Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015 Ran by SYSTEM on MININT-J7UNE3C (22-12-2015 23:29:25) Running from h:\ Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 Boot Mode: Recovery Default: ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-28] (Adobe Systems Incorporated) HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [860040 2011-01-05] (Acer Incorporated) HKLM\...\Run: [lxczbmgr.exe] => C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe [74408 2009-04-27] (Lexmark International, Inc.) HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [263936 2010-06-28] (NewTech Infosystems, Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.) HKLM-x32\...\Run: [Connection Manager] => C:\Program Files (x86)\O2\Connection Manager\emmsn.exe [4220792 2011-06-14] (Telefónica) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.) HKLM-x32\...\Run: [MapsGalaxy_39 Browser Plugin Loader] => C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe [30096 2013-06-20] (VER_COMPANY_NAME) HKLM-x32\...\Run: [DailyWellnessGuide_80 Browser Plugin Loader 64] => C:\PROGRA~2\DAILYW~2\bar\1.bin\80brmon64.exe HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [DictionaryBoss Browser Plugin Loader 64] => C:\PROGRA~2\DICTIO~2\bar\1.bin\v4brmon64.exe HKLM-x32\...\Run: [ReferenceBoss_1p Browser Plugin Loader 64] => C:\PROGRA~2\REFERE~3\bar\1.bin\1pbrmon64.exe HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-07] (AVAST Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\Default\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [162408 2011-09-12] () HKU\Default\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Packard Bell.scr [450048 2011-09-12] () HKU\Default User\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [162408 2011-09-12] () HKU\Default User\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Packard Bell.scr [450048 2011-09-12] () HKU\emily\...\Run: [SlimCleaner Plus] => "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize HKU\emily\...\Run: [MalwareProtection360Updater] => C:\Program Files (x86)\MalwareProtection360updater.exe HKU\emily\...\RunOnce: [Application Restart #0] => C:\Program Files\Internet Explorer\iexplore.exe -restart /WERRESTART HKU\emily\...\RunOnce: [Application Restart #1] => C:\Program Files\Internet Explorer\iexplore.exe -restart /WERRESTART HKU\emily\...\RunOnce: [Application Restart #2] => C:\Program Files\Internet Explorer\iexplore.exe -restart /WERRESTART HKU\emily\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Packard Bell.scr [450048 2011-09-12] () HKU\Guest\...\Run: [SlimCleaner Plus] => "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize HKU\Guest\...\Run: [RocketTab] => C:\Users\Guest\AppData\Local\Search Extensions\Client.exe [2591232 2015-03-27] () HKU\Guest\...\Run: [RocketTab Update Task] => C:\Users\Guest\AppData\Local\Search Extensions\uninstall.exe [6850560 2015-03-27] () HKU\Guest\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Packard Bell.scr [450048 2011-09-12] () IFEO\bbqleads.exe: [Debugger] TaskList.exe IFEO\bbqleadsapplication.exe: [Debugger] TaskList.exe IFEO\bbqleadsservice.exe: [Debugger] TaskList.exe IFEO\bbqquotes.exe: [Debugger] TaskList.exe IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\ContentExplorer.exe: [Debugger] TaskList.exe IFEO\donutleads.exe: [Debugger] TaskList.exe IFEO\donutquotes.exe: [Debugger] TaskList.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\internetenhancer.exe: [Debugger] TaskList.exe IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\pastaleads.exe: [Debugger] TaskList.exe IFEO\pastaquotes.exe: [Debugger] TaskList.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\theanswerfinder.exe: [Debugger] TaskList.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe Startup: C:\Users\emily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-07-22] ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-09-03] ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () BootExecute: autocheck autochk * sdnclean64.exe ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-22] (AVAST Software) S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation) S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation) S2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [867712 2011-01-05] (Acer Incorporated) S2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [36456 2011-05-29] (Acer Incorporated) S2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated) S2 lxcz_device; C:\Windows\system32\lxczcoms.exe [566192 2007-04-19] ( ) S2 lxcz_device; C:\Windows\SysWOW64\lxczcoms.exe [537520 2007-04-19] ( ) S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-15] (Symantec Corporation) S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4362056 2014-11-17] (Symantec Corporation) S2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [255744 2010-06-28] (NewTech Infosystems, Inc.) S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) S2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\O2\Connection Manager\ImpWiFiSvc.exe [201080 2011-06-14] (Telefónica) S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-22] (AVAST Software) S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-22] (AVAST Software) S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-22] (AVAST Software) S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-22] (AVAST Software) S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-07] (AVAST Software) S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-07] (AVAST Software) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-22] (AVAST Software) S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-22] (AVAST Software) S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20120803.001\BHDrvx64.sys [1161376 2012-08-02] (Symantec Corporation) S1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation) S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20120807.001\IDSvia64.sys [509088 2012-08-06] (Symantec Corporation) S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20120809.003\ENG64.SYS [120440 2012-08-09] (Symantec Corporation) S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20120809.003\EX64.SYS [2068600 2012-08-09] (Symantec Corporation) S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation) S1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation) S0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-05-16] (Symantec Corporation) S0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation) S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-08-08] (Symantec Corporation) S1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-17] (Symantec Corporation) S1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-17] (Symantec Corporation) S3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [X] S1 jxgejuyx; \??\C:\Windows\system32\drivers\jxgejuyx.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-22 23:29 - 2015-12-22 23:29 - 00000000 ____D C:\FRST 2015-12-19 14:35 - 2015-12-19 14:44 - 00000000 _____ C:\Recovery.txt 2015-12-14 22:29 - 2015-12-14 22:29 - 00000000 __SHD C:\found.004 2015-12-14 14:40 - 2015-12-22 15:22 - 357256196 _____ C:\Windows\MEMORY.DMP 2015-12-10 10:50 - 2015-11-20 10:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2015-12-10 10:50 - 2015-11-20 10:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2015-12-10 10:50 - 2015-11-20 10:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2015-12-10 10:50 - 2015-11-20 10:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2015-12-10 10:50 - 2015-11-20 10:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2015-12-10 10:50 - 2015-11-20 10:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2015-12-10 10:50 - 2015-11-20 10:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll 2015-12-10 10:50 - 2015-11-20 10:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll 2015-12-10 10:50 - 2015-11-20 10:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe 2015-12-10 10:50 - 2015-11-20 10:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll 2015-12-10 10:50 - 2015-11-20 10:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\wu.upgrade.ps.dll 2015-12-10 10:50 - 2015-11-20 10:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-12-10 10:50 - 2015-11-20 10:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-12-10 10:50 - 2015-11-20 10:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-12-10 10:50 - 2015-11-20 10:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-12-10 10:50 - 2015-11-20 10:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-12-10 10:50 - 2015-11-05 11:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll 2015-12-10 10:50 - 2015-11-05 11:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2015-12-10 10:49 - 2015-11-11 13:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2015-12-10 10:49 - 2015-11-11 12:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-12-10 10:49 - 2015-11-11 10:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\System32\comsvcs.dll 2015-12-10 10:49 - 2015-11-11 10:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\System32\catsrvut.dll 2015-12-10 10:49 - 2015-11-11 10:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2015-12-10 10:49 - 2015-11-11 10:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2015-12-10 10:49 - 2015-11-11 08:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2015-12-10 10:49 - 2015-11-11 08:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-12-10 10:49 - 2015-11-11 07:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-12-10 10:49 - 2015-11-11 07:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-12-10 10:49 - 2015-11-11 07:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-12-10 10:49 - 2015-11-11 07:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2015-12-10 10:49 - 2015-11-11 06:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-12-10 10:49 - 2015-11-10 10:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2015-12-10 10:49 - 2015-11-10 10:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2015-12-10 10:49 - 2015-11-10 10:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\System32\user32.dll 2015-12-10 10:49 - 2015-11-10 10:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-12-10 10:49 - 2015-11-10 10:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-12-10 10:49 - 2015-11-10 09:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys 2015-12-10 10:49 - 2015-11-09 16:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-12-10 10:49 - 2015-11-09 16:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-12-10 10:49 - 2015-11-09 16:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-12-10 10:49 - 2015-11-09 16:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-12-10 10:49 - 2015-11-09 16:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-12-10 10:49 - 2015-11-09 16:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-12-10 10:49 - 2015-11-09 16:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-12-10 10:49 - 2015-11-09 16:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-12-10 10:49 - 2015-11-09 16:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-12-10 10:49 - 2015-11-09 16:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-12-10 10:49 - 2015-11-09 16:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-12-10 10:49 - 2015-11-09 16:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-12-10 10:49 - 2015-11-09 16:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-12-10 10:49 - 2015-11-09 15:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-12-10 10:49 - 2015-11-09 15:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-12-10 10:49 - 2015-11-09 15:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-12-10 10:49 - 2015-11-09 15:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-12-10 10:49 - 2015-11-09 15:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-12-10 10:49 - 2015-11-09 15:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-12-10 10:49 - 2015-11-09 15:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-12-10 10:49 - 2015-11-09 15:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-12-10 10:49 - 2015-11-09 15:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-12-10 10:49 - 2015-11-09 15:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-12-10 10:49 - 2015-11-09 15:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-12-10 10:49 - 2015-11-08 14:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2015-12-10 10:49 - 2015-11-08 14:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll 2015-12-10 10:49 - 2015-11-08 14:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2015-12-10 10:49 - 2015-11-08 14:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2015-12-10 10:49 - 2015-11-08 14:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2015-12-10 10:49 - 2015-11-08 14:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\html.iec 2015-12-10 10:49 - 2015-11-08 14:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll 2015-12-10 10:49 - 2015-11-08 14:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll 2015-12-10 10:49 - 2015-11-08 14:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2015-12-10 10:49 - 2015-11-08 14:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2015-12-10 10:49 - 2015-11-08 14:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2015-12-10 10:49 - 2015-11-08 14:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2015-12-10 10:49 - 2015-11-08 14:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll 2015-12-10 10:49 - 2015-11-08 14:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2015-12-10 10:49 - 2015-11-08 14:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2015-12-10 10:49 - 2015-11-08 14:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe 2015-12-10 10:49 - 2015-11-08 13:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2015-12-10 10:49 - 2015-11-08 13:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2015-12-10 10:49 - 2015-11-08 13:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll 2015-12-10 10:49 - 2015-11-08 13:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll 2015-12-10 10:49 - 2015-11-08 13:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2015-12-10 10:49 - 2015-11-08 13:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll 2015-12-10 10:49 - 2015-11-08 13:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2015-12-10 10:49 - 2015-11-08 13:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2015-12-10 10:49 - 2015-11-08 13:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2015-12-10 10:49 - 2015-11-08 13:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2015-12-10 10:49 - 2015-11-08 13:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2015-12-10 10:49 - 2015-11-08 13:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2015-12-10 10:49 - 2015-11-08 12:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2015-12-10 10:49 - 2015-11-08 12:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2015-12-10 10:49 - 2015-11-08 12:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2015-12-10 10:49 - 2015-11-05 11:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\wshrm.dll 2015-12-10 10:49 - 2015-11-05 11:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll 2015-12-10 10:49 - 2015-11-05 01:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys 2015-12-10 10:48 - 2015-11-03 11:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\System32\els.dll 2015-12-10 10:48 - 2015-11-03 10:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll 2015-12-10 10:14 - 2015-12-10 10:14 - 08879808 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-12-10 10:14 - 2015-12-10 10:14 - 00000000 _____ C:\Users\emily\AppData\Local\{250DC1DF-5A54-402F-80FB-27D522F6767E} 2015-12-10 10:14 - 2015-12-10 10:14 - 00000000 _____ C:\Users\emily\AppData\Local\{1E57EC28-793B-448A-B21B-E5DBD89DC359} 2015-12-06 14:50 - 2015-12-06 14:50 - 00000000 _____ C:\sdvd 2015-12-03 15:46 - 2015-12-03 15:46 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software 2015-12-03 15:27 - 2015-12-22 14:33 - 00662332 _____ C:\Windows\ntbtlog.txt 2015-11-27 14:05 - 2015-11-30 11:07 - 00001410 _____ C:\Users\emily\Desktop\Payslip (3) - Shortcut.lnk 2015-11-27 13:59 - 2015-11-27 13:59 - 00006069 _____ C:\Users\emily\Downloads\Payslip (4).pdf 2015-11-27 13:56 - 2015-11-27 13:56 - 00006069 _____ C:\Users\emily\Downloads\Payslip (3).pdf 2015-11-27 13:55 - 2015-11-27 13:55 - 00006069 _____ C:\Users\emily\Downloads\Payslip (2).pdf 2015-11-27 13:48 - 2015-11-27 13:48 - 00006069 _____ C:\Users\emily\Downloads\Payslip (1).pdf 2015-11-27 13:46 - 2015-11-27 13:46 - 00006069 _____ C:\Users\emily\Downloads\Payslip.pdf 2015-11-22 09:45 - 2015-11-22 09:45 - 00000000 ____D C:\Users\emily\Desktop\%LocalAppData% 2015-11-22 01:50 - 2010-02-02 22:03 - 00249736 _____ (ELAN Microelectronic Corp.) C:\Windows\ETDUninst.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-12-22 15:22 - 2007-07-11 17:48 - 00000000 ____D C:\Windows 2015-12-22 15:09 - 2009-07-13 20:45 - 00267800 _____ C:\Windows\System32\FNTCACHE.DAT 2015-12-14 14:15 - 2012-12-31 10:38 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-12-14 14:14 - 2015-07-15 15:37 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf573a9c1169.job 2015-12-14 14:14 - 2014-10-07 06:07 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1356939333-752514677-2418568314-1000UA.job 2015-12-14 14:14 - 2014-10-07 06:07 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1356939333-752514677-2418568314-1000Core.job 2015-12-14 14:14 - 2014-10-04 05:57 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-14 14:14 - 2014-10-04 05:57 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-14 14:14 - 2014-08-18 14:53 - 00000366 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - emily).job 2015-12-12 13:05 - 2012-12-31 10:38 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-12-12 13:05 - 2012-12-31 10:38 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-12-12 13:05 - 2011-10-28 05:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-12 12:23 - 2009-07-13 20:45 - 00016976 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-12-12 12:23 - 2009-07-13 20:45 - 00016976 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-12-12 12:17 - 2015-08-14 10:24 - 00000000 ____D C:\Windows\System32\Tasks\Remediation 2015-12-12 12:16 - 2013-11-15 08:53 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-12-12 12:13 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-12 11:55 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf 2015-12-12 11:31 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF 2015-12-10 10:30 - 2014-10-04 05:58 - 00002155 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-12-10 10:24 - 2009-07-13 21:13 - 00006386 _____ C:\Windows\System32\PerfStringBackup.INI 2015-12-06 11:14 - 2015-08-22 06:51 - 00000000 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-12-05 15:59 - 2015-08-31 02:06 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0bf573a9c1169 2015-12-05 15:59 - 2014-10-04 05:57 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-03 15:46 - 2015-08-14 10:24 - 00000000 ____D C:\Program Files\Common Files\AV 2015-12-02 05:18 - 2010-11-20 19:27 - 00301728 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe 2015-11-27 10:05 - 2014-10-04 05:57 - 00000000 ____D C:\Program Files (x86)\Google 2015-11-22 01:59 - 2015-08-22 06:51 - 00000000 ____D C:\Program Files\Google 2015-11-22 01:58 - 2011-10-28 05:08 - 00000000 ____D C:\Program Files (x86)\Packard Bell Games 2015-11-22 01:57 - 2011-10-28 05:08 - 00000000 ____D C:\ProgramData\WildTangent 2015-11-22 01:57 - 2011-10-28 05:08 - 00000000 ____D C:\Program Files (x86)\WildTangent Games 2015-11-22 01:56 - 2013-01-13 10:24 - 00000000 ____D C:\Users\Guest\AppData\Roaming\WildTangent 2015-11-22 01:56 - 2012-12-09 08:56 - 00000000 ____D C:\Users\emily\AppData\Roaming\WildTangent 2015-11-22 01:51 - 2015-10-21 13:18 - 00000000 ____D C:\ProgramData\MyTurboPC.com 2015-11-22 01:48 - 2014-10-04 05:57 - 00000000 ____D C:\Users\emily\AppData\Local\Google 2015-11-22 01:48 - 2014-01-07 03:35 - 00000000 ____D C:\ProgramData\Driving Test Success 2015-11-22 01:41 - 2014-08-18 14:53 - 00000000 ____D C:\Program Files\SlimCleaner Plus 2015-11-22 01:41 - 2013-11-23 15:18 - 00000000 ____D C:\Users\emily\AppData\LocalLow\BringMeSports_1c Some files in TEMP: ==================== C:\Users\emily\AppData\Local\Temp\appupdater-{89DFBE2D-8416-914C-90EA-0D0E36A20F2E}.exe C:\Users\emily\AppData\Local\Temp\appupdater-{AA539E61-0A7D-5747-887C-592DA3ADFE4A}.exe C:\Users\emily\AppData\Local\Temp\DataCard_Setup64.exe C:\Users\emily\AppData\Local\Temp\mixcraft6-b201-setup.exe C:\Users\emily\AppData\Local\Temp\patch-series-all-213.exe C:\Users\emily\AppData\Local\Temp\ResetDevice.exe C:\Users\emily\AppData\Local\Temp\rtdrvmon.exe C:\Users\emily\AppData\Local\Temp\SkypeSetup.exe C:\Users\emily\AppData\Local\Temp\SlimCleanerPlus.x64.exe C:\Users\emily\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite10665.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite10718.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite12339.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite12790.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite13589.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite13681.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite14473.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite14645.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite15298.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite15387.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite16606.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite18006.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite18303.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite18436.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite19206.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite20336.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite20461.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite20778.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite20841.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite22036.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite22178.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite22407.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite23896.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite26460.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite26735.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite27263.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite27504.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite28232.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite28669.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite28782.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite29315.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite29421.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite30829.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite31337.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite31677.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite33764.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite34978.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite35383.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite36080.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite36134.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite37994.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite38433.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite40547.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite42079.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite42913.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite44354.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite44610.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite44652.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite46235.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite46449.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite48098.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite48421.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite49650.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite49739.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite51420.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite51620.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite52093.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite52369.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite52542.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite52797.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite54086.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite55088.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite57009.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite57563.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite58366.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite60149.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite62120.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite62429.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite62473.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite63017.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite63695.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite63814.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite64762.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite65589.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite66000.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite67700.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite67876.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite68075.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite68470.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite68924.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite69231.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite70975.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite72936.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite73274.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite74105.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite74569.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite74788.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite75032.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite75591.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite77068.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite79199.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite79279.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite80939.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite81568.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite83315.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite83912.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite84453.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite85728.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite85739.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite86000.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite86070.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite86247.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite86289.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite86708.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite87380.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite87771.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite88789.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite90352.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite90869.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite91760.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite93849.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite94093.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite94391.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite94435.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite95054.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite95205.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite95360.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite96251.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite97065.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite97309.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite97737.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite97903.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite98156.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite98795.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite99356.dll C:\Users\emily\AppData\Local\Temp\System.Data.SQLite99389.dll C:\Users\Guest\AppData\Local\Temp\rtdrvmon.exe C:\Users\Guest\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\Guest\AppData\Local\Temp\System.Data.SQLite15e6be52-994a-4a52-b624-cb30cc7c5e96.dll C:\Users\Guest\AppData\Local\Temp\{A53A1862-7EDB-4C4E-BA4E-6752966AB32D}-46.0.2490.86_chrome_installer.exe ==================== Known DLLs (Whitelisted) ========================= ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll [2015-12-10 10:49] - [2015-11-10 10:55] - 1008640 ____A (Microsoft Corporation) 06BF84D26A05D400F6B3FB3D3DE0B03A C:\Windows\SysWOW64\User32.dll [2015-12-10 10:49] - [2015-11-10 10:37] - 0833024 ____A (Microsoft Corporation) 0A78439765E31510D75C9E2284F3A722 C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\dnsapi.dll => MD5 is legit C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE Association (Whitelisted) ============= ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 18% Total physical RAM: 3766.71 MB Available physical RAM: 3070.09 MB Total Virtual: 3764.91 MB Available Virtual: 3072.41 MB ==================== Drives ================================ Drive c: (Packard Bell) (Fixed) (Total:680.54 GB) (Free:610.56 GB) NTFS Drive e: (PQSERVICE) (Fixed) (Total:18 GB) (Free:2.59 GB) NTFS Drive h: (UNTITLED) (Removable) (Total:59.61 GB) (Free:49.49 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 503F05E1) Partition 1: (Not Active) - (Size=18 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=680.5 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 59.6 GB) (Disk ID: 00000000) Partition: GPT. LastRegBack: 2015-12-03 15:25 ==================== End of FRST.txt ============================