPSON Corp.) EPSON WF-3620 Series Printer Uninstall (HKLM\...\EPSON WF-3620 Series) (Version: - SEIKO EPSON Corporation) Epson WF-3620 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson WF-3620 User’s Guide_is1) (Version: 1.0 - ) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION) Evernote v. 5.6.4 (HKLM-x32\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.) Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff) Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse) foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - ) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Innovative Millennium (HKLM-x32\...\Innovative Millennium) (Version: 1.0.0.0 - Innovative Interfaces) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.13.1402 - Intel Corporation) Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation) Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation) iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) KeePass Password Safe 1.27 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.27 - Dominik Reichl) Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Mavis Beacon Teaches Typing Platinum 20 (HKLM-x32\...\{58F9D852-9443-4955-A1ED-12C9E0504DD0}) (Version: 20.00.0000 - Broderbund) MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 32.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 en-US)) (Version: 32.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) Mp3tag v2.64 (HKLM-x32\...\Mp3tag) (Version: v2.64 - Florian Heidenreich) MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.) Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation) NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA PhysX System Software 9.13.0325 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0325 - NVIDIA Corporation) NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) ph (x32 Version: 1.0.0 - Your Company Name) Hidden Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.) Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) ShareX 9.3.1 (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 9.3.1 - ShareX Developers) Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION) SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden Subsonic (HKLM-x32\...\Subsonic) (Version: - ) SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 6.5.38.0 - 2BrightSparks) TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.) TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) XAMPP (HKLM-x32\...\xampp) (Version: 1.8.2-6 - Bitnami) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= Could not list Restore Points. Check "winmgmt" service or repair WMI. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {7F847599-713C-41FD-9943-03D5940A6824}.job => ? Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}.job => ? Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {7F847599-713C-41FD-9943-03D5940A6824}.job => ? Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}.job => ? Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => ? Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => ? ==================== Loaded Modules (whitelisted) ============= 2014-09-26 13:41 - 2014-09-26 13:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2012-12-28 13:39 - 2012-12-28 13:39 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2012-12-28 13:36 - 2012-12-28 13:36 - 00084480 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll 2014-05-01 11:29 - 2014-05-01 11:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2012-12-28 13:41 - 2012-12-28 13:41 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe 2014-09-21 04:42 - 2014-09-21 04:42 - 00253952 _____ () C:\Program Files (x86)\Subsonic\subsonic-agent.exe 2014-07-14 20:51 - 2014-05-13 03:20 - 00069632 _____ () C:\Program Files\ShareX\screen-capture-recorder-x64.dll 2014-10-29 20:07 - 2014-10-21 19:32 - 01366856 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll 2014-10-29 20:07 - 2014-10-21 19:32 - 00204616 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll 2014-10-29 20:07 - 2014-10-21 19:32 - 10578248 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll 2014-10-29 20:07 - 2014-10-21 19:32 - 01859400 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll 2012-12-28 13:42 - 2012-12-28 13:42 - 00384128 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ContactsApi.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Lucy\Documents\Science project sources.docx:AFP_AfpInfo ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "BCSSync" HKLM\...\StartupApproved\Run32: => "RemoteControl10" HKLM\...\StartupApproved\Run32: => "QuickTime Task" ========================= Accounts: ========================== Administrator (S-1-5-21-1311062009-36715212-3114003710-500 - Administrator - Disabled) Amos (S-1-5-21-1311062009-36715212-3114003710-1008 - Limited - Enabled) => C:\Users\Amos Guest (S-1-5-21-1311062009-36715212-3114003710-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1311062009-36715212-3114003710-1007 - Limited - Enabled) Jeff (S-1-5-21-1311062009-36715212-3114003710-1001 - Administrator - Enabled) => C:\Users\Jeff Lucy (S-1-5-21-1311062009-36715212-3114003710-1009 - Limited - Enabled) => C:\Users\Lucy Tracy (S-1-5-21-1311062009-36715212-3114003710-1010 - Limited - Enabled) => C:\Users\Tracy ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/10/2014 04:27:06 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: ) Description: The Desktop Window Manager has encountered a fatal error (0x8898008d) Error: (11/09/2014 10:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 12641 Error: (11/09/2014 10:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 12641 Error: (11/09/2014 10:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/09/2014 07:56:12 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6029578 Error: (11/09/2014 07:56:12 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6029578 Error: (11/09/2014 07:56:12 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/09/2014 06:15:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 9203 Error: (11/09/2014 06:15:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 9203 Error: (11/09/2014 06:15:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (11/12/2014 08:18:12 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960. Error: (11/11/2014 05:38:28 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960. Error: (11/11/2014 03:16:09 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960. Error: (11/11/2014 03:15:50 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960. Error: (11/11/2014 03:05:07 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960. Error: (11/11/2014 10:35:22 AM) (Source: DCOM) (EventID: 10010) (User: upstairs-office) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (11/11/2014 10:34:40 AM) (Source: DCOM) (EventID: 10010) (User: upstairs-office) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (11/11/2014 10:06:02 AM) (Source: DCOM) (EventID: 10010) (User: upstairs-office) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (11/11/2014 10:05:32 AM) (Source: DCOM) (EventID: 10010) (User: upstairs-office) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (11/10/2014 04:41:46 PM) (Source: DCOM) (EventID: 10010) (User: upstairs-office) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Microsoft Office Sessions: ========================= Error: (11/10/2014 04:27:06 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: ) Description: 0x8898008d Error: (11/09/2014 10:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 12641 Error: (11/09/2014 10:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 12641 Error: (11/09/2014 10:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/09/2014 07:56:12 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6029578 Error: (11/09/2014 07:56:12 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6029578 Error: (11/09/2014 07:56:12 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/09/2014 06:15:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 9203 Error: (11/09/2014 06:15:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 9203 Error: (11/09/2014 06:15:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second CodeIntegrity Errors: =================================== Date: 2014-11-12 20:37:11.468 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-10 16:49:08.329 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-10 16:49:08.022 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-08 19:46:31.044 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-01 18:34:03.303 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-01 18:34:03.178 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-01 18:34:02.584 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-01 18:34:02.444 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-01 18:33:32.175 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-01 18:33:32.050 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel® Core i5-4440 CPU @ 3.10GHz Percentage of memory in use: 24% Total physical RAM: 8143.23 MB Available physical RAM: 6143.77 MB Total Pagefile: 9423.23 MB Available Pagefile: 7262.33 MB Total Virtual: 131072 MB Available Virtual: 131071.8 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:917.26 GB) (Free:754.98 GB) NTFS Drive e: (Disk 2) (Fixed) (Total:1397.26 GB) (Free:1264.17 GB) NTFS ==================== MBR & Partition Table ================== ==================== End Of Log ============================
  9. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014 Ran by Lucy (ATTENTION: The logged in user is not administrator) on UPSTAIRS-OFFICE on 12-11-2014 21:50:19 Running from C:\Users\Lucy\Downloads Loaded Profile: Lucy (Available profiles: Jeff & Amos & Lucy & Tracy) Platform: Windows 8.1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe () C:\Program Files (x86)\Subsonic\subsonic-agent.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-05-10] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation) HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation) HKLM\...\Run: [btPreLoad] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] () HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated) HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.) HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2014-05-26] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2014-05-26] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION) HKLM\...\Policies\Explorer\Run: [btvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] ( (Qualcomm Atheros Commnucations)) HKU\S-1-5-21-1311062009-36715212-3114003710-1009\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Subsonic.lnk ShortcutTarget: Subsonic.lnk -> C:\Program Files (x86)\Subsonic\subsonic-agent.exe () ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: http=127.0.0.1:50380;https=127.0.0.1:50380 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB SearchScopes: HKLM - {113E9388-C4CC-4613-805D-B9816761A470} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB SearchScopes: HKLM-x32 - {113E9388-C4CC-4613-805D-B9816761A470} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB SearchScopes: HKCU - {113E9388-C4CC-4613-805D-B9816761A470} URL = BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Tcpip\Parameters: [DhcpNameServer] 192.168.11.1 FireFox: ======== FF ProfilePath: C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\4teoyqvq.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-03-29] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR Profile: C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-23] CHR Extension: (Google Drive) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-23] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-01] CHR Extension: (YouTube) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-23] CHR Extension: (Google Search) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-23] CHR Extension: (Google Wallet) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-23] CHR Extension: (Gmail) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-23] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed] R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed] S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-07-16] (Intel Corporation) S3 iumsvc; c:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-07-16] (Intel Corporation) R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation) S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-13] (Microsoft Corporation) R2 lmhosts; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation) R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-21] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-05] (Microsoft Corporation) R2 NlaSvc; C:\Windows\System32\svchost.exe [37768 2013-08-22] (Microsoft Corporation) R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-21] (Microsoft Corporation) R2 nsi; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation) R2 nsi; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-21] (Microsoft Corporation) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [224840 2013-05-10] (Realtek Semiconductor) R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS) S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation) R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-15] (DEVGURU Co., LTD.) S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation) R2 Subsonic; C:\Program Files (x86)\Subsonic\subsonic-service.exe [259584 2014-09-21] () [File not signed] R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation) R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-24] (Windows ® Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-24] (Windows ® Win 7 DDK provider) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.) S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-12 21:50 - 2014-11-12 21:50 - 00020856 _____ () C:\Users\Lucy\Downloads\FRST.txt 2014-11-12 21:49 - 2014-11-12 21:50 - 00000000 ____D () C:\FRST 2014-11-12 21:44 - 2014-11-12 21:44 - 00000000 ___RD () C:\Users\Lucy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-11-12 21:38 - 2014-11-12 21:38 - 02116096 _____ (Farbar) C:\Users\Lucy\Downloads\FRST64.exe 2014-11-12 21:29 - 2014-11-12 21:32 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-11-12 21:29 - 2014-11-12 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-11-12 21:29 - 2014-11-12 21:29 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-11-12 21:29 - 2014-11-12 21:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-11-12 21:29 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-11-12 21:29 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-11-12 21:29 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-11-11 21:30 - 2014-10-12 18:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2014-11-11 21:30 - 2014-10-10 16:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2014-11-11 21:30 - 2014-10-10 16:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2014-11-11 21:30 - 2014-10-09 17:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2014-11-11 21:30 - 2014-10-09 17:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2014-11-11 21:30 - 2014-10-09 17:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2014-11-11 21:30 - 2014-10-07 23:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2014-11-11 21:30 - 2014-10-07 23:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll 2014-11-11 21:30 - 2014-10-07 23:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2014-11-11 21:30 - 2014-10-07 23:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2014-11-11 21:30 - 2014-10-07 23:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll 2014-11-11 21:30 - 2014-10-07 23:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll 2014-11-11 21:30 - 2014-10-07 22:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2014-11-11 21:30 - 2014-10-07 22:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2014-11-11 21:30 - 2014-10-07 22:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll 2014-11-11 21:30 - 2014-10-07 22:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll 2014-11-11 21:30 - 2014-10-07 22:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2014-11-11 21:30 - 2014-10-07 22:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-11-11 21:30 - 2014-10-07 21:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-11-11 21:30 - 2014-10-07 21:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2014-11-11 21:30 - 2014-10-07 21:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-11-11 21:30 - 2014-09-26 23:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2014-11-11 21:30 - 2014-09-26 21:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2014-11-11 21:30 - 2014-09-26 19:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2014-11-11 21:30 - 2014-09-26 19:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2014-11-11 21:30 - 2014-09-26 19:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2014-11-11 21:30 - 2014-09-21 20:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2014-11-11 21:30 - 2014-09-21 19:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-11-11 21:30 - 2014-09-21 19:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2014-11-11 21:30 - 2014-09-21 18:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-11-11 21:30 - 2014-09-18 16:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2014-11-11 21:30 - 2014-09-02 14:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll 2014-11-11 21:30 - 2014-09-02 14:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll 2014-11-11 21:29 - 2014-10-30 21:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-11-11 21:29 - 2014-10-30 21:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe 2014-11-11 21:29 - 2014-10-30 21:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe 2014-11-11 21:29 - 2014-10-30 21:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe 2014-11-11 21:29 - 2014-10-30 21:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll 2014-11-11 21:29 - 2014-10-30 21:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe 2014-11-11 21:29 - 2014-10-30 21:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-11-11 21:29 - 2014-10-30 21:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll 2014-11-11 21:29 - 2014-10-30 21:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-11-11 21:29 - 2014-10-30 21:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-11-11 21:29 - 2014-10-30 21:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-11-11 21:29 - 2014-10-30 21:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2014-11-11 21:29 - 2014-10-30 21:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-11-11 21:29 - 2014-10-30 20:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-11-11 21:29 - 2014-10-30 20:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-11-11 21:29 - 2014-10-30 20:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll 2014-11-11 21:29 - 2014-10-30 20:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2014-11-11 21:29 - 2014-10-30 20:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2014-11-11 21:29 - 2014-10-30 20:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2014-11-11 21:29 - 2014-10-30 20:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-11-11 21:29 - 2014-10-30 20:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-11-11 21:29 - 2014-10-30 20:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-11-11 21:29 - 2014-10-30 20:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-11-11 21:29 - 2014-10-30 20:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll 2014-11-11 21:29 - 2014-10-30 20:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-11-11 21:29 - 2014-10-30 20:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-11-11 21:29 - 2014-10-30 20:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll 2014-11-11 21:29 - 2014-10-30 20:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2014-11-11 21:29 - 2014-10-30 20:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll 2014-11-11 21:29 - 2014-10-30 20:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-11-11 21:29 - 2014-10-30 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-11-11 21:29 - 2014-10-30 20:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll 2014-11-11 21:29 - 2014-10-30 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2014-11-11 21:29 - 2014-10-30 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-11-11 21:29 - 2014-10-30 20:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll 2014-11-11 21:29 - 2014-10-30 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2014-11-11 21:29 - 2014-10-30 20:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2014-11-11 21:29 - 2014-10-30 20:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-11-11 21:29 - 2014-10-30 20:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-11-11 21:29 - 2014-10-30 20:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-11-11 21:29 - 2014-10-30 20:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-11-11 21:29 - 2014-10-30 19:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-11-11 21:29 - 2014-10-30 19:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-11-11 21:29 - 2014-10-30 19:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-11-11 21:29 - 2014-10-30 19:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-11-11 21:29 - 2014-10-30 19:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll 2014-11-11 21:29 - 2014-10-30 19:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-11-11 21:29 - 2014-10-30 19:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe 2014-11-11 21:29 - 2014-10-30 19:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe 2014-11-11 21:29 - 2014-10-30 19:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe 2014-11-11 21:29 - 2014-10-30 19:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll 2014-11-11 21:29 - 2014-10-30 19:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe 2014-11-11 21:29 - 2014-10-30 19:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-11-11 21:29 - 2014-10-30 19:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll 2014-11-11 21:29 - 2014-10-30 19:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-11-11 21:29 - 2014-10-30 19:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2014-11-11 21:29 - 2014-10-30 19:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-11-11 21:29 - 2014-10-30 19:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-11-11 21:29 - 2014-10-30 19:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-11-11 21:29 - 2014-10-30 19:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-11-11 21:29 - 2014-10-30 19:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-11-11 21:29 - 2014-10-30 19:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-11-11 21:29 - 2014-10-30 19:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll 2014-11-11 21:29 - 2014-10-30 19:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2014-11-11 21:29 - 2014-10-30 19:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2014-11-11 21:29 - 2014-10-30 19:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2014-11-11 21:29 - 2014-10-30 19:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-11-11 21:29 - 2014-10-30 19:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-11-11 21:29 - 2014-10-30 19:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll 2014-11-11 21:29 - 2014-10-30 19:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-11-11 21:29 - 2014-10-30 18:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-11 21:29 - 2014-10-30 18:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll 2014-11-11 21:29 - 2014-10-30 18:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll 2014-11-11 21:29 - 2014-10-30 18:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2014-11-11 21:29 - 2014-10-30 18:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-11-11 21:29 - 2014-10-30 18:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll 2014-11-11 21:29 - 2014-10-30 18:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-11-11 21:29 - 2014-10-30 18:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2014-11-11 21:29 - 2014-10-30 18:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-11-11 21:29 - 2014-10-30 18:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll 2014-11-11 21:29 - 2014-10-30 18:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-11-11 21:29 - 2014-10-30 18:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2014-11-11 21:29 - 2014-10-30 18:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2014-11-11 21:29 - 2014-10-30 18:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-11-11 21:29 - 2014-10-30 18:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-11-11 21:29 - 2014-10-30 18:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-11-11 21:29 - 2014-10-30 18:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-11-11 21:29 - 2014-10-30 18:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-11-11 21:29 - 2014-10-30 18:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll 2014-11-11 21:29 - 2014-10-30 18:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-11-11 21:29 - 2014-10-30 18:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-11-11 21:29 - 2014-10-30 18:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-11-11 21:29 - 2014-10-18 01:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-11-11 21:29 - 2014-10-18 00:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2014-11-11 21:29 - 2014-10-18 00:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2014-11-11 21:29 - 2014-10-17 23:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2014-11-11 21:29 - 2014-10-17 22:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll 2014-11-11 21:29 - 2014-10-17 22:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-11-11 21:29 - 2014-10-17 22:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2014-11-11 21:29 - 2014-10-17 22:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2014-11-11 21:29 - 2014-10-17 22:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2014-11-11 21:29 - 2014-10-17 22:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2014-11-11 21:29 - 2014-10-17 22:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2014-11-11 21:29 - 2014-10-17 22:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2014-11-11 21:29 - 2014-10-17 22:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2014-11-11 21:29 - 2014-10-17 22:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2014-11-11 21:29 - 2014-10-17 22:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2014-11-11 21:29 - 2014-10-17 22:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2014-11-11 21:29 - 2014-10-16 23:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-11-11 21:29 - 2014-10-16 22:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2014-11-11 21:28 - 2014-10-22 21:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll 2014-11-11 21:28 - 2014-10-22 21:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll 2014-11-11 21:28 - 2014-10-06 22:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2014-11-11 21:28 - 2014-10-06 22:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2014-11-11 21:28 - 2014-10-06 22:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2014-11-11 21:28 - 2014-10-06 22:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2014-11-11 21:28 - 2014-10-06 22:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2014-11-11 21:28 - 2014-10-06 19:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2014-11-11 21:28 - 2014-10-06 19:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2014-11-11 21:28 - 2014-10-06 19:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2014-11-11 21:28 - 2014-10-06 19:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-11-11 21:28 - 2014-10-06 17:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2014-11-11 21:28 - 2014-10-06 17:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-11-11 21:28 - 2014-09-09 22:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2014-11-11 21:28 - 2014-09-07 19:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-11-11 21:28 - 2014-09-07 19:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-11-11 21:28 - 2014-09-07 14:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-11-11 21:28 - 2014-09-04 14:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2014-11-11 21:28 - 2014-09-04 14:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-11-11 21:28 - 2014-09-03 19:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-11-11 21:28 - 2014-09-03 18:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-11-11 21:28 - 2014-09-03 17:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2014-11-11 21:28 - 2014-09-03 16:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2014-11-11 21:28 - 2014-08-30 16:17 - 00148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-11-11 21:28 - 2014-08-30 16:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-11-11 21:28 - 2014-08-30 14:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-11-11 21:28 - 2014-08-30 14:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll 2014-11-11 21:28 - 2014-08-30 13:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll 2014-11-11 21:28 - 2014-08-30 13:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2014-11-11 21:28 - 2014-08-30 12:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll 2014-11-11 21:28 - 2014-08-30 12:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2014-11-11 21:28 - 2014-08-27 18:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-11-11 21:28 - 2014-08-27 16:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2014-11-11 21:28 - 2014-08-27 16:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2014-11-11 21:28 - 2014-08-22 21:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-11-11 21:28 - 2014-08-22 21:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-11-11 21:28 - 2014-08-22 21:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-11-11 21:28 - 2014-08-22 21:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-11-11 21:28 - 2014-08-22 20:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-11-11 21:28 - 2014-08-01 16:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2014-11-11 21:28 - 2014-08-01 16:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2014-11-09 11:04 - 2014-11-09 11:04 - 00000000 ____D () C:\Users\Amos\AppData\Roaming\Epson 2014-11-09 11:04 - 2014-11-09 11:04 - 00000000 _____ () C:\Users\Amos\Sti_Trace.log 2014-11-07 10:47 - 2014-11-07 10:47 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\Epson 2014-11-07 10:47 - 2014-11-07 10:47 - 00000000 _____ () C:\Users\Tracy\Sti_Trace.log 2014-11-06 20:51 - 2014-11-06 20:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lucy\Downloads\revosetup (1).exe 2014-11-06 20:40 - 2014-11-06 20:40 - 00000302 _____ () C:\Users\Lucy\Documents\cc_20141106_204022.reg 2014-11-06 20:18 - 2014-11-06 20:18 - 00000135 _____ () C:\Users\Public\regkey.txt 2014-11-06 20:14 - 2014-11-06 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-11-06 20:14 - 2014-11-06 20:14 - 00000000 ____D () C:\Program Files\CCleaner 2014-11-06 20:07 - 2014-11-06 20:07 - 01706939 _____ (Thisisu) C:\Users\Lucy\Downloads\JRT.exe 2014-11-06 20:07 - 2014-11-06 20:07 - 00000000 ____D () C:\WINDOWS\ERUNT 2014-11-06 20:05 - 2014-11-06 20:05 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lucy\Downloads\revosetup.exe 2014-11-06 20:05 - 2014-11-06 20:05 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-11-06 20:01 - 2014-11-06 20:01 - 00000000 ___HD () C:\Users\Lucy\AppData\Roaming\Linkey 2014-11-06 19:55 - 2014-11-06 19:58 - 00000000 ____D () C:\AdwCleaner 2014-11-06 19:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll 2014-11-06 19:39 - 2014-11-06 19:39 - 00000000 __SHD () C:\Users\Lucy\AppData\Local\EmieUserList 2014-11-06 19:39 - 2014-11-06 19:39 - 00000000 __SHD () C:\Users\Lucy\AppData\Local\EmieSiteList 2014-11-06 19:25 - 2014-11-06 19:25 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\Mozilla 2014-11-06 19:25 - 2014-11-06 19:25 - 00000000 ____D () C:\Users\Lucy\AppData\Local\Mozilla 2014-11-05 21:35 - 2014-11-06 20:23 - 00000365 _____ () C:\Users\Lucy\Sti_Trace.log 2014-11-05 21:35 - 2014-11-05 21:35 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\Epson 2014-11-03 21:13 - 2014-11-04 18:26 - 00002555 _____ () C:\Users\Jeff\Sti_Trace.log 2014-11-02 21:36 - 2014-11-12 21:36 - 00000951 _____ () C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}.job 2014-11-02 21:36 - 2014-11-12 21:36 - 00000765 _____ () C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}.job 2014-11-02 21:27 - 2014-11-02 21:27 - 00000045 _____ () C:\WINDOWS\WF-3620.ini 2014-11-02 21:21 - 2014-11-12 21:21 - 00000951 _____ () C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {7F847599-713C-41FD-9943-03D5940A6824}.job 2014-11-02 21:21 - 2014-11-12 21:21 - 00000765 _____ () C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {7F847599-713C-41FD-9943-03D5940A6824}.job 2014-11-02 21:20 - 2014-11-02 21:20 - 00000000 ____D () C:\Program Files\Common Files\EPSON 2014-11-02 21:18 - 2014-11-04 17:38 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Epson 2014-11-02 21:18 - 2014-11-02 21:18 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\InstallShield 2014-11-02 21:18 - 2014-11-02 21:18 - 00000000 ____D () C:\Program Files\EPSON 2014-11-02 21:17 - 2014-11-04 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2014-11-02 21:17 - 2014-11-04 21:59 - 00000000 ____D () C:\Program Files (x86)\EPSON Software 2014-11-02 21:17 - 2014-11-04 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software 2014-11-02 21:17 - 2014-11-04 21:58 - 00000000 ____D () C:\Program Files (x86)\epson 2014-11-02 21:17 - 2014-11-02 21:17 - 00000948 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk 2014-11-02 21:17 - 2014-11-02 21:17 - 00000000 ____D () C:\Program Files\EpsonNet 2014-11-02 21:17 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll 2014-11-02 21:17 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll 2014-11-02 21:17 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll 2014-11-02 21:17 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll 2014-11-02 21:17 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll 2014-11-02 21:17 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll 2014-11-02 21:17 - 2012-07-24 00:00 - 00466432 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxw2ud.dll 2014-11-02 21:17 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe 2014-11-02 21:17 - 2010-11-22 13:27 - 00147472 _____ (TWAIN Working Group) C:\WINDOWS\SysWOW64\twaindsm.dll 2014-11-02 21:16 - 2014-11-02 21:38 - 00000000 ____D () C:\ProgramData\EPSON 2014-11-02 21:16 - 2013-10-22 04:04 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMBKEE.DLL 2014-11-02 21:16 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YD4BKEE.DLL 2014-11-02 21:16 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL 2014-11-01 11:20 - 2014-09-03 16:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-11-01 11:20 - 2014-09-03 15:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-11-01 11:20 - 2014-09-03 15:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-11-01 11:19 - 2014-08-15 20:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2014-11-01 11:19 - 2014-08-15 20:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2014-11-01 11:19 - 2014-08-15 19:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2014-11-01 11:19 - 2014-08-15 19:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2014-11-01 11:19 - 2014-08-15 19:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2014-11-01 11:19 - 2014-08-15 17:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2014-11-01 11:19 - 2014-08-15 17:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll 2014-11-01 11:19 - 2014-08-15 16:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2014-11-01 11:19 - 2014-08-15 16:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll 2014-11-01 11:19 - 2014-08-15 16:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll 2014-11-01 11:19 - 2014-08-15 16:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2014-11-01 11:19 - 2014-08-15 16:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll 2014-11-01 11:19 - 2014-08-15 16:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll 2014-11-01 11:19 - 2014-08-15 16:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2014-11-01 11:19 - 2014-08-15 16:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll 2014-11-01 11:19 - 2014-08-15 16:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-11-01 11:19 - 2014-08-15 16:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2014-11-01 11:19 - 2014-08-15 16:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-11-01 11:19 - 2014-08-15 16:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-11-01 11:19 - 2014-08-15 16:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-11-01 11:19 - 2014-08-15 16:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-11-01 11:19 - 2014-08-15 16:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2014-11-01 11:19 - 2014-08-15 16:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-11-01 11:19 - 2014-08-15 16:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2014-11-01 11:19 - 2014-08-15 16:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-11-01 11:19 - 2014-08-15 16:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-11-01 11:19 - 2014-08-15 16:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-11-01 11:19 - 2014-08-15 16:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-11-01 11:19 - 2014-08-15 16:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2014-11-01 11:19 - 2014-08-15 16:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-11-01 11:18 - 2014-09-03 16:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2014-11-01 11:18 - 2014-09-03 16:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2014-10-27 20:25 - 2014-10-27 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subsonic 2014-10-25 08:31 - 2014-10-25 08:31 - 00000000 ____D () C:\Users\Lucy\AppData\Local\Search Extensions 2014-10-19 18:57 - 2014-10-19 18:57 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-10-19 18:57 - 2014-10-19 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-10-19 18:56 - 2014-10-19 18:56 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2014-10-19 18:56 - 2014-10-19 18:56 - 00000000 ____D () C:\Program Files\iTunes 2014-10-19 18:56 - 2014-10-19 18:56 - 00000000 ____D () C:\Program Files\iPod 2014-10-19 18:56 - 2014-10-19 18:56 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-10-18 09:17 - 2014-10-18 09:17 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2014-10-18 09:17 - 2014-10-18 09:17 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2014-10-18 09:17 - 2014-10-18 09:17 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2014-10-18 09:17 - 2014-10-18 09:17 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-10-18 09:17 - 2014-10-18 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-10-18 09:17 - 2014-10-18 09:17 - 00000000 ____D () C:\Program Files (x86)\Java ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-12 21:48 - 2013-11-13 23:28 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-11-12 21:46 - 2013-12-02 20:58 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery 2014-11-12 21:45 - 2014-03-29 16:41 - 01442013 _____ () C:\WINDOWS\WindowsUpdate.log 2014-11-12 21:44 - 2014-03-29 16:42 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-11-12 21:44 - 2014-03-29 09:39 - 00000934 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-12 21:44 - 2013-08-22 06:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-11-12 21:43 - 2013-11-13 23:20 - 00053860 _____ () C:\WINDOWS\PFRO.log 2014-11-12 21:36 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp 2014-11-12 21:21 - 2014-03-30 09:44 - 00000000 ___RD () C:\Users\Amos\Google Drive 2014-11-12 21:12 - 2014-03-29 09:39 - 00000938 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-12 21:00 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-11-12 20:59 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-11-11 22:19 - 2013-08-22 06:44 - 05085920 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel 2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-11-11 22:16 - 2014-03-29 18:49 - 00000000 ___RD () C:\Users\Jeff\Dropbox 2014-11-11 21:42 - 2014-03-29 19:07 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-11-11 21:42 - 2012-07-25 23:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-11-11 21:40 - 2014-03-29 08:37 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-11-11 21:32 - 2014-03-29 08:37 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-11-11 21:23 - 2014-03-29 18:45 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Dropbox 2014-11-11 20:29 - 2013-08-22 06:46 - 00325036 _____ () C:\WINDOWS\setupact.log 2014-11-11 16:37 - 2014-03-31 19:57 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\FileZilla 2014-11-09 11:04 - 2014-03-29 21:48 - 00000000 ____D () C:\Users\Amos 2014-11-08 12:16 - 2014-07-09 11:47 - 00000000 ____D () C:\WINDOWS\Minidump 2014-11-07 10:47 - 2014-03-29 21:44 - 00000000 ____D () C:\Users\Tracy 2014-11-07 04:06 - 2014-03-30 09:35 - 00002048 _____ () C:\Users\Public\Desktop\Google Docs.lnk 2014-11-07 04:06 - 2014-03-30 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-11-06 19:46 - 2014-03-29 21:50 - 00000000 ____D () C:\Users\Lucy\Documents\Bluetooth Folder 2014-11-05 21:35 - 2014-03-29 21:49 - 00000000 ____D () C:\Users\Lucy 2014-11-04 21:58 - 2013-12-02 20:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-11-04 20:58 - 2014-03-29 07:44 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Adobe 2014-11-04 17:39 - 2014-03-29 16:46 - 00000000 ____D () C:\Users\Jeff 2014-11-02 16:37 - 2014-03-30 21:50 - 00000000 ____D () C:\subsonic 2014-11-01 12:59 - 2014-03-29 18:23 - 00000000 ___RD () C:\Users\Jeff\SkyDrive 2014-11-01 12:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-11-01 12:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-11-01 12:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-11-01 12:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-11-01 12:36 - 2014-04-17 18:36 - 00000000 ____D () C:\Users\Jeff\Calibre 2014-10-30 03:25 - 2014-03-29 18:30 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2014-10-29 20:07 - 2014-03-29 09:39 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-10-29 16:55 - 2014-09-11 20:43 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-10-29 16:55 - 2014-09-11 20:43 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-10-27 20:25 - 2014-03-30 21:50 - 00000000 ____D () C:\Program Files (x86)\Subsonic 2014-10-27 19:21 - 2014-06-23 08:29 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Mp3tag 2014-10-26 11:08 - 2014-07-11 10:51 - 00000136 _____ () C:\WINDOWS\ODBC.INI 2014-10-26 11:03 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery 2014-10-21 19:31 - 2014-04-01 16:46 - 00000000 ____D () C:\Users\Amos\AppData\Roaming\Apple Computer 2014-10-19 19:13 - 2014-03-29 23:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-10-19 18:56 - 2014-09-30 19:17 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-10-19 18:56 - 2014-03-30 21:12 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-10-18 09:20 - 2014-07-11 09:45 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Spotify 2014-10-18 09:18 - 2014-03-31 15:39 - 00000000 ____D () C:\ProgramData\Oracle Some content of TEMP: ==================== C:\Users\Lucy\AppData\Local\Temp\i4jdel0.exe C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite28667.dll C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite45019.dll C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite49016.dll C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite58053.dll C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite60367.dll C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite65808.dll C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite68057.dll C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite74580.dll C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite78681.dll C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite80226.dll C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite85250.dll C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite85456.dll C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite87378.dll C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite88696.dll C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite96587.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed ATTENTION: ==> Could not access BCD, see Addition.txt for additional information. ==================== End Of Log ============================
  10. Thank you so much for your help--here are the logs. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 11/12/2014 Scan Time: 9:36:46 PM Logfile: malwarebytes log.txt Administrator: No Version: 2.00.3.1025 Malware Database: v2014.11.13.02 Rootkit Database: v2014.11.12.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: Lucy Scan Type: Threat Scan Result: Completed Objects Scanned: 332917 Time Elapsed: 5 min, 27 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 2 PUP.Optional.PriceHorse.A, C:\Users\Lucy\AppData\Local\pricehorse, Quarantined, [9da9eb50364684b282a7ac81897ac739], PUP.Optional.PriceHorse.A, C:\Users\Lucy\AppData\Local\pricehorse\pricehorse, Quarantined, [9da9eb50364684b282a7ac81897ac739], Files: 3 PUP.Optional.Ibryte, C:\$Recycle.Bin\S-1-5-21-1311062009-36715212-3114003710-1009\$RJ4LWEB.exe, Quarantined, [c97d8ead1a6295a14d67c9657d83bb45], PUP.Optional.PayByAds.A, C:\Users\Lucy\AppData\Local\Temp\playsetup.exe, Quarantined, [5ceafe3dcbb121150d1d89f031d437c9], PUP.Optional.PayByAds.A, C:\Users\Lucy\AppData\Local\Temp\res.dll, Quarantined, [1d2984b7d3a94aec979388f1ae573fc1], Physical Sectors: 0 (No malicious items detected) (end)
  11. I accidentally installed BrowserSafeguard with RocketTab. Uninstalling using Programs & Features does not work. Also tried Revo Uninstaller but the program doesn't show up at all there. My dad managed to keep it from running at startup by deleting some registry keys, but I still see it listed in Programs & Features and I want to be sure it is gone from my system. What do I need to do?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.