radio,tv conversations- 46.249.42.188 - svchost.exe

[bearboat]

malwarebytes continueally blocks 46.249.42.185 , 186 , 187 , 188 , 189 . 190

 

radio/tv noise same as posting 9 jan 2009

nothing found in running malware bytes

attach.txt

dds.txt

[kevinf80]

Hello and

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
  
• Press Scan button.
  
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
  

 

Kevin...

[bearboat]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2014 03
Ran by sissymary (administrator) on SISSYMARY-PC on 16-01-2014 12:33:56
Running from C:\Users\sissymary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XB2AJEYX
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) ===================

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [167936 2008-05-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [iAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-03-21] (Intel Corporation)
HKLM\...\Run: [dscactivate] - C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2008-03-11] ( )
HKLM\...\Run: [PCMService] - C:\Program Files\Dell\MediaDirect\PCMService.exe [184320 2007-12-21] (CyberLink Corp.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [516912 2013-09-24] (McAfee, Inc.)
HKLM\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [516912 2013-09-24] (McAfee, Inc.)
HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 1999-12-31] (IDT, Inc.)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [DellSupportCenter] - C:\Program Files\Dell Support Center\bin\sprtcmd.exe [202544 2008-03-11] (SupportSoft, Inc.)
MountPoints2: {33ce8053-4dea-11e3-b0c0-00219beceb80} - G:\LaunchU3.exe -a
MountPoints2: {ef77c505-ac7d-11dd-9c48-806e6f6e6963} - E:\Install.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\sissymary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
SearchScopes: HKCU - DefaultScope {A1F847BF-2AF7-4C29-B0E1-AE1FBC841FF9} URL = http://search.yahoo.com/search?fr=mcafee&type=A011US0&p={SearchTerms}
SearchScopes: HKCU - {A1F847BF-2AF7-4C29-B0E1-AE1FBC841FF9} URL = http://search.yahoo.com/search?fr=mcafee&type=A011US0&p={SearchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome:
=======
CHR HomePage:

CHR Extension: (Docs) - C:\Users\sissymary\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0 [2014-01-14]
CHR Extension: (Google Drive) - C:\Users\sissymary\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0 [2014-01-14]
CHR Extension: (YouTube) - C:\Users\sissymary\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0 [2014-01-14]
CHR Extension: (Google Search) - C:\Users\sissymary\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0 [2014-01-14]
CHR Extension: (SiteAdvisor) - C:\Users\sissymary\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.4.1291_0 [2014-01-14]
CHR Extension: (Google Wallet) - C:\Users\sissymary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 [2014-01-14]
CHR Extension: (Gmail) - C:\Users\sissymary\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 [2014-01-14]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2013-11-17]

========================== Services (Whitelisted) =================

S2 0119901389832865mcinstcleanup; C:\Windows\TEMP\011990~1.EXE [834664 2013-07-30] (McAfee, Inc.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [161048 2008-05-02] (Stardock Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145088 2013-11-28] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\McAfee\MSC\McAWFwk.exe [203080 2011-01-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [471592 2013-08-02] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [643608 2013-11-26] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169320 2013-11-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [172416 2013-11-04] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [202544 2008-03-11] (SupportSoft, Inc.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [258130 1999-12-31] (IDT, Inc.)
S2 MOBCleanup; "C:\Users\sissymary\AppData\Local\Temp\MOBCleanup.exe" [x]

==================== Drivers (Whitelisted) ====================

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [60920 2013-11-04] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 McPvDrv; C:\Windows\System32\drivers\McPvDrv.sys [66296 2013-09-09] (McAfee, Inc.)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [133992 2013-11-04] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [236000 2013-11-04] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [65928 2013-11-04] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [365416 2013-11-04] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [572528 2013-11-04] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [319808 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80752 2013-11-26] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [213392 2013-11-04] (McAfee, Inc.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-01-16] ()
U3 mbr; \??\C:\Users\SISSYM~1\AppData\Local\Temp\mbr.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-16 12:32 - 2014-01-16 12:32 - 00000000 ____D C:\FRST
2014-01-16 10:19 - 2014-01-16 10:18 - 00002347 _____ C:\Users\sissymary\Desktop\attach.txt
2014-01-16 10:19 - 2014-01-16 10:17 - 00013070 _____ C:\Users\sissymary\Desktop\dds.txt
2014-01-15 18:53 - 2014-01-15 18:53 - 00000000 ____D C:\Users\sissymary\AppData\Local\Stardock_Corporation
2014-01-15 14:46 - 1999-12-31 19:00 - 00980992 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSX_DPV.sys
2014-01-15 14:46 - 1999-12-31 19:00 - 00661504 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSX_CNXT.sys
2014-01-15 14:46 - 1999-12-31 19:00 - 00249856 _____ (Conexant Systems, Inc.) C:\Windows\system32\UCI32M34.dll
2014-01-15 14:46 - 1999-12-31 19:00 - 00208384 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSXHWAZL.sys
2014-01-15 14:40 - 1999-12-31 19:00 - 00531968 ____N (IDT, Inc.) C:\Windows\system32\stapi32.dll
2014-01-15 14:39 - 1999-12-31 19:00 - 12718172 _____ (IDT, Inc.) C:\Windows\system32\idtcpl.cpl
2014-01-15 14:39 - 1999-12-31 19:00 - 00086016 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCom.dll
2014-01-15 14:38 - 2014-01-15 14:38 - 00000000 ____D C:\Windows\system32\SRSLabs
2014-01-15 14:36 - 1999-12-31 19:00 - 00935424 _____ (IDT, Inc.) C:\Windows\system32\stapo.dll
2014-01-15 14:36 - 1999-12-31 19:00 - 00433152 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt.sys
2014-01-15 14:36 - 1999-12-31 19:00 - 00405504 _____ (IDT, Inc.) C:\Windows\system32\stcplx.dll
2014-01-15 14:36 - 1999-12-31 19:00 - 00252928 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-01-15 14:36 - 1999-12-31 19:00 - 00179712 _____ (IDT, Inc.) C:\Windows\system32\st326304.dll
2014-01-15 14:36 - 1999-12-31 19:00 - 00172032 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2014-01-15 14:35 - 2014-01-15 14:40 - 00000000 ____D C:\Program Files\IDT
2014-01-15 14:32 - 2014-01-15 14:32 - 00000000 ____D C:\Users\sissymary\AppData\Local\Downloaded Installations
2014-01-15 13:48 - 2009-06-25 16:58 - 00048128 _____ (REDC) C:\Windows\system32\Drivers\rimmptsk.sys
2014-01-15 13:48 - 2009-06-25 16:25 - 00038400 _____ (REDC) C:\Windows\system32\Drivers\rixdptsk.sys
2014-01-15 13:48 - 2009-06-25 16:10 - 00044544 _____ (REDC) C:\Windows\system32\Drivers\rimsptsk.sys
2014-01-15 13:48 - 2007-07-25 12:48 - 00172032 _____ (Ricoh Company,Ltd) C:\Windows\system32\rixdicon.dll
2014-01-15 13:40 - 1999-12-31 19:00 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2014-01-15 12:38 - 2014-01-15 12:47 - 00008044 _____ C:\Windows\ykinstutil.log
2014-01-15 12:37 - 2014-01-15 12:47 - 00000361 ____R C:\Windows\YukonInstall.log
2014-01-15 12:37 - 2014-01-15 12:37 - 00000000 ____D C:\Program Files\Marvell
2014-01-15 12:35 - 2014-01-15 12:35 - 00000000 ____D C:\Intel
2014-01-15 12:16 - 2014-01-16 00:37 - 00000394 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2014-01-15 12:15 - 2014-01-16 00:35 - 00013464 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2014-01-15 12:14 - 2014-01-15 12:14 - 00001854 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2014-01-15 11:22 - 2014-01-15 15:03 - 00000000 ____D C:\Program Files\DriverUpdate
2014-01-14 21:42 - 2014-01-16 11:41 - 00000908 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-14 21:40 - 2014-01-16 11:41 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-14 21:40 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-14 15:31 - 2014-01-14 15:31 - 00000000 ____D C:\Users\sissymary\AppData\Local\McAfee File Lock
2014-01-14 15:26 - 2013-09-23 13:48 - 00147912 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-01-14 15:19 - 2014-01-14 15:19 - 00262144 _____ C:\Windows\system32\config\ELAM
2014-01-14 15:09 - 2014-01-14 15:09 - 00000000 ____D C:\Users\sissymary\AppData\Local\McAfee Anti-Theft
2014-01-14 15:09 - 2013-09-09 11:11 - 00066296 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\McPvDrv.sys
2014-01-14 15:08 - 2014-01-14 15:29 - 00000000 ____D C:\Program Files\Common Files\Mcafee
2014-01-14 15:08 - 2013-11-04 17:22 - 00060920 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\cfwids.sys
2014-01-14 15:08 - 2013-11-04 17:17 - 00213392 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfewfpk.sys
2014-01-14 15:08 - 2013-11-04 17:12 - 00572528 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfehidk.sys
2014-01-14 15:08 - 2013-11-04 17:10 - 00365416 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfefirek.sys
2014-01-14 15:08 - 2013-11-04 17:10 - 00065928 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfebopk.sys
2014-01-14 15:08 - 2013-11-04 17:09 - 00236000 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeavfk.sys
2014-01-14 15:08 - 2013-11-04 17:08 - 00133992 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeapfk.sys
2014-01-14 15:07 - 2014-01-14 15:07 - 00000000 ____D C:\Program Files\McAfee.com
2014-01-14 14:55 - 2014-01-14 14:55 - 00005972 _____ C:\Users\sissymary\AppData\Local\d3d9caps.dat
2014-01-14 11:39 - 2014-01-12 14:13 - 00768111 _____ C:\Users\sissymary\Desktop\10 States Standards - Recommended Standards for Wastewater Facilities - Copy.htm
2014-01-14 11:04 - 2014-01-14 12:26 - 00000000 ____D C:\Users\sissymary\AppData\Local\Google
2014-01-14 11:03 - 2014-01-14 14:54 - 00000000 ____D C:\Program Files\Google
2014-01-14 11:02 - 2014-01-14 11:02 - 00000000 ____D C:\Program Files\Common Files\Adobe
2014-01-14 11:02 - 2014-01-14 11:02 - 00000000 ____D C:\Program Files\Adobe
2014-01-14 11:01 - 2014-01-14 11:02 - 00000000 ____D C:\ProgramData\Adobe
2014-01-14 10:59 - 2014-01-14 20:38 - 00000000 ____D C:\Users\sissymary\AppData\Local\Adobe
2014-01-11 16:13 - 2014-01-16 02:25 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-11 16:13 - 2014-01-11 16:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-01-11 16:13 - 2014-01-11 16:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-01-11 15:57 - 2014-01-11 15:57 - 00018277 _____ C:\Users\sissymary\Desktop\Otisville List.xlsx
2014-01-11 15:57 - 2014-01-11 15:57 - 00012404 _____ C:\Users\sissymary\Desktop\ELECTRIC PANEL.xlsx
2014-01-11 15:57 - 2014-01-11 15:57 - 00012404 _____ C:\Users\sissymary\Desktop\ELECTRIC PANEL (1).xlsx
2014-01-11 15:57 - 2014-01-11 15:57 - 00001612 _____ C:\Users\sissymary\Desktop\research.txt
2014-01-11 15:57 - 2014-01-11 15:57 - 00000268 _____ C:\Users\sissymary\Desktop\sewer.txt
2014-01-10 12:17 - 2014-01-10 12:17 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\Malwarebytes
2014-01-10 12:17 - 2014-01-10 12:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-06 19:07 - 2014-01-06 19:07 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\AlawarEntertainment
2014-01-06 19:06 - 2014-01-06 19:06 - 00002177 _____ C:\Users\Public\Desktop\Play House of 1000 Doors - Family Secrets.lnk
2014-01-06 19:06 - 2014-01-06 19:06 - 00001268 _____ C:\Users\Public\Desktop\More Great Games.lnk
2014-01-06 19:03 - 2014-01-06 19:03 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\House of 1000 Doors - Family Secrets
2014-01-04 11:28 - 2014-01-12 15:11 - 00000000 ____D C:\Users\sissymary\AppData\Local\CrashDumps
2014-01-04 11:23 - 2014-01-04 11:23 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\Merscom
2014-01-04 11:23 - 2014-01-04 11:23 - 00000000 ____D C:\ProgramData\Merscom
2014-01-04 11:19 - 2014-01-04 11:19 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lost City of Z - Special Edition
2013-12-28 11:34 - 2013-12-28 11:34 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\Eipix
2013-12-24 13:24 - 2013-12-24 13:24 - 00000000 ____D C:\Users\sissymary\Documents\Symantec
2013-12-24 13:03 - 2013-12-24 13:24 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2013-12-24 13:02 - 2014-01-14 14:56 - 00000000 ____D C:\ProgramData\Norton
2013-12-24 13:02 - 2013-12-24 13:02 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-12-24 10:34 - 2013-12-24 10:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-22 14:35 - 2013-12-22 14:35 - 00000000 ____D C:\Windows\Sun
2013-12-17 11:51 - 2013-12-30 18:16 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\ERS Game Studios

==================== One Month Modified Files and Folders =======

2014-01-16 12:34 - 2006-11-02 06:18 - 00000000 ___RD C:\Users\Public
2014-01-16 12:32 - 2014-01-16 12:32 - 00000000 ____D C:\FRST
2014-01-16 11:50 - 2006-11-02 07:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-16 11:50 - 2006-11-02 07:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-16 11:41 - 2014-01-14 21:42 - 00000908 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-16 11:41 - 2014-01-14 21:40 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-16 10:18 - 2014-01-16 10:19 - 00002347 _____ C:\Users\sissymary\Desktop\attach.txt
2014-01-16 10:17 - 2014-01-16 10:19 - 00013070 _____ C:\Users\sissymary\Desktop\dds.txt
2014-01-16 02:44 - 2006-11-02 08:01 - 00024846 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-16 02:25 - 2014-01-11 16:13 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-16 00:37 - 2014-01-15 12:16 - 00000394 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2014-01-16 00:35 - 2014-01-15 12:15 - 00013464 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2014-01-16 00:34 - 2006-11-02 08:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-15 21:49 - 2008-11-06 22:45 - 02029516 _____ C:\Windows\WindowsUpdate.log
2014-01-15 19:08 - 2013-11-17 13:14 - 00000000 __RSD C:\Users\sissymary\Documents\McAfee Vaults
2014-01-15 18:53 - 2014-01-15 18:53 - 00000000 ____D C:\Users\sissymary\AppData\Local\Stardock_Corporation
2014-01-15 15:03 - 2014-01-15 11:22 - 00000000 ____D C:\Program Files\DriverUpdate
2014-01-15 14:54 - 2013-11-06 16:33 - 00000000 ____D C:\Users\sissymary
2014-01-15 14:40 - 2014-01-15 14:35 - 00000000 ____D C:\Program Files\IDT
2014-01-15 14:38 - 2014-01-15 14:38 - 00000000 ____D C:\Windows\system32\SRSLabs
2014-01-15 14:35 - 2008-11-07 04:58 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2014-01-15 14:32 - 2014-01-15 14:32 - 00000000 ____D C:\Users\sissymary\AppData\Local\Downloaded Installations
2014-01-15 13:40 - 2008-11-07 04:58 - 00000000 ____D C:\Program Files\Intel
2014-01-15 12:52 - 2006-11-02 05:33 - 00758370 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-15 12:47 - 2014-01-15 12:38 - 00008044 _____ C:\Windows\ykinstutil.log
2014-01-15 12:47 - 2014-01-15 12:37 - 00000361 ____R C:\Windows\YukonInstall.log
2014-01-15 12:37 - 2014-01-15 12:37 - 00000000 ____D C:\Program Files\Marvell
2014-01-15 12:35 - 2014-01-15 12:35 - 00000000 ____D C:\Intel
2014-01-15 12:15 - 2013-11-21 20:10 - 00000000 ____D C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc
2014-01-15 12:14 - 2014-01-15 12:14 - 00001854 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2014-01-15 12:13 - 2013-11-21 20:09 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2014-01-15 09:21 - 2013-11-06 18:18 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 08:00 - 2006-11-02 05:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-15 07:51 - 2013-11-19 16:16 - 00001720 _____ C:\Users\sissymary\AppData\Roaming\wklnhst.dat
2014-01-14 20:38 - 2014-01-14 10:59 - 00000000 ____D C:\Users\sissymary\AppData\Local\Adobe
2014-01-14 20:38 - 2013-11-06 16:37 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\Adobe
2014-01-14 15:35 - 2013-11-17 12:59 - 00000000 ____D C:\Program Files\McAfee
2014-01-14 15:31 - 2014-01-14 15:31 - 00000000 ____D C:\Users\sissymary\AppData\Local\McAfee File Lock
2014-01-14 15:29 - 2014-01-14 15:08 - 00000000 ____D C:\Program Files\Common Files\Mcafee
2014-01-14 15:29 - 2013-11-17 12:59 - 00000000 ____D C:\ProgramData\McAfee
2014-01-14 15:29 - 2008-01-20 21:47 - 00924650 _____ C:\Windows\PFRO.log
2014-01-14 15:19 - 2014-01-14 15:19 - 00262144 _____ C:\Windows\system32\config\ELAM
2014-01-14 15:10 - 2006-11-02 05:23 - 00000176 _____ C:\Windows\win.ini
2014-01-14 15:09 - 2014-01-14 15:09 - 00000000 ____D C:\Users\sissymary\AppData\Local\McAfee Anti-Theft
2014-01-14 15:07 - 2014-01-14 15:07 - 00000000 ____D C:\Program Files\McAfee.com
2014-01-14 14:56 - 2013-12-24 13:02 - 00000000 ____D C:\ProgramData\Norton
2014-01-14 14:55 - 2014-01-14 14:55 - 00005972 _____ C:\Users\sissymary\AppData\Local\d3d9caps.dat
2014-01-14 14:54 - 2014-01-14 11:03 - 00000000 ____D C:\Program Files\Google
2014-01-14 14:00 - 2013-11-21 20:09 - 00000000 ____D C:\Program Files\SlimCleaner
2014-01-14 12:26 - 2014-01-14 11:04 - 00000000 ____D C:\Users\sissymary\AppData\Local\Google
2014-01-14 11:17 - 2006-11-02 07:52 - 00120315 _____ C:\Windows\setupact.log
2014-01-14 11:02 - 2014-01-14 11:02 - 00000000 ____D C:\Program Files\Common Files\Adobe
2014-01-14 11:02 - 2014-01-14 11:02 - 00000000 ____D C:\Program Files\Adobe
2014-01-14 11:02 - 2014-01-14 11:01 - 00000000 ____D C:\ProgramData\Adobe
2014-01-12 15:11 - 2014-01-04 11:28 - 00000000 ____D C:\Users\sissymary\AppData\Local\CrashDumps
2014-01-12 14:13 - 2014-01-14 11:39 - 00768111 _____ C:\Users\sissymary\Desktop\10 States Standards - Recommended Standards for Wastewater Facilities - Copy.htm
2014-01-11 16:13 - 2014-01-11 16:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-01-11 16:13 - 2014-01-11 16:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-01-11 15:57 - 2014-01-11 15:57 - 00018277 _____ C:\Users\sissymary\Desktop\Otisville List.xlsx
2014-01-11 15:57 - 2014-01-11 15:57 - 00012404 _____ C:\Users\sissymary\Desktop\ELECTRIC PANEL.xlsx
2014-01-11 15:57 - 2014-01-11 15:57 - 00012404 _____ C:\Users\sissymary\Desktop\ELECTRIC PANEL (1).xlsx
2014-01-11 15:57 - 2014-01-11 15:57 - 00001612 _____ C:\Users\sissymary\Desktop\research.txt
2014-01-11 15:57 - 2014-01-11 15:57 - 00000268 _____ C:\Users\sissymary\Desktop\sewer.txt
2014-01-10 12:17 - 2014-01-10 12:17 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\Malwarebytes
2014-01-10 12:17 - 2014-01-10 12:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-10 11:54 - 2013-11-06 17:28 - 00000000 ____D C:\Program Files\Big Fish Games
2014-01-09 09:44 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\Microsoft.NET
2014-01-06 19:34 - 2013-11-06 17:24 - 00000000 ____D C:\BigFishCache
2014-01-06 19:07 - 2014-01-06 19:07 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\AlawarEntertainment
2014-01-06 19:06 - 2014-01-06 19:06 - 00002177 _____ C:\Users\Public\Desktop\Play House of 1000 Doors - Family Secrets.lnk
2014-01-06 19:06 - 2014-01-06 19:06 - 00001268 _____ C:\Users\Public\Desktop\More Great Games.lnk
2014-01-06 19:03 - 2014-01-06 19:03 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\House of 1000 Doors - Family Secrets
2014-01-04 11:23 - 2014-01-04 11:23 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\Merscom
2014-01-04 11:23 - 2014-01-04 11:23 - 00000000 ____D C:\ProgramData\Merscom
2014-01-04 11:19 - 2014-01-04 11:19 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lost City of Z - Special Edition
2013-12-30 18:16 - 2013-12-17 11:51 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\ERS Game Studios
2013-12-28 11:34 - 2013-12-28 11:34 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\Eipix
2013-12-24 13:50 - 2013-11-06 16:33 - 00065904 _____ C:\Users\sissymary\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-24 13:49 - 2006-11-02 07:47 - 00279264 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-24 13:24 - 2013-12-24 13:24 - 00000000 ____D C:\Users\sissymary\Documents\Symantec
2013-12-24 13:24 - 2013-12-24 13:03 - 00000000 ____D C:\Users\sissymary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2013-12-24 13:02 - 2013-12-24 13:02 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-12-24 10:34 - 2013-12-24 10:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-22 14:35 - 2013-12-22 14:35 - 00000000 ____D C:\Windows\Sun

Some content of TEMP:
====================
C:\Users\sissymary\AppData\Local\Temp\avgB6B4.tmp.exe
C:\Users\sissymary\AppData\Local\Temp\oi_{04F0FB5D-B3F7-4208-BF44-5D0FD26ABEC4}.exe
C:\Users\sissymary\AppData\Local\Temp\oi_{39523B13-65DE-4F15-9A13-21249AD9C225}.exe
C:\Users\sissymary\AppData\Local\Temp\UNINSTALL.EXE

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-01-15 19:11

==================== End Of Log ============================

[kevinf80]

Can you post the second FRST log "addition.txt"

[bearboat]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-01-2014 03
Ran by sissymary at 2014-01-16 12:40:04
Running from C:\Users\sissymary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XB2AJEYX
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) (Version: 10.1.4 - Adobe Systems Incorporated)
Big Fish: Game Manager (Version: 3.2.0.7 - )
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HDA D330 MDC V.92 Modem (Version: 7.75.00.51 - Conexant)
Dell Best of Web (Version: 1.00.0000 - Dell)
Dell Dock (Version: 1.0.0 - Dell)
Dell Getting Started Guide (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Version: 2.1.08060 - Dell)
Dell Touchpad (Version: 7.1.103.4 - Alps Electric)
Digital Line Detect (Version: 1.21 - BVRP Software, Inc)
EDocs (Version:  - )
GoToAssist 8.0.0.514 (Version:  - )
House of 1000 Doors: Family Secrets (Version:  - )
IDT Audio (Version: 1.0.6304.0 - IDT)
Intel® Matrix Storage Manager (Version:  - )
Intel® PROSet/Wireless Software (Version: 11.01.0000 - Intel Corporation)
Java 6 Update 5 (Version: 1.6.0.50 - Sun Microsystems, Inc.)
League of Light: Dark Omens (Version:  - )
Lost City of Z: Special Edition (Version:  - )
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Marvell Miniport Driver (Version: 11.45.4.3 - Marvell)
McAfee Total Protection (Version: 12.8.903 - McAfee, Inc.)
mCore (Version: 9.24.0000 - Intel Corporation) Hidden
MediaDirect (Version: 3.5 - Dell)
mHelp (Version: 9.24.0000 - Intel) Hidden
Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Works (Version: 9.7.0621 - Microsoft Corporation)
mMHouse (Version: 9.24.0000 - Intel Corporation) Hidden
Modem Diagnostic Tool (Version: 1.0.24.0 - Dell)
mPfMgr (Version: 9.24.0000 - Intel Corporation) Hidden
mWMI (Version: 9.24.0000 - Intel Corporation) Hidden
Mystery Trackers: Silent Hollow (Version:  - )
NetWaiting (Version: 2.5.53 - BVRP Software, Inc)
Nevertales: The Beauty Within (Version:  - )
OutlookAddinSetup (Version: 1.0.0 - CyberLink)
QuickSet (Version: 8.2.20 - Dell Inc.)
RICOH Media Driver ver.2.07.01.00 (Version: 2.07.01.00 - RICOH)
Roxio Creator Audio (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE (Version: 10.1 - Roxio)
Roxio Creator DE (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (Version: 3.2.1 - Roxio) Hidden
Roxio Update Manager (Version: 6.0.0 - Roxio) Hidden
Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
SlimDrivers (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)

==================== Restore Points  =========================

15-11-2013 20:09:27 Windows Update
16-11-2013 13:42:21 Windows Update
17-11-2013 18:19:50 Windows Update
17-11-2013 18:55:15 Windows Update
17-11-2013 20:38:33 Windows Update
18-11-2013 01:09:04 Windows Update
18-11-2013 17:56:43 Windows Update
23-11-2013 19:27:01 Scheduled Checkpoint
11-12-2013 12:30:35 Windows Update
17-12-2013 13:27:44 Scheduled Checkpoint
24-12-2013 18:32:14 Norton 360 Registry Clean
09-01-2014 14:13:52 Windows Update
10-01-2014 21:57:17 Scheduled Checkpoint
14-01-2014 18:58:59 Removed SlimCleaner
15-01-2014 13:00:10 Windows Update
15-01-2014 17:19:33 SlimDrivers Installing Drivers
15-01-2014 17:44:43 Device Driver Package Install: Marvell Network adapters
15-01-2014 18:40:24 Device Driver Package Install: Intel System devices
15-01-2014 18:47:23 Installed RICOH Media Driver ver.2.07.01.00
15-01-2014 18:49:05 Device Driver Package Install: Ricoh Company IDE ATA/ATAPI controllers
15-01-2014 18:50:18 Device Driver Package Install: Ricoh Company IDE ATA/ATAPI controllers
15-01-2014 18:51:28 Device Driver Package Install: Ricoh Company IDE ATA/ATAPI controllers
15-01-2014 18:52:06 Device Driver Package Install: Ricoh Company IDE ATA/ATAPI controllers
15-01-2014 18:55:18 Device Driver Package Install: Ricoh Company IDE ATA/ATAPI controllers
15-01-2014 18:58:11 Device Driver Package Install: Ricoh Company IDE ATA/ATAPI controllers
15-01-2014 19:37:22 Device Driver Package Install: IDT Sound, video and game controllers
15-01-2014 19:40:23 Installed IDT Audio
15-01-2014 19:49:42 Device Driver Package Install: Conexant Modems
15-01-2014 20:02:47 Removed DriverUpdate

==================== Hosts content: ==========================

2006-11-02 05:23 - 2006-09-18 16:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1DF603D9-0506-4973-A897-42C50C5B86FF} - System32\Tasks\SlimCleaner Run => C:\Program Files\SlimCleaner\SlimCleaner.exe
Task: {294B6462-0923-41C9-A26B-FB10A044FA23} - System32\Tasks\SlimDrivers Startup => C:\Program Files\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {409F6E02-CFC4-4AF0-8BA5-E3BE67A2E94F} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files\Norton 360\Engine\21.1.0.18\SymErr.exe
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {52BC1D66-3E7F-42B6-BB25-330CC241EB11} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-11] (Adobe Systems Incorporated)
Task: {A417DE35-DA0F-44D0-82CB-9C6E305A3785} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {E3CBA992-05F3-42A3-9B9B-BB85B0ED55E8} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton 360\Engine\21.1.0.18\WSCStub.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {F508ABC6-D6D0-433C-B779-BD853E870BCE} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files\Norton 360\Engine\21.1.0.18\SymErr.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files\SlimDrivers\SlimDrivers.exe

==================== Loaded Modules (whitelisted) =============

2014-01-14 15:09 - 2013-08-02 08:13 - 00170296 _____ () C:\Program Files\McAfee\MSK\mskoeplg.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:2313511A
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:413177C4
AlternateDataStreams: C:\ProgramData\TEMP:5C9A6C78
AlternateDataStreams: C:\ProgramData\TEMP:7FD903D7
AlternateDataStreams: C:\ProgramData\TEMP:88C5973F
AlternateDataStreams: C:\ProgramData\TEMP:922DA2DB
AlternateDataStreams: C:\ProgramData\TEMP:B69CF390
AlternateDataStreams: C:\ProgramData\TEMP:C98828D3
AlternateDataStreams: C:\ProgramData\TEMP:E9C2F553
AlternateDataStreams: C:\ProgramData\TEMP:F176B6C6
AlternateDataStreams: C:\ProgramData\TEMP:F4BF61E8

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/16/2014 09:14:10 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16526 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 2534
Start Time: 01cf12c49ff43750
Termination Time: 28

Error: (01/16/2014 02:44:51 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2014 00:33:40 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/15/2014 10:23:22 PM) (Source: Application Hang) (User: )
Description: The program mcuicnt.exe version 5.9.2.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 2060
Start Time: 01cf12564adbbbf0
Termination Time: 529

Error: (01/15/2014 09:47:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/15/2014 09:42:23 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module ntdll.dll, version 6.0.6002.18881, time stamp 0x51da3e27, exception code 0xc0000374, fault offset 0x000b06fc,
process id 0x500, application start time 0xsvchost.exe0.

Error: (01/15/2014 07:20:09 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16526 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1104
Start Time: 01cf1250362cfdf0
Termination Time: 183

Error: (01/15/2014 07:05:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/15/2014 07:03:10 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.

Error: (01/15/2014 07:02:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (01/16/2014 09:05:04 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer PAPA-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{AB19F49A-AC53-4FCB-914A-962782990F.
The master browser is stopping or an election is being forced.

Error: (01/16/2014 08:59:22 AM) (Source: DCOM) (User: )
Description: {2F4C0E0C-80AD-4105-9A0F-4BA90BB64296}

Error: (01/16/2014 08:58:56 AM) (Source: Service Control Manager) (User: )
Description: 30000PlugPlay

Error: (01/16/2014 02:46:40 AM) (Source: Service Control Manager) (User: )
Description: 1Restart the serviceWindows Management Instrumentation%%1056

Error: (01/16/2014 00:38:24 AM) (Source: Service Control Manager) (User: )
Description: 1Restart the serviceRemote Access Connection Manager%%1056

Error: (01/16/2014 00:35:26 AM) (Source: Service Control Manager) (User: )
Description: 1Restart the serviceWindows Management Instrumentation%%1056

Error: (01/16/2014 00:35:26 AM) (Source: Service Control Manager) (User: )
Description: 1Restart the serviceServer%%1056

Error: (01/15/2014 11:38:44 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (01/15/2014 10:30:12 PM) (Source: DCOM) (User: )
Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}

Error: (01/15/2014 09:49:13 PM) (Source: Service Control Manager) (User: )
Description: 1Restart the serviceRemote Access Connection Manager%%1056

Microsoft Office Sessions:
=========================
Error: (01/16/2014 09:14:10 AM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16526253401cf12c49ff4375028

Error: (01/16/2014 02:44:51 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2014 00:33:40 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/15/2014 10:23:22 PM) (Source: Application Hang)(User: )
Description: mcuicnt.exe5.9.2.0206001cf12564adbbbf0529

Error: (01/15/2014 09:47:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/15/2014 09:42:23 PM) (Source: Application Error)(User: )
Description: svchost.exe6.0.6001.1800047918b89ntdll.dll6.0.6002.1888151da3e27c0000374000b06fc50001cf124e71e0f11f

Error: (01/15/2014 07:20:09 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16526110401cf1250362cfdf0183

Error: (01/15/2014 07:05:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/15/2014 07:03:10 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.

Error: (01/15/2014 07:02:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
  Date: 2014-01-16 00:41:15.770
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-16 00:41:15.328
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-16 00:41:14.630
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-16 00:41:14.190
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-16 00:41:13.549
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-16 00:41:13.041
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-16 00:40:47.375
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-16 00:40:46.400
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-16 00:40:45.765
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-16 00:40:45.343
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

[kevinf80]

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

 

• Double click on AdwCleaner.exe to run the tool.
  
• Vista/Windows 7/8 users right-click and select Run As Administrator
  
• Click on the Scan button.
  
• AdwCleaner will begin...be patient as the scan may take some time to complete.
  
• When it's done you'll see: Pending: Uncheck any elements you don't want removed.
  
• Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  
• Look over the log especially under Files/Folders for any program you want to save.
  
• If there's a program you want to save, just uncheck it from AdwCleaner.
  
• If you're not sure, post the log for review.
  
• If you're ready to clean it all up.....click the Clean button.
  
• After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  
• Copy and paste the contents of that logfile in your next reply.
  
• A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  
• Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  
• To restore an item that has been deleted (if necessary):
  
• Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
  

 

Next,

 

Please download Junkware Removal Tool to your desktop.

• 
  

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Next,

 

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Full scan

Make sure that everything is checked, and click Remove Selected on any found items.

 

Post the produced logs, also let me know if any remaining issues or concerns....

 

Kevin...

 

 

fixlist.txt

[bearboat]

frst is a txt file. how do you run this and where is fix button

[kevinf80]

You do not run the text file, you d/l and save exactly where you have FRST saved, I did ask that FRST should be saved to the Desktop. Unfortunately it would seem you saved it here: Running from C:\Users\sissymary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XB2AJEYX

 

The file fixlist.txt needs to be d/l and saved to the same folder you have FRST, Then you run FRST, once the program opens you select the Fix and wait, FRST then loads the text file and runs to the script.

On completion a log is produced....

[bearboat]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 15-01-2014 03
Ran by sissymary at 2014-01-16 15:01:46 Run:1
Running from C:\Users\sissymary\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
C:\Users\sissymary\AppData\Local\Temp\avgB6B4.tmp.exe
C:\Users\sissymary\AppData\Local\Temp\oi_{04F0FB5D-B3F7-4208-BF44-5D0FD26ABEC4}.exe
C:\Users\sissymary\AppData\Local\Temp\oi_{39523B13-65DE-4F15-9A13-21249AD9C225}.exe
C:\Users\sissymary\AppData\Local\Temp\UNINSTALL.EXE
AlternateDataStreams: C:\ProgramData\TEMP:2313511A
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:413177C4
AlternateDataStreams: C:\ProgramData\TEMP:5C9A6C78
AlternateDataStreams: C:\ProgramData\TEMP:7FD903D7
AlternateDataStreams: C:\ProgramData\TEMP:88C5973F
AlternateDataStreams: C:\ProgramData\TEMP:922DA2DB
AlternateDataStreams: C:\ProgramData\TEMP:B69CF390
AlternateDataStreams: C:\ProgramData\TEMP:C98828D3
AlternateDataStreams: C:\ProgramData\TEMP:E9C2F553
AlternateDataStreams: C:\ProgramData\TEMP:F176B6C6
AlternateDataStreams: C:\ProgramData\TEMP:F4BF61E8
End
*****************

C:\Users\sissymary\AppData\Local\Temp\avgB6B4.tmp.exe => Moved successfully.
C:\Users\sissymary\AppData\Local\Temp\oi_{04F0FB5D-B3F7-4208-BF44-5D0FD26ABEC4}.exe => Moved successfully.
C:\Users\sissymary\AppData\Local\Temp\oi_{39523B13-65DE-4F15-9A13-21249AD9C225}.exe => Moved successfully.
C:\Users\sissymary\AppData\Local\Temp\UNINSTALL.EXE => Moved successfully.
C:\ProgramData\TEMP => ":2313511A" ADS removed successfully.
C:\ProgramData\TEMP => ":2CB9631F" ADS removed successfully.
C:\ProgramData\TEMP => ":413177C4" ADS removed successfully.
C:\ProgramData\TEMP => ":5C9A6C78" ADS removed successfully.
C:\ProgramData\TEMP => ":7FD903D7" ADS removed successfully.
C:\ProgramData\TEMP => ":88C5973F" ADS removed successfully.
C:\ProgramData\TEMP => ":922DA2DB" ADS removed successfully.
C:\ProgramData\TEMP => ":B69CF390" ADS removed successfully.
C:\ProgramData\TEMP => ":C98828D3" ADS removed successfully.
C:\ProgramData\TEMP => ":E9C2F553" ADS removed successfully.
C:\ProgramData\TEMP => ":F176B6C6" ADS removed successfully.
C:\ProgramData\TEMP => ":F4BF61E8" ADS removed successfully.

==== End of Fixlog ====

# AdwCleaner v3.017 - Report created 16/01/2014 at 15:07:00
# Updated 12/01/2014 by Xplode
# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)
# Username : sissymary - SISSYMARY-PC
# Running from : C:\Users\sissymary\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16526

-\\ Google Chrome v

[ File : C:\Users\sissymary\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url

*************************

AdwCleaner[R0].txt - [2016 octets] - [16/01/2014 14:36:24]
AdwCleaner[R1].txt - [2011 octets] - [16/01/2014 15:04:27]
AdwCleaner[s0].txt - [1820 octets] - [16/01/2014 15:07:00]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1880 octets] ##########

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows Vista Home Premium x86
Ran by sissymary on Thu 01/16/2014 at 15:17:38.07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\big fish"
Successfully deleted: [Folder] "C:\Users\sissymary\appdata\local\big fish"
Successfully deleted: [Folder] "C:\Program Files\big fish games"
Successfully deleted: [Folder] "C:\bigfishcache"

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 01/16/2014 at 15:45:43.18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.16.06

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
sissymary :: SISSYMARY-PC [administrator]

Protection: Enabled

1/16/2014 3:52:34 PM
mbam-log-2014-01-16 (15-52-34).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 206712
Time elapsed: 14 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

[kevinf80]

We still need to run an online AV scan to ensure there are no remnants of any infection left on your system that we may have missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 

• Turn off the real time scanner of any existing antivirus program while performing the online scan
  
• click on the Run ESET Online Scanner button
  
• Tick the box next to YES, I accept the Terms of Use.
  Click Start
  
• When asked, allow the add/on to be installed
  Click Start
  
• Make sure that the option Remove found threats is unticked
  
• Click on Advanced Settings, ensure the options
  
• Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  Click Scan
  
• wait for the virus definitions to be downloaded
  
• Wait for the scan to finish
  

 

When the scan is complete

 

• If no threats were found
  
• put a checkmark in "Uninstall application on close"
  
• close program
  
• report to me that nothing was found
  

 

If threats were found

 

• click on "list of threats found"
  
• click on "export to text file" and save it as ESET SCAN and save to the desktop
  
• Click on back
  
• put a checkmark in "Uninstall application on close"
  
• click on finish
  

 

close program

 

copy and paste the report in next reply

 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

Post those logs, also give update on any remaining issues or concerns..

 

Kevin...

[bearboat]

problem still exists.

 

C:\Users\sissymary\AppData\LocalLow\C751.tmp a variant of Win32/Kryptik.BRFT trojan

 

 Results of screen317's Security Check version 0.99.79 
 Windows Vista Service Pack 2 x86 (UAC is enabled) 
 Internet Explorer 9 
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled! 
McAfee Anti-Virus and Anti-Spyware  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Java 6 Update 5 
 Java version out of Date!
 Adobe Reader 10.1.4 Adobe Reader out of Date! 
 Google Chrome 29.0.1547.66 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 6 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 

[kevinf80]

Uninstall the following outdated versions of Adobe and Java...

 

Java™ 6 Update 5 
Adobe Reader 10.1.4

 

Next,

 

Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from the following link :-

 

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

 

•  

   

• Ensure that Combofix is saved directly to the Desktop <--- Very important

   

   

   

• Disable all security programs as they will have a negative effect on Combofix, instructions available here  http://www.bleepingcomputer.com/forums/topic114351.html if required. Be aware the list may not have all programs listed, if you need more help please ask.

   

   

   

• Close any open browsers and any other programs you might have running

   

   

   

• Double click the icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)

   

   

   

• Instructions for running Combofix available here http://www.bleepingcomputer.com/combofix/how-to-use-combofix if required.

   

   

   

• If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.

   

   

   

• When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review

   

   

 

 

****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

 

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.

Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read here  http://thespykiller.co.uk/index.php?page=20 why  disabling autoruns is recommended.

 

*EXTRA NOTES*

 

•  

     

• If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.

   

     

• If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal

   

     

• If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

   

   

 

 

Post the log in next reply please...

 

Kevin

[bearboat]

trying to run combofix - message  combofix is not a valid win32 application

[bearboat]

where it says to download a fresh copy of combofix, it show LINK1 and LINK2, as only text - no other wording of active links

[kevinf80]

Leave combofix, run the following:

 

1.Download Malwarebytes Anti-Rootkit from this link:

 

 http://www.malwarebytes.org/products/mbar/

 

2. Unzip the File to a convenient location. (Recommend the Desktop)

3. Open the folder where the contents were unzipped to run mbar.exe

 

 

4. Double-click on the mbar.exe file, you may receive a User Account Control prompt asking if you are sure you wish to allow the program to run. Please allow the program to run and MBAR will now start to install any necessary drivers that are required for the program to operate correctly. If a rootkit is interfering with the installation of the drivers you will see a message that states that the DDA driver was not installed and that you should reboot your computer to install it. You will see this image:

 

 

5. If you receive this message, please click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer. Once the computer is rebooted and you login, MBAR will automatically start and you will now be at the start screen. (If no Rootkit warning you will go from step 4 to 6.)

 

6. The following image opens, select Next.

 

 

7. The following image opens, select Update

 

 

8. When the update completes select Next.

 

 

9. In the following window ensure "Targets" are ticked. Then select "Scan"

 

 

10. If an infection is found select the "Cleanup Button" to remove threats, Reboot if prompted. Wait while the system shuts down and the cleanup process is performed.

 

 

11. Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click "Cleanup Button" once more and repeat the process.

12. If no threats were found you will see the following image, Select Exit:

 

 

13. Verify that your system is now running normally, making sure that the following items are functional:

 

• 
       
• Internet access
       
• Windows Update
       
• Windows Firewall
  

 

14.  If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included within Malwarebytes Anti-Rootkit folder.

 

15. Select "Y" from your Keyboard, tap Enter.

 

16. The fix will be applied, select any key to Exit.

 

17. Let me know how your system now responds. Copy and paste the two following logs from the mbar folder:

 

System - log

Mbar - log   Date and time of scan will also be shown

 

Thanks,

 

Kevin...

[bearboat]

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

© Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.161000 GHz
Memory total: 3210014720, free: 1597444096

Downloaded database version: v2014.01.17.06
Downloaded database version: v2013.12.18.01
=======================================
Initializing...
------------ Kernel report ------------
     01/17/2014 12:40:30
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\DRIVERS\intelide.sys
\SystemRoot\system32\DRIVERS\PCIIDEX.SYS
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iastor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\McPvDrv.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\yk60x86.sys
\SystemRoot\system32\DRIVERS\NETw4v32.sys
\SystemRoot\system32\DRIVERS\ohci1394.sys
\SystemRoot\system32\DRIVERS\1394BUS.SYS
\SystemRoot\system32\DRIVERS\sdbus.sys
\SystemRoot\system32\DRIVERS\rimmptsk.sys
\SystemRoot\system32\DRIVERS\rimsptsk.sys
\SystemRoot\system32\DRIVERS\rixdptsk.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\Apfiltr.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\HSXHWAZL.sys
\SystemRoot\system32\DRIVERS\HSX_DPV.sys
\SystemRoot\system32\DRIVERS\HSX_CNXT.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\drivers\IntcHdmi.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\stwrt.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\system32\DRIVERS\mfencbdc.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\mdmxsdk.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\xaudio.sys
\SystemRoot\system32\drivers\mfeapfk.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\cfwids.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff865c7ac8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-0\
Lower Device Object: 0xffffffff85521030
Lower Device Driver Name: Unknown
IRP handler 0 of \Driver\iaStor points to an unknown module
Unhooking enabled.
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff865c7ac8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-0\
Lower Device Object: 0xffffffff85521030
Lower Device Driver Name: Unknown
Driver name found: iaStor
Initialization returned 0x0
Load Function returned 0x0
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff865c7ac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff865c77b0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff865c7ac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff85521030, DeviceName: \Device\Ide\IAAStorageDevice-0\, DriverName: Unknown
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0xffffffffac93a4f0, 0xffffffff865c7ac8, 0xffffffff868deac8
Lower DeviceData: 0xffffffffc67558e8, 0xffffffff85521030, 0xffffffff84cba940
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
MBR buffers are not equal
MBR is forged! [0c09dbfb6e001608950df0db533ee0d1]
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C0000000

Partition information:

    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 144522

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 145408  Numsec = 20971520

    Partition 2 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 21116928  Numsec = 598779896
    Partition is not bootable

    Partition 3 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 619896832  Numsec = 5242880

Infected: MBR on Drive 0 --> [Rootkit.Harbinger.MBR]
Replacement MBR for a drive 0 found
MBR infection found on drive 0
Disk Size: 320072933376 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-625122448-625142448)...
Sectors 625142180 - 625142447 --> [Forged physical sectors]
Done!
Scan finished
Creating System Restore point...
Cleaning up...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

© Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.161000 GHz
Memory total: 3210014720, free: 1774161920

=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

© Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.161000 GHz
Memory total: 3210014720, free: 1522425856

Downloaded database version: v2014.01.17.06
Downloaded database version: v2013.12.18.01
=======================================
Initializing...
------------ Kernel report ------------
     01/17/2014 13:15:32
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\DRIVERS\intelide.sys
\SystemRoot\system32\DRIVERS\PCIIDEX.SYS
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iastor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\McPvDrv.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\yk60x86.sys
\SystemRoot\system32\DRIVERS\NETw4v32.sys
\SystemRoot\system32\DRIVERS\ohci1394.sys
\SystemRoot\system32\DRIVERS\1394BUS.SYS
\SystemRoot\system32\DRIVERS\sdbus.sys
\SystemRoot\system32\DRIVERS\rimmptsk.sys
\SystemRoot\system32\DRIVERS\rimsptsk.sys
\SystemRoot\system32\DRIVERS\rixdptsk.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\Apfiltr.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\HSXHWAZL.sys
\SystemRoot\system32\DRIVERS\HSX_DPV.sys
\SystemRoot\system32\DRIVERS\HSX_CNXT.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\drivers\IntcHdmi.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\stwrt.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\system32\DRIVERS\mfencbdc.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\mdmxsdk.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\xaudio.sys
\SystemRoot\system32\drivers\mfeapfk.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff863c8968
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-0\
Lower Device Object: 0xffffffff84782030
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff863c8968, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff863c8650, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff863c8968, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff84782030, DeviceName: \Device\Ide\IAAStorageDevice-0\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C0000000

Partition information:

    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 144522

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 145408  Numsec = 20971520

    Partition 2 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 21116928  Numsec = 598779896
    Partition is not bootable

    Partition 3 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 619896832  Numsec = 5242880

Disk Size: 320072933376 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-625122448-625142448)...
Done!
Scan finished
=======================================

Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_2_21116928_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished

 

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org

Database version: v2014.01.17.06

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
sissymary :: SISSYMARY-PC [administrator]

1/17/2014 12:40:54 PM
mbar-log-2014-01-17 (12-40-54).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 196979
Time elapsed: 21 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 2
Master Boot Record on Drive #0 (Rootkit.Harbinger.MBR) -> Replace on reboot.
Physical Sector #625142180 on Drive #0 (Forged physical sector) -> Replace on reboot.

(end)

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org

Database version: v2014.01.17.06

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
sissymary :: SISSYMARY-PC [administrator]

1/17/2014 1:15:44 PM
mbar-log-2014-01-17 (13-15-44).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 196678
Time elapsed: 16 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

 

noise appears to be gone

[kevinf80]

Yes patched mbr has been replaced, good news. Run the following:

 

Download Zoek.zip from here http://www.hijackthis.nl/smeenk/220813/zoek.zip and save that zip file to your Desktop. Make sure to select direct on the word “Zip”

 

Double click zip file and extract to your  Desktop:

 

 

 

 

you will now have 3 versions of the tool on the Desktop:

 

 

 

Before running Zoek make sure all Browsers are closed and Security is turned OFF. Check at the following link: http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/]

 

Double click on each in turn until one version of Zoek will run (accept UAC) The following window will open:

 

 

 

 

Copy and paste the following script from the code box and paste into the field.

 

 

standardsearch;autoruns;autoclean;emptyclsid;emptyalltemp;installedprogs;  

 

 

Select the "Run Script" tab. The following window will open:

 

 

 

 

 

 

Please be patient and do not use the PC when the scan is in progress.

 

When complete you maybe asked to re-boot your PC, if so please do

 

 

Post the produced log in your next reply…..

 

Kevin

[bearboat]

need to send in sections- file too big

 

part 1

 

Zoek.exe v5.0.0.0 Updated 17-Januari-2014
Tool run by sissymary on Fri 01/17/2014 at 15:54:10.49.
Microsoft® Windows Vista™ Home Premium  6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\sissymary\AppData\Local\Temp\Temp3_zoek.zip\zoek.com [scan all users] [script inserted]

==== System Restore Info ======================

1/17/2014 3:57:43 PM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3053283735-1548967531-3860599787-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A1F847BF-2AF7-4C29-B0E1-AE1FBC841FF9} deleted successfully

==== Deleting CLSID Registry Values ======================

==== File Information Results ======================

==== Installed Programs ======================

Adobe Flash Player 11 ActiveX 
Big Fish: Game Manager 
Compatibility Pack for the 2007 Office system 
Dell Best of Web 
Dell Dock 
Dell Getting Started Guide 
Dell Support Center 
Dell Touchpad 
Digital Line Detect 
EDocs 
GoToAssist 8.0.0.514 
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) 
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) 
House of 1000 Doors: Family Secrets 
IDT Audio 
Intel® Matrix Storage Manager 
Intel® PROSet/Wireless Software 
League of Light: Dark Omens 
Lost City of Z: Special Edition 
Malwarebytes Anti-Malware version 1.75.0.1300 
Marvell Miniport Driver 
McAfee Total Protection 
mCore 
MediaDirect 
mHelp 
Microsoft .NET Framework 3.5 SP1 
Microsoft .NET Framework 4.5.1 
Microsoft Office PowerPoint Viewer 2007 (English) 
Microsoft Silverlight 
Microsoft Works 
mMHouse 
Modem Diagnostic Tool 
mPfMgr 
mWMI 
Mystery Trackers: Silent Hollow 
NetWaiting 
Nevertales: The Beauty Within 
OutlookAddinSetup 
QuickSet 
RICOH Media Driver ver.2.07.01.00 
Roxio Creator Audio 
Roxio Creator Copy 
Roxio Creator Data 
Roxio Creator DE 
Roxio Creator Tools 
Roxio Express Labeler 3 
Roxio Update Manager 
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) 
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) 
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) 
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) 
Shared C Run-time for x86 
SlimDrivers 
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) 

==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files\SlimDrivers\SlimDrivers.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IDT\WDM\aestsrv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\McAfee\MAT\McPvTray.exe
C:\Windows\explorer.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\Users\sissymary\AppData\Roaming\AlawarEntertainment deleted

==== Registry Search Results for "standardsearch" ======================

No instances of string "standardsearch" found.

==== System Specs ======================

Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002)
Memory (RAM): 3062 MB
CPU Info: Intel® Core2 Duo CPU     T5850  @ 2.16GHz
CPU Speed: 1555.3 MHz
Sound Card: Speakers / Headphones (IDT High |
Digital Output Device (SPDIF Ou |
Display Adapters: Mobile Intel® 965 Express Chipset Family | Mobile Intel® 965 Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1280 X 800 - 32 bit
Network: Network Present
Network Adapters: Intel® Wireless WiFi Link 4965AGN | Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
CD / DVD Drives: 1x (E: | ) E: TSSTcorpDVD+-RW TS-L632H
Ports: COM3 LPT Port NOT Present.
Mouse: 2 Button Wheel Mouse Present
Hard Disks: C:  285.5GB | D:  10.0GB
Hard Disks - Free: C:  217.5GB | D:  5.2GB
Manufacturer *: Dell Inc.
BIOS Info: AT/AT COMPATIBLE | 10/16/08 | DELL   - 27d80a10
Time Zone: Eastern Standard Time
Motherboard *: Dell Inc. 0U990C
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: McAfee Anti-Virus and Anti-Spyware On-access scanning disabled (Outdated)
Anti-Spyware: McAfee Anti-Virus and Anti-Spyware disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Firewall: McAfee Firewall disabled
Internet Explorer Version: 9.0.8112.16421

[bearboat]

part 2

 

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\SISSYM~1\AppData\Local\Temp ====
2014-01-16 20:17:10 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2014-01-15 18:48:39 E7129D5601714BA8E6C9B6AD7B48A20C 11264 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\DIFxCmd.exe
2014-01-15 18:48:38 F5558C67A3ADB662D43D40A1CBDE4160 525792 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\DIFxAPI.dll
2014-01-15 18:48:37 A02945A8D2D51BDDA51EEA6F9F69C1FA 10752 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\DIFxCmd.exe
2014-01-15 18:48:37 1BD976DD77B31FE0F25708AD5C1351AE 319456 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\DIFxAPI.dll
2014-01-15 18:48:34 6FAF5B04BEDC66D300D9D233B2D222F0 67584 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\rimmpx64.sys
2014-01-15 18:48:32 4D7EF3D46346EC4C58784DB964B365DE 57856 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\Rixdpx64.sys
2014-01-15 18:48:29 67F50C31713106FD1B0F286F86AA2B2E 55296 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\Rimspx64.sys
2014-01-15 18:48:26 DCB87DA83CC1010CBC9FC4DC9E395BBC 38400 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\rixdptsk.sys
2014-01-15 18:48:25 9BFB54D3559F2FF7301271D29D383564 44544 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\rimsptsk.sys
2014-01-15 18:48:22 DF672613FBBCD58C38BB0BC2694BCFB0 48128 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\rimmptsk.sys
2014-01-15 18:48:19 85070E4CD5EA0AE2180B516DB465000C 90112 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\snymsico.dll
2014-01-15 18:48:19 6A1CD4674505E6791390A1AB71DA1FBE 55808 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\rixdpe64.sys
2014-01-15 18:48:17 A6DA2B0C8F5BB3F9F5423CFF8D6A02D9 80896 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\risdpe64.sys
2014-01-15 18:48:15 E20B1907FC72A3664ECE21E3C20FC63D 60416 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\rimspe64.sys
2014-01-15 18:48:13 C451500334F6A3FBAF5DFBE0BEC6635C 172032 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\RixDICON.dll
2014-01-15 18:48:12 FF6854681945FEB615F54EB5946B8F36 188416 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\RiMMCIcon.dll
2014-01-15 18:48:12 A827D22481BB2CDA0AC282204B8177C2 196608 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\RiSDIcon.dll
2014-01-15 18:48:12 85070E4CD5EA0AE2180B516DB465000C 90112 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\snymsico.dll
2014-01-15 18:48:11 764C1F3453E779724BA647327DE7DDD4 38400 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\rixdpe86.sys
2014-01-15 18:48:10 6978DECC2C38C5CE10A8B0F2B12F4451 49152 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\risdpe86.sys
2014-01-15 18:48:08 AF213955C4D952C914620E8DB0CD0CF7 47104 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\rimspe86.sys
2014-01-15 18:48:06 C451500334F6A3FBAF5DFBE0BEC6635C 172032 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\RixDICON.dll
2014-01-15 18:48:06 A827D22481BB2CDA0AC282204B8177C2 196608 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\RiSDIcon.dll
2014-01-15 18:48:05 FF6854681945FEB615F54EB5946B8F36 188416 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\RiMMCIcon.dll
2014-01-14 20:02:27 E168F9506BEA8AD06ADDA15C1AF9BEBD 1176424 ----a-w- C:\Users\sissymary\AppData\Local\Temp\McTemp\2793\Download_Files\OEMMAIN\mcinsspt.exe
2014-01-14 20:02:22 3F73696C2D71C714CD3E9ACAA41323E3 165232 ----a-w- C:\Users\sissymary\AppData\Local\Temp\McTemp\2793\InstProg.dll
2014-01-14 20:00:45 D5C1EEA7B0280EF343E74486D2D97B34 797104 ----a-w- C:\Users\sissymary\AppData\Local\Temp\McInstrumentationTemp\McItInfo.exe
2014-01-14 20:00:45 27D5ECE338EFE63ED1D9AACB2FAAE623 249632 ----a-w- C:\Users\sissymary\AppData\Local\Temp\McInstrumentationTemp\McUtil.dll
====== Java Cache =====
====== C:\Windows\system32 =====
2014-01-17 18:38:12 E4783742790B2084EFCBF6AE8968A73D 754688 ----a-w- C:\Windows\System32\webservices.dll
2014-01-15 19:46:47 7E1915B480A267FF88B2FF075CA5ACAC 249856 ----a-w- C:\Windows\System32\UCI32M34.dll
2014-01-15 19:40:01 5C6A0CB1018E3E7EBD4A1BA1E6086423 531968 ------w- C:\Windows\System32\stapi32.dll
2014-01-15 19:39:08 32AED9D266AA54480A8A77C856412096 86016 ----a-w- C:\Windows\System32\AESTCom.dll
2014-01-15 19:39:07 A2BDB0BA6DBC1257588E63FD1AB9117D 12718172 ----a-w- C:\Windows\System32\idtcpl.cpl
2014-01-15 19:36:43 33949066D169B2F3F0A214CFFB0E1380 405504 ----a-w- C:\Windows\System32\stcplx.dll
2014-01-15 19:36:42 A819A3472C5BD23D39EA5660103F70CD 935424 ----a-w- C:\Windows\System32\stapo.dll
2014-01-15 19:36:40 793EF864E9A6DBDD398B6A0831EFC3D8 179712 ----a-w- C:\Windows\System32\st326304.dll
2014-01-15 19:36:37 0E9866E1764D4E44A439C977DCAD14C2 172032 ----a-w- C:\Windows\System32\MaxxAudioAPOShell.dll
2014-01-15 19:36:36 33CCA4B2289AA5F8753387A8BF18816B 252928 ----a-w- C:\Windows\System32\MaxxAudioAPO30.dll
2014-01-15 18:48:06 C451500334F6A3FBAF5DFBE0BEC6635C 172032 ----a-w- C:\Windows\System32\rixdicon.dll
2014-01-15 18:40:12 E3F9DA68FE296EACBB2F4432351B481C 53248 ----a-w- C:\Windows\System32\CSVer.dll
2014-01-11 21:13:14 EBE768B199EB3E741AB64BE55CCF0F66 71048 ----a-w- C:\Windows\System32\FlashPlayerCPLApp.cpl
2014-01-11 21:13:14 52FA726F8D37412122EC4EF1DF09D80F 692616 ----a-w- C:\Windows\System32\FlashPlayerApp.exe
====== C:\Windows\system32\drivers =====
2014-01-17 17:39:19 14EA85B4C79B655C229D3596342A833A 74456 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-01-15 19:46:47 EEFBAA7957D6041C734E596D05C3804A 980992 ----a-w- C:\Windows\System32\drivers\HSX_DPV.sys
2014-01-15 19:46:47 C5020EFDF5CA428678159DFE97BEB13B 661504 ----a-w- C:\Windows\System32\drivers\HSX_CNXT.sys
2014-01-15 19:46:47 BE2B2CF481CD61619C5EFD77B4CBC445 208384 ----a-w- C:\Windows\System32\drivers\HSXHWAZL.sys
2014-01-15 19:36:45 CB39106E1E3364C80B6C6D7938CD7646 433152 ----a-w- C:\Windows\System32\drivers\stwrt.sys
2014-01-15 18:48:26 DCB87DA83CC1010CBC9FC4DC9E395BBC 38400 ----a-w- C:\Windows\System32\drivers\rixdptsk.sys
2014-01-15 18:48:25 9BFB54D3559F2FF7301271D29D383564 44544 ----a-w- C:\Windows\System32\drivers\rimsptsk.sys
2014-01-15 18:48:22 DF672613FBBCD58C38BB0BC2694BCFB0 48128 ----a-w- C:\Windows\System32\drivers\rimmptsk.sys
2014-01-15 17:15:51 75A8EE6F0917AD9355367DBF25DB8415 13464 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys
2014-01-15 02:40:21 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-01-14 20:26:07 156765F692192EA9039A6C4A809312FD 147912 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
2014-01-14 20:25:34 12F0F8D3F84FAB8F31D073286FE131CB 2641 ----a-w- C:\Windows\System32\drivers\mfencrk.inf
2014-01-14 20:25:33 4DC47CB74EBC1D92DD445FCC5DEAE76A 2951 ----a-w- C:\Windows\System32\drivers\mfencbdc.inf
2014-01-14 20:09:21 263418671C2F112C72524B6B236E7518 66296 ----a-w- C:\Windows\System32\drivers\McPvDrv.sys
2014-01-14 20:08:16 FC28E41FE9D4F3283FB41717C0BF0109 65928 ----a-w- C:\Windows\System32\drivers\mfebopk.sys
2014-01-14 20:08:16 D787C026F15BD8F762AB5829428FAA9C 60920 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2014-01-14 20:08:16 768AA2C44C589EA27E80E4EC05BD5F76 365416 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2014-01-14 20:08:16 75A2B9F70B77AA3DB15E96BDAAE484A2 133992 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2014-01-14 20:08:16 754FD1BD18DE5CCC4E61F500DC1F214F 213392 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2014-01-14 20:08:16 24E6ABD47FD50FC187FFC3583A14F339 572528 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2014-01-14 20:08:16 070850EFFC731B4A22FB7DDEAD41B943 236000 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
====== C:\Windows\Tasks ======
2014-01-15 17:16:11 E3BE8DED0C4995B188B8744DBC592666 2828 ----a-w- C:\Windows\system32\Tasks\SlimDrivers Startup
2014-01-15 17:16:10 4B91E9DB7C3C529D4A5BDB969EDC90C1 394 ----a-w- C:\Windows\Tasks\SlimDrivers Startup.job
2014-01-11 21:13:15 77ECECDE1B064ABF5394A0B2E9C6740B 830 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-11 21:13:15 1FAD87B0EE2CBA28AE9E44247ACAE9F6 3682 ----a-w- C:\Windows\system32\Tasks\Adobe Flash Player Updater
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-01-17 18:39:03 -------- d-----w- C:\Program Files\Common Files\Windows Live
2014-01-15 19:35:49 -------- d-----w- C:\Program Files\IDT
2014-01-15 17:37:32 -------- d-----w- C:\Program Files\Marvell
2014-01-15 17:14:15 -------- d-----w- C:\Program Files\SlimDrivers
2014-01-15 16:22:39 -------- d-----w- C:\Program Files\DriverUpdate
2014-01-14 16:03:46 -------- d-----w- C:\Program Files\Google
2013-12-24 15:34:41 -------- d-----w- C:\Program Files\Microsoft Silverlight
======= C: =====
====== C:\Users\sissymary\AppData\Roaming ======
2014-01-17 18:39:04 -------- d-----w- C:\Users\sissymary\AppData\Local\Windows Live
2014-01-15 23:53:00 -------- d-----w- C:\Users\sissymary\AppData\Local\Stardock_Corporation
2014-01-15 19:32:30 -------- d-----w- C:\Users\sissymary\AppData\Local\Downloaded Installations
2014-01-15 01:38:08 -------- d-----w- C:\Users\sissymary\AppData\Locallow\Adobe
2014-01-14 19:55:34 CD4C8E13DF031FD92DBC93C689058E06 5972 ----a-w- C:\Users\sissymary\AppData\Local\d3d9caps.dat
2014-01-14 16:13:54 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Google
2014-01-14 16:04:08 -------- d-----w- C:\Users\sissymary\AppData\Local\Google
2014-01-14 15:59:55 -------- d-----w- C:\Users\sissymary\AppData\Local\Adobe
2014-01-07 00:03:16 -------- d-----w- C:\Users\sissymary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\House of 1000 Doors - Family Secrets
2014-01-04 16:28:03 -------- d-----w- C:\Users\sissymary\AppData\Local\CrashDumps
2014-01-04 16:23:13 -------- d-----w- C:\Users\sissymary\AppData\Roaming\Merscom
2014-01-04 16:19:34 -------- d-----w- C:\Users\sissymary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lost City of Z - Special Edition
2013-12-28 16:34:46 -------- d-----w- C:\Users\sissymary\AppData\Roaming\Eipix
2013-12-24 21:44:28 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\CrashDumps
2013-12-22 19:34:57 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Locallow\Sun
====== C:\Users\sissymary ======
2014-01-17 17:36:06 4588D8307D92CBB05E66735A9833D9C6 12582688 ----a-w- C:\Users\sissymary\Desktop\mbar-1.07.0.1008.exe
2014-01-16 20:16:21 EE386D5ACB945089BCD91766697224BB 1037068 ----a-w- C:\Users\sissymary\Desktop\JRT.exe
2014-01-16 19:58:36 F87BAAE8C4209EE98D2C5F2F4B7D7B51 1221120 ----a-w- C:\Users\sissymary\Desktop\FRST.exe
2014-01-16 19:57:48 F87BAAE8C4209EE98D2C5F2F4B7D7B51 1221120 ----a-w- C:\Users\sissymary\Downloads\FRST (1).exe
2014-01-16 19:55:42 F87BAAE8C4209EE98D2C5F2F4B7D7B51 1221120 ----a-w- C:\Users\sissymary\Downloads\FRST.exe
2014-01-16 19:24:22 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Users\sissymary\Downloads\AdwCleaner.exe
2014-01-15 17:15:52 -------- d--h--w- C:\ProgramData\Common Files
2014-01-15 17:14:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
2014-01-14 16:01:26 -------- d-----w- C:\ProgramData\Adobe
2014-01-07 00:03:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\House of 1000 Doors - Family Secrets
2014-01-04 20:19:29 -------- d-----r- C:\Windows\system32\config\systemprofile\Favorites
2014-01-04 16:23:13 -------- d-----w- C:\ProgramData\Merscom
2014-01-04 16:19:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lost City of Z - Special Edition
2013-12-24 15:35:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

====== C: exe-files ==
2014-01-17 18:46:45 DC5AFC9E6DBB2C866F7AFABCFB1A8E39 7450888 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\76029de81cf13b446\bingbarsetup.exe
2014-01-17 18:45:03 A0EE8879A17B1D4B00B37D294AF106D0 15712 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\3b45d0081cf13b437\MeshBetaRemover.exe
2014-01-17 18:43:33 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\565f1481cf13b42a\DXSETUP.exe
2014-01-17 18:43:29 F5443547CAAC20AA334A88817579270F 525656 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\21b4a881cf13b429\DXSETUP.exe
2014-01-17 17:39:11 6CB8527528BFA9F690CD158EB61285C5 1175352 ----a-w- C:\Users\sissymary\Desktop\mbar\mbar.exe
2014-01-17 17:39:11 255411A7AC135FB4A1E90A2A6EA6C7C5 821560 ----a-w- C:\Users\sissymary\Desktop\mbar\Plugins\fixdamage.exe
2014-01-17 17:36:06 4588D8307D92CBB05E66735A9833D9C6 12582688 ----a-w- C:\Users\sissymary\Desktop\mbar-1.07.0.1008.exe
2014-01-17 15:40:56 762CE58CE7A4FEF1238CD6D4F869B826 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3053283735-1548967531-3860599787-1000\$IROSH81.exe
2014-01-17 15:04:40 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\$Recycle.Bin\S-1-5-21-3053283735-1548967531-3860599787-1000\$RROSH81.exe
2014-01-16 20:17:10 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2014-01-16 20:16:21 EE386D5ACB945089BCD91766697224BB 1037068 ----a-w- C:\Users\sissymary\Desktop\JRT.exe
2014-01-16 19:58:36 F87BAAE8C4209EE98D2C5F2F4B7D7B51 1221120 ----a-w- C:\Users\sissymary\Desktop\FRST.exe
2014-01-16 19:57:48 F87BAAE8C4209EE98D2C5F2F4B7D7B51 1221120 ----a-w- C:\Users\sissymary\Downloads\FRST (1).exe
2014-01-16 19:55:42 F87BAAE8C4209EE98D2C5F2F4B7D7B51 1221120 ----a-w- C:\Users\sissymary\Downloads\FRST.exe
2014-01-16 19:24:22 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Users\sissymary\Downloads\AdwCleaner.exe
2014-01-16 19:22:15 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Users\sissymary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RAK2ZAHT\AdwCleaner.exe
2014-01-16 17:31:43 F87BAAE8C4209EE98D2C5F2F4B7D7B51 1221120 ----a-w- C:\Users\sissymary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XB2AJEYX\FRST.exe
2014-01-16 16:39:40 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\sissymary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q4E8QZPO\mbam-consumer.exe
2014-01-16 00:11:58 99A60FA86F65AC2E5AED1301B3D3F571 1976344 ----a-w- C:\FRST\Quarantine\UNINSTALL.EXE
2014-01-16 00:09:38 008DE55BAED62FBE32A983A54E6F1233 204496 ----a-w- C:\Users\sissymary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\39HZYZ3G\startuplite-setup-1.07.exe
2014-01-15 19:46:46 CD5F291A1161F15896D1A4D63DAFF5DF 386560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\del000fz.inf_cebd1d3c\XAudio.exe
2014-01-15 19:46:45 5727DC44145BF21B4F32DFECD094E3EC 1028096 ----a-w- C:\Windows\System32\DriverStore\FileRepository\del000fz.inf_cebd1d3c\UIU32m.exe
2014-01-15 19:46:45 5727DC44145BF21B4F32DFECD094E3EC 1028096 ----a-w- C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F\UIU32m.exe
2014-01-15 19:46:16 80E23FD04CCE9A099C5133DB0F9795EE 1602486 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Downloads\0080E23FD04CCE9A099C5133DB0F9795EE00000000001873B6.exe
2014-01-15 19:46:10 F70A63E713110C6668783DB2CAE94AE8 141848 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2a03&subsys_022f1028\igfxtray.exe
2014-01-15 19:46:10 EAF517D1737BE33C7D0DDEF34B193DC2 530968 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2a03&subsys_022f1028\igfxcfg.exe
2014-01-15 19:46:10 CF535780EC30A7B6D881F61467FA5D20 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2a03&subsys_022f1028\igfxzoom.exe
2014-01-15 19:46:10 99B4071862E7BEF7DD4896A3B6E3477B 166424 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2a03&subsys_022f1028\hkcmd.exe
2014-01-15 19:46:10 91BE30E46577861156595BBCF34F5E71 256536 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2a03&subsys_022f1028\igfxsrvc.exe
2014-01-15 19:46:10 83A3890B00A43D7504C92AB474B82092 133656 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2a03&subsys_022f1028\igfxpers.exe
2014-01-15 19:46:10 4C04564C9E0E691FD1AB16AF03F245E5 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2a03&subsys_022f1028\igfxext.exe
2014-01-15 19:46:06 83A3890B00A43D7504C92AB474B82092 133656 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2a02&subsys_022f1028\igfxpers.exe
2014-01-15 19:46:06 4C04564C9E0E691FD1AB16AF03F245E5 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2a02&subsys_022f1028\igfxext.exe
2014-01-15 19:46:05 F70A63E713110C6668783DB2CAE94AE8 141848 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2a02&subsys_022f1028\igfxtray.exe
2014-01-15 19:46:05 EAF517D1737BE33C7D0DDEF34B193DC2 530968 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2a02&subsys_022f1028\igfxcfg.exe
2014-01-15 19:46:05 CF535780EC30A7B6D881F61467FA5D20 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2a02&subsys_022f1028\igfxzoom.exe
2014-01-15 19:46:05 99B4071862E7BEF7DD4896A3B6E3477B 166424 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2a02&subsys_022f1028\hkcmd.exe
2014-01-15 19:46:04 91BE30E46577861156595BBCF34F5E71 256536 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2a02&subsys_022f1028\igfxsrvc.exe
2014-01-15 19:45:57 CD5F291A1161F15896D1A4D63DAFF5DF 386560 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\XAudio.exe
2014-01-15 19:45:57 8228057A968316186AA61D9D174FF247 1024000 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\UIU32m.exe
2014-01-15 19:36:46 3F9D0769B337BDBBB5564D23F1B5F797 29184 ----a-w- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_84952e77\suhlp.exe
2014-01-15 19:36:46 3F9D0769B337BDBBB5564D23F1B5F797 29184 ------w- C:\Program Files\IDT\WDM\suhlp.exe
2014-01-15 19:36:44 BD5478D4DF3A50D740825DAEF4DE1B44 495708 ----a-w- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_84952e77\sttray.exe
2014-01-15 19:36:44 BD5478D4DF3A50D740825DAEF4DE1B44 495708 ----a-w- C:\Program Files\IDT\WDM\sttray.exe
2014-01-15 19:36:41 CD9A1716F037D0030AC7A5881944C3B2 258130 ----a-w- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_84952e77\stacsv.exe
2014-01-15 19:36:41 CD9A1716F037D0030AC7A5881944C3B2 258130 ----a-w- C:\Program Files\IDT\WDM\stacsv.exe
2014-01-15 19:36:36 DC70115FAB58BC975278B97A0D59811E 82944 ----a-w- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_84952e77\idtpima.exe
2014-01-15 19:36:36 DC70115FAB58BC975278B97A0D59811E 82944 ----a-w- C:\Program Files\IDT\WDM\idtpima.exe
2014-01-15 19:36:35 6A19907125BCB76B37EDC3DA80720410 536576 ----a-w- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_84952e77\idtmini1.exe
2014-01-15 19:36:35 6A19907125BCB76B37EDC3DA80720410 536576 ----a-w- C:\Program Files\IDT\WDM\idtmini1.exe
2014-01-15 19:36:31 827DBC22C96EECF6D36A13162FABAFD3 81920 ----a-w- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_84952e77\AEstSrv.exe
2014-01-15 19:36:31 827DBC22C96EECF6D36A13162FABAFD3 81920 ----a-w- C:\Program Files\IDT\WDM\AEstSrv.exe
2014-01-15 19:35:53 AE0B40875224229D325AD5DBE0AB0193 658136 ------w- C:\Program Files\IDT\HDAQFE\win2k_xp\us\kb835221.exe
2014-01-15 19:35:52 C03DBC6FA250B092E89766413CCC8420 754928 ------w- C:\Program Files\IDT\HDAQFE\win2k3\jpn\KB901105.exe
2014-01-15 19:35:52 149DC8054619F7765F38CC8C18603E62 752368 ------w- C:\Program Files\IDT\HDAQFE\win2k3\us\kb901105.exe
2014-01-15 19:35:51 EFBC7DEC61E11CFB331F1F40B186120E 375992 ------w- C:\Program Files\IDT\setup.exe
2014-01-15 19:35:50 DFBCC4E6A849D033E2F155F908A0A849 43008 ------w- C:\Program Files\IDT\pstubxx.exe
2014-01-15 19:35:42 EFBC7DEC61E11CFB331F1F40B186120E 375992 ----a-w- C:\Program Files\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe
2014-01-15 19:34:28 4F933C9D3903011905F0E3E6CF7DEC15 12870357 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Downloads\004F933C9D3903011905F0E3E6CF7DEC150000000000C462D5.exe
2014-01-15 19:31:29 3172125D93344E02AC09B28358B6D498 12351513 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Downloads\003172125D93344E02AC09B28358B6D4980000000000BC7819.exe
2014-01-15 19:31:22 F70A63E713110C6668783DB2CAE94AE8 141848 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2a03&subsys_022f1028\igfxtray.exe
2014-01-15 19:31:22 EAF517D1737BE33C7D0DDEF34B193DC2 530968 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2a03&subsys_022f1028\igfxcfg.exe
2014-01-15 19:31:22 CF535780EC30A7B6D881F61467FA5D20 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2a03&subsys_022f1028\igfxzoom.exe
2014-01-15 19:31:22 99B4071862E7BEF7DD4896A3B6E3477B 166424 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2a03&subsys_022f1028\hkcmd.exe
2014-01-15 19:31:22 91BE30E46577861156595BBCF34F5E71 256536 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2a03&subsys_022f1028\igfxsrvc.exe
2014-01-15 19:31:22 83A3890B00A43D7504C92AB474B82092 133656 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2a03&subsys_022f1028\igfxpers.exe
2014-01-15 19:31:22 4C04564C9E0E691FD1AB16AF03F245E5 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2a03&subsys_022f1028\igfxext.exe
2014-01-15 19:31:20 83A3890B00A43D7504C92AB474B82092 133656 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2a02&subsys_022f1028\igfxpers.exe
2014-01-15 19:31:20 4C04564C9E0E691FD1AB16AF03F245E5 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2a02&subsys_022f1028\igfxext.exe
2014-01-15 19:31:19 F70A63E713110C6668783DB2CAE94AE8 141848 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2a02&subsys_022f1028\igfxtray.exe
2014-01-15 19:31:19 EAF517D1737BE33C7D0DDEF34B193DC2 530968 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2a02&subsys_022f1028\igfxcfg.exe
2014-01-15 19:31:19 CF535780EC30A7B6D881F61467FA5D20 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2a02&subsys_022f1028\igfxzoom.exe
2014-01-15 19:31:19 99B4071862E7BEF7DD4896A3B6E3477B 166424 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2a02&subsys_022f1028\hkcmd.exe
2014-01-15 19:31:19 91BE30E46577861156595BBCF34F5E71 256536 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2a02&subsys_022f1028\igfxsrvc.exe
2014-01-15 19:31:13 CD5F291A1161F15896D1A4D63DAFF5DF 386560 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\XAudio.exe
2014-01-15 19:31:13 8228057A968316186AA61D9D174FF247 1024000 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\UIU32m.exe
2014-01-15 19:20:13 9DFD033F469AA6B62B674A22FBAF5102 1207452 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Downloads\009DFD033F469AA6B62B674A22FBAF51020000000000126C9C.exe
2014-01-15 19:11:35 F70A63E713110C6668783DB2CAE94AE8 141848 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2a03&subsys_022f1028\igfxtray.exe
2014-01-15 19:11:35 CF535780EC30A7B6D881F61467FA5D20 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2a03&subsys_022f1028\igfxzoom.exe
2014-01-15 19:11:35 99B4071862E7BEF7DD4896A3B6E3477B 166424 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2a03&subsys_022f1028\hkcmd.exe
2014-01-15 19:11:35 83A3890B00A43D7504C92AB474B82092 133656 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2a03&subsys_022f1028\igfxpers.exe
2014-01-15 19:11:35 4C04564C9E0E691FD1AB16AF03F245E5 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2a03&subsys_022f1028\igfxext.exe
2014-01-15 19:11:34 EAF517D1737BE33C7D0DDEF34B193DC2 530968 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2a03&subsys_022f1028\igfxcfg.exe
2014-01-15 19:11:34 91BE30E46577861156595BBCF34F5E71 256536 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2a03&subsys_022f1028\igfxsrvc.exe
2014-01-15 19:11:23 4C04564C9E0E691FD1AB16AF03F245E5 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2a02&subsys_022f1028\igfxext.exe
2014-01-15 19:11:22 83A3890B00A43D7504C92AB474B82092 133656 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2a02&subsys_022f1028\igfxpers.exe
2014-01-15 19:11:21 F70A63E713110C6668783DB2CAE94AE8 141848 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2a02&subsys_022f1028\igfxtray.exe
2014-01-15 19:11:21 EAF517D1737BE33C7D0DDEF34B193DC2 530968 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2a02&subsys_022f1028\igfxcfg.exe
2014-01-15 19:11:21 CF535780EC30A7B6D881F61467FA5D20 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2a02&subsys_022f1028\igfxzoom.exe
2014-01-15 19:11:21 99B4071862E7BEF7DD4896A3B6E3477B 166424 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2a02&subsys_022f1028\hkcmd.exe
2014-01-15 19:11:20 91BE30E46577861156595BBCF34F5E71 256536 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2a02&subsys_022f1028\igfxsrvc.exe
2014-01-15 19:10:30 8228057A968316186AA61D9D174FF247 1024000 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\UIU32m.exe
2014-01-15 19:10:29 CD5F291A1161F15896D1A4D63DAFF5DF 386560 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\XAudio.exe
2014-01-15 18:48:39 E7129D5601714BA8E6C9B6AD7B48A20C 11264 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\DIFxCmd.exe
2014-01-15 18:48:37 A02945A8D2D51BDDA51EEA6F9F69C1FA 10752 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\DIFxCmd.exe
2014-01-15 18:48:01 8A75586AFCE5FB18D00C147CF07CCD58 376496 ----a-w- C:\Program Files\InstallShield Installation Information\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\setup.exe
2014-01-15 18:44:47 DCE6E48C11639AA89B21083C2A2966F7 3401202 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Downloads\00DCE6E48C11639AA89B21083C2A2966F7000000000033E5F2.exe
2014-01-15 18:43:52 F70A63E713110C6668783DB2CAE94AE8 141848 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2a03&subsys_022f1028\igfxtray.exe
2014-01-15 18:43:52 EAF517D1737BE33C7D0DDEF34B193DC2 530968 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2a03&subsys_022f1028\igfxcfg.exe
2014-01-15 18:43:52 CF535780EC30A7B6D881F61467FA5D20 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2a03&subsys_022f1028\igfxzoom.exe
2014-01-15 18:43:52 99B4071862E7BEF7DD4896A3B6E3477B 166424 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2a03&subsys_022f1028\hkcmd.exe
2014-01-15 18:43:52 91BE30E46577861156595BBCF34F5E71 256536 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2a03&subsys_022f1028\igfxsrvc.exe
2014-01-15 18:43:52 83A3890B00A43D7504C92AB474B82092 133656 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2a03&subsys_022f1028\igfxpers.exe
2014-01-15 18:43:52 4C04564C9E0E691FD1AB16AF03F245E5 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2a03&subsys_022f1028\igfxext.exe
2014-01-15 18:43:46 F70A63E713110C6668783DB2CAE94AE8 141848 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2a02&subsys_022f1028\igfxtray.exe
2014-01-15 18:43:46 EAF517D1737BE33C7D0DDEF34B193DC2 530968 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2a02&subsys_022f1028\igfxcfg.exe
2014-01-15 18:43:46 CF535780EC30A7B6D881F61467FA5D20 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2a02&subsys_022f1028\igfxzoom.exe
2014-01-15 18:43:46 99B4071862E7BEF7DD4896A3B6E3477B 166424 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2a02&subsys_022f1028\hkcmd.exe
2014-01-15 18:43:46 91BE30E46577861156595BBCF34F5E71 256536 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2a02&subsys_022f1028\igfxsrvc.exe
2014-01-15 18:43:46 83A3890B00A43D7504C92AB474B82092 133656 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2a02&subsys_022f1028\igfxpers.exe
2014-01-15 18:43:46 4C04564C9E0E691FD1AB16AF03F245E5 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2a02&subsys_022f1028\igfxext.exe
2014-01-15 18:43:28 CD5F291A1161F15896D1A4D63DAFF5DF 386560 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\XAudio.exe
2014-01-15 18:43:28 8228057A968316186AA61D9D174FF247 1024000 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\UIU32m.exe
2014-01-15 18:30:14 4ED571A2D2B66EE594D4F175F083BBAB 1185789 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Downloads\004ED571A2D2B66EE594D4F175F083BBAB00000000001217FD.exe
2014-01-15 18:24:57 4C0C01E9F00F925A7A9EDB8146ECAC2B 34539150 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Downloads\004C0C01E9F00F925A7A9EDB8146ECAC2B00000000020F068E.exe
2014-01-15 18:24:43 F70A63E713110C6668783DB2CAE94AE8 141848 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2a03&subsys_022f1028\igfxtray.exe
2014-01-15 18:24:43 EAF517D1737BE33C7D0DDEF34B193DC2 530968 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2a03&subsys_022f1028\igfxcfg.exe
2014-01-15 18:24:43 CF535780EC30A7B6D881F61467FA5D20 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2a03&subsys_022f1028\igfxzoom.exe
2014-01-15 18:24:43 99B4071862E7BEF7DD4896A3B6E3477B 166424 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2a03&subsys_022f1028\hkcmd.exe
2014-01-15 18:24:43 91BE30E46577861156595BBCF34F5E71 256536 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2a03&subsys_022f1028\igfxsrvc.exe
2014-01-15 18:24:43 83A3890B00A43D7504C92AB474B82092 133656 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2a03&subsys_022f1028\igfxpers.exe
2014-01-15 18:24:43 4C04564C9E0E691FD1AB16AF03F245E5 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2a03&subsys_022f1028\igfxext.exe
2014-01-15 18:24:40 F70A63E713110C6668783DB2CAE94AE8 141848 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2a02&subsys_022f1028\igfxtray.exe
2014-01-15 18:24:40 EAF517D1737BE33C7D0DDEF34B193DC2 530968 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2a02&subsys_022f1028\igfxcfg.exe
2014-01-15 18:24:40 CF535780EC30A7B6D881F61467FA5D20 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2a02&subsys_022f1028\igfxzoom.exe
2014-01-15 18:24:40 99B4071862E7BEF7DD4896A3B6E3477B 166424 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2a02&subsys_022f1028\hkcmd.exe
2014-01-15 18:24:40 91BE30E46577861156595BBCF34F5E71 256536 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2a02&subsys_022f1028\igfxsrvc.exe
2014-01-15 18:24:40 83A3890B00A43D7504C92AB474B82092 133656 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2a02&subsys_022f1028\igfxpers.exe
2014-01-15 18:24:40 4C04564C9E0E691FD1AB16AF03F245E5 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2a02&subsys_022f1028\igfxext.exe
2014-01-15 18:24:31 CD5F291A1161F15896D1A4D63DAFF5DF 386560 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\XAudio.exe
2014-01-15 18:24:31 8228057A968316186AA61D9D174FF247 1024000 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\UIU32m.exe
2014-01-15 18:20:27 DF9CFB963E527AB4D354D970BB3B6809 4875800 ----a-w- C:\FRST\Quarantine\oi_{04F0FB5D-B3F7-4208-BF44-5D0FD26ABEC4}.exe
2014-01-15 17:36:28 6B98CF154E57943B6D8599EC846972F0 2063655 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Downloads\006B98CF154E57943B6D8599EC846972F000000000001F7D27.exe
2014-01-15 17:25:48 E63EF542DC3AFDCD2B8BFBE240A309AD 15195276 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Downloads\00E63EF542DC3AFDCD2B8BFBE240A309AD0000000000E7DC8C.exe
2014-01-15 17:25:15 CF535780EC30A7B6D881F61467FA5D20 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2a03&subsys_022f1028\igfxzoom.exe
2014-01-15 17:25:15 99B4071862E7BEF7DD4896A3B6E3477B 166424 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2a03&subsys_022f1028\hkcmd.exe
2014-01-15 17:25:15 83A3890B00A43D7504C92AB474B82092 133656 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2a03&subsys_022f1028\igfxpers.exe
2014-01-15 17:25:15 4C04564C9E0E691FD1AB16AF03F245E5 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2a03&subsys_022f1028\igfxext.exe
2014-01-15 17:25:14 F70A63E713110C6668783DB2CAE94AE8 141848 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2a03&subsys_022f1028\igfxtray.exe
2014-01-15 17:25:14 EAF517D1737BE33C7D0DDEF34B193DC2 530968 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2a03&subsys_022f1028\igfxcfg.exe
2014-01-15 17:25:14 91BE30E46577861156595BBCF34F5E71 256536 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2a03&subsys_022f1028\igfxsrvc.exe
2014-01-15 17:25:05 4C04564C9E0E691FD1AB16AF03F245E5 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2a02&subsys_022f1028\igfxext.exe
2014-01-15 17:25:04 F70A63E713110C6668783DB2CAE94AE8 141848 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2a02&subsys_022f1028\igfxtray.exe
2014-01-15 17:25:04 CF535780EC30A7B6D881F61467FA5D20 170520 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2a02&subsys_022f1028\igfxzoom.exe
2014-01-15 17:25:04 99B4071862E7BEF7DD4896A3B6E3477B 166424 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2a02&subsys_022f1028\hkcmd.exe
2014-01-15 17:25:04 83A3890B00A43D7504C92AB474B82092 133656 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2a02&subsys_022f1028\igfxpers.exe
2014-01-15 17:25:03 EAF517D1737BE33C7D0DDEF34B193DC2 530968 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2a02&subsys_022f1028\igfxcfg.exe
2014-01-15 17:25:03 91BE30E46577861156595BBCF34F5E71 256536 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2a02&subsys_022f1028\igfxsrvc.exe
2014-01-15 17:23:36 8228057A968316186AA61D9D174FF247 1024000 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\UIU32m.exe
2014-01-15 17:23:35 CD5F291A1161F15896D1A4D63DAFF5DF 386560 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\XAudio.exe
2014-01-15 17:16:02 DF9CFB963E527AB4D354D970BB3B6809 4875800 ----a-w- C:\FRST\Quarantine\oi_{39523B13-65DE-4F15-9A13-21249AD9C225}.exe
2014-01-15 17:13:03 49474D68A9AD5A80DF6263975B8FA574 4517400 ----a-w- C:\FRST\Quarantine\avgB6B4.tmp.exe
2014-01-15 17:09:43 13D6E0AEF0F093F30BAB17380C92177D 858432 ----a-w- C:\Users\sissymary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XB2AJEYX\slimdrivers-setup.exe
2014-01-15 16:22:29 31AB114A9B799D9B80ECD07E6FADAEC9 334144 ----a-w- C:\Program Files\DriverUpdate\tbmon.exe
2014-01-15 16:22:27 49474D68A9AD5A80DF6263975B8FA574 4517400 ----a-w- C:\Program Files\DriverUpdate\avgtoolbar.exe
2014-01-15 16:22:02 F172652BEF5BE0783B3902226D57C947 739648 ----a-w- C:\Users\sissymary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\39HZYZ3G\DriverUpdate-setup.exe
2014-01-15 02:38:07 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\sissymary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RAK2ZAHT\mbam-setup-1.75.0.1300.exe
2014-01-14 20:02:27 E168F9506BEA8AD06ADDA15C1AF9BEBD 1176424 ----a-w- C:\Users\sissymary\AppData\Local\Temp\McTemp\2793\Download_Files\OEMMAIN\mcinsspt.exe
2014-01-14 20:00:45 D5C1EEA7B0280EF343E74486D2D97B34 797104 ----a-w- C:\Users\sissymary\AppData\Local\Temp\McInstrumentationTemp\McItInfo.exe
2014-01-11 21:13:14 52FA726F8D37412122EC4EF1DF09D80F 692616 ----a-w- C:\Windows\System32\FlashPlayerApp.exe
=== C: other files ==

[bearboat]

part3

 

2014-01-17 19:50:33 A842B48277A2D8645A37B9F596838D2A 1230 ----a-w- C:\Users\sissymary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HIGM2EJ2\flXHR[1].vbs
2014-01-17 17:39:19 14EA85B4C79B655C229D3596342A833A 74456 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-01-17 14:38:47 A842B48277A2D8645A37B9F596838D2A 1230 ----a-w- C:\Users\sissymary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PS8K5FVL\flXHR[1].vbs
2014-01-16 21:53:12 98976DF708F3FF04F920E01F60A673BB 145009 ----a-w- C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01YEFDF3\mockingbird[1].zip
2014-01-16 20:17:02 7178963AEE641F3E47E1CE22416F8A3A 9295 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\runvalues.bat
2014-01-16 20:17:02 58605DA3492FB918D3D40B1FB88046AE 39471 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\prelim.bat
2014-01-16 20:17:02 372EA6F783198102CF5779072EE78C79 24751 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\searchlnk.bat
2014-01-16 20:17:02 1FBF882AA934A741530741FC134872A3 1243 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\TDL4.bat
2014-01-16 20:17:01 CC6C23C02BE66014AD87F2678BBB3A1D 8117 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\modules.bat
2014-01-16 20:17:01 C4A5476A9D54B400F1623A2EE7DDA5C5 13955 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\chrome.bat
2014-01-16 20:17:01 BAD6C67C870CC81C48DBA53089929884 153331 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\firefox.bat
2014-01-16 20:17:01 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\FWPolicy.bat
2014-01-16 20:17:01 B7D46D5BC21F69EFEEFFC15060E423AC 154167 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\misc.bat
2014-01-16 20:17:01 B45931E5313CB14CAA0F2BC3DA30E6FC 29648 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\ask.bat
2014-01-16 20:17:01 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\ev_clear.bat
2014-01-16 20:17:01 75C9C20DD9839BF287B43B0E179822DC 31414 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\iexplore.bat
2014-01-16 20:17:01 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\delorphans.bat
2014-01-16 20:17:01 5AE8F4442CA6D69FE9A6738E8DB411F2 10261 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\JRT.bat
2014-01-16 20:17:01 55D97CE5B1A61AD51F887E46550029F6 16063 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\get.bat
2014-01-16 20:17:01 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\medfos.bat
2014-01-16 20:17:01 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Users\sissymary\AppData\Local\Temp\jrt\delfolders.bat
2014-01-15 19:46:47 EEFBAA7957D6041C734E596D05C3804A 980992 ----a-w- C:\Windows\System32\DriverStore\FileRepository\del000fz.inf_cebd1d3c\HSX_DPV.sys
2014-01-15 19:46:47 EEFBAA7957D6041C734E596D05C3804A 980992 ----a-w- C:\Windows\System32\drivers\HSX_DPV.sys
2014-01-15 19:46:47 DAB33CFA9DD24251AAA389FF36B64D4B 8704 ----a-w- C:\Windows\System32\DriverStore\FileRepository\del000fz.inf_cebd1d3c\XAudio.sys
2014-01-15 19:46:47 C5020EFDF5CA428678159DFE97BEB13B 661504 ----a-w- C:\Windows\System32\DriverStore\FileRepository\del000fz.inf_cebd1d3c\HSX_CNXT.sys
2014-01-15 19:46:47 C5020EFDF5CA428678159DFE97BEB13B 661504 ----a-w- C:\Windows\System32\drivers\HSX_CNXT.sys
2014-01-15 19:46:47 BE2B2CF481CD61619C5EFD77B4CBC445 208384 ----a-w- C:\Windows\System32\DriverStore\FileRepository\del000fz.inf_cebd1d3c\HSXHWAZL.sys
2014-01-15 19:46:47 BE2B2CF481CD61619C5EFD77B4CBC445 208384 ----a-w- C:\Windows\System32\drivers\HSXHWAZL.sys
2014-01-15 19:46:47 0CEA2D0D3FA284B85ED5B68365114F76 12672 ----a-w- C:\Windows\System32\DriverStore\FileRepository\del000fz.inf_cebd1d3c\mdmxsdk.sys
2014-01-15 19:46:15 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\usb\root_hub20\usbd.sys
2014-01-15 19:46:15 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\usb\root_hub\usbd.sys
2014-01-15 19:46:15 32CFF9F809AE9AED85464492BF3E32D2 34816 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\umb\umbus\umbus.sys
2014-01-15 19:46:15 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\usb\root_hub20\usbhub.sys
2014-01-15 19:46:15 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\usb\root_hub\usbhub.sys
2014-01-15 19:46:14 E384487CB84BE41D09711C30CA79646C 31288 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\root\mssmbios\mssmbios.sys
2014-01-15 19:46:14 786DB5771F05EF300390399F626BF30A 224640 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\storage\volume\volsnap.sys
2014-01-15 19:46:14 69503668AC66C77C6CD7AF86FBDF8C43 52792 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\root\volmgr\volmgr.sys
2014-01-15 19:46:14 32CFF9F809AE9AED85464492BF3E32D2 34816 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\root\umbus\umbus.sys
2014-01-15 19:46:13 6AFEF0B60FA25DE07C0968983EE4F60A 20792 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\composite_battery\compbatt.sys
2014-01-15 19:46:13 3CAD38910468EAB9A6479E2F01DB43C7 53224 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\root\rdp_mou\termdd.sys
2014-01-15 19:46:13 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\composite_battery\battc.sys
2014-01-15 19:46:13 232FA340531D940AAC623B121A595034 180712 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\root\iscsiprt\msiscsi.sys
2014-01-15 19:46:12 64B0052340B8EC28FA8A56B708AE71CC 109032 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\internal_ide_channel\ataport.sys
2014-01-15 19:46:12 1F05B78AB91C9075565A9D8A4B880BC4 19944 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\internal_ide_channel\atapi.sys
2014-01-15 19:46:11 DD194A025D1C0472F45F57DE8D8388EB 2226688 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_4229&subsys_11208086\NETw4v32.sys
2014-01-15 19:46:10 C134E69CE901422D1F2D7EA8D69098FE 2016256 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2a03&subsys_022f1028\igdkmd32.sys
2014-01-15 19:46:03 C134E69CE901422D1F2D7EA8D69098FE 2016256 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2a02&subsys_022f1028\igdkmd32.sys
2014-01-15 19:46:02 062452B7FFD68C8C042A6261FE8DFF4A 561152 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\cc_0403\hdaudbus.sys
2014-01-15 19:46:01 997E8F5939F2D12CD9F2E6B395724C16 304920 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_8086&dev_2829&cc_0106\iaStor.sys
2014-01-15 19:46:00 E745B9D5FE1FDA8A50913FDCC8FF9FDC 313120 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_11ab&dev_4354&subsys_022f1028\yk60x86.sys
2014-01-15 19:46:00 DCB87DA83CC1010CBC9FC4DC9E395BBC 38400 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_1180&dev_0852\rixdptsk.sys
2014-01-15 19:45:59 DF672613FBBCD58C38BB0BC2694BCFB0 48128 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_1180&dev_0843\rimmptsk.sys
2014-01-15 19:45:59 8F36B54688C31EED4580129040C6A3D3 89088 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\cc_080501\sdbus.sys
2014-01-15 19:45:59 6F310E890D46E246E0E261A63D9B36B4 62208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_1180&cc_0c0010\ohci1394.sys
2014-01-15 19:45:59 0349BE02F329F4F48F1D48097FD65974 53376 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_1180&cc_0c0010\1394bus.sys
2014-01-15 19:45:58 9BFB54D3559F2FF7301271D29D383564 44544 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\pci\ven_1180&dev_0592\rimsptsk.sys
2014-01-15 19:45:58 5D4AEFC3386920236A548271F8F1AF6A 53736 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\gendisk\disk.sys
2014-01-15 19:45:57 DAB33CFA9DD24251AAA389FF36B64D4B 8704 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\XAudio.sys
2014-01-15 19:45:57 6B4BFFB9BECD728097024276430DB314 67072 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\gencdrom\cdrom.sys
2014-01-15 19:45:57 0CEA2D0D3FA284B85ED5B68365114F76 12672 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\mdmxsdk.sys
2014-01-15 19:45:56 CFBC2B81972E298F0E19EE68FA9E73DA 208384 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSXHWAZL.sys
2014-01-15 19:45:56 99F85640054BA65190B860D878A7C9AE 980992 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSX_DPV.sys
2014-01-15 19:45:56 72CC6A8CA7891031D6380DB5025C773C 661504 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSX_CNXT.sys
2014-01-15 19:45:52 CB39106E1E3364C80B6C6D7938CD7646 433152 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\hdaudio\func_01&ven_8384&dev_7616&subsys_1028022f\stwrt.sys
2014-01-15 19:45:52 98D303CCB3415E9202E82043B37D66DC 111616 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\hdaudio\func_01&ctlr_ven_8086&ven_1095&dev_1392\IntcHdmi.sys
2014-01-15 19:45:50 99AFC3795B58CC478FBBBCDC658FCB56 14208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\acpi\pnp0c0a\CmBatt.sys
2014-01-15 19:45:50 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\acpi\pnp0c0a\battc.sys
2014-01-15 19:45:48 99AFC3795B58CC478FBBBCDC658FCB56 14208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\acpi\acpi0003\CmBatt.sys
2014-01-15 19:45:48 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T194548577848\acpi\acpi0003\battc.sys
2014-01-15 19:36:45 CB39106E1E3364C80B6C6D7938CD7646 433152 ----a-w- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_84952e77\stwrt.sys
2014-01-15 19:36:45 CB39106E1E3364C80B6C6D7938CD7646 433152 ----a-w- C:\Windows\System32\drivers\stwrt.sys
2014-01-15 19:36:45 CB39106E1E3364C80B6C6D7938CD7646 433152 ----a-w- C:\Program Files\IDT\WDM\stwrt.sys
2014-01-15 19:31:29 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\usb\root_hub20\usbd.sys
2014-01-15 19:31:29 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\usb\root_hub20\usbhub.sys
2014-01-15 19:31:28 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\usb\root_hub\usbd.sys
2014-01-15 19:31:28 32CFF9F809AE9AED85464492BF3E32D2 34816 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\umb\umbus\umbus.sys
2014-01-15 19:31:28 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\usb\root_hub\usbhub.sys
2014-01-15 19:31:26 E384487CB84BE41D09711C30CA79646C 31288 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\root\mssmbios\mssmbios.sys
2014-01-15 19:31:26 786DB5771F05EF300390399F626BF30A 224640 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\storage\volume\volsnap.sys
2014-01-15 19:31:26 69503668AC66C77C6CD7AF86FBDF8C43 52792 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\root\volmgr\volmgr.sys
2014-01-15 19:31:26 32CFF9F809AE9AED85464492BF3E32D2 34816 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\root\umbus\umbus.sys
2014-01-15 19:31:25 3CAD38910468EAB9A6479E2F01DB43C7 53224 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\root\rdp_mou\termdd.sys
2014-01-15 19:31:24 6AFEF0B60FA25DE07C0968983EE4F60A 20792 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\composite_battery\compbatt.sys
2014-01-15 19:31:24 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\composite_battery\battc.sys
2014-01-15 19:31:24 232FA340531D940AAC623B121A595034 180712 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\root\iscsiprt\msiscsi.sys
2014-01-15 19:31:23 DD194A025D1C0472F45F57DE8D8388EB 2226688 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_4229&subsys_11208086\NETw4v32.sys
2014-01-15 19:31:23 64B0052340B8EC28FA8A56B708AE71CC 109032 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\internal_ide_channel\ataport.sys
2014-01-15 19:31:23 1F05B78AB91C9075565A9D8A4B880BC4 19944 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\internal_ide_channel\atapi.sys
2014-01-15 19:31:22 C134E69CE901422D1F2D7EA8D69098FE 2016256 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2a03&subsys_022f1028\igdkmd32.sys
2014-01-15 19:31:17 C134E69CE901422D1F2D7EA8D69098FE 2016256 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2a02&subsys_022f1028\igdkmd32.sys
2014-01-15 19:31:17 062452B7FFD68C8C042A6261FE8DFF4A 561152 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\cc_0403\hdaudbus.sys
2014-01-15 19:31:16 997E8F5939F2D12CD9F2E6B395724C16 304920 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_8086&dev_2829&cc_0106\iaStor.sys
2014-01-15 19:31:15 E745B9D5FE1FDA8A50913FDCC8FF9FDC 313120 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_11ab&dev_4354&subsys_022f1028\yk60x86.sys
2014-01-15 19:31:15 DF672613FBBCD58C38BB0BC2694BCFB0 48128 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_1180&dev_0843\rimmptsk.sys
2014-01-15 19:31:15 DCB87DA83CC1010CBC9FC4DC9E395BBC 38400 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_1180&dev_0852\rixdptsk.sys
2014-01-15 19:31:14 9BFB54D3559F2FF7301271D29D383564 44544 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_1180&dev_0592\rimsptsk.sys
2014-01-15 19:31:14 8F36B54688C31EED4580129040C6A3D3 89088 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\cc_080501\sdbus.sys
2014-01-15 19:31:14 6F310E890D46E246E0E261A63D9B36B4 62208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_1180&cc_0c0010\ohci1394.sys
2014-01-15 19:31:14 6B4BFFB9BECD728097024276430DB314 67072 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\gencdrom\cdrom.sys
2014-01-15 19:31:14 5D4AEFC3386920236A548271F8F1AF6A 53736 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\gendisk\disk.sys
2014-01-15 19:31:14 0349BE02F329F4F48F1D48097FD65974 53376 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\pci\ven_1180&cc_0c0010\1394bus.sys
2014-01-15 19:31:13 DAB33CFA9DD24251AAA389FF36B64D4B 8704 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\XAudio.sys
2014-01-15 19:31:13 CFBC2B81972E298F0E19EE68FA9E73DA 208384 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSXHWAZL.sys
2014-01-15 19:31:13 99F85640054BA65190B860D878A7C9AE 980992 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSX_DPV.sys
2014-01-15 19:31:13 72CC6A8CA7891031D6380DB5025C773C 661504 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSX_CNXT.sys
2014-01-15 19:31:13 0CEA2D0D3FA284B85ED5B68365114F76 12672 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\mdmxsdk.sys
2014-01-15 19:31:11 98D303CCB3415E9202E82043B37D66DC 111616 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\hdaudio\func_01&ctlr_ven_8086&ven_1095&dev_1392\IntcHdmi.sys
2014-01-15 19:31:11 6A2A5E809C2C0178326D92B19EE4AAD3 330240 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\hdaudio\func_01&ven_8384&dev_7616&subsys_1028022f\stwrt.sys
2014-01-15 19:31:10 99AFC3795B58CC478FBBBCDC658FCB56 14208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\acpi\pnp0c0a\CmBatt.sys
2014-01-15 19:31:10 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\acpi\pnp0c0a\battc.sys
2014-01-15 19:31:08 99AFC3795B58CC478FBBBCDC658FCB56 14208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\acpi\acpi0003\CmBatt.sys
2014-01-15 19:31:08 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T193107945857\acpi\acpi0003\battc.sys
2014-01-15 19:12:48 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\usb\root_hub20\usbd.sys
2014-01-15 19:12:48 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\usb\root_hub20\usbhub.sys
2014-01-15 19:12:40 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\usb\root_hub\usbd.sys
2014-01-15 19:12:40 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\usb\root_hub\usbhub.sys
2014-01-15 19:12:36 32CFF9F809AE9AED85464492BF3E32D2 34816 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\umb\umbus\umbus.sys
2014-01-15 19:12:10 786DB5771F05EF300390399F626BF30A 224640 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\storage\volume\volsnap.sys
2014-01-15 19:12:06 69503668AC66C77C6CD7AF86FBDF8C43 52792 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\root\volmgr\volmgr.sys
2014-01-15 19:12:02 32CFF9F809AE9AED85464492BF3E32D2 34816 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\root\umbus\umbus.sys
2014-01-15 19:11:57 E384487CB84BE41D09711C30CA79646C 31288 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\root\mssmbios\mssmbios.sys
2014-01-15 19:11:50 3CAD38910468EAB9A6479E2F01DB43C7 53224 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\root\rdp_mou\termdd.sys
2014-01-15 19:11:43 232FA340531D940AAC623B121A595034 180712 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\root\iscsiprt\msiscsi.sys
2014-01-15 19:11:41 6AFEF0B60FA25DE07C0968983EE4F60A 20792 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\composite_battery\compbatt.sys
2014-01-15 19:11:41 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\composite_battery\battc.sys
2014-01-15 19:11:37 64B0052340B8EC28FA8A56B708AE71CC 109032 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\internal_ide_channel\ataport.sys
2014-01-15 19:11:37 1F05B78AB91C9075565A9D8A4B880BC4 19944 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\internal_ide_channel\atapi.sys
2014-01-15 19:11:36 DD194A025D1C0472F45F57DE8D8388EB 2226688 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_4229&subsys_11208086\NETw4v32.sys
2014-01-15 19:11:34 C134E69CE901422D1F2D7EA8D69098FE 2016256 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2a03&subsys_022f1028\igdkmd32.sys
2014-01-15 19:11:19 C134E69CE901422D1F2D7EA8D69098FE 2016256 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2a02&subsys_022f1028\igdkmd32.sys
2014-01-15 19:11:11 062452B7FFD68C8C042A6261FE8DFF4A 561152 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\cc_0403\hdaudbus.sys
2014-01-15 19:10:55 997E8F5939F2D12CD9F2E6B395724C16 304920 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_8086&dev_2829&cc_0106\iaStor.sys
2014-01-15 19:10:52 E745B9D5FE1FDA8A50913FDCC8FF9FDC 313120 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_11ab&dev_4354&subsys_022f1028\yk60x86.sys
2014-01-15 19:10:50 DCB87DA83CC1010CBC9FC4DC9E395BBC 38400 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_1180&dev_0852\rixdptsk.sys
2014-01-15 19:10:47 DF672613FBBCD58C38BB0BC2694BCFB0 48128 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_1180&dev_0843\rimmptsk.sys
2014-01-15 19:10:42 6F310E890D46E246E0E261A63D9B36B4 62208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_1180&cc_0c0010\ohci1394.sys
2014-01-15 19:10:42 0349BE02F329F4F48F1D48097FD65974 53376 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_1180&cc_0c0010\1394bus.sys
2014-01-15 19:10:40 8F36B54688C31EED4580129040C6A3D3 89088 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\cc_080501\sdbus.sys
2014-01-15 19:10:35 9BFB54D3559F2FF7301271D29D383564 44544 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\pci\ven_1180&dev_0592\rimsptsk.sys
2014-01-15 19:10:34 5D4AEFC3386920236A548271F8F1AF6A 53736 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\gendisk\disk.sys
2014-01-15 19:10:32 6B4BFFB9BECD728097024276430DB314 67072 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\gencdrom\cdrom.sys
2014-01-15 19:10:29 DAB33CFA9DD24251AAA389FF36B64D4B 8704 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\XAudio.sys
2014-01-15 19:10:29 CFBC2B81972E298F0E19EE68FA9E73DA 208384 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSXHWAZL.sys
2014-01-15 19:10:29 99F85640054BA65190B860D878A7C9AE 980992 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSX_DPV.sys
2014-01-15 19:10:29 72CC6A8CA7891031D6380DB5025C773C 661504 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSX_CNXT.sys
2014-01-15 19:10:29 0CEA2D0D3FA284B85ED5B68365114F76 12672 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\mdmxsdk.sys
2014-01-15 19:10:22 6A2A5E809C2C0178326D92B19EE4AAD3 330240 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\hdaudio\func_01&ven_8384&dev_7616&subsys_1028022f\stwrt.sys
2014-01-15 19:10:18 98D303CCB3415E9202E82043B37D66DC 111616 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\hdaudio\func_01&ctlr_ven_8086&ven_1095&dev_1392\IntcHdmi.sys
2014-01-15 19:10:04 99AFC3795B58CC478FBBBCDC658FCB56 14208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\acpi\pnp0c0a\CmBatt.sys
2014-01-15 19:10:04 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\acpi\pnp0c0a\battc.sys
2014-01-15 19:09:42 99AFC3795B58CC478FBBBCDC658FCB56 14208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\acpi\acpi0003\CmBatt.sys
2014-01-15 19:09:42 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T190941709273\acpi\acpi0003\battc.sys
2014-01-15 18:48:34 6FAF5B04BEDC66D300D9D233B2D222F0 67584 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\rimmpx64.sys
2014-01-15 18:48:32 4D7EF3D46346EC4C58784DB964B365DE 57856 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\Rixdpx64.sys
2014-01-15 18:48:29 67F50C31713106FD1B0F286F86AA2B2E 55296 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\Rimspx64.sys
2014-01-15 18:48:26 DCB87DA83CC1010CBC9FC4DC9E395BBC 38400 ----a-w- C:\Windows\System32\DriverStore\FileRepository\rixdptsk.inf_9a4db14e\rixdptsk.sys
2014-01-15 18:48:26 DCB87DA83CC1010CBC9FC4DC9E395BBC 38400 ----a-w- C:\Windows\System32\drivers\rixdptsk.sys
2014-01-15 18:48:26 DCB87DA83CC1010CBC9FC4DC9E395BBC 38400 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\rixdptsk.sys
2014-01-15 18:48:25 9BFB54D3559F2FF7301271D29D383564 44544 ----a-w- C:\Windows\System32\DriverStore\FileRepository\rimsptsk.inf_393b7644\rimsptsk.sys
2014-01-15 18:48:25 9BFB54D3559F2FF7301271D29D383564 44544 ----a-w- C:\Windows\System32\drivers\rimsptsk.sys
2014-01-15 18:48:25 9BFB54D3559F2FF7301271D29D383564 44544 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\rimsptsk.sys
2014-01-15 18:48:22 DF672613FBBCD58C38BB0BC2694BCFB0 48128 ----a-w- C:\Windows\System32\DriverStore\FileRepository\rimmptsk.inf_ba544985\rimmptsk.sys
2014-01-15 18:48:22 DF672613FBBCD58C38BB0BC2694BCFB0 48128 ----a-w- C:\Windows\System32\drivers\rimmptsk.sys
2014-01-15 18:48:22 DF672613FBBCD58C38BB0BC2694BCFB0 48128 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\rimmptsk.sys
2014-01-15 18:48:19 6A1CD4674505E6791390A1AB71DA1FBE 55808 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\rixdpe64.sys
2014-01-15 18:48:17 A6DA2B0C8F5BB3F9F5423CFF8D6A02D9 80896 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\risdpe64.sys
2014-01-15 18:48:15 E20B1907FC72A3664ECE21E3C20FC63D 60416 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\x64\rimspe64.sys
2014-01-15 18:48:11 764C1F3453E779724BA647327DE7DDD4 38400 ----a-w- C:\Windows\System32\DriverStore\FileRepository\rixdpcie.inf_8ed67405\rixdpe86.sys
2014-01-15 18:48:11 764C1F3453E779724BA647327DE7DDD4 38400 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\rixdpe86.sys
2014-01-15 18:48:10 6978DECC2C38C5CE10A8B0F2B12F4451 49152 ----a-w- C:\Windows\System32\DriverStore\FileRepository\risdpcie.inf_7ab28f0f\risdpe86.sys
2014-01-15 18:48:10 6978DECC2C38C5CE10A8B0F2B12F4451 49152 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\risdpe86.sys
2014-01-15 18:48:08 AF213955C4D952C914620E8DB0CD0CF7 47104 ----a-w- C:\Windows\System32\DriverStore\FileRepository\rimspcie.inf_2ab9c3d0\rimspe86.sys
2014-01-15 18:48:08 AF213955C4D952C914620E8DB0CD0CF7 47104 ----a-w- C:\Users\sissymary\AppData\Local\Temp\{6202287F-7FFF-44D7-AC39-BC2002577B9F}\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}\rimspe86.sys
2014-01-15 18:44:42 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\usb\root_hub20\usbd.sys
2014-01-15 18:44:42 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\usb\root_hub20\usbhub.sys
2014-01-15 18:44:35 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\usb\root_hub\usbd.sys
2014-01-15 18:44:35 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\usb\root_hub\usbhub.sys
2014-01-15 18:44:34 32CFF9F809AE9AED85464492BF3E32D2 34816 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\umb\umbus\umbus.sys
2014-01-15 18:44:22 786DB5771F05EF300390399F626BF30A 224640 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\storage\volume\volsnap.sys
2014-01-15 18:44:21 69503668AC66C77C6CD7AF86FBDF8C43 52792 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\root\volmgr\volmgr.sys
2014-01-15 18:44:20 32CFF9F809AE9AED85464492BF3E32D2 34816 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\root\umbus\umbus.sys
2014-01-15 18:44:19 E384487CB84BE41D09711C30CA79646C 31288 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\root\mssmbios\mssmbios.sys
2014-01-15 18:44:15 3CAD38910468EAB9A6479E2F01DB43C7 53224 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\root\rdp_mou\termdd.sys
2014-01-15 18:44:04 232FA340531D940AAC623B121A595034 180712 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\root\iscsiprt\msiscsi.sys
2014-01-15 18:44:02 6AFEF0B60FA25DE07C0968983EE4F60A 20792 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\composite_battery\compbatt.sys
2014-01-15 18:44:02 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\composite_battery\battc.sys
2014-01-15 18:43:58 64B0052340B8EC28FA8A56B708AE71CC 109032 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\internal_ide_channel\ataport.sys
2014-01-15 18:43:58 1F05B78AB91C9075565A9D8A4B880BC4 19944 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\internal_ide_channel\atapi.sys
2014-01-15 18:43:55 DD194A025D1C0472F45F57DE8D8388EB 2226688 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_4229&subsys_11208086\NETw4v32.sys
2014-01-15 18:43:50 C134E69CE901422D1F2D7EA8D69098FE 2016256 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2a03&subsys_022f1028\igdkmd32.sys
2014-01-15 18:43:45 C134E69CE901422D1F2D7EA8D69098FE 2016256 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2a02&subsys_022f1028\igdkmd32.sys
2014-01-15 18:43:42 062452B7FFD68C8C042A6261FE8DFF4A 561152 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\cc_0403\hdaudbus.sys
2014-01-15 18:43:36 997E8F5939F2D12CD9F2E6B395724C16 304920 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_8086&dev_2829&cc_0106\iaStor.sys
2014-01-15 18:43:34 E745B9D5FE1FDA8A50913FDCC8FF9FDC 313120 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_11ab&dev_4354&subsys_022f1028\yk60x86.sys
2014-01-15 18:43:33 D231B577024AA324AF13A42F3A807D10 37376 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_1180&dev_0852\rixdptsk.sys
2014-01-15 18:43:33 355AAC141B214BEF1DBC1483AFD9BD50 39936 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_1180&dev_0843\rimmptsk.sys
2014-01-15 18:43:32 A4216C71DD4F60B26418CCFD99CD0815 42496 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_1180&dev_0592\rimsptsk.sys
2014-01-15 18:43:32 8F36B54688C31EED4580129040C6A3D3 89088 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\cc_080501\sdbus.sys
2014-01-15 18:43:32 6F310E890D46E246E0E261A63D9B36B4 62208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_1180&cc_0c0010\ohci1394.sys
2014-01-15 18:43:32 0349BE02F329F4F48F1D48097FD65974 53376 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\pci\ven_1180&cc_0c0010\1394bus.sys
2014-01-15 18:43:31 5D4AEFC3386920236A548271F8F1AF6A 53736 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\gendisk\disk.sys
2014-01-15 18:43:29 6B4BFFB9BECD728097024276430DB314 67072 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\gencdrom\cdrom.sys
2014-01-15 18:43:28 DAB33CFA9DD24251AAA389FF36B64D4B 8704 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\XAudio.sys
2014-01-15 18:43:28 99F85640054BA65190B860D878A7C9AE 980992 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSX_DPV.sys
2014-01-15 18:43:28 0CEA2D0D3FA284B85ED5B68365114F76 12672 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\mdmxsdk.sys
2014-01-15 18:43:27 CFBC2B81972E298F0E19EE68FA9E73DA 208384 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSXHWAZL.sys
2014-01-15 18:43:27 72CC6A8CA7891031D6380DB5025C773C 661504 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSX_CNXT.sys
2014-01-15 18:43:25 6A2A5E809C2C0178326D92B19EE4AAD3 330240 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\hdaudio\func_01&ven_8384&dev_7616&subsys_1028022f\stwrt.sys
2014-01-15 18:43:24 98D303CCB3415E9202E82043B37D66DC 111616 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\hdaudio\func_01&ctlr_ven_8086&ven_1095&dev_1392\IntcHdmi.sys
2014-01-15 18:43:19 99AFC3795B58CC478FBBBCDC658FCB56 14208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\acpi\pnp0c0a\CmBatt.sys
2014-01-15 18:43:19 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\acpi\pnp0c0a\battc.sys
2014-01-15 18:43:11 99AFC3795B58CC478FBBBCDC658FCB56 14208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\acpi\acpi0003\CmBatt.sys
2014-01-15 18:43:11 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T184310144528\acpi\acpi0003\battc.sys
2014-01-15 18:24:51 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\usb\root_hub20\usbd.sys
2014-01-15 18:24:51 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\usb\root_hub20\usbhub.sys
2014-01-15 18:24:50 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\usb\root_hub\usbd.sys
2014-01-15 18:24:50 32CFF9F809AE9AED85464492BF3E32D2 34816 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\umb\umbus\umbus.sys
2014-01-15 18:24:50 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\usb\root_hub\usbhub.sys
2014-01-15 18:24:49 786DB5771F05EF300390399F626BF30A 224640 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\storage\volume\volsnap.sys
2014-01-15 18:24:48 69503668AC66C77C6CD7AF86FBDF8C43 52792 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\root\volmgr\volmgr.sys
2014-01-15 18:24:48 32CFF9F809AE9AED85464492BF3E32D2 34816 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\root\umbus\umbus.sys
2014-01-15 18:24:47 E384487CB84BE41D09711C30CA79646C 31288 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\root\mssmbios\mssmbios.sys
2014-01-15 18:24:46 3CAD38910468EAB9A6479E2F01DB43C7 53224 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\root\rdp_mou\termdd.sys
2014-01-15 18:24:45 6AFEF0B60FA25DE07C0968983EE4F60A 20792 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\composite_battery\compbatt.sys
2014-01-15 18:24:45 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\composite_battery\battc.sys
2014-01-15 18:24:45 232FA340531D940AAC623B121A595034 180712 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\root\iscsiprt\msiscsi.sys
2014-01-15 18:24:44 64B0052340B8EC28FA8A56B708AE71CC 109032 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\internal_ide_channel\ataport.sys
2014-01-15 18:24:44 1F05B78AB91C9075565A9D8A4B880BC4 19944 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\internal_ide_channel\atapi.sys
2014-01-15 18:24:43 DD194A025D1C0472F45F57DE8D8388EB 2226688 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_4229&subsys_11208086\NETw4v32.sys
2014-01-15 18:24:42 C134E69CE901422D1F2D7EA8D69098FE 2016256 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2a03&subsys_022f1028\igdkmd32.sys
2014-01-15 18:24:40 C134E69CE901422D1F2D7EA8D69098FE 2016256 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2a02&subsys_022f1028\igdkmd32.sys
2014-01-15 18:24:39 E745B9D5FE1FDA8A50913FDCC8FF9FDC 313120 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_11ab&dev_4354&subsys_022f1028\yk60x86.sys
2014-01-15 18:24:39 997E8F5939F2D12CD9F2E6B395724C16 304920 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_8086&dev_2829&cc_0106\iaStor.sys
2014-01-15 18:24:39 062452B7FFD68C8C042A6261FE8DFF4A 561152 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\cc_0403\hdaudbus.sys
2014-01-15 18:24:38 D231B577024AA324AF13A42F3A807D10 37376 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_1180&dev_0852\rixdptsk.sys
2014-01-15 18:24:38 8F36B54688C31EED4580129040C6A3D3 89088 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\cc_080501\sdbus.sys
2014-01-15 18:24:38 6F310E890D46E246E0E261A63D9B36B4 62208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_1180&cc_0c0010\ohci1394.sys
2014-01-15 18:24:38 355AAC141B214BEF1DBC1483AFD9BD50 39936 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_1180&dev_0843\rimmptsk.sys
2014-01-15 18:24:38 0349BE02F329F4F48F1D48097FD65974 53376 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_1180&cc_0c0010\1394bus.sys
2014-01-15 18:24:37 A4216C71DD4F60B26418CCFD99CD0815 42496 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\pci\ven_1180&dev_0592\rimsptsk.sys
2014-01-15 18:24:36 5D4AEFC3386920236A548271F8F1AF6A 53736 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\gendisk\disk.sys
2014-01-15 18:24:34 6B4BFFB9BECD728097024276430DB314 67072 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\gencdrom\cdrom.sys
2014-01-15 18:24:31 DAB33CFA9DD24251AAA389FF36B64D4B 8704 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\XAudio.sys
2014-01-15 18:24:31 CFBC2B81972E298F0E19EE68FA9E73DA 208384 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSXHWAZL.sys
2014-01-15 18:24:31 99F85640054BA65190B860D878A7C9AE 980992 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSX_DPV.sys
2014-01-15 18:24:31 72CC6A8CA7891031D6380DB5025C773C 661504 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSX_CNXT.sys
2014-01-15 18:24:31 0CEA2D0D3FA284B85ED5B68365114F76 12672 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\mdmxsdk.sys
2014-01-15 18:24:29 6A2A5E809C2C0178326D92B19EE4AAD3 330240 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\hdaudio\func_01&ven_8384&dev_7616&subsys_1028022f\stwrt.sys
2014-01-15 18:24:28 98D303CCB3415E9202E82043B37D66DC 111616 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\hdaudio\func_01&ctlr_ven_8086&ven_1095&dev_1392\IntcHdmi.sys
2014-01-15 18:24:23 99AFC3795B58CC478FBBBCDC658FCB56 14208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\acpi\pnp0c0a\CmBatt.sys
2014-01-15 18:24:23 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\acpi\pnp0c0a\battc.sys
2014-01-15 18:24:09 99AFC3795B58CC478FBBBCDC658FCB56 14208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\acpi\acpi0003\CmBatt.sys
2014-01-15 18:24:09 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T182402470628\acpi\acpi0003\battc.sys
2014-01-15 17:25:47 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\usb\root_hub20\usbd.sys
2014-01-15 17:25:47 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\usb\root_hub20\usbhub.sys
2014-01-15 17:25:46 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\usb\root_hub\usbd.sys
2014-01-15 17:25:46 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\usb\root_hub\usbhub.sys
2014-01-15 17:25:45 32CFF9F809AE9AED85464492BF3E32D2 34816 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\umb\umbus\umbus.sys
2014-01-15 17:25:37 786DB5771F05EF300390399F626BF30A 224640 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\storage\volume\volsnap.sys
2014-01-15 17:25:37 69503668AC66C77C6CD7AF86FBDF8C43 52792 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\root\volmgr\volmgr.sys
2014-01-15 17:25:36 E384487CB84BE41D09711C30CA79646C 31288 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\root\mssmbios\mssmbios.sys
2014-01-15 17:25:36 32CFF9F809AE9AED85464492BF3E32D2 34816 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\root\umbus\umbus.sys
2014-01-15 17:25:34 3CAD38910468EAB9A6479E2F01DB43C7 53224 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\root\rdp_mou\termdd.sys
2014-01-15 17:25:33 232FA340531D940AAC623B121A595034 180712 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\root\iscsiprt\msiscsi.sys
2014-01-15 17:25:32 6AFEF0B60FA25DE07C0968983EE4F60A 20792 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\composite_battery\compbatt.sys
2014-01-15 17:25:32 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\composite_battery\battc.sys
2014-01-15 17:25:30 64B0052340B8EC28FA8A56B708AE71CC 109032 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\internal_ide_channel\ataport.sys
2014-01-15 17:25:30 1F05B78AB91C9075565A9D8A4B880BC4 19944 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\internal_ide_channel\atapi.sys
2014-01-15 17:25:27 DD194A025D1C0472F45F57DE8D8388EB 2226688 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_4229&subsys_11208086\NETw4v32.sys
2014-01-15 17:25:12 C134E69CE901422D1F2D7EA8D69098FE 2016256 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2a03&subsys_022f1028\igdkmd32.sys
2014-01-15 17:25:01 C134E69CE901422D1F2D7EA8D69098FE 2016256 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2a02&subsys_022f1028\igdkmd32.sys
2014-01-15 17:25:00 062452B7FFD68C8C042A6261FE8DFF4A 561152 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\cc_0403\hdaudbus.sys
2014-01-15 17:24:50 997E8F5939F2D12CD9F2E6B395724C16 304920 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_8086&dev_2829&cc_0106\iaStor.sys
2014-01-15 17:24:44 A4822191C7CEA271903C2A4FB6D9809D 278528 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_11ab&dev_4354&subsys_022f1028\yk60x86.sys
2014-01-15 17:24:34 D231B577024AA324AF13A42F3A807D10 37376 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_1180&dev_0852\rixdptsk.sys
2014-01-15 17:24:28 355AAC141B214BEF1DBC1483AFD9BD50 39936 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_1180&dev_0843\rimmptsk.sys
2014-01-15 17:24:19 0349BE02F329F4F48F1D48097FD65974 53376 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_1180&cc_0c0010\1394bus.sys
2014-01-15 17:24:17 6F310E890D46E246E0E261A63D9B36B4 62208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_1180&cc_0c0010\ohci1394.sys
2014-01-15 17:24:11 8F36B54688C31EED4580129040C6A3D3 89088 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\cc_080501\sdbus.sys
2014-01-15 17:24:02 A4216C71DD4F60B26418CCFD99CD0815 42496 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\pci\ven_1180&dev_0592\rimsptsk.sys
2014-01-15 17:23:51 5D4AEFC3386920236A548271F8F1AF6A 53736 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\gendisk\disk.sys
2014-01-15 17:23:47 6B4BFFB9BECD728097024276430DB314 67072 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\gencdrom\cdrom.sys
2014-01-15 17:23:34 DAB33CFA9DD24251AAA389FF36B64D4B 8704 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\XAudio.sys
2014-01-15 17:23:33 0CEA2D0D3FA284B85ED5B68365114F76 12672 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\mdmxsdk.sys
2014-01-15 17:23:32 99F85640054BA65190B860D878A7C9AE 980992 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSX_DPV.sys
2014-01-15 17:23:31 CFBC2B81972E298F0E19EE68FA9E73DA 208384 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSXHWAZL.sys
2014-01-15 17:23:30 72CC6A8CA7891031D6380DB5025C773C 661504 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\hdaudio\func_02&ven_14f1&dev_2c06&subsys_14f1000f\HSX_CNXT.sys
2014-01-15 17:23:23 6A2A5E809C2C0178326D92B19EE4AAD3 330240 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\hdaudio\func_01&ven_8384&dev_7616&subsys_1028022f\stwrt.sys
2014-01-15 17:23:17 98D303CCB3415E9202E82043B37D66DC 111616 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\hdaudio\func_01&ctlr_ven_8086&ven_1095&dev_1392\IntcHdmi.sys
2014-01-15 17:23:07 99AFC3795B58CC478FBBBCDC658FCB56 14208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\acpi\pnp0c0a\CmBatt.sys
2014-01-15 17:23:07 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\acpi\pnp0c0a\battc.sys
2014-01-15 17:22:32 2B8A5A8879238C3BA9A89A8E3AC4E45D 28216 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\acpi\acpi0003\battc.sys
2014-01-15 17:22:31 99AFC3795B58CC478FBBBCDC658FCB56 14208 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20140115T172229260105\acpi\acpi0003\CmBatt.sys
2014-01-15 17:15:51 75A8EE6F0917AD9355367DBF25DB8415 13464 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys
2014-01-15 17:15:51 75A8EE6F0917AD9355367DBF25DB8415 13464 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\SlimDrivers\SWDUMon.sys
2014-01-15 16:22:53 965F4DD2870F83642BC9CC7B4F1A1C7B 13464 ----a-w- C:\Users\sissymary\AppData\Local\SlimWare Utilities Inc\DriverUpdate\SWDUMon.sys
2014-01-15 02:40:21 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-01-14 20:26:07 156765F692192EA9039A6C4A809312FD 147912 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
2014-01-14 20:09:21 263418671C2F112C72524B6B236E7518 66296 ----a-w- C:\Windows\System32\drivers\McPvDrv.sys
2014-01-14 20:08:16 FC28E41FE9D4F3283FB41717C0BF0109 65928 ----a-w- C:\Windows\System32\drivers\mfebopk.sys
2014-01-14 20:08:16 D787C026F15BD8F762AB5829428FAA9C 60920 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2014-01-14 20:08:16 768AA2C44C589EA27E80E4EC05BD5F76 365416 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2014-01-14 20:08:16 75A2B9F70B77AA3DB15E96BDAAE484A2 133992 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2014-01-14 20:08:16 754FD1BD18DE5CCC4E61F500DC1F214F 213392 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2014-01-14 20:08:16 24E6ABD47FD50FC187FFC3583A14F339 572528 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2014-01-14 20:08:16 070850EFFC731B4A22FB7DDEAD41B943 236000 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
 

[bearboat]

part 4

 

=== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-3053283735-1548967531-3860599787-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe /P DellSupportCenter"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\DellTPad\Apoint.exe"
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe"
"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"
"mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe /P DellSupportCenter"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]

==== Startup Folders ======================

2008-11-07 10:16:00 1835 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
2008-11-07 10:16:00 1835 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
2013-11-06 21:33:15 1815 ----a-w- C:\Users\sissymary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
2008-11-07 09:58:38 1748 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [01/11/2014 04:13 PM]
C:\Windows\tasks\SlimDrivers Startup.job --a------ C:\Program Files\SlimDrivers\SlimDrivers.exe [09/24/2013 12:49 PM]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\Norton WSC Integration" ["C:\Program Files\Norton 360\Engine\21.1.0.18\WSCStub.exe"]
"C:\Windows\system32\tasks\SlimCleaner Run" ["C:\Program Files\SlimCleaner\SlimCleaner.exe"]
"C:\Windows\system32\tasks\SlimDrivers Startup" [C:\Program Files\SlimDrivers\SlimDrivers.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{D7B94047-D82E-4485-9D47-E790D0093E5E}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\Norton 360\Norton Error Analyzer" [C:\Program Files\Norton 360\Engine\21.1.0.18\SymErr.exe]
"C:\Windows\system32\tasks\Norton 360\Norton Error Processor" [C:\Program Files\Norton 360\Engine\21.1.0.18\SymErr.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files\McAfee\SiteAdvisor" [01/14/2014 03:12 PM]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx[02/18/2012 07:51 AM]

Google Docs - sissymary\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - sissymary\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - sissymary\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - sissymary\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
SiteAdvisor - sissymary\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
Google Wallet - sissymary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - sissymary\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
"Default_Page_URL"="http://www.dell.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{A1F847BF-2AF7-4C29-B0E1-AE1FBC841FF9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A1F847BF-2AF7-4C29-B0E1-AE1FBC841FF9}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully

==== HijackThis Entries ======================

O1 - Hosts: ::1 localhost
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\mcsniepl.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe
O23 - Service: MOBCleanup - Unknown owner - C:\Users\sissymary\AppData\Local\Temp\MOBCleanup.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: @%SystemRoot%\system32\stlang.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

==== Sysinternals Autoruns Log ======================

HKLM\System\CurrentControlSet\Services
   AdobeFlashPlayerUpdateSvc
     C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
     This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes.
     Adobe Systems Incorporated
     11.9.900.170
     c:\windows\system32\macromed\flash\flashplayerupdateservice.exe
     12/1/2013 1:09 PM
   AESTFilters
     C:\Program Files\IDT\WDM\aestsrv.exe
     Andrea filters APO access service (32-bit)
     Andrea Electronics Corporation
     1.0.32.7
     c:\program files\idt\wdm\aestsrv.exe
     3/2/2009 2:43 PM
   DockLoginService
     C:\Program Files\Dell\DellDock\DockLogin.exe
     Dock Login Service
     Stardock Corporation
     6.1.0.0
     c:\program files\dell\delldock\docklogin.exe
     4/28/2008 11:13 AM
   EvtEng
     C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
     Manages the event trace messages for all the components of Intel® PROSet/Wireless software.
     Intel Corporation
     11.1.1.1
     c:\program files\intel\wireless\bin\evteng.exe
     7/25/2007 6:41 PM
   GoToAssist
     "C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe" Start=service
     Citrix GoToAssist provides remote help to this PC.
     Citrix Online, a division of Citrix Systems, Inc.
     8.0.0.514
     c:\program files\citrix\gotoassist\514\g2aservice.exe
     2/21/2008 3:46 PM
   HomeNetSvc
     "C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
     Allows McAfee applications to communicate securely on the local network.
     McAfee, Inc.
     3.8.703.0
     c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe
     7/30/2013 10:39 AM
   IAANTMON
     C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
     RAID Monitor
     Intel Corporation
     7.5.0.1017
     c:\program files\intel\intel matrix storage manager\iaantmon.exe
     3/21/2007 2:54 PM
   MBAMScheduler
     "C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe"
     Malwarebytes Anti-Malware scheduler
     Malwarebytes Corporation
     1.70.0.0
     c:\program files\malwarebytes' anti-malware\mbamscheduler.exe
     2/28/2013 3:38 PM
   MBAMService
     "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe"
     Malwarebytes Anti-Malware service
     Malwarebytes Corporation
     1.70.0.0
     c:\program files\malwarebytes' anti-malware\mbamservice.exe
     2/28/2013 3:38 PM
   McAfee SiteAdvisor Service
     "C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
     McAfee SiteAdvisor Service
     McAfee, Inc.
     3.8.703.0
     c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe
     7/30/2013 10:39 AM
   McAPExe
     "C:\Program Files\McAfee\MSC\McAPExe.exe"
     McAfee AP Service
     McAfee, Inc.
     12.8.903.0
     c:\program files\mcafee\msc\mcapexe.exe
     11/28/2013 11:41 AM
   McAWFwk
     c:\PROGRA~1\mcafee\msc\mcawfwk.exe
     McAfee Activation Service
     McAfee, Inc.
     2.0.150.0
     c:\program files\mcafee\msc\mcawfwk.exe
     1/28/2011 12:20 PM
   McMPFSvc
     "C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
     Helps protect your computer from intrusion and let's you manage your computer's trusted programs.
     McAfee, Inc.
     3.8.703.0
     c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe
     7/30/2013 10:39 AM
   McNaiAnn
     "C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
     McAfee VirusScan Announcer
     McAfee, Inc.
     3.8.703.0
     c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe
     7/30/2013 10:39 AM
   McODS
     "C:\Program Files\McAfee\VirusScan\mcods.exe"
     McAfee Scanner
     McAfee, Inc.
     16.8.708.2
     c:\program files\mcafee\virusscan\mcods.exe
     8/2/2013 4:17 PM
   McOobeSv
     "C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc
     McAfee OOBE Service
     McAfee, Inc.
     2.6.259.0
     c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe
     8/31/2012 12:18 PM
   mcpltsvc
     "C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
     McAfee Platform Services
     McAfee, Inc.
     3.8.703.0
     c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe
     7/30/2013 10:39 AM
   McProxy
     "C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
     McAfee Proxy Service
     McAfee, Inc.
     3.8.703.0
     c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe
     7/30/2013 10:39 AM
   mfecore
     "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
     McAfee OnAccess Scanner
     McAfee, Inc.
     1.1.3.119
     c:\program files\common files\mcafee\amcore\mcshield.exe
     11/8/2013 12:48 PM
   mfefire
     "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
     Provides firewall services to McAfee products
     McAfee, Inc.
     15.1.0.649
     c:\program files\common files\mcafee\systemcore\mfefire.exe
     10/30/2013 3:19 PM
   mfevtp
     "C:\Windows\system32\mfevtps.exe"
     Provides validation trust protection services
     McAfee, Inc.
     15.1.0.649
     c:\windows\system32\mfevtps.exe
     10/30/2013 3:14 PM
   MOBCleanup
     "C:\Users\sissymary\AppData\Local\Temp\MOBCleanup.exe"
     File not found: C:\Users\sissymary\AppData\Local\Temp\MOBCleanup.exe
    
   MSK80Service
     "C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
     This service filters e-mail messages on your computer
     McAfee, Inc.
     3.8.703.0
     c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe
     7/30/2013 10:39 AM
   RegSrvc
     C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
     Intel® PROSet/Wireless Registry Service
     Intel Corporation
     11.1.1.0
     c:\program files\intel\wireless\bin\regsrvc.exe
     7/25/2007 6:22 PM
   sprtsvc_dellsupportcenter
     C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter
     SupportSoft Sprocket Service
     SupportSoft, Inc.
     7.0.585.0
     c:\program files\dell support center\bin\sprtsvc.exe
     10/1/2007 4:02 AM
   STacSV
     C:\Program Files\IDT\WDM\STacSV.exe
     Manages audio jack configurations.
     IDT, Inc.
     1.0.6304.0
     c:\program files\idt\wdm\stacsv.exe
     10/14/2010 7:03 AM
   stllssvr
     "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe"
     SureThing Labelflash Disc Printer Service Module
     MicroVision Development, Inc.
     1.2.595.0
     c:\program files\common files\surething shared\stllssvr.exe
     3/12/2008 5:21 PM
   XAudioService
     %SystemRoot%\system32\DRIVERS\xaudio.exe
     User-mode gate for Modem Speakerphone
     Conexant Systems, Inc.
     1.0.15.0
     c:\windows\system32\drivers\xaudio.exe
     10/18/2007 5:37 PM

[bearboat]

part 5

 

HKLM\System\CurrentControlSet\Services
   ApfiltrService
     system32\DRIVERS\Apfiltr.sys
     Alps Touch Pad Driver
     Alps Electric Co., Ltd.
     5.7.0.93
     c:\windows\system32\drivers\apfiltr.sys
     12/26/2007 6:02 AM
   BrFiltLo
     \SystemRoot\system32\drivers\brfiltlo.sys
     Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver
     Brother Industries, Ltd.
     1.10.0.2
     c:\windows\system32\drivers\brfiltlo.sys
     8/6/2006 4:33 PM
   BrFiltUp
     \SystemRoot\system32\drivers\brfiltup.sys
     Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver
     Brother Industries, Ltd.
     1.4.0.1
     c:\windows\system32\drivers\brfiltup.sys
     8/6/2006 4:33 PM
   BrUsbSer
     \SystemRoot\system32\drivers\brusbser.sys
     Brother USB Serial Driver
     Brother Industries Ltd.
     1.0.1.3
     c:\windows\system32\drivers\brusbser.sys
     8/9/2006 7:02 AM
   cfwids
     system32\drivers\cfwids.sys
     McAfee Personal Firewall IDS Plugin
     McAfee, Inc.
     15.1.0.649
     c:\windows\system32\drivers\cfwids.sys
     10/30/2013 3:19 PM
   e1express
     system32\DRIVERS\e1e6032.sys
     Intel® PRO/1000 Adapter NDIS 6 deserialized driver
     Intel Corporation
     9.11.5.7
     c:\windows\system32\drivers\e1e6032.sys
     10/29/2007 4:43 PM
   E1G60
     system32\DRIVERS\E1G60I32.sys
     Intel® PRO/1000 Adapter NDIS 6 deserialized driver
     Intel Corporation
     8.3.2.8
     c:\windows\system32\drivers\e1g60i32.sys
     8/7/2007 11:14 AM
   HipShieldK
     system32\drivers\HipShieldK.sys
     McAfee HIP IPS Driver
     McAfee, Inc.
     8.0.0.2823
     c:\windows\system32\drivers\hipshieldk.sys
     9/23/2013 3:10 PM
   HSF_DPV
     system32\DRIVERS\HSX_DPV.sys
     HSF_DP driver
     Conexant Systems, Inc.
     7.75.0.0
     c:\windows\system32\drivers\hsx_dpv.sys
     6/25/2008 1:25 PM
   HSXHWAZL
     system32\DRIVERS\HSXHWAZL.sys
     HSF_HWAZL WDM driver
     Conexant Systems, Inc.
     7.75.0.0
     c:\windows\system32\drivers\hsxhwazl.sys
     6/25/2008 1:23 PM
   iaStor
     system32\drivers\iastor.sys
     Intel Matrix Storage Manager driver - ia32
     Intel Corporation
     7.5.0.1017
     c:\windows\system32\drivers\iastor.sys
     3/21/2007 2:23 PM
   igfx
     system32\DRIVERS\igdkmd32.sys
     Intel Graphics Kernel Mode Driver
     Intel Corporation
     7.14.10.1409
     c:\windows\system32\drivers\igdkmd32.sys
     1/2/2008 11:48 AM
   IntcHdmiAddService
     system32\drivers\IntcHdmi.sys
     Intel® High Definition Audio HDMI
     Intel® Corporation
     6.10.1.2035
     c:\windows\system32\drivers\intchdmi.sys
     6/6/2007 6:21 PM
   MBAMProtector
     \??\C:\Windows\system32\drivers\mbam.sys
     Malwarebytes Anti-Malware
     Malwarebytes Corporation
     1.60.2.0
     c:\windows\system32\drivers\mbam.sys
     2/28/2013 3:33 PM
   McPvDrv
     system32\drivers\McPvDrv.sys
     McAfee File Lock Driver
     McAfee, Inc.
     3.1.111.0
     c:\windows\system32\drivers\mcpvdrv.sys
     9/18/2012 9:37 AM
   mdmxsdk
     system32\DRIVERS\mdmxsdk.sys
     Diagnostic Interface x86 Driver
     Conexant
     1.0.2.12
     c:\windows\system32\drivers\mdmxsdk.sys
     6/19/2006 4:26 PM
   mfeapfk
     system32\drivers\mfeapfk.sys
     Access Protection Filter Driver
     McAfee, Inc.
     15.1.0.649
     c:\windows\system32\drivers\mfeapfk.sys
     10/30/2013 3:16 PM
   mfeavfk
     system32\drivers\mfeavfk.sys
     Anti-Virus File System Filter Driver
     McAfee, Inc.
     15.1.0.649
     c:\windows\system32\drivers\mfeavfk.sys
     10/30/2013 3:16 PM
   mfebopk
     system32\drivers\mfebopk.sys
     Buffer Overflow Protection Driver
     McAfee, Inc.
     15.1.0.649
     c:\windows\system32\drivers\mfebopk.sys
     10/30/2013 3:17 PM
   mfefirek
     system32\drivers\mfefirek.sys
     McAfee Core Firewall Engine Driver
     McAfee, Inc.
     15.1.0.649
     c:\windows\system32\drivers\mfefirek.sys
     10/30/2013 3:18 PM
   mfehidk
     system32\drivers\mfehidk.sys
     McAfee Link Driver
     McAfee, Inc.
     15.1.0.649
     c:\windows\system32\drivers\mfehidk.sys
     10/30/2013 3:15 PM
   mfencbdc
     system32\DRIVERS\mfencbdc.sys
     McAfee Content driver Copyright © 2013 McAfee, Inc. All Rights Reserved.
     McAfee, Inc.
     1.1.3.154
     c:\windows\system32\drivers\mfencbdc.sys
     11/27/2013 1:03 AM
   mfencrk
     system32\DRIVERS\mfencrk.sys
     McAfee Content driver Copyright © 2013 McAfee, Inc. All Rights Reserved.
     McAfee, Inc.
     1.1.3.154
     c:\windows\system32\drivers\mfencrk.sys
     11/27/2013 1:04 AM
   mfewfpk
     system32\drivers\mfewfpk.sys
     Anti-Virus Mini-Firewall Driver
     McAfee, Inc.
     15.1.0.649
     c:\windows\system32\drivers\mfewfpk.sys
     10/30/2013 3:16 PM
   NETw4v32
     system32\DRIVERS\NETw4v32.sys
     Intelr Wireless WiFi Link Driver
     Intel Corporation
     11.5.0.32
     c:\windows\system32\drivers\netw4v32.sys
     9/26/2007 8:12 AM
   PxHelp20
     System32\Drivers\PxHelp20.sys
     Px Engine Device Driver for Windows 2000/XP
     Sonic Solutions
     3.0.70.2
     c:\windows\system32\drivers\pxhelp20.sys
     10/17/2007 1:24 PM
   R300
     system32\DRIVERS\atikmdag.sys
     ATI Radeon Kernel Mode Driver
     ATI Technologies Inc.
     7.1.1.523
     c:\windows\system32\drivers\atikmdag.sys
     10/12/2006 4:06 PM
   rimmptsk
     system32\DRIVERS\rimmptsk.sys
     RICOH SD/MMC Driver
     REDC
     6.10.1.3
     c:\windows\system32\drivers\rimmptsk.sys
     6/25/2009 2:58 AM
   rimsptsk
     system32\DRIVERS\rimsptsk.sys
     RICOH MS Driver
     REDC
     6.10.1.3
     c:\windows\system32\drivers\rimsptsk.sys
     6/25/2009 2:10 AM
   rismxdp
     system32\DRIVERS\rixdptsk.sys
     RICOH XD SM Driver
     REDC
     6.10.1.4
     c:\windows\system32\drivers\rixdptsk.sys
     6/25/2009 2:25 AM
   secdrv
     secdrv
     Macrovision SECURITY Driver
     Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
     4.3.86.0
     c:\windows\system32\drivers\secdrv.sys
     9/13/2006 8:18 AM
   STHDA
     system32\drivers\stwrt.sys
     IDT PC Audio
     IDT, Inc.
     6.10.6304.0
     c:\windows\system32\drivers\stwrt.sys
     10/14/2010 6:51 AM
   SWDUMon
     system32\DRIVERS\SWDUMon.sys
     Driver Update Installer Monitor
     c:\windows\system32\drivers\swdumon.sys
     9/17/2013 2:26 PM
   winachsf
     system32\DRIVERS\HSX_CNXT.sys
     HSF_CNXT driver
     Conexant Systems, Inc.
     7.75.0.0
     c:\windows\system32\drivers\hsx_cnxt.sys
     6/25/2008 1:22 PM
   XAudio
     system32\DRIVERS\xaudio.sys
     Modem Audio Device Driver
     Conexant Systems, Inc.
     1.0.15.0
     c:\windows\system32\drivers\xaudio.sys
     10/18/2007 5:36 PM
   yukonwlh
     system32\DRIVERS\yk60x86.sys
     NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller
     Marvell
     11.45.1.3
     c:\windows\system32\drivers\yk60x86.sys
     9/8/2011 3:02 AM

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
   GoToAssist
     C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
     Citrix Online GoToAssist
     Citrix Online, a division of Citrix Systems, Inc.
     8.0.0.514
     c:\program files\citrix\gotoassist\514\g2awinlogon.dll
     2/21/2008 3:45 PM
   igfxcui
     igfxdev.dll
     igfxdev Module
     Intel Corporation
     7.14.10.1409
     c:\windows\system32\igfxdev.dll
     1/2/2008 11:33 AM

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
   BJ Language Monitor3_2
     CNBLM3_2.DLL
     Canon Inkjet Printer Driver
     CANON INC.
     0.3.1536.0
     c:\windows\system32\cnblm3_2.dll
     10/13/2006 8:08 PM

HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
   rdpclip
     rdpclip
     File not found: rdpclip
    

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   Apoint
     C:\Program Files\DellTPad\Apoint.exe
     Alps Pointing-device Driver
     Alps Electric Co., Ltd.
     7.0.101.207
     c:\program files\delltpad\apoint.exe
     10/24/2007 11:31 PM
   IAAnotif
     "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
     Event Monitor User Notification Tool
     Intel Corporation
     7.5.0.1017
     c:\program files\intel\intel matrix storage manager\iaanotif.exe
     3/21/2007 2:54 PM
   dscactivate
     "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
     
     
     1.0.2767.18581
     c:\program files\dell support center\gs_agent\custom\dsca.exe
     7/30/2007 11:19 AM
   PCMService
     "C:\Program Files\Dell\MediaDirect\PCMService.exe"
     CyberLink PowerCinema Resident Program
     CyberLink Corp.
     4.5.0.0
     c:\program files\dell\mediadirect\pcmservice.exe
     12/20/2007 9:48 PM
   mcui_exe
     "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
     McAfee Security Center
     McAfee, Inc.
     12.8.839.0
     c:\program files\mcafee.com\agent\mcagent.exe
     9/24/2013 1:44 PM
   mcpltui_exe
     "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
     McAfee Security Center
     McAfee, Inc.
     12.8.839.0
     c:\program files\mcafee.com\agent\mcagent.exe
     9/24/2013 1:44 PM
   SysTrayApp
     C:\Program Files\IDT\WDM\sttray.exe
     IDT PC Audio
     IDT, Inc.
     1.0.6304.0
     c:\program files\idt\wdm\sttray.exe
     10/14/2010 7:04 AM

HKLM\SOFTWARE\Classes\Protocols\Filter
   application/x-mfe-ipt
     HKCR\CLSID\{3EF5086B-5478-4598-A054-786C45D75692}
     McAfee MSC IE plugin DLL
     McAfee, Inc.
     12.8.839.0
     c:\program files\mcafee\msc\mcsniepl.dll
     9/24/2013 1:45 PM

HKLM\SOFTWARE\Classes\Protocols\Handler
   dssrequest
     HKCR\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}
     SiteAdvisor
     McAfee, Inc.
     3.4.1.123
     c:\program files\mcafee\siteadvisor\mcieplg.dll
     2/17/2012 10:18 AM
   sacore
     HKCR\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}
     SiteAdvisor
     McAfee, Inc.
     3.4.1.123
     c:\program files\mcafee\siteadvisor\mcieplg.dll
     2/17/2012 10:18 AM

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
   Digital Line Detect.lnk
     C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
     Digital Line Detection
     Avanquest Software
     1.0.0.2
     c:\program files\digital line detect\dlg.exe
     9/22/2006 2:35 AM

C:\Users\sissymary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
   Dell Dock.lnk
     C:\Users\sissymary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
     Dell Dock
     Stardock Corporation
     1.0.0.1527
     c:\program files\dell\delldock\delldock.exe
     7/10/2008 6:08 PM

[bearboat]

part 7

 

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
   DellSupportCenter
     "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
     SupportSoft, Inc.
     7.0.585.0
     c:\program files\dell support center\bin\sprtcmd.exe
     10/1/2007 4:00 AM

Task Scheduler
   \Adobe Flash Player Updater
     "C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe"
     Adober Flashr Player Update Service 11.9 r900
     Adobe Systems Incorporated
     11.9.900.170
     c:\windows\system32\macromed\flash\flashplayerupdateservice.exe
     12/1/2013 1:09 PM
   \Norton WSC Integration
     "C:\Program Files\Norton 360\Engine\21.1.0.18\WSCStub.exe" /taskschd
     File not found: C:\Program Files\Norton 360\Engine\21.1.0.18\WSCStub.exe
    
   \SlimCleaner Run
     "C:\Program Files\SlimCleaner\SlimCleaner.exe" $(Arg0)
     File not found: C:\Program Files\SlimCleaner\SlimCleaner.exe
    
   \SlimDrivers Startup
     "C:\Program Files\SlimDrivers\SlimDrivers.exe" -boot
     SlimDrivers
     SlimWare Utilities, Inc.
     2.2.32705.52095
     c:\program files\slimdrivers\slimdrivers.exe
     9/24/2013 12:49 PM
   \Microsoft\Windows\Wired\GatherWiredInfo
     "%windir%\system32\gatherWiredInfo.vbs"
     c:\windows\system32\gatherwiredinfo.vbs
     1/20/2008 9:24 PM
   \Microsoft\Windows\Wireless\GatherWirelessInfo
     "%windir%\system32\gatherWirelessInfo.vbs"
     c:\windows\system32\gatherwirelessinfo.vbs
     1/20/2008 9:23 PM
   \Norton 360\Norton Error Analyzer
     "C:\Program Files\Norton 360\Engine\21.1.0.18\SymErr.exe" /analyze
     File not found: C:\Program Files\Norton 360\Engine\21.1.0.18\SymErr.exe
    
   \Norton 360\Norton Error Processor
     "C:\Program Files\Norton 360\Engine\21.1.0.18\SymErr.exe" /submit
     File not found: C:\Program Files\Norton 360\Engine\21.1.0.18\SymErr.exe
    

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
   McAfee SiteAdvisor BHO
     HKCR\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
     SiteAdvisor
     McAfee, Inc.
     3.4.1.123
     c:\program files\mcafee\siteadvisor\mcieplg.dll
     2/17/2012 10:18 AM

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers
   McCtxMenuFrmWrk
     HKCR\CLSID\{CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2}
     McAfee ContextMenu Framework
     McAfee, Inc.
     12.8.839.0
     c:\program files\mcafee\msc\mcctxmenufrmwrk.dll
     9/24/2013 1:43 PM

HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
   MBAMShlExt
     HKCR\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
     Malwarebytes Anti-Malware
     Malwarebytes Corporation
     1.70.0.0
     c:\program files\malwarebytes' anti-malware\mbamext.dll
     2/28/2013 3:39 PM

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
   igfxcui
     HKCR\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}
     igfxpph Module
     Intel Corporation
     7.14.10.1409
     c:\windows\system32\igfxpph.dll
     1/2/2008 11:34 AM

HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers
   MBAMShlExt
     HKCR\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
     Malwarebytes Anti-Malware
     Malwarebytes Corporation
     1.70.0.0
     c:\program files\malwarebytes' anti-malware\mbamext.dll
     2/28/2013 3:39 PM
   McCtxMenuFrmWrk
     HKCR\CLSID\{CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2}
     McAfee ContextMenu Framework
     McAfee, Inc.
     12.8.839.0
     c:\program files\mcafee\msc\mcctxmenufrmwrk.dll
     9/24/2013 1:43 PM

HKLM\Software\Microsoft\Internet Explorer\Toolbar
   McAfee SiteAdvisor
     HKCR\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}
     SiteAdvisor
     McAfee, Inc.
     3.4.1.123
     c:\program files\mcafee\siteadvisor\mcieplg.dll
     2/17/2012 10:18 AM

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32
   msacm.l3acm
     C:\Windows\System32\l3codeca.acm
     MPEG Layer-3 Audio Codec for MSACM
     Fraunhofer Institut Integrierte Schaltungen IIS
     1.9.0.402
     c:\windows\system32\l3codeca.acm
     1/21/2010 10:05 AM
   vidc.cvid
     iccvid.dll
     Cinepakr Codec
     Radius Inc.
     1.10.0.13
     c:\windows\system32\iccvid.dll
     5/27/2010 3:08 PM

HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance
   CyberLink MPEG-1 Splitter
     HKCR\CLSID\{470659C0-0C62-4D38-BE62-4243FDE65788}
     CyberLink MPEG Splitter
     CyberLink Corp.
     2.2.0.3710
     c:\program files\dell\mediadirect\kernel\video\clm1splter.ax
     1/9/2006 10:31 PM
   CyberLink Audio Decoder (MD3)
     HKCR\CLSID\{470CCBB3-684C-4487-BDE2-DE008759A4ED}
     CyberLink Audio Decoder Filter
     CyberLink Corp.
     6.1.0.4211
     c:\program files\dell\mediadirect\kernel\movie\claud.ax
     6/11/2007 3:32 AM
   CyberLink AudioCD Filter (MD3)
     HKCR\CLSID\{470D524C-037F-48E8-8B3D-77225B5CCAC9}
     CyberLink AudioCD Filter
     CyberLink Corp.
     5.0.0.3620
     c:\program files\dell\mediadirect\kernel\movie\claudiocd.ax
     12/20/2005 4:01 AM
   CyberLink Video Effect (MD3)
     HKCR\CLSID\{472EA890-7093-4D0E-B817-B9324AE0ECE4}
     CLVidFx
     CyberLink
     1.0.0.1523
     c:\program files\dell\mediadirect\kernel\movie\clvidfx.ax
     3/23/2005 3:15 AM
   CyberLink Video/SP Decoder (MD3)
     HKCR\CLSID\{4749C27E-52BE-4918-8D1B-F9A3AF1A42C1}
     CyberLink Video/SP Filter
     CyberLink Corp.
     6.0.0.3827
     c:\program files\dell\mediadirect\kernel\movie\clvsd.ax
     2/27/2007 6:20 AM
   CyberLink Line21 Decoder Filter (MD3)
     HKCR\CLSID\{4754272E-767E-451B-9DEF-C7C6A098741E}
     CyberLink Line21 Decoder Filter
     CyberLink Corp.
     4.0.0.7602
     c:\program files\dell\mediadirect\kernel\movie\clline21.ax
     4/1/2007 10:14 PM
   CyberLink Audio Effect (MD3)
     HKCR\CLSID\{47607563-E5D2-44F1-B7CF-04E9087DB7D8}
     CyberLink Audio Effect Filter
     CyberLink Corporation
     6.0.0.2524
     c:\program files\dell\mediadirect\kernel\movie\claudfx.ax
     1/24/2006 4:55 AM
   Cyberlink SubTitle Importor (MD3)
     HKCR\CLSID\{4761A28C-86EF-47F1-A79F-890B681E9E3A}
     CLSubTitle.ax
     CyberLink Corp.
     1.0.0.1604
     c:\program files\dell\mediadirect\kernel\movie\clsubtitle.ax
     4/4/2005 2:48 AM
   Cyberlink Tzan Filter
     HKCR\CLSID\{47750ACD-1297-46D9-ADFC-93F882EBA0EC}
     Cyberlink Tzan Filter
     CyberLink Corp.
     1.0.0.919
     c:\program files\dell\mediadirect\kernel\movie\cltzan.ax
     9/19/2007 1:17 PM
   CyberLink TimeStretch Filter (MD3)
     HKCR\CLSID\{47B0FF1D-EFC6-4D93-9E3F-8CFABFBA99F0}
     CLAuTS.ax
     CyberLink Corp.
     1.0.0.3711
     c:\program files\dell\mediadirect\kernel\movie\clauts.ax
     1/10/2006 10:57 PM
   CyberLink DVD Navigator (MD3)
     HKCR\CLSID\{47E2698F-4B74-4D16-8C24-06275EEC468D}
     CyberLink DVD Navigation Filter
     CyberLink Corp.
     6.0.0.4601
     c:\program files\dell\mediadirect\kernel\movie\clnavx.ax
     10/1/2007 4:32 AM
   CyberLink Demultiplexer (MD3)
     HKCR\CLSID\{47E604E0-75A2-4CA9-9116-8BEF94C90197}
     MPEG-2 Dempltiplexer
     CyberLink Corp.
     1.0.0.3726
     c:\program files\dell\mediadirect\kernel\movie\cldemuxer.ax
     1/26/2006 9:22 AM
   CyberLink MPEG-2 Splitter
     HKCR\CLSID\{47F959F3-F578-473E-AE86-1080B1A3D676}
     CyberLink MPEG Splitter
     CyberLink Corp.
     2.2.0.3710
     c:\program files\dell\mediadirect\kernel\video\clm2splter.ax
     1/9/2006 10:30 PM
   CyberLink MP3 Wrapper-PCM
     HKCR\CLSID\{4888CDC1-2616-4915-89A0-F17F65EEBE29}
     CyberLink MP3 Wrapper
     CyberLink Corp.
     1.0.0.0
     c:\program files\dell\mediadirect\kernel\music\clmp3wrap.ax
     9/3/2002 4:21 AM
   CyberLink Video/SP Decoder (ShEX)
     HKCR\CLSID\{E1D0002F-329C-4E54-B1EA-AC72F35D5060}
     CyberLink Video/SP Filter
     CyberLink Corp.
     6.0.0.1625
     c:\program files\dell\mediadirect\kernel\video\climagevsd.ax
     4/24/2005 10:22 PM
   CyberLink Audio Wizard
     HKCR\CLSID\{F880D84B-811D-44C0-9FB2-1071596627B1}
     CyberLink Audio Wizard Filter
     CyberLink Corp.
     1.0.0.1215
     c:\program files\dell\mediadirect\kernel\movie\claudwizard.ax
     12/15/2006 8:35 AM

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\sissymary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\sissymary\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\sissymary\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\sissymary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\sissymary\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=7 folders=3 1239321 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\sissymary\AppData\Local\Temp  will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\SISSYM~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\sissymary\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on Fri 01/17/2014 at 16:56:50.06 ======================

[bearboat]

there is no part 6.

 

part 7 is actually part 6

[kevinf80]

Yep noticed the count, how is your system responding now, any issues or concerns?