Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Vickie (administrator) on HOME on 24-03-2015 13:01:19 Running from C:\Users\Vickie\Downloads Loaded Profiles: Vickie (Available profiles: Vickie) Platform: Windows 8.1 Connected (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILBE.EXE (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\WinStore\WSHost.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-11-04] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192 2014-12-01] (Hewlett-Packard Development Company, L.P.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-622835846-1608901083-3201074063-1001\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1718536 2014-07-23] (CyberLink Corp.) HKU\S-1-5-21-622835846-1608901083-3201074063-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILBE.EXE [297024 2014-12-02] (SEIKO EPSON CORPORATION) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyEnable: [S-1-5-19] => Internet Explorer proxy is enabled. ProxyEnable: [S-1-5-20] => Internet Explorer proxy is enabled. HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1 HKU\S-1-5-21-622835846-1608901083-3201074063-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ SearchScopes: HKLM -> {EBDAD1EF-FEC5-4106-B516-CD6E5B244CF1} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {EBDAD1EF-FEC5-4106-B516-CD6E5B244CF1} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-622835846-1608901083-3201074063-1001 -> {EBDAD1EF-FEC5-4106-B516-CD6E5B244CF1} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 FireFox: ======== FF ProfilePath: C:\Users\Vickie\AppData\Roaming\Mozilla\Firefox\Profiles\oey2jyhr.default FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2014-12-08] () FF user.js: detected! => C:\Users\Vickie\AppData\Roaming\Mozilla\Firefox\Profiles\oey2jyhr.default\user.js [2015-03-01] FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt FF Extension: HP SimplePass - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-02-16] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] Chrome: ======= CHR Profile: C:\Users\Vickie\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Vickie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-15] CHR Extension: (Google Docs) - C:\Users\Vickie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-15] CHR Extension: (Google Drive) - C:\Users\Vickie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-15] CHR Extension: (YouTube) - C:\Users\Vickie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-15] CHR Extension: (Google Search) - C:\Users\Vickie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-15] CHR Extension: (TidyNetwork) - C:\Users\Vickie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmidaiabaeipgkcooijbikmdcofhpakp [2014-12-15] CHR Extension: (Google Sheets) - C:\Users\Vickie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-15] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Vickie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15] CHR Extension: (Google Wallet) - C:\Users\Vickie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-15] CHR Extension: (Gmail) - C:\Users\Vickie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-15] CHR HKLM-x32\...\Chrome\Extension: [dmidaiabaeipgkcooijbikmdcofhpakp] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2015-01-09] (WildTangent) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed] R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [573704 2014-12-01] (Hewlett-Packard Development Company, L.P.) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation) R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [94720 2014-09-27] (Softex Inc.) [File not signed] R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-16] (Realtek Semiconductor) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-24] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation) R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [294104 2014-07-04] (Realtek Semiconductor Corp.) U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [506072 2014-06-20] (Realsil Semiconductor Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3636440 2014-12-16] (Realtek Semiconductor Corporation ) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated) S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-07-26] (Synaptics Incorporated) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-24 13:01 - 2015-03-24 13:01 - 00013725 _____ () C:\Users\Vickie\Downloads\FRST.txt 2015-03-24 13:01 - 2015-03-24 13:01 - 00000000 ____D () C:\FRST 2015-03-24 13:00 - 2015-03-24 13:00 - 02095616 _____ (Farbar) C:\Users\Vickie\Downloads\FRST64.exe 2015-03-24 12:47 - 2015-03-24 12:47 - 00001049 _____ () C:\Users\Vickie\Desktop\scanlist.txt 2015-03-24 12:26 - 2015-03-24 12:26 - 00001097 _____ () C:\Users\Vickie\Desktop\regedit.lnk 2015-03-24 12:15 - 2015-03-24 12:57 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-24 12:14 - 2015-03-24 12:14 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-03-24 12:14 - 2015-03-24 12:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-03-24 12:14 - 2015-03-24 12:14 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-03-24 12:14 - 2015-03-24 12:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-03-24 12:14 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-03-24 12:14 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-03-24 12:14 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-03-24 12:06 - 2015-03-10 21:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-03-24 12:06 - 2015-03-10 17:08 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-03-24 12:06 - 2015-03-10 17:08 - 00943104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-03-24 12:06 - 2015-03-10 17:08 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-03-24 12:06 - 2015-03-10 17:08 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-03-24 12:06 - 2015-03-10 17:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-03-24 12:06 - 2015-03-10 17:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-03-24 12:02 - 2015-03-24 12:03 - 00001276 _____ () C:\Users\Vickie\Desktop\Control Panel.lnk 2015-03-24 11:59 - 2015-03-24 11:59 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Vickie\Downloads\mbam-setup-2.1.4.1018.exe 2015-03-23 14:27 - 2015-03-24 12:56 - 00000743 _____ () C:\Windows\Tasks\EPSON XP-310 Series Invitation {FE8D91F6-986A-4E44-9D87-12244F3E9BD0}.job 2015-03-23 14:27 - 2015-03-24 12:27 - 00000929 _____ () C:\Windows\Tasks\EPSON XP-310 Series Update {FE8D91F6-986A-4E44-9D87-12244F3E9BD0}.job 2015-03-23 14:27 - 2015-03-23 14:27 - 00003960 _____ () C:\Windows\System32\Tasks\EPSON XP-310 Series Update {FE8D91F6-986A-4E44-9D87-12244F3E9BD0} 2015-03-23 14:27 - 2015-03-23 14:27 - 00003774 _____ () C:\Windows\System32\Tasks\EPSON XP-310 Series Invitation {FE8D91F6-986A-4E44-9D87-12244F3E9BD0} 2015-03-23 14:27 - 2015-03-23 14:27 - 00000000 ____D () C:\Program Files\Common Files\EPSON 2015-03-23 14:25 - 2015-03-23 14:27 - 00000000 ____D () C:\ProgramData\EPSON 2015-03-23 14:25 - 2014-12-02 04:46 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMBLBE.DLL 2015-03-23 14:25 - 2014-12-02 04:46 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ID4BLBE.DLL 2015-03-23 14:25 - 2014-12-02 04:46 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL 2015-03-23 10:29 - 2015-03-23 14:21 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForVickie.job 2015-03-23 10:29 - 2015-03-23 10:29 - 00003162 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForVickie 2015-03-22 18:06 - 2015-03-22 18:07 - 00038400 _____ () C:\Users\Vickie\Downloads\Martinsville 2015.xls 2015-03-22 14:10 - 2015-03-04 16:24 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-03-22 14:10 - 2015-03-04 16:24 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-03-15 19:27 - 2015-03-22 18:05 - 00038400 _____ () C:\Users\Vickie\Downloads\Fontana 2015.xls 2015-03-15 12:59 - 2015-02-06 18:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml 2015-03-15 12:59 - 2015-02-03 18:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2015-03-15 12:59 - 2015-02-03 18:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys 2015-03-15 12:59 - 2015-02-03 18:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2015-03-15 12:59 - 2015-02-02 18:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll 2015-03-15 12:59 - 2015-02-02 18:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll 2015-03-15 12:59 - 2015-01-26 22:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe 2015-03-15 12:59 - 2015-01-23 20:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe 2015-03-15 12:59 - 2015-01-23 02:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2015-03-15 12:59 - 2015-01-23 00:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2015-03-15 12:58 - 2015-03-05 21:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-03-15 12:58 - 2015-03-05 21:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-03-15 12:58 - 2015-02-25 18:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-03-15 12:58 - 2015-01-30 18:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2015-03-15 12:58 - 2015-01-30 18:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2015-03-15 12:58 - 2015-01-28 20:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll 2015-03-15 12:58 - 2015-01-28 20:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll 2015-03-15 12:57 - 2015-02-20 20:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-03-15 12:57 - 2015-02-20 19:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-03-15 12:57 - 2015-02-20 19:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-03-15 12:57 - 2015-02-20 19:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-03-15 12:57 - 2015-02-20 19:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-03-15 12:57 - 2015-02-20 18:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-03-15 12:57 - 2015-02-20 18:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-03-15 12:57 - 2015-02-19 22:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-03-15 12:57 - 2015-02-19 21:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-03-15 12:57 - 2015-02-19 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-03-15 12:57 - 2015-02-19 21:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-03-15 12:57 - 2015-02-19 21:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-03-15 12:57 - 2015-02-19 21:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-03-15 12:57 - 2015-02-19 21:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-03-15 12:57 - 2015-02-19 21:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-03-15 12:57 - 2015-02-19 21:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-03-15 12:57 - 2015-02-19 21:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-03-15 12:57 - 2015-02-19 21:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-03-15 12:57 - 2015-02-19 21:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-03-15 12:57 - 2015-02-19 21:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-03-15 12:57 - 2015-02-19 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-03-15 12:57 - 2015-02-19 21:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-03-15 12:57 - 2015-02-19 20:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-03-15 12:57 - 2015-02-19 20:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-03-15 12:57 - 2015-02-19 20:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-03-15 12:57 - 2015-02-19 20:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-03-15 12:57 - 2015-02-19 20:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-03-15 12:57 - 2015-02-19 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-03-15 12:57 - 2015-02-19 20:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-03-15 12:57 - 2015-02-19 20:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-03-15 12:57 - 2015-02-19 20:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-03-15 12:57 - 2015-02-19 20:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-03-15 12:57 - 2015-02-19 20:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-03-15 12:57 - 2015-02-19 20:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-03-15 12:57 - 2015-02-19 20:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-03-15 12:57 - 2015-02-19 20:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-03-15 12:57 - 2015-02-19 20:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-03-15 12:57 - 2015-02-19 20:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-03-15 12:57 - 2015-02-19 20:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-03-15 12:57 - 2015-02-19 19:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-03-15 12:57 - 2015-02-19 19:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-03-15 12:57 - 2015-02-05 20:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2015-03-15 12:57 - 2015-02-05 20:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2015-03-15 12:57 - 2015-02-05 15:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-03-15 12:57 - 2015-02-02 19:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll 2015-03-15 12:57 - 2015-02-02 19:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll 2015-03-15 12:57 - 2015-01-30 18:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-03-15 12:57 - 2015-01-29 22:01 - 00097792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys 2015-03-15 12:57 - 2015-01-29 21:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll 2015-03-15 12:57 - 2015-01-29 21:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll 2015-03-15 12:57 - 2015-01-29 21:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll 2015-03-15 12:57 - 2015-01-29 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll 2015-03-15 12:57 - 2015-01-29 20:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll 2015-03-15 12:57 - 2015-01-29 20:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll 2015-03-15 12:57 - 2015-01-29 20:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll 2015-03-15 12:57 - 2015-01-29 20:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll 2015-03-15 12:57 - 2015-01-29 20:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll 2015-03-15 12:57 - 2015-01-29 20:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll 2015-03-15 12:57 - 2015-01-29 20:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll 2015-03-15 12:57 - 2015-01-29 20:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll 2015-03-15 12:57 - 2015-01-29 20:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll 2015-03-15 12:57 - 2015-01-28 20:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-03-15 12:57 - 2015-01-28 20:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2015-03-15 12:57 - 2015-01-28 20:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2015-03-15 12:57 - 2015-01-28 20:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-03-15 12:57 - 2015-01-28 19:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-03-15 12:57 - 2015-01-28 19:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2015-03-15 12:57 - 2015-01-28 19:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2015-03-15 12:57 - 2015-01-28 19:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-03-15 12:57 - 2015-01-28 10:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-03-15 12:57 - 2015-01-28 10:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-03-15 12:57 - 2015-01-28 10:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-03-15 12:57 - 2015-01-27 21:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll 2015-03-15 12:57 - 2015-01-27 20:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll 2015-03-15 12:57 - 2015-01-26 23:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2015-03-15 12:57 - 2015-01-26 21:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-03-15 12:57 - 2014-10-28 22:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2015-03-15 12:57 - 2014-10-28 21:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-03-15 12:57 - 2014-10-28 21:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-03-15 12:57 - 2014-10-28 21:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-03-15 12:57 - 2014-10-28 21:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe 2015-03-15 12:57 - 2014-10-28 21:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll 2015-03-15 12:57 - 2014-10-28 21:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll 2015-03-15 12:57 - 2014-10-28 21:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe 2015-03-15 12:57 - 2014-10-28 21:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe 2015-03-15 12:57 - 2014-10-28 21:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll 2015-03-15 12:57 - 2014-10-28 21:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-03-15 12:57 - 2014-10-28 21:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-03-15 12:57 - 2014-10-28 21:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-03-15 12:57 - 2014-10-28 20:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe 2015-03-15 12:57 - 2014-10-28 20:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll 2015-03-15 12:57 - 2014-10-28 20:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2015-03-15 12:57 - 2014-10-28 20:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll 2015-03-15 12:57 - 2014-10-28 20:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll 2015-03-15 12:57 - 2014-10-28 20:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll 2015-03-15 12:57 - 2014-10-28 20:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2015-03-15 12:57 - 2014-10-28 20:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll 2015-03-15 12:57 - 2014-10-28 20:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll 2015-03-15 12:57 - 2014-10-28 20:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2015-03-15 12:57 - 2014-10-28 19:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll 2015-03-15 12:57 - 2014-10-28 19:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2015-03-15 12:57 - 2014-10-28 19:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll 2015-03-15 12:57 - 2014-10-28 19:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll 2015-03-15 12:57 - 2014-10-28 19:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll 2015-03-15 12:57 - 2014-10-28 19:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll 2015-03-15 12:56 - 2015-02-12 12:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-03-15 12:56 - 2015-02-12 12:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-03-15 12:56 - 2015-02-07 18:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll 2015-03-15 12:56 - 2015-02-07 18:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll 2015-03-15 12:56 - 2015-01-29 13:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-15 12:56 - 2015-01-29 13:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-03-15 12:56 - 2015-01-27 20:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-15 12:56 - 2015-01-27 20:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-03-15 12:56 - 2015-01-27 18:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2015-03-15 12:56 - 2015-01-27 18:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2015-03-15 12:56 - 2015-01-21 00:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-15 12:56 - 2015-01-21 00:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-03-15 12:56 - 2014-12-11 00:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe 2015-03-15 12:44 - 2015-03-15 12:44 - 00000000 ____D () C:\Users\Vickie\AppData\Local\da3697ef-a91c-4664-a879-990c40d65969 2015-03-08 18:02 - 2015-03-15 19:27 - 00038400 _____ () C:\Users\Vickie\Downloads\Phoenix 2015.xls 2015-03-01 22:36 - 2015-03-15 18:59 - 00000000 ____D () C:\Users\Vickie\AppData\Roaming\OpenSoftwareUpdater 2015-03-01 22:31 - 2015-03-01 22:32 - 00323601 _____ (InstallerTech Corp) C:\Users\Vickie\Downloads\Setup.exe 2015-03-01 22:27 - 2015-03-08 18:02 - 00038400 _____ () C:\Users\Vickie\Downloads\Las Vegas 2015.xls 2015-02-28 17:30 - 2015-03-01 22:26 - 00037888 _____ () C:\Users\Vickie\Downloads\Atlanta 2015.xls 2015-02-28 17:30 - 2014-12-13 16:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-28 17:30 - 2014-12-13 16:28 - 00513488 _____ () C:\Windows\system32\locale.nls 2015-02-28 17:30 - 2014-10-28 20:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2015-02-28 17:30 - 2014-10-28 20:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll 2015-02-28 17:30 - 2014-10-28 20:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2015-02-28 17:30 - 2014-10-28 20:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll 2015-02-22 12:24 - 2015-02-28 17:29 - 00037888 _____ () C:\Users\Vickie\Downloads\Daytona 500 2015.xls ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-24 13:03 - 2014-12-06 17:16 - 00000000 ____D () C:\Users\Vickie\Documents\Youcam 2015-03-24 13:02 - 2014-12-06 17:19 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-622835846-1608901083-3201074063-1001 2015-03-24 13:00 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\sru 2015-03-24 12:57 - 2014-12-15 18:05 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-24 12:57 - 2014-12-06 17:16 - 00000000 ___DO () C:\Users\Vickie\OneDrive 2015-03-24 12:56 - 2014-08-27 00:07 - 00000000 ____D () C:\ProgramData\McAfee 2015-03-24 12:56 - 2014-08-27 00:07 - 00000000 ____D () C:\Program Files (x86)\McAfee 2015-03-24 12:56 - 2013-08-22 09:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-24 12:55 - 2014-03-18 04:44 - 01455510 _____ () C:\Windows\PFRO.log 2015-03-24 12:55 - 2013-08-22 09:46 - 00025813 _____ () C:\Windows\setupact.log 2015-03-24 12:55 - 2013-08-22 08:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2015-03-24 12:54 - 2014-12-13 18:11 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-03-24 12:54 - 2014-12-13 18:11 - 00000000 ____D () C:\Windows\system32\appraiser 2015-03-24 12:45 - 2014-12-06 17:05 - 01779510 _____ () C:\Windows\WindowsUpdate.log 2015-03-24 12:13 - 2013-08-22 10:36 - 00000000 ___HD () C:\Windows\ELAMBKUP 2015-03-24 12:13 - 2013-08-22 10:20 - 00000000 ____D () C:\Windows\CbsTemp 2015-03-24 12:12 - 2014-07-18 03:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection 2015-03-24 12:11 - 2014-12-15 18:05 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-24 11:57 - 2014-12-16 12:15 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2015-03-24 11:55 - 2014-12-06 17:17 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{17676AFA-6FEF-4516-9341-A554AA2B1D4B} 2015-03-23 14:33 - 2014-12-15 18:06 - 00002270 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-03-23 14:28 - 2014-03-18 04:53 - 00956476 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-23 10:25 - 2014-12-06 17:13 - 00000000 ____D () C:\Users\Vickie 2015-03-22 19:59 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\rescache 2015-03-22 17:01 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\NDF 2015-03-22 14:02 - 2013-08-22 08:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2015-03-22 14:01 - 2013-08-22 09:44 - 00378800 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-22 13:58 - 2013-08-22 10:36 - 00000000 ___RD () C:\Windows\ToastData 2015-03-22 13:58 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-03-22 13:58 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-03-22 13:58 - 2013-08-22 10:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-03-22 13:58 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\WinStore 2015-03-22 13:58 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Defender 2015-03-22 13:58 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-03-22 12:53 - 2014-12-12 20:24 - 00000000 ____D () C:\Windows\system32\MRT 2015-03-22 12:46 - 2014-12-13 18:03 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-03-22 12:25 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\AppReadiness 2015-03-03 08:17 - 2015-02-15 13:10 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-03-02 23:38 - 2014-12-24 17:15 - 00001024 _____ () C:\.rnd ==================== Files in the root of some directories ======= 2014-12-12 18:42 - 2014-12-12 18:42 - 0000064 _____ () C:\Users\Vickie\AppData\Local\c3ac1551b7be92c830b88f7802e3f4f2 Some content of TEMP: ==================== C:\Users\Vickie\AppData\Local\Temp\0318031427216926mcinst.exe C:\Users\Vickie\AppData\Local\Temp\Extract.exe C:\Users\Vickie\AppData\Local\Temp\install_temp.exe C:\Users\Vickie\AppData\Local\Temp\optprosetup.exe C:\Users\Vickie\AppData\Local\Temp\OSUUpdater.exe C:\Users\Vickie\AppData\Local\Temp\SP67263.exe C:\Users\Vickie\AppData\Local\Temp\SP67334.exe C:\Users\Vickie\AppData\Local\Temp\SP68864.exe C:\Users\Vickie\AppData\Local\Temp\SP69229.exe C:\Users\Vickie\AppData\Local\Temp\SP69393.exe C:\Users\Vickie\AppData\Local\Temp\SP69401.exe C:\Users\Vickie\AppData\Local\Temp\SP69404.exe C:\Users\Vickie\AppData\Local\Temp\SP69559.exe C:\Users\Vickie\AppData\Local\Temp\SP69718.exe C:\Users\Vickie\AppData\Local\Temp\SP69748.exe C:\Users\Vickie\AppData\Local\Temp\SP69840.exe C:\Users\Vickie\AppData\Local\Temp\SP69888.exe C:\Users\Vickie\AppData\Local\Temp\SP70439.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-22 19:18 ==================== End Of Log ============================