Jump to content

Recommended Posts

I have been having this problem for a few weeks now and my investigations have lead me to this page. I found another thread asking the same thing and have followed some of the instructions and wondered if anyone can provide me with further assistance?

Thanks
Tammy
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Tammy (administrator) on RILEY on 21-01-2015 19:49:28
Running from C:\Users\Tammy\Downloads
Loaded Profiles: Tammy (Available profiles: Tammy & Jason & Lauren Riley & caitl_000)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Firebird Project) C:\Program Files (x86)\Fisher & Paykel Healthcare\InfoSmart\InfoSmartDB2\bin\fbserver.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Fisher & Paykel Healthcare) C:\Program Files (x86)\Fisher & Paykel Healthcare\InfoSmart\Server12\InfoSmartServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
() C:\Users\Tammy\AppData\Roaming\Search Protection\SP.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Dropbox, Inc.) C:\Users\Tammy\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
() C:\Program Files (x86)\Search Extensions\Client.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634288 2014-06-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1386712 2014-06-13] (Realtek Semiconductor)
HKLM\...\Run: [simplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-29] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-29] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-29] (Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [722256 2008-12-12] (CANON INC.)
HKLM-x32\...\Run: [startCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-06-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2711576 2014-10-03] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-343118326-3526824166-135672213-1001\...\Run: [search Protection] => C:\Users\Tammy\AppData\Roaming\Search Protection\SP.EXE [1128760 2015-01-16] ()
HKU\S-1-5-21-343118326-3526824166-135672213-1001\...\Run: [browser Extensions] => C:\Users\Tammy\AppData\Roaming\BrowserExtensions\BEHelper.exe [965584 2014-12-08] ()
HKU\S-1-5-21-343118326-3526824166-135672213-1001\...\Run: [TivoServer] => C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe [2195160 2009-11-02] (TiVo Inc.)
HKU\S-1-5-21-343118326-3526824166-135672213-1001\...\Run: [TivoTransfer] => C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe [604888 2009-11-02] (TiVo Inc.)
HKU\S-1-5-21-343118326-3526824166-135672213-1001\...\Run: [TivoNotify] => C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe [430808 2009-11-02] (TiVo Inc.)
HKU\S-1-5-21-343118326-3526824166-135672213-1001\...\Run: [TranscodingService] => C:\Program Files (x86)\TiVo\Desktop\Plus\\TranscodingService.exe [856280 2009-11-02] (TiVo Inc.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [349680 2014-05-26] (Microsoft Corporation)
IFEO\ContentExplorer.exe: [Debugger] TaskList.exe
IFEO\internetenhancer.exe: [Debugger] TaskList.exe
IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe
Startup: C:\Users\Tammy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Tammy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [s-1-5-21-343118326-3526824166-135672213-1001] => Internet Explorer proxy is enabled.
ProxyServer: [s-1-5-21-343118326-3526824166-135672213-1001] => http=127.0.0.1:49811;https=127.0.0.1:49811
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL14/51
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL14/51
HKU\S-1-5-21-343118326-3526824166-135672213-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
HKU\S-1-5-21-343118326-3526824166-135672213-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL14/51
HKU\S-1-5-21-343118326-3526824166-135672213-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.adelaidenow.com.au/
SearchScopes: HKU\S-1-5-21-343118326-3526824166-135672213-1001 -> DefaultScope {4774DC5B-F7A4-4760-B654-13BB77AC9AB9} URL = https://au.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
SearchScopes: HKU\S-1-5-21-343118326-3526824166-135672213-1001 -> {4774DC5B-F7A4-4760-B654-13BB77AC9AB9} URL = https://au.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\Tammy\AppData\Roaming\BrowserExtensions\Coupons64.dll ()
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\Tammy\AppData\Roaming\BrowserExtensions\Coupons.dll ()
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
DPF: HKLM-x32 {1EAF0371-58DE-479D-95F0-8888F82FBDB7} http://maq.maq.liveblockauctions.com/v5/inst/laiLauncher.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\..\Interfaces\{898B2DBC-BD74-48E6-84F2-0B0903517434}: [NameServer] 192.168.0.1
 
FireFox:
========
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin HKU\S-1-5-21-343118326-3526824166-135672213-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Tammy\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
 
Chrome: 
=======
CHR StartupUrls: Default -> "https://www.facebook.com/","hxxp://www.adelaidenow.com.au/", "hxxp://edublogs.org/"
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR Profile: C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-01]
CHR Extension: (Google Docs) - C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-01]
CHR Extension: (Google Drive) - C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-01]
CHR Extension: (YouTube) - C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-01]
CHR Extension: (Google Search) - C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-01]
CHR Extension: (Google Sheets) - C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-01]
CHR Extension: (Google Wallet) - C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-01]
CHR Extension: (Gmail) - C:\Users\Tammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-01]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-03-06] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S2 CLKMSVC10_99E320F5; c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2014-05-20] (CyberLink)
R2 FirebirdServerInfoSmartDB2; C:\Program Files (x86)\Fisher & Paykel Healthcare\InfoSmart\InfoSmartDB2\bin\fbserver.exe [3735552 2013-03-08] (Firebird Project) [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-11-26] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-06-04] (Hewlett-Packard Company) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [107912 2008-10-10] ()
R2 InfoSmartServer12; C:\Program Files (x86)\Fisher & Paykel Healthcare\InfoSmart\Server12\InfoSmartServer.exe [32768 2014-08-11] (Fisher & Paykel Healthcare) [File not signed]
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-29] (Softex Inc.) [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [485400 2014-10-03] (Sony Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-15] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
S4 TivoBeacon2; C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe [1098968 2009-11-02] (TiVo Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-03] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Advanced Micro Devices)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-13] (CyberLink)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [294104 2014-05-01] (Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [559832 2014-02-27] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3410136 2014-04-12] (Realtek Semiconductor Corporation                           )
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-21 19:49 - 2015-01-21 19:49 - 00020679 _____ () C:\Users\Tammy\Downloads\FRST.txt
2015-01-21 19:49 - 2015-01-21 19:49 - 00000000 ____D () C:\FRST
2015-01-21 19:48 - 2015-01-21 19:48 - 02126848 _____ (Farbar) C:\Users\Tammy\Downloads\FRST64.exe
2015-01-21 19:42 - 2015-01-21 19:42 - 00000000 ____D () C:\Users\Tammy\AppData\Roaming\Lavasoft
2015-01-21 19:42 - 2015-01-21 19:42 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-01-21 19:41 - 2015-01-21 19:42 - 08059016 _____ (Lavasoft) C:\Users\Tammy\Downloads\WebCompanionInstaller.exe
2015-01-21 14:25 - 2015-01-21 14:25 - 00003760 _____ () C:\windows\System32\Tasks\RunTool
2015-01-20 15:34 - 2015-01-20 15:34 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\HandBrake
2015-01-19 18:13 - 2015-01-19 18:13 - 18493805 _____ () C:\Users\Tammy\Desktop\Caitlin Contemporary.mp4
2015-01-19 18:03 - 2015-01-19 18:05 - 92214567 _____ () C:\Users\Tammy\Desktop\Caitlin SASDS October 2014.mp4
2015-01-19 18:00 - 2015-01-19 18:00 - 18697957 _____ () C:\Users\Tammy\Desktop\Caitlin Lyrical.mp4
2015-01-19 17:57 - 2015-01-19 18:00 - 00000000 ____D () C:\Users\Tammy\AppData\Roaming\HandBrake
2015-01-19 17:57 - 2015-01-19 17:57 - 00000843 _____ () C:\Users\Lauren Riley\Desktop\Handbrake.lnk
2015-01-19 17:57 - 2015-01-19 17:57 - 00000843 _____ () C:\Users\Jason\Desktop\Handbrake.lnk
2015-01-19 17:57 - 2015-01-19 17:57 - 00000843 _____ () C:\Users\caitl_000\Desktop\Handbrake.lnk
2015-01-19 17:57 - 2015-01-19 17:57 - 00000000 ____D () C:\Users\Tammy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-01-19 17:57 - 2015-01-19 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-01-19 17:57 - 2015-01-19 17:57 - 00000000 ____D () C:\Program Files\Handbrake
2015-01-19 17:55 - 2015-01-19 17:56 - 16724942 _____ () C:\Users\Tammy\Downloads\HandBrake-0.10.0-x86_64-Win_GUI.exe
2015-01-18 10:23 - 2015-01-18 10:23 - 00027022 _____ () C:\Users\Tammy\Downloads\kg_what_the_teacher_wants.zip
2015-01-17 17:09 - 2015-01-17 17:09 - 00000000 ____D () C:\Users\Tammy\Documents\12WBT
2015-01-16 15:55 - 2015-01-16 15:55 - 00202469 _____ () C:\Users\Jason\Desktop\Stretches For Sciatic Nerve Pain - Prevention.com.html
2015-01-16 15:55 - 2015-01-16 15:55 - 00000000 ____D () C:\Users\Jason\Desktop\Stretches For Sciatic Nerve Pain - Prevention.com_files
2015-01-15 23:35 - 2015-01-16 08:52 - 00000000 ____D () C:\Users\Tammy\Desktop\SASDS
2015-01-15 17:59 - 2015-01-15 17:59 - 00014303 _____ () C:\Users\Tammy\Downloads\[kickass.so]dance.moms.s05e02.abby.got.served.web.dl.x264.ltbs.mp4.torrent
2015-01-14 08:13 - 2014-12-19 16:56 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-14 08:13 - 2014-12-12 12:34 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-14 08:13 - 2014-12-12 11:21 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ahcache.sys
2015-01-14 08:13 - 2014-12-09 12:20 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-14 08:13 - 2014-12-09 06:12 - 00535640 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2015-01-14 08:13 - 2014-12-09 06:12 - 00531616 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-01-14 08:13 - 2014-12-09 06:12 - 00448792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2015-01-14 08:13 - 2014-12-09 06:12 - 00413248 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2015-01-14 08:13 - 2014-12-09 06:12 - 00372408 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2015-01-14 08:13 - 2014-12-09 06:12 - 00108944 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-01-14 08:13 - 2014-12-09 06:12 - 00038264 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
2015-01-14 08:13 - 2014-12-09 06:12 - 00033584 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
2015-01-14 08:13 - 2014-12-06 13:47 - 00360448 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2015-01-14 08:13 - 2014-12-06 12:11 - 00391680 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-14 08:13 - 2014-12-06 12:05 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2015-01-14 08:13 - 2014-10-29 14:30 - 00465320 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2015-01-14 08:13 - 2014-10-29 14:30 - 00139984 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2015-01-14 08:13 - 2014-10-29 14:22 - 00500016 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-01-14 08:13 - 2014-10-29 14:22 - 00482872 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-01-14 08:13 - 2014-10-29 14:22 - 00394120 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-01-14 08:13 - 2014-10-29 14:22 - 00272248 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-01-14 08:13 - 2014-10-29 13:42 - 00413136 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2015-01-14 08:13 - 2014-10-29 13:42 - 00136296 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2015-01-14 08:13 - 2014-10-29 13:37 - 00424544 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-01-14 08:13 - 2014-10-29 13:37 - 00370424 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-01-14 08:13 - 2014-10-29 13:37 - 00344536 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-01-14 08:13 - 2014-10-29 13:14 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll
2015-01-14 08:13 - 2014-10-29 12:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\werdiagcontroller.dll
2015-01-14 08:13 - 2014-10-29 11:54 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2015-01-14 08:13 - 2014-10-29 11:32 - 00911360 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-01-14 08:13 - 2014-10-29 11:31 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-13 20:48 - 2015-01-13 20:49 - 05077034 _____ () C:\Users\Tammy\Downloads\State Fonts.zip
2015-01-13 08:26 - 2015-01-13 08:26 - 00000000 ____D () C:\Users\Tammy\AppData\Local\8fb74252-a0be-430c-8735-cbbbaea50194
2015-01-12 08:21 - 2015-01-12 08:21 - 00000000 ____D () C:\ProgramData\Recovery
2015-01-11 20:29 - 2014-01-01 19:12 - 190316544 _____ () C:\Users\Tammy\Desktop\20100101003546.m2ts
2015-01-11 10:43 - 2015-01-11 10:43 - 00000000 ____D () C:\Users\Tammy\AppData\Local\MediaShow
2015-01-10 17:37 - 2015-01-10 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-10 17:35 - 2015-01-21 19:40 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-10 17:35 - 2015-01-21 19:35 - 00000904 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-10 17:35 - 2015-01-10 17:35 - 00003880 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-09 15:11 - 2015-01-09 15:11 - 00313512 _____ (TiVo Inc.) C:\Users\Tammy\Downloads\PatchSetupTD (1).exe
2015-01-09 15:11 - 2015-01-09 15:11 - 00000000 ____D () C:\Users\Tammy\AppData\Roaming\Mozilla
2015-01-09 15:02 - 2015-01-09 15:02 - 00313512 _____ (TiVo Inc.) C:\Users\Tammy\Downloads\PatchSetupTD.exe
2015-01-09 14:58 - 2015-01-09 14:58 - 00000000 ___RD () C:\Users\Tammy\Documents\My TiVo Recordings
2015-01-09 14:58 - 2015-01-09 14:58 - 00000000 ____D () C:\Users\Tammy\Documents\My TiVo Recordings for Portables
2015-01-09 14:58 - 2015-01-09 14:58 - 00000000 ____D () C:\ProgramData\TiVo
2015-01-09 14:58 - 2015-01-09 14:58 - 00000000 ____D () C:\Program Files (x86)\TiVo
2015-01-09 14:16 - 2015-01-09 14:18 - 24435416 _____ (TiVo Inc.) C:\Users\Tammy\Downloads\TiVoDesktop2.8.exe
2015-01-09 13:49 - 2015-01-09 13:49 - 00189907 _____ () C:\Users\Tammy\Downloads\ac_hpe_plan_template.dotx
2015-01-09 13:08 - 2015-01-09 15:11 - 00000000 ____D () C:\Users\Tammy\AppData\Roaming\TuneUpMedia
2015-01-09 13:08 - 2015-01-09 13:08 - 00000000 ____D () C:\ProgramData\TuneUpMedia
2015-01-09 13:08 - 2015-01-09 13:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp
2015-01-09 13:08 - 2015-01-09 13:08 - 00000000 ____D () C:\Program Files (x86)\TuneUpMedia
2015-01-09 13:06 - 2015-01-09 13:06 - 00000000 ____D () C:\Users\Tammy\AppData\Roaming\Search Protection
2015-01-09 13:06 - 2015-01-09 13:06 - 00000000 ____D () C:\Users\Tammy\AppData\Roaming\BrowserExtensions
2015-01-09 13:01 - 2015-01-09 13:01 - 00015317 _____ () C:\Users\Tammy\Downloads\[kickass.so]dance.moms.s05e01.99.problems.but.mom.ain.t.one.web.x264.ltbs.torrent
2015-01-08 09:54 - 2015-01-21 19:35 - 00000000 ____D () C:\ProgramData\firebird
2015-01-08 09:45 - 2015-01-08 09:45 - 00000000 ____D () C:\Users\Tammy\AppData\Roaming\Fisher & Paykel Healthcare
2015-01-08 09:45 - 2015-01-08 09:45 - 00000000 ____D () C:\ProgramData\XHEO INC
2015-01-08 09:44 - 2015-01-08 09:44 - 00000000 ____D () C:\ProgramData\Citrix
2015-01-08 09:43 - 2015-01-08 09:43 - 00000000 ____D () C:\Users\Tammy\AppData\Local\IsolatedStorage
2015-01-08 09:43 - 2015-01-08 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fisher & Paykel Healthcare
2015-01-08 09:43 - 2015-01-08 09:43 - 00000000 ____D () C:\ProgramData\Fisher & Paykel Healthcare
2015-01-08 09:42 - 2015-01-08 09:42 - 00000000 ____D () C:\Users\Tammy\Downloads\InfoSmart1.2Full
2015-01-08 09:42 - 2015-01-08 09:42 - 00000000 ____D () C:\Program Files (x86)\Business Objects
2015-01-08 09:41 - 2015-01-08 09:41 - 00000000 ____D () C:\Users\Tammy\Downloads\InfoSmart1.2-R5_Upgrade
2015-01-08 09:30 - 2015-01-08 09:42 - 141352904 _____ () C:\Users\Tammy\Downloads\InfoSmart1.2Full.zip
2015-01-08 09:30 - 2015-01-08 09:40 - 108485971 _____ () C:\Users\Tammy\Downloads\InfoSmart1.2-R5_Upgrade.zip
2015-01-08 09:29 - 2015-01-08 09:58 - 00000000 ____D () C:\Program Files (x86)\Citrix
2015-01-08 09:28 - 2015-01-08 09:29 - 00000000 ____D () C:\Users\Tammy\AppData\Local\Citrix
2015-01-04 23:44 - 2015-01-08 09:43 - 00000000 ____D () C:\Users\Tammy\AppData\Local\Downloaded Installations
2015-01-04 23:43 - 2015-01-04 23:43 - 00000000 ____D () C:\Program Files (x86)\Fisher & Paykel Healthcare
2015-01-02 16:37 - 2015-01-02 16:37 - 00000000 ____D () C:\Users\Lauren Riley\AppData\Roaming\ArcSoft
2015-01-02 16:37 - 2015-01-02 16:37 - 00000000 ____D () C:\Users\Lauren Riley\AppData\Local\ArcSoft
2015-01-02 09:48 - 2015-01-02 09:49 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\ArcSoft
2015-01-02 09:48 - 2015-01-02 09:48 - 00000000 ____D () C:\Users\Jason\AppData\Local\ArcSoft
2015-01-01 22:28 - 2015-01-02 09:49 - 00000090 _____ () C:\error.log
2015-01-01 22:28 - 2015-01-01 22:28 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenu
2015-01-01 22:27 - 2015-01-02 09:49 - 00000000 ____D () C:\ProgramData\ArcSoft
2015-01-01 22:27 - 2015-01-01 22:28 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-01-01 22:27 - 2015-01-01 22:27 - 00000000 ____D () C:\Users\Tammy\AppData\Local\ArcSoft
2015-01-01 22:27 - 2015-01-01 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 6
2015-01-01 22:27 - 2015-01-01 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect
2015-01-01 22:26 - 2015-01-01 22:28 - 00000000 ____D () C:\Users\Tammy\AppData\Roaming\ArcSoft
2015-01-01 22:26 - 2015-01-01 22:26 - 00000000 ____D () C:\Program Files\Common Files\CANON
2015-01-01 22:26 - 2015-01-01 22:26 - 00000000 ____D () C:\Program Files (x86)\ArcSoft
2015-01-01 22:25 - 2015-01-01 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-01-01 22:25 - 2015-01-01 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 700F Manual
2015-01-01 22:24 - 2015-01-01 22:24 - 00000000 ___HD () C:\windows\system32\CanonIJ Uninstaller Information
2015-01-01 22:24 - 2015-01-01 22:24 - 00000000 ___HD () C:\Program Files\CanonBJ
2015-01-01 22:24 - 2015-01-01 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 700F
2015-01-01 22:23 - 2015-01-01 22:27 - 00000000 ____D () C:\Program Files (x86)\Canon
2015-01-01 11:13 - 2015-01-01 11:13 - 01080608 _____ (Unity Technologies ApS) C:\Users\Lauren Riley\Downloads\UnityWebPlayer (1).exe
2015-01-01 11:10 - 2015-01-02 17:56 - 00028672 ___SH () C:\Users\Lauren Riley\Desktop\Thumbs.db
2014-12-31 23:28 - 2014-12-31 23:28 - 00090112 _____ () C:\Users\Tammy\Documents\Publication1.pub
2014-12-31 22:11 - 2014-12-31 22:12 - 00000000 ____D () C:\Users\Jason\Desktop\Phone
2014-12-31 11:02 - 2014-12-31 11:02 - 00000000 ___RD () C:\Users\Tammy\AppData\Roaming\Brother
2014-12-25 20:24 - 2014-12-25 20:24 - 00000000 ____D () C:\Users\Jason\AppData\Local\Apple
2014-12-23 16:22 - 2014-12-23 16:24 - 27348579 _____ () C:\Users\Tammy\Downloads\11999.zip
2014-12-23 16:22 - 2014-12-23 16:22 - 00111616 ___SH () C:\Users\Tammy\Downloads\Thumbs.db
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-21 19:50 - 2014-11-01 18:19 - 00000000 ____D () C:\Users\Tammy\Documents\Outlook Files
2015-01-21 19:49 - 2014-11-01 18:13 - 00004962 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Riley-Tammy Riley
2015-01-21 19:47 - 2014-11-01 20:22 - 00000000 ____D () C:\Program Files\Vuze
2015-01-21 19:43 - 2014-11-01 18:03 - 00000000 ___DO () C:\Users\Tammy\OneDrive
2015-01-21 19:39 - 2014-11-01 18:00 - 00000000 ____D () C:\Users\Tammy\Documents\Youcam
2015-01-21 19:37 - 2014-11-01 20:41 - 00000000 ___RD () C:\Users\Tammy\Dropbox
2015-01-21 19:37 - 2014-11-01 20:23 - 00000000 ____D () C:\Users\Tammy\AppData\Roaming\Dropbox
2015-01-21 19:35 - 2013-08-23 01:16 - 00038744 _____ () C:\windows\setupact.log
2015-01-21 19:35 - 2013-08-23 01:15 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-01-21 19:35 - 2013-08-23 01:14 - 00551176 _____ () C:\windows\system32\FNTCACHE.DAT
2015-01-21 19:34 - 2014-11-01 17:53 - 01321205 _____ () C:\windows\WindowsUpdate.log
2015-01-21 19:34 - 2014-09-03 15:41 - 00065536 _____ () C:\windows\system32\spu_storage.bin
2015-01-21 19:34 - 2013-08-22 23:55 - 00786432 ___SH () C:\windows\system32\config\BBI
2015-01-21 19:30 - 2013-08-23 02:06 - 00000000 ____D () C:\windows\system32\sru
2015-01-21 18:04 - 2013-08-23 02:06 - 00000000 ____D () C:\windows\AppReadiness
2015-01-21 15:48 - 2014-11-01 18:04 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-343118326-3526824166-135672213-1001
2015-01-21 14:12 - 2014-11-01 18:04 - 00003914 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{D6A88555-6F20-42BC-8E4C-D922888A8DF6}
2015-01-21 11:35 - 2014-11-04 07:21 - 03333120 ___SH () C:\Users\Tammy\Desktop\Thumbs.db
2015-01-20 21:55 - 2014-11-01 17:59 - 00000000 ____D () C:\Users\Tammy\AppData\Local\Packages
2015-01-20 21:50 - 2014-03-18 20:23 - 00891920 _____ () C:\windows\system32\PerfStringBackup.INI
2015-01-20 20:44 - 2014-11-01 19:36 - 00000000 ____D () C:\Users\Jason\Documents\Outlook Files
2015-01-20 20:01 - 2014-11-01 19:36 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-343118326-3526824166-135672213-1004
2015-01-20 15:43 - 2014-11-01 19:33 - 00000000 ___DO () C:\Users\Jason\OneDrive
2015-01-17 20:41 - 2014-11-01 19:41 - 00003914 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{7E26949E-E133-4A46-ABA4-2BC3F8FD9B44}
2015-01-16 18:46 - 2014-11-02 19:33 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-343118326-3526824166-135672213-1005
2015-01-15 23:45 - 2014-11-01 20:23 - 00000000 ____D () C:\Users\Tammy\AppData\Roaming\Azureus
2015-01-14 08:31 - 2014-11-04 06:56 - 00000000 ____D () C:\windows\system32\MRT
2015-01-14 08:31 - 2013-08-23 01:50 - 00000000 ____D () C:\windows\CbsTemp
2015-01-14 08:22 - 2014-11-04 06:56 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-14 08:11 - 2014-11-03 07:58 - 00000000 ____D () C:\Users\Jason\Documents\Youcam
2015-01-11 13:52 - 2014-03-18 20:14 - 00012292 _____ () C:\windows\PFRO.log
2015-01-11 09:22 - 2014-11-01 20:08 - 00002282 _____ () C:\Users\Jason\Desktop\Google Chrome.lnk
2015-01-10 17:37 - 2014-11-01 21:16 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-10 17:36 - 2014-11-01 21:15 - 00000000 ____D () C:\Users\Tammy\AppData\Local\Deployment
2015-01-10 17:35 - 2014-11-07 19:26 - 00003644 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-09 22:00 - 2014-11-03 21:25 - 00000000 ____D () C:\Users\Tammy\AppData\Roaming\Foxit Software
2015-01-09 20:42 - 2013-08-23 02:06 - 00000000 ____D () C:\windows\system32\NDF
2015-01-09 13:08 - 2014-11-23 14:19 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-08 16:30 - 2014-11-09 09:03 - 00000000 ____D () C:\Users\Lauren Riley\AppData\Roaming\Apple Computer
2015-01-08 16:29 - 2014-11-19 17:33 - 00000000 ____D () C:\Users\Lauren Riley\AppData\Local\Apple Computer
2015-01-06 20:22 - 2014-12-07 12:42 - 00003942 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{2479E245-D12E-4B1D-97BF-372F434F0A7A}
2015-01-06 10:38 - 2014-11-04 15:44 - 00714720 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-01-06 10:38 - 2014-11-04 15:44 - 00106976 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-05 15:14 - 2014-11-01 17:58 - 00000000 ____D () C:\Users\Tammy
2015-01-04 18:56 - 2014-11-02 21:20 - 00000000 ____D () C:\Users\Tammy\Documents\Teaching Documents and Photos
2015-01-03 21:32 - 2014-03-08 19:41 - 00012563 _____ () C:\Users\Tammy\Documents\Bus.xlsx
2015-01-02 15:53 - 2014-11-08 20:13 - 00167424 ___SH () C:\Users\Jason\Desktop\Thumbs.db
2015-01-02 09:49 - 2014-09-03 15:56 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-31 21:44 - 2014-12-07 08:13 - 00298120 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-12-24 09:17 - 2014-11-01 18:08 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-23 11:47 - 2014-11-02 19:27 - 00000000 ____D () C:\Users\Lauren Riley
 
Some content of TEMP:
====================
C:\Users\Jason\AppData\Local\Temp\i4jdel0.exe
C:\Users\Tammy\AppData\Local\Temp\COMAP.EXE
C:\Users\Tammy\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplr8l2q.dll
C:\Users\Tammy\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\Tammy\AppData\Local\Temp\i4jdel0.exe
C:\Users\Tammy\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Tammy\AppData\Local\Temp\readSTILog.dll
C:\Users\Tammy\AppData\Local\Temp\SearchProtectionSetup.exe
C:\Users\Tammy\AppData\Local\Temp\sysad.exe
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite10098.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite10868.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite11243.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite11505.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite11751.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite12243.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite12591.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite12714.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite12783.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite13066.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite13475.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite13659.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite13710.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite13900.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite13917.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite14029.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite14112.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite14188.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite14571.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite14613.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite14817.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite15621.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite15628.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite15727.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite15804.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite15955.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite16675.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite16733.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite16790.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite16824.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite17121.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite17672.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite17948.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite18614.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite18646.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite18716.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite18999.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite19916.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite19932.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite20519.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite20714.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite20823.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite21100.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite21216.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite21242.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite21247.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite21647.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite21785.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite21990.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite22201.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite22585.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite22697.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite22873.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite22939.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite23089.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite23455.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite23581.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite23911.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite24335.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite24340.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite24359.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite24522.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite24724.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite24953.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite24972.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite25495.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite25750.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite25844.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite26125.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite26201.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite26601.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite26623.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite26735.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite26877.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite26879.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite27050.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite27246.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite27654.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite28524.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite28721.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite28734.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite28897.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite29205.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite29293.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite29319.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite29322.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite29361.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite29466.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite29516.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite29574.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite29742.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite29759.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite30339.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite30487.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite31015.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite31019.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite31587.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite32060.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite32093.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite32128.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite32182.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite32366.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite32438.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite32602.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite32656.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite33021.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite33115.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite33275.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite33362.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite33938.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite34845.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite34896.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite35374.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite35900.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite35992.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite36074.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite36149.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite36591.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite37465.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite37846.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite38232.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite38311.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite38346.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite38784.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite38795.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite39055.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite39289.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite39312.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite39335.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite39646.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite39918.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite40072.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite40564.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite41251.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite41568.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite41662.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite41676.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite42268.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite42276.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite42525.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite42592.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite42772.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite42781.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite43001.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite43229.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite43357.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite43600.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite43622.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite43631.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite43748.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite43754.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite43907.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite43971.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite44402.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite45017.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite45524.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite46095.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite46906.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite47102.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite47786.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite48181.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite48344.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite48363.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite48545.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite48627.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite48877.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite48953.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite48976.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite49026.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite49208.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite49703.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite49805.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite49861.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite49956.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite50199.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite50489.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite50529.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite50792.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite50853.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite50886.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite50990.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite51205.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite51299.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite52283.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite52427.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite52560.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite52565.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite52633.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite53148.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite53154.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite53736.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite53970.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite54135.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite54194.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite54794.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite54798.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite54847.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite55014.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite55057.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite55169.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite55290.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite55304.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite55466.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite55726.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite55843.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite56082.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite56756.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite56786.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite57037.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite57047.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite58005.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite58633.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite58743.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite58909.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite59312.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite59319.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite59391.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite59514.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite59733.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite59780.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite59823.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite59857.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite59998.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite60166.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite60185.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite60504.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite60564.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite60635.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite60817.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite60871.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite61025.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite61037.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite61051.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite61591.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite61664.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite62214.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite62263.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite62352.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite62464.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite62874.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite62930.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite63013.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite63128.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite63348.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite63358.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite63375.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite63520.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite63620.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite63915.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite63933.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite64382.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite64443.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite64527.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite64538.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite64928.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite65311.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite65595.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite65850.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite65869.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite66052.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite66665.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite67063.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite67337.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite67349.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite67743.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite67779.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite68212.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite68562.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite68686.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite69141.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite69184.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite69613.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite70186.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite70190.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite71300.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite71308.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite71899.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite72161.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite72289.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite72304.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite72305.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite72402.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite72689.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite72690.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite72732.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite72957.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite73236.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite73499.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite73940.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite74014.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite74244.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite74805.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite74942.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite75310.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite75338.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite75408.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite75675.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite75973.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite76031.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite76074.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite76089.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite76225.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite76717.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite76796.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite77273.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite77322.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite77545.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite77643.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite77822.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite78409.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite79214.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite79493.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite79570.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite79968.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite80098.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite80722.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite80807.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite80975.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite81024.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite81274.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite81366.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite81899.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite82137.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite82344.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite82420.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite82559.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite82590.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite82644.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite82732.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite82849.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite83013.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite83055.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite83220.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite83467.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite83648.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite83695.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite83754.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite83849.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite84173.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite84275.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite85020.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite85061.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite85062.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite85296.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite85468.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite85575.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite85656.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite85866.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite86199.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite86677.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite86762.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite86938.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite87621.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite87670.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite88078.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite88450.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite88467.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite88699.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite88991.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite89395.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite89397.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite89729.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite89836.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite90260.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite90340.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite90375.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite90414.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite90538.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite90714.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite90728.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite90912.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite90976.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite91142.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite91898.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite91998.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite92554.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite92626.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite92927.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite93548.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite93598.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite93672.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite93841.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite94506.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite94986.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite95035.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite95189.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite95666.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite95810.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite96124.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite96908.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite96983.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite97123.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite97156.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite97416.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite98378.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite98742.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite99101.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite99128.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite99607.dll
C:\Users\Tammy\AppData\Local\Temp\System.Data.SQLite99620.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-19 08:15
 
==================== End Of Log ============================
 
Addition is attached to this post.

Addition.txt

Link to post
Share on other sites

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll be working with you.
 
     
    
Before we start please read and note the following:

  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

:excl: I can't foresee everything, so if anything unexpected happens, please stop and inform me!
:excl: There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
  warning.gif Rules and policies
 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
 
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 
 
 
 

51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware
 
Please download Malwarebytes Anti-Malware and save it to your desktop.

  • Install the progam and select update.
  • Once updated, click the Settings tab, in the left panel choose Detection & Protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.
 
 
 
 

51a612a8b27e2-Zoek.png Scan with ZOEK
 
Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

createsrpoint;autoclean;emptyalltemp;ipconfig /flushdns;b
  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

Link to post
Share on other sites

I thought I was running Windows Security Essentials but I don't have it in my list of programs.
I only bought the computer a couple of months ago and haven't bought any other Antivirus software yet.
Is there a way to tell if I have a program running for virus protection?

Link to post
Share on other sites

I'll give you some recommendations and reading.
 
I suggest upgrading to MalwareBytes Anti-Malware Premium. This software will almost certainly save you from these threats in the future. Your Windows have Windows Defender running, but it is not enough protection. I suggest installing some antivirus, choose what you like (free or paid).
 
 
 
Glad I could help. We will delete all used tools and I'll give you some tips to harden your security and learn how to protect yourself :)
 
 

Recommended reading:

 
 
icon_exclaim.gifMUST READ - security tips:

icon_exclaim.gifMUST READ - general maintenance:

The Importance of Software Updating:

 

 
In order to stay protected it is very important that you regularly update all of your software. Cybercriminals depend on the apathy of users around software updates to keep their malicious endeavor running.
 
Operating systems, such as Windows, and applications, such as Adobe Reader or JAVA, are used by tens of millions of computers and devices around the world, making them a huge target for cybercriminals. Downloading updates and installing them can sometimes be tedious, but the advantages you get from the updates are certainly worth it.

Recommended additional software:

 
 
icon_arrow.gifTFC - to clean unneeded temporary files.
icon_arrow.gifMalwarebytes' Anti-Malware - to scan your system from time to time in search for malware.
icon_arrow.gifMalwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
icon_arrow.gifMcShield - to prevent infections spread by removable media.
icon_arrow.gifUnchecky - to prevent from installing additional foistware, implemented in legitimate installations.
icon_arrow.gifAdblock - to surf the web without annoying ads! 
 
 

Post-cleanup procedures:

 

 
Download DelFix by Xplode and save it to your desktop.

  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report. You do not need to attach it.

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning. 
 
 
 


My help is free for everybody.

If you're happy with the help provided and/or wish to buy me a beer for the assistance you received, then you can consider a donation: 
btn_donateCC_LG.gif

 

Thank you!

 
 
Stay safe,
TwinHeadedEagle   :)

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.