Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-12-2015 01 Ran by ssalbod (administrator) on SALBOD_PC3010 (12-12-2015 18:48:25) Running from C:\Users\ssalbod\Desktop Loaded Profiles: ssalbod & MSSQL$SQLEXPRESS (Available Profiles: sliu & bk29400n & ssalbod & Administrator & MSSQL$SQLEXPRESS) Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 9 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Identity Finder, LLC) C:\Program Files (x86)\Identity Finder 7\idfEndpoint.exe (Identity Finder, LLC) C:\Program Files (x86)\Identity Finder 7\idfEndpointWatcher64.exe (Identity Finder, LLC) C:\Program Files (x86)\Identity Finder 7\idfServicesMonitor.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe () C:\Program Files\SASHome\SASTextAnalyticsDocumentConversion\12.1\_tgwinsvc_wrapper.exe (Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\java.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE () C:\Users\ssalbod\AppData\Local\Amazon Music\Amazon Music Helper.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\CCM\CcmExec.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\CCM\SCNotification.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [883840 2012-03-29] (Conexant Systems, Inc.) HKLM\...\Run: [SASSystemPrep] => E:\setup.exe -lang en -order 99P8F9 HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.) HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Lync\communicator.exe [12119872 2015-11-12] (Microsoft Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-07] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-09] (Oracle Corporation) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.) HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1066192 2015-09-01] (Carbonite, Inc.) HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1 HKU\S-1-5-21-254494878-1253622069-3383492343-33881\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-12-02] (SUPERAntiSpyware) HKU\S-1-5-21-254494878-1253622069-3383492343-33881\...\Run: [Amazon Music] => C:\Users\ssalbod\AppData\Local\Amazon Music\Amazon Music Helper.exe [3162944 2014-06-24] () HKU\S-1-5-21-254494878-1253622069-3383492343-33881\...\Run: [Lync] => C:\Program Files\Microsoft Office\Office15\lync.exe [27888296 2015-11-18] (Microsoft Corporation) HKU\S-1-5-21-254494878-1253622069-3383492343-33881\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50137728 2015-11-17] (Skype Technologies S.A.) HKU\S-1-5-21-254494878-1253622069-3383492343-33881\...\MountPoints2: {ebd66018-61bd-11df-a92c-806e6f6e6963} - D:\SETUP.EXE HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\...\MountPoints2: {ebd66018-61bd-11df-a92c-806e6f6e6963} - D:\SETUP.EXE HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [!!!IdentityFinderShellOverlay] -> {771397F9-F56D-4158-B2C1-0312F95C5CB7} => C:\Program Files (x86)\Identity Finder 7\idfshextc_x64.dll [2015-07-30] () ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.) ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.) ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.) BootExecute: autocheck autochk * bootdelete ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 172.26.27.10 172.26.27.11 172.26.29.11 172.26.23.11 Tcpip\..\Interfaces\{83308DFE-B9B0-4513-9257-4848187D1B77}: [DhcpNameServer] 172.26.27.10 172.26.27.11 172.26.29.11 172.26.23.11 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKU\S-1-5-21-254494878-1253622069-3383492343-33881\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ HKU\S-1-5-21-254494878-1253622069-3383492343-33881\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.pace.edu/ HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.pace.edu/ HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ SearchScopes: HKLM -> DefaultScope {13FAFC55-87AA-4BB6-97FE-4A458B058A7A} URL = hxxp://www.google.com/advanced_search?hl=en SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {13FAFC55-87AA-4BB6-97FE-4A458B058A7A} URL = hxxp://www.google.com/advanced_search?hl=en SearchScopes: HKLM-x32 -> DefaultScope {13FAFC55-87AA-4BB6-97FE-4A458B058A7A} URL = hxxp://www.google.com/advanced_search?hl=en SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {13FAFC55-87AA-4BB6-97FE-4A458B058A7A} URL = hxxp://www.google.com/advanced_search?hl=en SearchScopes: HKU\S-1-5-21-254494878-1253622069-3383492343-33881 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133 -> DefaultScope {88148D58-276B-4A7E-8C61-53D040AD27C8} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133 -> {88148D58-276B-4A7E-8C61-53D040AD27C8} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Lync\OCHelper.dll [2010-10-22] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-11-18] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-11-18] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated) DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {55963676-2F5E-4BAF-AC28-CF26AA587566} hxxps://vpn.pace.edu/CACHE/stc/1/binaries/vpnweb.cab DPF: HKLM-x32 {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} hxxp://ax.emsisoft.com/asquared.cab DPF: HKLM-x32 {CAFECAFE-0013-0001-0026-ABCDEFABCDEF} hxxp://bannerinb.pace.edu/forms/jinitiator/jinit.exe DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\ssalbod\AppData\Roaming\Mozilla\Firefox\Profiles\wg2tol95.default-1425855763206 FF DefaultSearchEngine: Yahoo! FF DefaultSearchEngine.US: Google FF SelectedSearchEngine: Yahoo! FF Homepage: hxxp://www.pace.edu/its FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [No File] FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-11-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-11-18] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-12] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-01] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-254494878-1253622069-3383492343-33881: LWAPlugin15.8 -> C:\Users\ssalbod\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll [2013-03-13] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPJinit13126.dll [2006-05-16] (Oracle Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-12] () FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-08-27] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-08-27] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-08-27] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-08-27] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-08-27] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\ssalbod\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll [2013-03-13] (Microsoft Corporation) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml [2015-08-16] FF Extension: WOT - C:\Users\ssalbod\AppData\Roaming\Mozilla\Firefox\Profiles\wg2tol95.default-1425855763206\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-11-09] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-12-11] [not signed] Chrome: ======= CHR Profile: C:\Users\ssalbod\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\ssalbod\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-22] CHR Extension: (Google Slides) - C:\Users\ssalbod\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-22] CHR Extension: (Google Drive) - C:\Users\ssalbod\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-21] CHR Extension: (YouTube) - C:\Users\ssalbod\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-21] CHR Extension: (Google Search) - C:\Users\ssalbod\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-21] CHR Extension: (Google Slides) - C:\Users\ssalbod\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-21] CHR Extension: (Google Slides) - C:\Users\ssalbod\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-22] CHR Extension: (Google Slides) - C:\Users\ssalbod\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-21] CHR Extension: (Chrome Web Store Payments) - C:\Users\ssalbod\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-21] CHR Extension: (Gmail) - C:\Users\ssalbod\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-22] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-12] (SUPERAntiSpyware.com) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation) R2 CcmExec; C:\Windows\CCM\CcmExec.exe [1840208 2012-11-21] (Microsoft Corporation) S4 CmRcService; C:\Windows\CCM\RemCtrl\CmRcService.exe [633952 2012-11-21] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-01] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-01] (Dropbox, Inc.) R2 IdentityFinderEndpointService; C:\Program Files (x86)\Identity Finder 7\idfEndpoint.exe [10827776 2015-07-30] (Identity Finder, LLC) [File not signed] R2 IdentityFinderEndpointWatcher; C:\Program Files (x86)\Identity Finder 7\idfEndpointWatcher64.exe [4526080 2015-07-30] (Identity Finder, LLC) [File not signed] R2 IdentityFinderServicesMonitor; C:\Program Files (x86)\Identity Finder 7\idfServicesMonitor.exe [3313664 2015-07-30] (Identity Finder, LLC) [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation) S3 lpasvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation) S3 lppsvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation) R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [163008 2015-05-05] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation) R2 SAS Document Conversion Server; C:\Program Files\SASHome\SASTextAnalyticsDocumentConversion\12.1\_tgwinsvc_wrapper.exe [19456 2012-07-19] () [File not signed] S3 smstsmgr; C:\Windows\CCM\TSManager.exe [402000 2012-11-21] (Microsoft Corporation) S4 SQLAgent$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [448704 2015-05-05] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 idfEndpointWatcherDriver; C:\Windows\System32\DRIVERS\idfEndpointWatcherDriver.sys [29232 2015-07-30] (Identity Finder, LLC) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation) R3 prepdrvr; C:\Windows\System32\DRIVERS\prepdrv.sys [26984 2012-11-21] (Microsoft Corporation) R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [File not signed] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 VMAUDIO; system32\drivers\vmaudio.sys [X] S3 vmci; system32\DRIVERS\vmci.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-12 18:48 - 2015-12-12 18:49 - 00031579 _____ C:\Users\ssalbod\Desktop\FRST.txt 2015-12-12 18:21 - 2015-12-12 18:25 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-12-12 18:20 - 2015-12-12 18:21 - 00007678 _____ C:\Users\ssalbod\Desktop\Fixlog.txt 2015-12-12 18:16 - 2015-12-12 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-12-12 18:00 - 2015-12-12 18:00 - 01738240 _____ C:\Users\ssalbod\Desktop\adwcleaner_5.024.exe 2015-12-12 16:31 - 2015-12-12 16:31 - 00000000 ____D C:\Users\ssalbod\Desktop\FRST-OlderVersion 2015-12-11 19:18 - 2015-12-12 18:48 - 00000000 ____D C:\FRST 2015-12-11 19:07 - 2015-12-12 16:31 - 02369536 _____ (Farbar) C:\Users\ssalbod\Desktop\FRST64.exe 2015-12-11 18:01 - 2015-12-11 18:02 - 00068206 _____ C:\Windows\ntbtlog.txt 2015-12-11 17:17 - 2015-12-11 17:17 - 00000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics 2015-12-11 16:42 - 2015-12-11 17:07 - 00000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps 2015-12-11 16:39 - 2015-12-11 16:39 - 00000000 ____D C:\Users\Administrator\Documents\Audible 2015-12-11 16:39 - 2015-12-11 16:39 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Apple Computer 2015-12-11 16:39 - 2015-12-11 16:39 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google 2015-12-11 09:33 - 2015-12-11 09:33 - 00057578 _____ C:\Windows\system32\bootdelete.lst 2015-12-11 09:33 - 2015-12-11 09:33 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe 2015-12-10 15:43 - 2015-12-10 15:43 - 00497105 _____ C:\Users\ssalbod\Downloads\Hotelling-1943-Dr. Peters’ Criticism of Fisher’s Statistics.pdf 2015-12-10 13:42 - 2015-12-10 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2015-12-10 03:11 - 2015-11-03 14:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2015-12-10 03:11 - 2015-11-03 13:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2015-12-10 03:09 - 2015-11-10 13:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-12-10 03:09 - 2015-11-10 13:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-12-10 03:09 - 2015-11-10 13:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-12-10 03:09 - 2015-11-10 13:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-12-10 03:09 - 2015-11-10 13:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-12-10 03:09 - 2015-11-10 12:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-12-10 03:08 - 2015-11-11 13:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2015-12-10 03:08 - 2015-11-11 13:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2015-12-10 03:08 - 2015-11-11 13:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2015-12-10 03:08 - 2015-11-11 13:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2015-12-10 03:01 - 2015-11-12 16:16 - 17892864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-12-10 03:01 - 2015-11-12 16:13 - 02350080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-12-10 03:01 - 2015-11-12 16:09 - 10937856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-12-10 03:01 - 2015-11-12 16:08 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-12-10 03:01 - 2015-11-12 16:08 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-12-10 03:01 - 2015-11-12 16:07 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-12-10 03:01 - 2015-11-12 16:07 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-12-10 03:01 - 2015-11-12 16:06 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-12-10 03:01 - 2015-11-12 16:06 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-12-10 03:01 - 2015-11-12 16:06 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-12-10 03:01 - 2015-11-12 16:06 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-12-10 03:01 - 2015-11-12 16:06 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-12-10 03:01 - 2015-11-12 16:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-12-10 03:01 - 2015-11-12 16:06 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-12-10 03:01 - 2015-11-12 16:06 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-12-10 03:01 - 2015-11-12 16:06 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-12-10 03:01 - 2015-11-12 16:06 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-12-10 03:01 - 2015-11-12 16:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-12-10 03:01 - 2015-11-12 16:06 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-12-10 03:01 - 2015-11-12 16:06 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-12-10 03:01 - 2015-11-12 16:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-12-10 03:01 - 2015-11-12 16:06 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-12-10 03:01 - 2015-11-12 15:39 - 01814528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-12-10 03:01 - 2015-11-12 15:37 - 12389376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-12-10 03:01 - 2015-11-12 15:36 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-12-10 03:01 - 2015-11-12 15:34 - 09753088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-12-10 03:01 - 2015-11-12 15:34 - 01140224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-12-10 03:01 - 2015-11-12 15:33 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-12-10 03:01 - 2015-11-12 15:32 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-12-10 03:01 - 2015-11-12 15:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-12-10 03:01 - 2015-11-12 15:32 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-12-10 03:01 - 2015-11-12 15:32 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-12-10 03:01 - 2015-11-12 15:32 - 00424448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-12-10 03:01 - 2015-11-12 15:32 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2015-12-10 03:01 - 2015-11-12 15:32 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-12-10 03:01 - 2015-11-12 15:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-12-10 03:01 - 2015-11-12 15:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2015-12-10 03:01 - 2015-11-12 15:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2015-12-10 03:01 - 2015-11-12 15:31 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-12-10 03:01 - 2015-11-12 15:31 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-12-10 03:01 - 2015-11-12 15:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-12-10 03:01 - 2015-11-12 15:31 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-12-10 03:01 - 2015-11-12 15:31 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-12-10 03:01 - 2015-11-12 15:31 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2015-12-10 03:00 - 2015-11-03 14:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll 2015-12-10 03:00 - 2015-11-03 13:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll 2015-12-09 14:35 - 2015-12-09 14:35 - 00425937 _____ C:\Users\ssalbod\Downloads\Johnson-1943-Uses of Fisherian Statistics.pdf 2015-12-09 13:56 - 2015-12-09 13:56 - 00002136 _____ C:\Users\Public\Desktop\Carbonite InfoCenter.lnk 2015-12-09 13:56 - 2015-12-09 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite 2015-12-09 01:16 - 2015-12-09 01:16 - 09498816 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-12-08 12:20 - 2015-12-08 12:20 - 00601446 _____ C:\Users\ssalbod\Downloads\Maguire2006Hippocampus.pdf 2015-12-07 19:03 - 2015-12-07 19:03 - 02038272 _____ C:\Users\ssalbod\Downloads\MiddleStateSurveyFall2015.sav 2015-12-07 18:34 - 2015-12-07 18:34 - 01412559 _____ C:\Users\ssalbod\Downloads\Smith-1978-Harold Hotelling.pdf 2015-12-07 18:21 - 2015-12-07 18:21 - 00773372 _____ C:\Users\ssalbod\Downloads\Walker-1040-Degrees of Freedom.pdf 2015-12-07 14:24 - 2015-12-07 14:24 - 00249697 _____ C:\Users\ssalbod\Downloads\Stanley-1966-The Influence of Fishers.pdf 2015-12-07 11:12 - 2015-12-07 11:12 - 01473599 _____ C:\Users\ssalbod\Downloads\Yates-1951-The Influence of Statistical Methods for Research Workers on the Development of the Science.pdf 2015-12-06 19:24 - 2015-12-06 19:24 - 01441317 _____ C:\Users\ssalbod\Downloads\Rucci_Tweney-1980-Analysis of variance-Historical Perspective.pdf 2015-12-06 14:48 - 2015-12-06 14:48 - 01483898 _____ C:\Users\ssalbod\Downloads\McCollough-1998-Assessing the Reliability of Statistical Software Part I.pdf 2015-12-06 09:58 - 2015-12-06 09:58 - 00000837 _____ C:\Users\ssalbod\Desktop\JASP 0.7.1.12.lnk 2015-12-06 09:48 - 2015-12-06 09:48 - 01737728 _____ C:\Users\ssalbod\Downloads\SCh1.ppt 2015-12-06 09:37 - 2015-12-06 09:37 - 00000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JASP 0.7.1.12.lnk 2015-12-06 09:37 - 2015-12-06 09:37 - 00000000 ____D C:\Program Files\JASP 0.7.1.12 2015-12-03 21:38 - 2015-12-03 21:38 - 01038435 _____ C:\Users\ssalbod\Downloads\Tolman-1948-Cognitive Maps in Rats and Men.pdf 2015-12-03 21:05 - 2015-12-03 21:05 - 03360139 _____ C:\Users\ssalbod\Downloads\Scoville and Milner-1957 .pdf 2015-12-03 15:37 - 2015-12-03 15:37 - 02638731 _____ C:\Users\ssalbod\Downloads\2005HistoryMentalModels.pdf 2015-12-02 17:07 - 2015-12-02 17:07 - 00078295 _____ C:\Users\ssalbod\Downloads\Miller.pdf 2015-12-02 14:29 - 2015-12-02 14:29 - 02198146 _____ C:\Users\ssalbod\Downloads\Turing_Paper_1936.pdf 2015-12-02 13:55 - 2015-12-02 13:55 - 02427728 _____ C:\Users\ssalbod\Downloads\Log_Antilog.pdf 2015-12-01 20:38 - 2015-12-01 20:39 - 00068058 _____ C:\Users\ssalbod\Downloads\bechtel.cogscihistory.pdf 2015-12-01 16:53 - 2015-12-01 16:53 - 00563771 _____ C:\Users\ssalbod\Downloads\lavaan.pdf 2015-12-01 09:03 - 2015-12-01 09:03 - 00964715 _____ C:\Users\ssalbod\Downloads\Schrecker-1947-Leibniz and the Art of Inventing Algorisms.pdf 2015-11-30 08:48 - 2015-11-30 08:48 - 01106496 _____ C:\Users\ssalbod\Downloads\Holt-1961-Imagery.pdf 2015-11-29 17:07 - 2015-11-29 17:07 - 00621232 _____ C:\Users\ssalbod\Downloads\Science-1933-Science News-8-10.pdf 2015-11-29 09:00 - 2015-11-29 09:00 - 01494542 _____ C:\Users\ssalbod\Downloads\Hull-1937-Mind, Mechanism and Adaptive Behavior.pdf 2015-11-29 08:54 - 2015-11-29 08:54 - 01530315 _____ C:\Users\ssalbod\Downloads\Darryl-1998-Lashley-Hull Debate Revised.pdf 2015-11-27 11:19 - 2015-11-27 11:19 - 00152290 _____ C:\Users\ssalbod\Downloads\Kay-2001-From Logical Neurons to Poetic Embodiments of Mind.pdf 2015-11-27 11:15 - 2015-11-27 11:15 - 01021311 _____ C:\Users\ssalbod\Downloads\Abraham-2002-(Physio)logical Circuits.pdf 2015-11-23 17:56 - 2015-12-09 14:47 - 00000000 ____D C:\Users\ssalbod\Desktop\MiddleState 2015-11-23 17:28 - 2015-11-23 17:28 - 00155295 _____ C:\Users\ssalbod\Downloads\Perspectives on Psychological Science-2009-Cautin-211-23.pdf 2015-11-23 16:24 - 2015-11-23 16:24 - 02567371 _____ C:\Users\ssalbod\Downloads\Peterson-Doctor of Psychology Degree.pdf 2015-11-22 12:03 - 2015-11-22 12:03 - 00731713 _____ C:\Users\ssalbod\Downloads\Wispe-1969-The Negro Psychologist in America.pdf 2015-11-22 10:25 - 2015-11-22 10:25 - 00894276 _____ C:\Users\ssalbod\Downloads\Psychological Science-2012-Kraft-1372-8.pdf 2015-11-18 09:03 - 2015-11-18 09:03 - 00959919 _____ C:\Users\ssalbod\Downloads\Replication in Psychological Science-PS-2015-Lindsay-0956797615616374.pdf 2015-11-17 19:34 - 2015-11-17 19:34 - 01711011 _____ C:\Users\ssalbod\Downloads\golarai_2010jneuro.pdf 2015-11-17 12:52 - 2015-11-17 12:52 - 01642434 _____ C:\Users\ssalbod\Downloads\Rouanet-1970-Comparison between treatments in a repeated-measurement design ANOVA and multivariate methods.pdf 2015-11-16 15:15 - 2015-11-16 15:15 - 00000243 _____ C:\Users\ssalbod\Desktop\How to pronounce supravalvular HowToPronounce.com.URL 2015-11-16 13:55 - 2015-11-16 13:55 - 01753165 _____ C:\Users\ssalbod\Downloads\OBrienKaiser-1985-MANOVA method for analysizng repeated measures designs.pdf 2015-11-16 13:43 - 2015-11-16 13:43 - 03958585 _____ C:\Users\ssalbod\Downloads\Circulation-1961-WILLIAMS-1311-8.pdf 2015-11-16 13:43 - 2015-11-16 13:43 - 00000000 ____D C:\Users\ssalbod\AppData\Local\CEF 2015-11-16 09:08 - 2015-11-27 09:59 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-16 09:08 - 2015-11-16 09:08 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2015-11-16 09:00 - 2015-11-16 09:00 - 08521753 _____ C:\Users\ssalbod\Downloads\Circulation-1962-BEUREN-1235-40.pdf 2015-11-15 17:53 - 2015-11-15 17:53 - 00101821 _____ C:\Users\ssalbod\Downloads\Lenhoff et al-2011-John C. P. Williams of Williams-Beuren syndrome.pdf 2015-11-15 10:11 - 2015-11-15 10:12 - 01134828 _____ C:\Users\ssalbod\Downloads\Jabbi et al-2012-The Williams syndrome chromosome 7q11.23 hemideletion confers hypersocial, anxious personality.pdf 2015-11-15 10:04 - 2015-11-15 10:04 - 00137350 _____ C:\Users\ssalbod\Downloads\sphericity.pdf 2015-11-14 20:00 - 2015-11-14 20:00 - 00429424 _____ C:\Users\ssalbod\Downloads\Wang - Specific neurobehavioral profile 1992.pdf 2015-11-13 19:32 - 2015-11-13 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Downloader 2015-11-13 19:32 - 2015-11-13 19:32 - 00000000 ____D C:\Program Files (x86)\YTD Downloader 2015-11-13 13:52 - 2015-11-13 13:55 - 00000159 _____ C:\Users\ssalbod\AppData\Roaming\settings.xml 2015-11-13 13:52 - 2015-11-13 13:52 - 00000000 ____D C:\Users\ssalbod\Documents\convertedVideos 2015-11-13 13:52 - 2015-11-13 13:52 - 00000000 ____D C:\Users\ssalbod\AppData\Local\SkinSoft 2015-11-13 13:51 - 2015-11-13 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free WEBM To MP4 Converter 2015-11-13 13:51 - 2015-11-13 13:51 - 00000000 ____D C:\Program Files (x86)\Convert Audio Free 2015-11-13 13:50 - 2015-11-13 13:50 - 00001198 ____N C:\Users\ssalbod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malware Protection Live.lnk 2015-11-13 13:50 - 2015-11-13 13:50 - 00000000 ____D C:\Users\ssalbod\AppData\Roaming\Convert Audio Free 2015-11-13 10:55 - 2015-11-13 10:55 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk 2015-11-12 22:24 - 2015-11-12 22:24 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2015-11-12 22:24 - 2015-11-12 22:24 - 00000000 ____D C:\Windows\en 2015-11-12 22:23 - 2015-11-12 22:23 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk 2015-11-12 22:23 - 2015-11-12 22:23 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2015-11-12 22:23 - 2015-11-12 22:23 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2015-11-12 22:23 - 2015-11-12 22:23 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2015-11-12 22:22 - 2015-11-12 22:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2015-11-12 22:22 - 2015-11-12 22:23 - 00000000 ____D C:\Program Files (x86)\Windows Live 2015-11-12 22:22 - 2015-11-12 22:22 - 00000000 ____D C:\Program Files\Windows Live 2015-11-12 22:22 - 2014-03-31 21:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys 2015-11-12 22:20 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2015-11-12 22:20 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2015-11-12 22:20 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2015-11-12 22:20 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2015-11-12 22:20 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2015-11-12 22:20 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2015-11-12 22:20 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2015-11-12 22:20 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2015-11-12 22:19 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2015-11-12 22:19 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2015-11-12 22:18 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2015-11-12 22:18 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2015-11-12 22:17 - 2015-11-12 22:17 - 00002146 _____ C:\Users\ssalbod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2015-11-12 22:17 - 2015-11-12 22:17 - 00002104 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2015-11-12 22:17 - 2015-11-12 22:17 - 00002104 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2015-11-12 22:17 - 2015-11-12 22:17 - 00000000 ___RD C:\Users\ssalbod\OneDrive 2015-11-12 22:17 - 2015-11-12 22:17 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2015-11-12 22:17 - 2015-11-12 22:17 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive 2015-11-12 22:16 - 2015-11-13 10:39 - 00000000 ____D C:\Users\ssalbod\AppData\Local\Windows Live 2015-11-12 03:00 - 2015-07-18 08:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2015-11-12 03:00 - 2015-07-18 08:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-12 18:43 - 2013-06-19 17:23 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-12 18:40 - 2013-04-16 14:04 - 00000000 ____D C:\Users\ssalbod\Documents\Outlook Files 2015-12-12 18:38 - 2015-07-01 09:27 - 00000910 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2015-12-12 18:35 - 2009-07-13 23:45 - 00022448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-12-12 18:35 - 2009-07-13 23:45 - 00022448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-12-12 18:33 - 2014-11-12 09:20 - 00000000 ____D C:\Users\ssalbod\AppData\Roaming\Skype 2015-12-12 18:30 - 2013-05-10 22:20 - 00000569 _____ C:\Windows\SMSCFG.ini 2015-12-12 18:29 - 2015-07-01 09:32 - 00000000 ___RD C:\Users\ssalbod\Dropbox 2015-12-12 18:29 - 2015-07-01 09:27 - 00000000 ____D C:\Users\ssalbod\AppData\Local\Dropbox 2015-12-12 18:26 - 2015-07-01 09:27 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2015-12-12 18:26 - 2013-06-19 17:23 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-12 18:25 - 2013-04-16 12:33 - 00000240 _____ C:\Windows\system32\config\netlogon.ftl 2015-12-12 18:25 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-12 18:17 - 2015-07-01 09:27 - 00000000 ____D C:\Program Files (x86)\Dropbox 2015-12-12 18:16 - 2013-04-18 10:12 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-12-12 16:32 - 2015-01-24 17:17 - 00000000 ____D C:\Users\ssalbod\AppData\LocalLow\Temp 2015-12-12 16:17 - 2013-05-15 08:14 - 00000000 ____D C:\Users\MSSQL$SQLEXPRESS 2015-12-12 13:42 - 2010-05-17 14:20 - 00147857 __RSH C:\ProgramData\ntuser.pol 2015-12-12 10:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows 2015-12-12 10:26 - 2015-06-14 13:28 - 00000000 ____D C:\Users\ssalbod\AppData\Local\CrashDumps 2015-12-11 19:28 - 2009-07-14 00:13 - 00909224 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-11 19:28 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf 2015-12-11 18:56 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\oobe 2015-12-11 17:54 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF 2015-12-11 17:11 - 2013-04-15 13:07 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe 2015-12-11 16:39 - 2013-04-15 13:07 - 00119952 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT 2015-12-11 16:39 - 2009-07-13 23:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-12-10 09:03 - 2014-11-12 09:19 - 00000000 ____D C:\ProgramData\Skype 2015-12-10 04:36 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache 2015-12-10 03:51 - 2009-07-13 23:45 - 00510872 _____ C:\Windows\system32\FNTCACHE.DAT 2015-12-10 03:45 - 2013-07-13 17:03 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2015-12-10 03:45 - 2013-04-16 12:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-10 03:45 - 2013-04-16 12:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-10 03:11 - 2013-09-30 12:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-12-10 03:11 - 2010-05-17 09:21 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-10 03:10 - 2013-04-16 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-10 03:09 - 2011-03-01 12:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Lync 2015-12-10 03:09 - 2011-03-01 12:37 - 00000000 ____D C:\Program Files\Microsoft Lync 2015-12-10 03:09 - 2011-03-01 12:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Lync 2015-12-10 03:08 - 2013-08-14 02:02 - 00000000 ____D C:\Windows\system32\MRT 2015-12-10 03:03 - 2010-05-17 09:43 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-12-09 15:44 - 2015-05-22 16:06 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-12-09 13:56 - 2013-04-17 17:26 - 00004140 _____ C:\Windows\System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} 2015-12-09 01:16 - 2013-04-18 10:12 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-12-09 01:16 - 2013-04-18 10:12 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-12-09 01:16 - 2011-10-13 10:12 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-08 22:39 - 2010-05-17 09:33 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-12-06 09:46 - 2015-05-16 14:09 - 00000000 ____D C:\Program Files\JASP 0.6.6 2015-12-06 09:37 - 2015-05-16 14:11 - 00000000 ____D C:\Users\ssalbod\AppData\Roaming\JASP 2015-12-04 14:39 - 2015-07-25 17:39 - 00000000 ____D C:\Users\ssalbod\Desktop\PSY308 2015-12-03 17:07 - 2015-09-01 10:29 - 00000000 ____D C:\Users\ssalbod\Desktop\PSY612 2015-12-01 23:38 - 2013-06-19 17:23 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-01 23:38 - 2013-06-19 17:23 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-11-20 15:58 - 2015-11-05 13:54 - 00000000 ____D C:\Users\ssalbod\Desktop\Maddie 2015-11-19 21:57 - 2015-09-11 17:18 - 00000000 ____D C:\Users\ssalbod\Desktop\WMS 2015-11-19 12:27 - 2014-12-25 17:38 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-11-17 19:12 - 2013-04-16 15:24 - 00000000 ____D C:\Users\ssalbod\AppData\Roaming\vlc 2015-11-16 13:43 - 2014-08-29 13:14 - 00000000 ____D C:\Users\ssalbod\AppData\Local\Adobe 2015-11-16 09:08 - 2010-05-17 10:11 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-11-15 17:07 - 2013-10-10 17:03 - 00000000 ____D C:\Users\ssalbod\Documents\Custom Office Templates 2015-11-14 09:14 - 2013-04-16 15:25 - 00001276 __RSH C:\Users\ssalbod\ntuser.pol 2015-11-14 09:14 - 2013-04-16 15:24 - 00000000 ____D C:\Users\ssalbod 2015-11-13 10:55 - 2012-03-15 08:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-11-12 22:26 - 2013-04-16 15:24 - 00000000 ____D C:\Users\ssalbod\Tracing 2015-11-12 22:21 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared ==================== Files in the root of some directories ======= 2014-04-27 13:08 - 2014-06-24 21:34 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml 2013-04-18 09:40 - 2013-04-18 09:40 - 0005006 _____ () C:\Program Files (x86)\uninstal.log 2013-07-14 11:15 - 2013-07-14 11:15 - 0000000 _____ () C:\Users\ssalbod\AppData\Roaming\pdfperformer 2015-11-13 13:52 - 2015-11-13 13:55 - 0000159 _____ () C:\Users\ssalbod\AppData\Roaming\settings.xml 2014-03-20 17:36 - 2014-03-20 17:36 - 0000046 _____ () C:\Users\ssalbod\AppData\Roaming\WB.CFG 2015-06-06 15:31 - 2015-06-12 18:16 - 0001456 _____ () C:\Users\ssalbod\AppData\Local\Adobe Save for Web 13.0 Prefs 2015-10-14 13:55 - 2015-10-14 13:55 - 0000272 _____ () C:\Users\ssalbod\AppData\Local\psppirerc 2015-10-14 13:56 - 2015-10-14 13:56 - 0001421 _____ () C:\Users\ssalbod\AppData\Local\recently-used.xbel Files to move or delete: ==================== C:\Users\ssalbod\PhotoshopElements_13_LS25_win64.exe Some zero byte size files/folders: ========================== C:\Windows\SysWOW64\nsprs.dll C:\Windows\SysWOW64\serauth1.dll C:\Windows\SysWOW64\serauth2.dll C:\Windows\SysWOW64\ssprs.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-12-10 00:42 ==================== End of FRST.txt ============================