Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My daughter downloaded a bunch of baddies! [Solved]

Started by Inner Child , Dec 11 2014 01:23 AM

  • This topic is locked This topic is locked

#1
Inner Child
Posted 11 December 2014 - 01:23 AM

Inner Child

    Member

  • Member
  • PipPip
  • 38 posts

Help. My daughter asked me to clean her system of a number of unwanted add-ins. I cannot find all of the necessary files to clean her computer.

 

Here is the OTL scan report:

 

OTL logfile created on: 12/10/2014 10:04:22 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Allyson\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.89 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 39.11% Memory free
5.26 Gb Paging File | 2.50 Gb Available in Paging File | 47.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456.98 Gb Total Space | 424.32 Gb Free Space | 92.85% Space Free | Partition Type: NTFS
Drive D: | 496.00 Mb Total Space | 444.92 Mb Free Space | 89.70% Space Free | Partition Type: FAT32
Drive X: | 750.00 Mb Total Space | 467.38 Mb Free Space | 62.32% Space Free | Partition Type: NTFS
Drive Y: | 7.39 Gb Total Space | 0.74 Gb Free Space | 9.95% Space Free | Partition Type: NTFS
 
Computer Name: AllysPC | User Name: Allyson | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/12/10 22:04:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Allyson\Downloads\OTL.exe
PRC - [2014/12/09 19:49:12 | 000,528,384 | ---- | M] () -- C:\Users\Allyson\AppData\Local\wincheck\wincheck.exe
PRC - [2014/12/09 14:22:30 | 003,308,712 | ---- | M] () -- C:\Users\Allyson\AppData\Local\gmsd_us_11\upgmsd_us_11.exe
PRC - [2014/12/09 14:22:26 | 003,979,944 | ---- | M] () -- C:\Program Files (x86)\gmsd_us_11\gmsd_us_11.exe
PRC - [2014/11/24 22:39:27 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/09/02 11:40:14 | 000,462,160 | ---- | M] () -- C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
PRC - [2014/07/02 21:56:10 | 000,493,288 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
PRC - [2014/07/02 21:54:34 | 004,167,912 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
PRC - [2014/07/02 21:54:14 | 001,921,768 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
PRC - [2013/08/21 20:17:05 | 000,374,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2013/08/19 04:29:48 | 001,785,344 | ---- | M] (DELL Inc.) -- C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/12/09 19:49:12 | 000,528,384 | ---- | M] () -- C:\Users\Allyson\AppData\Local\wincheck\wincheck.exe
MOD - [2014/12/09 14:22:30 | 003,308,712 | ---- | M] () -- C:\Users\Allyson\AppData\Local\gmsd_us_11\upgmsd_us_11.exe
MOD - [2014/12/09 14:22:26 | 003,979,944 | ---- | M] () -- C:\Program Files (x86)\gmsd_us_11\gmsd_us_11.exe
MOD - [2014/11/24 22:39:25 | 014,910,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll
MOD - [2014/11/24 22:39:24 | 009,009,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
MOD - [2014/11/24 22:39:20 | 001,077,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
MOD - [2014/11/24 22:39:18 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
MOD - [2014/11/24 22:39:17 | 001,677,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
MOD - [2014/09/02 11:40:28 | 000,114,000 | ---- | M] () -- C:\Program Files (x86)\Dropbox\DropboxOEM\zlib1.dll
MOD - [2014/09/02 11:40:18 | 000,214,352 | ---- | M] () -- C:\Program Files (x86)\Dropbox\DropboxOEM\Ledger.dll
MOD - [2014/09/02 11:40:14 | 000,462,160 | ---- | M] () -- C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
MOD - [2014/07/30 17:37:26 | 001,906,464 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
MOD - [2014/03/18 01:55:15 | 017,395,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
MOD - [2012/11/25 23:19:28 | 000,117,608 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
MOD - [2012/11/25 23:19:20 | 001,153,384 | ---- | M] () -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/11/08 23:57:23 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/11/08 23:57:23 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/11/08 23:21:36 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/11/08 23:21:19 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/11/08 23:21:19 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/11/08 23:21:19 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/11/08 23:21:17 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/11/08 23:21:17 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/08/11 17:30:34 | 000,033,480 | ---- | M] (Dell) [Auto | Stopped] -- C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe -- (Dell Foundation Services)
SRV:64bit: - [2014/08/11 14:16:28 | 000,023,240 | ---- | M] (Dell) [Auto | Stopped] -- C:\Program Files\Dell\Dell Data Services\DDSSvc.exe -- (Dell Data Services)
SRV:64bit: - [2014/04/06 20:53:22 | 000,497,664 | ---- | M] (Waves Audio Ltd.) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\WavesSysSvc64.exe -- (WavesSysSvc)
SRV:64bit: - [2014/03/18 01:54:59 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/18 01:54:59 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/03/18 01:54:55 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/03/18 01:54:53 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/03/18 01:54:53 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/03/18 01:54:50 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/03/18 01:54:50 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/03/18 01:54:48 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/03/17 18:54:26 | 000,185,792 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2014/03/17 18:47:02 | 000,219,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2014/01/08 13:12:46 | 000,290,520 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2013/12/11 07:21:26 | 001,025,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2013/12/04 12:38:58 | 000,601,920 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2013/11/11 04:40:06 | 000,178,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\mcafee\msc\McAPExe.exe -- (McAPExe)
SRV:64bit: - [2013/11/06 03:30:12 | 000,341,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2013/11/06 03:30:12 | 000,341,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2013/11/06 03:30:12 | 000,341,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2013/11/06 03:30:12 | 000,341,288 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe -- (McOobeSv2)
SRV:64bit: - [2013/11/06 03:30:12 | 000,341,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2013/11/06 03:30:12 | 000,341,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2013/11/06 03:30:12 | 000,341,288 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2013/11/06 03:30:12 | 000,341,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2013/09/26 16:03:22 | 000,333,584 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2013/08/22 04:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 03:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 03:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 03:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 03:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 03:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 02:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 02:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 02:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 02:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 02:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 02:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 02:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 02:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 02:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 01:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 01:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 01:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 01:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 01:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 01:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 01:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 01:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2009/11/17 17:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2014/11/08 23:21:19 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/07/22 17:09:18 | 000,148,688 | ---- | M] (Dell Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Dell Update\DellUpService.exe -- (DellUpdate)
SRV - [2014/07/02 21:54:14 | 001,921,768 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe -- (SftService)
SRV - [2014/04/10 14:30:14 | 000,202,248 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2014/04/01 12:20:36 | 000,293,440 | ---- | M] (Aviata, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe -- (DellProdRegManager)
SRV - [2014/03/06 19:22:42 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/02/26 00:50:26 | 000,319,104 | ---- | M] (Windows ® Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2014/01/10 14:53:48 | 000,168,960 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe -- (My Dell Client Framework)
SRV - [2013/12/13 10:32:58 | 000,850,120 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Windows\Temp\0309161417894733mcinst.exe -- (0309161417894733mcinstcleanup)
SRV - [2013/08/22 11:40:38 | 000,016,176 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe -- (WysePocketCloud)
SRV - [2013/08/22 04:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 19:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 18:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/19 04:29:48 | 001,785,344 | ---- | M] (DELL Inc.) [Auto | Running] -- C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe -- (WyseRemoteAccess)
SRV - [2012/04/24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/12/09 12:29:04 | 000,048,784 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}w64.sys -- ({1993b064-46e3-4c7d-8b20-2161564a7685}w64)
DRV:64bit: - [2014/12/09 11:54:20 | 000,048,784 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}Gw64.sys -- ({1993b064-46e3-4c7d-8b20-2161564a7685}Gw64)
DRV:64bit: - [2014/12/07 07:51:38 | 000,048,784 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{809da842-a636-4d48-aeda-93730ef23d66}Gw64.sys -- ({809da842-a636-4d48-aeda-93730ef23d66}Gw64)
DRV:64bit: - [2014/11/08 23:57:23 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/11/08 23:57:23 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/11/08 23:21:41 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/11/08 23:21:33 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/11/08 23:21:30 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/11/08 23:21:19 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/11/08 23:21:18 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/11/08 23:21:18 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/11/08 23:21:17 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/18 01:54:54 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/03/18 01:54:51 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/18 01:54:51 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/03/18 01:54:39 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2014/03/18 01:54:39 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/03/18 01:54:39 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/03/18 01:54:39 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/03/18 01:54:38 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/03/18 01:54:38 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/03/18 01:54:38 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/03/18 01:54:38 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/03/18 01:54:38 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/03/18 01:54:38 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/03/18 01:37:57 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/03/18 01:37:54 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2014/03/17 19:02:08 | 000,070,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2014/03/17 18:54:54 | 000,345,456 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2014/03/17 18:49:44 | 000,783,864 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2014/03/17 18:47:30 | 000,522,360 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2014/03/17 18:45:38 | 000,311,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2014/03/17 18:44:40 | 000,180,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2014/03/17 18:25:42 | 000,069,344 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mfeelamk.sys -- (mfeelamk)
DRV:64bit: - [2014/03/10 16:03:52 | 000,537,328 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2014/03/10 16:03:50 | 000,042,224 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynRMIHID.sys -- (SynRMIHID)
DRV:64bit: - [2014/03/07 12:53:16 | 003,892,224 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwbx.sys -- (athr)
DRV:64bit: - [2014/02/27 08:32:26 | 000,272,088 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2014/02/26 00:26:48 | 000,598,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2014/02/26 00:26:48 | 000,355,528 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2014/02/26 00:26:48 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2014/02/26 00:26:48 | 000,137,928 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2014/02/26 00:26:48 | 000,118,984 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2014/02/26 00:26:48 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2014/02/26 00:26:48 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2014/02/26 00:26:48 | 000,035,016 | ---- | M] (Qualcomm Atheros) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2014/01/16 10:16:06 | 000,450,520 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2014/01/16 10:08:36 | 004,222,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/01/15 23:21:46 | 000,088,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TXEIx64.sys -- (TXEIx64)
DRV:64bit: - [2014/01/10 00:32:50 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Running] -- c:\Program Files\My Dell\pcdsrvc_x64.pkms -- (PCDSRVC{D3412D80-CF3B4A27-06020200}_0)
DRV:64bit: - [2013/12/26 15:30:20 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/12/26 15:30:20 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/11/26 22:07:22 | 000,096,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2013/11/26 22:07:02 | 000,411,944 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2013/11/21 09:32:04 | 000,083,968 | ---- | M] (STMicroelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ST_Accel.sys -- (ST_ACCEL)
DRV:64bit: - [2013/11/11 08:54:30 | 000,067,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaioi2ce.sys -- (iaioi2c)
DRV:64bit: - [2013/10/09 17:20:30 | 000,092,376 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtu30x64w8.sys -- (RTLU3E8023-W8-64)
DRV:64bit: - [2013/09/23 13:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2013/08/22 05:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 05:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 04:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 04:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 04:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 04:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 04:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 04:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 04:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 04:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 04:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 04:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 04:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 04:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 04:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 04:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 04:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 04:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 04:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 04:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 04:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 04:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 04:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 04:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 04:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 04:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 04:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 04:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 04:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 03:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 03:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 03:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 03:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 03:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 03:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 03:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 03:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 03:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 03:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 03:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 03:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 03:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 03:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 03:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 03:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 03:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 03:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 03:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 03:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 03:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 03:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 03:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 00:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 15:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 16:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 10:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 11:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/01/24 18:12:08 | 000,010,752 | ---- | M] (OSR Open Systems Resources, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DellRbtn.sys -- (DellRbtn)
DRV:64bit: - [2012/07/13 16:31:18 | 000,022,168 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {1C97CC9E-CFAD-46EC-A8DB-9D9CB68A89D2}
IE:64bit: - HKLM\..\SearchScopes\{1C97CC9E-CFAD-46EC-A8DB-9D9CB68A89D2}: "URL" = http://groovorio.com...r=618437764&ir=
IE:64bit: - HKLM\..\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}: "URL" = http://www.bing.com/...=IE11TR&pc=DCJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {1C97CC9E-CFAD-46EC-A8DB-9D9CB68A89D2}
IE - HKLM\..\SearchScopes\{1C97CC9E-CFAD-46EC-A8DB-9D9CB68A89D2}: "URL" = http://www.bing.com/...=IE11TR&pc=DCJB
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com...rchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{1C97CC9E-CFAD-46EC-A8DB-9D9CB68A89D2}: "URL" = http://groovorio.com...r=618437764&ir=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:53603;https=127.0.0.1:53603
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2014/12/07 11:00:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2014/12/07 11:00:35 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_0\
CHR - Extension: No name found = C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nldinbnjamakbcpgbngilmeafgaijenh\1.0.1_0\
CHR - Extension: No name found = C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013/08/22 05:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [DropboxOEM] C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe ()
O4 - HKLM..\Run: [gmsd_us_11] C:\Program Files (x86)\gmsd_us_11\gmsd_us_11.exe ()
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [WinCheck] C:\Users\Allyson\AppData\Local\wincheck\wincheck.exe ()
O4 - HKLM..\RunOnce: [upgmsd_us_11.exe] C:\Users\Allyson\AppData\Local\gmsd_us_11\upgmsd_us_11.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB980E66-82D1-420C-9309-1CCFB0150C1F}: DhcpNameServer = 172.161.1.171
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF596F19-B567-4F56-BC55-04A54263EDAD}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/12/10 21:30:17 | 000,000,000 | ---D | C] -- C:\FRST
[2014/12/10 21:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/12/10 00:19:52 | 000,000,000 | R--D | C] -- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/12/09 23:26:16 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Roaming\PCDr
[2014/12/09 21:36:56 | 000,048,784 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}w64.sys
[2014/12/09 20:37:52 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
[2014/12/09 20:35:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnyProtectEx
[2014/12/09 20:35:41 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\AppData\Roaming\AnyProtectEx
[2014/12/09 20:35:20 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Local\Pro_PC_Cleaner
[2014/12/09 20:34:59 | 000,000,000 | ---D | C] -- C:\Users\Allyson\Documents\ProPCCleaner
[2014/12/09 20:26:16 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Local\wincheck
[2014/12/09 20:24:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
[2014/12/09 20:24:41 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Local\gmsd_us_11
[2014/12/09 20:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gmsd_us_11
[2014/12/09 20:24:19 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Local\Programs
[2014/12/09 20:23:27 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Local\CrashDumps
[2014/12/09 20:21:37 | 000,048,784 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}Gw64.sys
[2014/12/07 11:05:48 | 000,048,784 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{809da842-a636-4d48-aeda-93730ef23d66}Gw64.sys
[2014/12/07 11:02:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/12/07 11:01:57 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Local\Google
[2014/12/07 11:01:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/12/07 10:59:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Search Extensions
[2014/12/07 10:59:14 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys
[2014/12/07 10:57:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\snipsmart
[2014/12/07 10:51:22 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\AppData\Local\EmieUserList
[2014/12/07 10:51:22 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\AppData\Local\EmieSiteList
[2014/12/07 10:51:17 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Roaming\DropboxOEM
[2014/12/06 11:39:42 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Local\softthinks
[2014/12/06 11:39:42 | 000,000,000 | ---D | C] -- C:\ProgramData\softthinks
[2014/12/06 11:39:24 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Roaming\Macromedia
[2014/12/06 11:38:42 | 000,000,000 | R--D | C] -- C:\Users\Allyson\OneDrive
[2014/12/06 11:35:36 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Local\Aviata
[2014/12/06 11:35:31 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Local\BMExplorer
[2014/12/06 11:35:30 | 000,000,000 | ---D | C] -- C:\Users\Allyson\Documents\Bluetooth Folder
[2014/12/06 11:35:09 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Local\DropboxOEM
[2014/12/06 11:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2014/12/06 11:34:55 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Roaming\Atheros
[2014/12/06 11:34:14 | 000,000,000 | R--D | C] -- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/12/06 11:34:14 | 000,000,000 | R--D | C] -- C:\Users\Allyson\Searches
[2014/12/06 11:34:14 | 000,000,000 | R--D | C] -- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/12/06 11:34:13 | 000,000,000 | R--D | C] -- C:\Users\Allyson\Contacts
[2014/12/06 11:34:13 | 000,000,000 | -H-D | C] -- C:\Users\Allyson\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/12/06 11:34:09 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Local\VirtualStore
[2014/12/06 11:34:09 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Roaming\Adobe
[2014/12/06 11:34:01 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Local\Packages
[2014/12/06 11:32:28 | 000,000,000 | --SD | C] -- C:\Users\Allyson\AppData\Roaming\Microsoft
[2014/12/06 11:32:28 | 000,000,000 | R--D | C] -- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/12/06 11:32:28 | 000,000,000 | R--D | C] -- C:\Users\Allyson\Saved Games
[2014/12/06 11:32:28 | 000,000,000 | R--D | C] -- C:\Users\Allyson\Pictures
[2014/12/06 11:32:28 | 000,000,000 | R--D | C] -- C:\Users\Allyson\Music
[2014/12/06 11:32:28 | 000,000,000 | R--D | C] -- C:\Users\Allyson\Links
[2014/12/06 11:32:28 | 000,000,000 | R--D | C] -- C:\Users\Allyson\Favorites
[2014/12/06 11:32:28 | 000,000,000 | R--D | C] -- C:\Users\Allyson\Downloads
[2014/12/06 11:32:28 | 000,000,000 | R--D | C] -- C:\Users\Allyson\Documents
[2014/12/06 11:32:28 | 000,000,000 | R--D | C] -- C:\Users\Allyson\Desktop
[2014/12/06 11:32:28 | 000,000,000 | R--D | C] -- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/12/06 11:32:28 | 000,000,000 | R--D | C] -- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/12/06 11:32:28 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\AppData\Local\Temporary Internet Files
[2014/12/06 11:32:28 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\Templates
[2014/12/06 11:32:28 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\Start Menu
[2014/12/06 11:32:28 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\SendTo
[2014/12/06 11:32:28 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\Recent
[2014/12/06 11:32:28 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\PrintHood
[2014/12/06 11:32:28 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\NetHood
[2014/12/06 11:32:28 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\Documents\My Videos
[2014/12/06 11:32:28 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\Documents\My Pictures
[2014/12/06 11:32:28 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\Documents\My Music
[2014/12/06 11:32:28 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\My Documents
[2014/12/06 11:32:28 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\Local Settings
[2014/12/06 11:32:28 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\AppData\Local\History
[2014/12/06 11:32:28 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\Cookies
[2014/12/06 11:32:28 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\Application Data
[2014/12/06 11:32:28 | 000,000,000 | -HSD | C] -- C:\Users\Allyson\AppData\Local\Application Data
[2014/12/06 11:32:28 | 000,000,000 | -H-D | C] -- C:\Users\Allyson\AppData
[2014/12/06 11:32:28 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Local\Temp
[2014/12/06 11:32:28 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Local\Microsoft
[2014/12/06 11:32:28 | 000,000,000 | ---D | C] -- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/12/06 11:32:27 | 000,000,000 | R--D | C] -- C:\Users\Allyson\Videos
 
========== Files - Modified Within 30 Days ==========
 
[2014/12/10 22:11:47 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/12/10 21:05:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/12/10 00:19:15 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/12/09 23:52:45 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP1.job
[2014/12/09 20:38:01 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP3.job
[2014/12/09 20:37:56 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP2.job
[2014/12/09 20:37:52 | 000,001,063 | ---- | M] () -- C:\Users\Allyson\Desktop\AnyProtect.lnk
[2014/12/09 20:25:47 | 000,002,220 | ---- | M] () -- C:\Windows\patsearch.bin
[2014/12/09 20:25:46 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webinstrNewH_01009.Wdf
[2014/12/09 20:22:24 | 000,001,146 | ---- | M] () -- C:\Users\Allyson\Desktop\Continue Live Installation.lnk
[2014/12/09 20:21:47 | 000,002,305 | ---- | M] () -- C:\Users\Allyson\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/12/09 12:29:04 | 000,048,784 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}w64.sys
[2014/12/09 11:54:20 | 000,048,784 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}Gw64.sys
[2014/12/07 11:06:01 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/12/07 10:56:16 | 000,001,442 | ---- | M] () -- C:\Users\Allyson\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/12/07 07:51:38 | 000,048,784 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\{809da842-a636-4d48-aeda-93730ef23d66}Gw64.sys
[2014/12/06 13:21:35 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/12/06 13:21:28 | 3337,994,240 | -HS- | M] () -- C:\hiberfil.sys
[2014/12/06 11:36:25 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/12/06 11:36:25 | 000,731,650 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/12/06 11:36:25 | 000,135,726 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2014/12/09 20:37:59 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP3.job
[2014/12/09 20:37:56 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP2.job
[2014/12/09 20:37:52 | 000,001,063 | ---- | C] () -- C:\Users\Allyson\Desktop\AnyProtect.lnk
[2014/12/09 20:37:52 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP1.job
[2014/12/09 20:25:47 | 000,002,220 | ---- | C] () -- C:\Windows\patsearch.bin
[2014/12/09 20:25:46 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_webinstrNewH_01009.Wdf
[2014/12/09 20:22:24 | 000,001,146 | ---- | C] () -- C:\Users\Allyson\Desktop\Continue Live Installation.lnk
[2014/12/07 11:02:57 | 000,002,305 | ---- | C] () -- C:\Users\Allyson\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/12/07 11:02:56 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/12/07 11:01:59 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/12/07 11:01:58 | 000,000,920 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/12/07 10:51:10 | 000,001,442 | ---- | C] () -- C:\Users\Allyson\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/12/06 11:34:09 | 000,001,448 | ---- | C] () -- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/12/06 11:32:28 | 000,000,369 | ---- | C] () -- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2014/12/06 11:32:28 | 000,000,369 | ---- | C] () -- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2014/12/06 11:32:28 | 000,000,352 | ---- | C] () -- C:\Users\Allyson\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/12/06 11:32:28 | 000,000,334 | ---- | C] () -- C:\Users\Allyson\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/12/06 11:32:28 | 000,000,141 | ---- | C] () -- C:\Users\Allyson\Desktop\eBay.url
[2014/11/08 23:42:10 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/11/08 22:47:53 | 000,299,520 | ---- | C] () -- C:\Windows\SysWow64\igdmd32.dll
[2014/11/08 22:47:49 | 000,182,272 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/11/08 22:47:49 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2014/03/18 01:55:05 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/03/18 01:54:40 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/22 07:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 07:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 06:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/21 23:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/21 19:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/21 15:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/21 15:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
[2014/12/07 10:59:25 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/11/08 23:21:19 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/11/08 23:21:19 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 01:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 18:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 01:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/12/09 20:35:41 | 000,000,000 | -HSD | M] -- C:\Users\Allyson\AppData\Roaming\AnyProtectEx
[2014/12/07 10:51:38 | 000,000,000 | ---D | M] -- C:\Users\Allyson\AppData\Roaming\DropboxOEM
[2014/12/10 23:02:33 | 000,000,000 | ---D | M] -- C:\Users\Allyson\AppData\Roaming\PCDr
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\Allyson\OneDrive:ms-properties
 
< End of report >
 
 
 
I also ran a Farbar scan. Here is the FRST file:
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2014 01
Ran by Allyson (administrator) on AllysPC on 10-12-2014 21:30:30
Running from C:\Users\Allyson\Downloads
Loaded Profile: Allyson (Available profiles: Allyson)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSysSvc64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(Dell Inc.) C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe
() C:\Program Files (x86)\snipsmart\bin\snipsmart.PurBrowse64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Users\Allyson\AppData\Local\gmsd_us_11\upgmsd_us_11.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Program Files (x86)\Search Extensions\Client.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
() C:\Program Files (x86)\gmsd_us_11\gmsd_us_11.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Users\Allyson\AppData\Local\wincheck\wincheck.exe
() C:\Program Files\WindowsApps\Microsoft.HelpAndTips_6.3.9654.20428_x64__8wekyb3d8bbwe\helpandtips.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634648 2014-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387224 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3775816 2014-02-27] (Dell Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-11-11] (McAfee, Inc.)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [gmsd_us_11] => C:\Program Files (x86)\gmsd_us_11\gmsd_us_11.exe [3979944 2014-12-09] ()
HKLM-x32\...\Run: [WinCheck] => C:\Users\Allyson\AppData\Local\wincheck\wincheck.exe [528384 2014-12-09] ()
HKLM-x32\...\RunOnce: [upgmsd_us_11.exe] => C:\Users\Allyson\AppData\Local\gmsd_us_11\upgmsd_us_11.exe [3308712 2014-12-09] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] ( (Qualcomm®Atheros®))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [S-1-5-21-4117855597-3340283673-3293475651-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-4117855597-3340283673-3293475651-1001] => http=127.0.0.1:53603;https=127.0.0.1:53603
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4117855597-3340283673-3293475651-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4117855597-3340283673-3293475651-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {1C97CC9E-CFAD-46EC-A8DB-9D9CB68A89D2} URL = http://groovorio.com...r=618437764&ir=
SearchScopes: HKLM -> {1C97CC9E-CFAD-46EC-A8DB-9D9CB68A89D2} URL = http://groovorio.com...r=618437764&ir=
SearchScopes: HKU\S-1-5-21-4117855597-3340283673-3293475651-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-4117855597-3340283673-3293475651-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-4117855597-3340283673-3293475651-1001 -> {1C97CC9E-CFAD-46EC-A8DB-9D9CB68A89D2} URL = http://groovorio.com...r=618437764&ir=
SearchScopes: HKU\S-1-5-21-4117855597-3340283673-3293475651-1001 -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = 
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-12-07]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-12-07]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3333568&octid=EB_ORIGINAL_CTID&ISID=MEB995B6E-FFAC-458E-B548-144BAA833EBD&SearchSource=55&CUI=&UM=6&UP=SP617336AC-14FB-41BF-81B6-E85D1F56C5D6&SSPV="
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-07]
CHR Extension: (Google Docs) - C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-07]
CHR Extension: (Google Drive) - C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-07]
CHR Extension: (YouTube) - C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-07]
CHR Extension: (Google Search) - C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-07]
CHR Extension: (Google Sheets) - C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-07]
CHR Extension: (SiteAdvisor) - C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-12-07]
CHR Extension: (snipsmart) - C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nldinbnjamakbcpgbngilmeafgaijenh [2014-12-09]
CHR Extension: (Google Wallet) - C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-07]
CHR Extension: (Gmail) - C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-07]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-12-07]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 0309161417894733mcinstcleanup; C:\Windows\TEMP\030916~1.EXE [850120 2013-12-13] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows ® Win 7 DDK provider)
S2 Dell Data Services; C:\Program Files\Dell\Dell Data Services\DDSSvc.exe [23240 2014-08-11] (Dell)
S2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [33480 2014-08-11] (Dell)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [293440 2014-04-01] (Aviata, Inc.)
S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [148688 2014-07-22] (Dell Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-11] (McAfee, Inc.)
R3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [333584 2013-09-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601920 2013-12-04] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-11] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-03-17] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-03-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1921768 2014-07-02] (SoftThinks SAS)
R2 WavesSysSvc; C:\Program Files\Realtek\Audio\HDA\WavesSysSvc64.exe [497664 2014-04-06] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-08] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-08] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]
S2 Update snipsmart; "C:\Program Files (x86)\snipsmart\updatesnipsmart.exe" [X]
S2 Util snipsmart; "C:\Program Files (x86)\snipsmart\bin\utilsnipsmart.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-03-17] (McAfee, Inc.)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-03-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-03-17] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2014-03-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-03-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-03-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [345456 2014-03-17] (McAfee, Inc.)
S3 RTLU3E8023-W8-64; C:\Windows\system32\DRIVERS\rtu30x64w8.sys [92376 2013-10-09] (Realtek                                            )
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-11-08] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-11-08] (Microsoft Corporation)
R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [83968 2013-11-21] (STMicroelectronics)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-03-10] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-08] (Microsoft Corporation)
R1 {1993b064-46e3-4c7d-8b20-2161564a7685}Gw64; C:\Windows\System32\drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}Gw64.sys [48784 2014-12-09] (StdLib)
R1 {1993b064-46e3-4c7d-8b20-2161564a7685}w64; C:\Windows\System32\drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}w64.sys [48784 2014-12-09] (StdLib)
R1 {809da842-a636-4d48-aeda-93730ef23d66}Gw64; C:\Windows\System32\drivers\{809da842-a636-4d48-aeda-93730ef23d66}Gw64.sys [48784 2014-12-07] (StdLib)
R3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-10 21:30 - 2014-12-10 21:32 - 00020730 _____ () C:\Users\Allyson\Downloads\FRST.txt
2014-12-10 21:30 - 2014-12-10 21:30 - 00000000 ____D () C:\FRST
2014-12-10 21:29 - 2014-12-10 21:29 - 02119680 _____ (Farbar) C:\Users\Allyson\Downloads\FRST64.exe
2014-12-10 21:13 - 2014-12-10 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-12-10 00:19 - 2014-12-10 00:19 - 00000000 ___RD () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-12-09 23:26 - 2014-12-09 23:26 - 00000000 ____D () C:\Users\Allyson\AppData\Roaming\PCDr
2014-12-09 21:36 - 2014-12-09 12:29 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}w64.sys
2014-12-09 20:38 - 2014-12-09 20:38 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-12-09 20:37 - 2014-12-09 23:52 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-12-09 20:37 - 2014-12-09 20:38 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-12-09 20:37 - 2014-12-09 20:37 - 00002812 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-12-09 20:37 - 2014-12-09 20:37 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-12-09 20:37 - 2014-12-09 20:37 - 00001063 _____ () C:\Users\Allyson\Desktop\AnyProtect.lnk
2014-12-09 20:37 - 2014-12-09 20:37 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-12-09 20:37 - 2014-12-09 20:37 - 00000000 ____D () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-12-09 20:35 - 2014-12-09 20:38 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-12-09 20:35 - 2014-12-09 20:35 - 00003462 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Popup
2014-12-09 20:35 - 2014-12-09 20:35 - 00003198 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Start
2014-12-09 20:35 - 2014-12-09 20:35 - 00000000 __SHD () C:\Users\Allyson\AppData\Roaming\AnyProtectEx
2014-12-09 20:35 - 2014-12-09 20:35 - 00000000 ____D () C:\Users\Allyson\AppData\Local\Pro_PC_Cleaner
2014-12-09 20:34 - 2014-12-09 20:37 - 00000000 ____D () C:\Users\Allyson\Documents\ProPCCleaner
2014-12-09 20:26 - 2014-12-09 20:26 - 00000000 ____D () C:\Users\Allyson\AppData\Local\wincheck
2014-12-09 20:25 - 2014-12-09 20:25 - 00002220 _____ () C:\Windows\patsearch.bin
2014-12-09 20:25 - 2014-12-09 20:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNewH_01009.Wdf
2014-12-09 20:24 - 2014-12-10 00:22 - 00000000 ____D () C:\Users\Allyson\AppData\Local\gmsd_us_11
2014-12-09 20:24 - 2014-12-09 20:24 - 00000000 ____D () C:\Program Files (x86)\gmsd_us_11
2014-12-09 20:23 - 2014-12-09 20:23 - 00000000 ____D () C:\Users\Allyson\AppData\Local\CrashDumps
2014-12-09 20:22 - 2014-12-09 20:22 - 00001146 _____ () C:\Users\Allyson\Desktop\Continue Live Installation.lnk
2014-12-09 20:21 - 2014-12-09 11:54 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}Gw64.sys
2014-12-07 11:05 - 2014-12-07 11:05 - 00000000 ____D () C:\Windows\System32\Tasks\Aviata
2014-12-07 11:05 - 2014-12-07 07:51 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{809da842-a636-4d48-aeda-93730ef23d66}Gw64.sys
2014-12-07 11:02 - 2014-12-07 11:06 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-07 11:02 - 2014-12-07 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-07 11:01 - 2014-12-10 21:11 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 11:01 - 2014-12-10 00:19 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 11:01 - 2014-12-07 11:06 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-07 11:01 - 2014-12-07 11:06 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-07 11:01 - 2014-12-07 11:03 - 00000000 ____D () C:\Users\Allyson\AppData\Local\Google
2014-12-07 11:01 - 2014-12-07 11:02 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-07 11:01 - 2014-12-07 11:01 - 00819176 _____ (Google Inc.) C:\Users\Allyson\Desktop\Setup_product_2937.exe
2014-12-07 10:59 - 2014-12-09 23:22 - 00000000 ____D () C:\Program Files (x86)\Search Extensions
2014-12-07 10:59 - 2014-12-07 10:59 - 00004326 _____ () C:\Windows\System32\Tasks\RocketTab Update Task
2014-12-07 10:59 - 2014-12-07 10:59 - 00003540 _____ () C:\Windows\System32\Tasks\RocketTab
2014-12-07 10:59 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-12-07 10:57 - 2014-12-10 00:13 - 00000000 ____D () C:\Program Files (x86)\snipsmart
2014-12-07 10:53 - 2014-12-07 10:53 - 00003988 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-12-07 10:53 - 2014-12-07 10:53 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-12-07 10:53 - 2014-12-07 10:53 - 00003198 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-12-07 10:51 - 2014-12-10 21:02 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{AEF6BFD7-412F-49AB-9828-00AD52EA5305}
2014-12-07 10:51 - 2014-12-07 10:51 - 00000000 __SHD () C:\Users\Allyson\AppData\Local\EmieUserList
2014-12-07 10:51 - 2014-12-07 10:51 - 00000000 __SHD () C:\Users\Allyson\AppData\Local\EmieSiteList
2014-12-07 10:51 - 2014-12-07 10:51 - 00000000 ____D () C:\Users\Allyson\AppData\Roaming\DropboxOEM
2014-12-06 11:40 - 2014-08-13 11:19 - 00000113 ____H () C:\DBAR_Ver.txt
2014-12-06 11:39 - 2014-12-10 21:18 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4117855597-3340283673-3293475651-1001
2014-12-06 11:39 - 2014-12-06 11:40 - 00000000 ____D () C:\ProgramData\softthinks
2014-12-06 11:39 - 2014-12-06 11:39 - 00000000 ____D () C:\Users\Allyson\AppData\Roaming\Macromedia
2014-12-06 11:39 - 2014-12-06 11:39 - 00000000 ____D () C:\Users\Allyson\AppData\Local\softthinks
2014-12-06 11:38 - 2014-12-10 21:06 - 00000000 ___RD () C:\Users\Allyson\OneDrive
2014-12-06 11:35 - 2014-12-06 11:35 - 00000000 ____D () C:\Users\Allyson\Documents\Bluetooth Folder
2014-12-06 11:35 - 2014-12-06 11:35 - 00000000 ____D () C:\Users\Allyson\AppData\Local\DropboxOEM
2014-12-06 11:35 - 2014-12-06 11:35 - 00000000 ____D () C:\Users\Allyson\AppData\Local\BMExplorer
2014-12-06 11:35 - 2014-12-06 11:35 - 00000000 ____D () C:\Users\Allyson\AppData\Local\Aviata
2014-12-06 11:35 - 2014-12-06 11:35 - 00000000 ____D () C:\ProgramData\Atheros
2014-12-06 11:34 - 2014-12-06 11:38 - 00000000 ____D () C:\Users\Allyson\AppData\Local\Packages
2014-12-06 11:34 - 2014-12-06 11:34 - 00001448 _____ () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-06 11:34 - 2014-12-06 11:34 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-12-06 11:34 - 2014-12-06 11:34 - 00000000 ____D () C:\Users\Allyson\AppData\Roaming\Atheros
2014-12-06 11:34 - 2014-12-06 11:34 - 00000000 ____D () C:\Users\Allyson\AppData\Roaming\Adobe
2014-12-06 11:34 - 2014-12-06 11:34 - 00000000 ____D () C:\Users\Allyson\AppData\Local\VirtualStore
2014-12-06 11:32 - 2014-12-06 11:38 - 00000000 ____D () C:\Users\Allyson
2014-12-06 11:32 - 2014-12-06 11:32 - 00000020 ___SH () C:\Users\Allyson\ntuser.ini
2014-12-06 11:32 - 2014-11-09 00:16 - 00000141 _____ () C:\Users\Allyson\Desktop\eBay.url
2014-12-06 11:32 - 2014-11-08 23:23 - 00000000 ___RD () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-06 11:32 - 2014-11-08 23:23 - 00000000 ___RD () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-06 11:32 - 2014-03-18 01:54 - 00000369 _____ () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-12-06 11:32 - 2014-03-18 01:54 - 00000369 _____ () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-12-06 11:32 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-06 11:32 - 2013-08-22 07:36 - 00000000 ____D () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-10 21:31 - 2013-08-22 07:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-10 21:00 - 2014-11-09 00:17 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-12-10 21:00 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-10 00:10 - 2013-08-22 05:25 - 00000194 _____ () C:\Windows\win.ini
2014-12-09 23:38 - 2014-11-09 00:02 - 01729349 _____ () C:\Windows\WindowsUpdate.log
2014-12-09 20:25 - 2013-08-22 06:46 - 00014849 _____ () C:\Windows\setupact.log
2014-12-09 20:21 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-12-07 11:01 - 2014-11-09 00:20 - 00000000 ____D () C:\ProgramData\McAfee
2014-12-07 11:01 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-07 11:00 - 2014-11-09 00:20 - 00000000 ____D () C:\Program Files\mcafee
2014-12-07 10:59 - 2014-11-09 00:20 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-12-07 10:53 - 2014-11-09 00:16 - 00000000 ____D () C:\ProgramData\PCDr
2014-12-06 13:23 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\rescache
2014-12-06 13:22 - 2013-08-22 06:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-06 11:39 - 2013-08-22 05:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-12-06 11:36 - 2014-03-18 01:53 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-06 11:34 - 2014-11-08 22:32 - 00000000 ____D () C:\Windows\Panther
 
Some content of TEMP:
====================
C:\Users\Allyson\AppData\Local\Temp\10A4013D-DF02-1A79-5042-0CF342075BA5.dll
C:\Users\Allyson\AppData\Local\Temp\10A4013D-DF02-1A79-5042-0CF342075BA5.exe
C:\Users\Allyson\AppData\Local\Temp\1CD0C56E-7CFB-BE67-A7C6-5CAAE2CBBDC3.exe
C:\Users\Allyson\AppData\Local\Temp\nsa3BEC.exe
C:\Users\Allyson\AppData\Local\Temp\nsc1D90.exe
C:\Users\Allyson\AppData\Local\Temp\nsk87FA.exe
C:\Users\Allyson\AppData\Local\Temp\nsv96C0.exe
C:\Users\Allyson\AppData\Local\Temp\nsy4EE9.exe
C:\Users\Allyson\AppData\Local\Temp\System.Data.SQLite.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-08 23:37
 
==================== End Of Log ============================
 
 
And here is the Addition report:
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-12-2014 01
Ran by Allyson at 2014-12-10 21:33:06
Running from C:\Users\Allyson\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Data Services (HKLM\...\{15870B77-388E-4ADE-8414-F7229E54676F}) (Version: 1.0.7.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{D7AD55FA-39CB-4EEA-BCF6-00449B0F68B7}) (Version: 1.0.262.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{17FFE63C-6734-4950-B488-134B5A2505F7}) (Version: 2.04.0280 - Aviata Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.1.2.3 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{D9D0E75C-F791-402A-98E2-A2F43E7B0CE3}) (Version: 1.1.1054.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
GamesDesktop 025.11 (HKLM-x32\...\gmsd_us_11_is1) (Version:  - GAMESDESKTOP)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 13.0.244 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.6.160 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell)
My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden
PocketCloud (HKLM-x32\...\{D9752C7D-A595-4687-A0D5-362E9C311C55}) (Version: 2.7.14 - Wyse Technology)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.21 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7283 - Realtek Semiconductor Corp.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0052 - ST Microelectronics)
WinCheck (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - WinCheck)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {136073BB-3EB7-438F-A77E-EEF3993B40C6} - System32\Tasks\RocketTab => cmd.exe /C start "" "C:\Program Files (x86)\Search Extensions\Client.exe" /Preferred=true <==== ATTENTION
Task: {14F1847F-B03E-417E-AA31-01677A2A961C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {4548EA78-4A0C-4C9C-9970-199C8D95478C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {47459B24-1873-45BB-B4FA-A16F729860D9} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {5282C7D9-2C43-4F36-BEAB-A09F8E6841A1} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe
Task: {5523321B-BB31-4C22-9F12-E6C554D2378D} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-01] (Aviata Inc)
Task: {5BCF0D7A-CBD8-4558-B1CC-662A2A83CEA0} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-06-30] (Realtek Semiconductor)
Task: {68D97962-2EED-4BC3-BE59-B207D6803CCC} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer.exe [2013-08-22] ()
Task: {7D934710-A1DC-4186-BE5F-178F4074E4B4} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {8C38FB5C-2F96-4923-91C9-C81E126D284A} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-12-09] (AnyProtect.com) <==== ATTENTION
Task: {913F5FF9-2166-42EA-A001-F1060858965A} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-01] (Aviata Inc)
Task: {94490385-679F-43D9-9AE7-AE8D0FCE9CDA} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {A64A730E-28EE-4DF0-95B2-8740B27CF141} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-12-09] (AnyProtect.com) <==== ATTENTION
Task: {C457524F-6B7F-4CC8-9894-0C76260C6238} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe
Task: {D0F0557A-040E-4331-B466-1B9076A804B7} - System32\Tasks\PocketCloudUpdater => C:\Program
Task: {D42B7F01-DA4F-4E3C-AE3F-563A37E82355} - System32\Tasks\Aviata\PowerRegister\Dell Reminder (Allyson) => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-01] (Aviata Inc)
Task: {DBDCD155-3C0D-4735-914E-F88058439C0E} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-12-09] (AnyProtect.com) <==== ATTENTION
Task: {DC9E9420-B4C4-4537-8418-8AB1A05C504C} - System32\Tasks\PocketCloud => C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe [2013-08-22] ()
Task: {E00A394B-2519-4A0F-8B8A-9A4AE2F41848} - System32\Tasks\RocketTab Update Task => C:\Program Files (x86)\Search Extensions\uninstall.exe <==== ATTENTION
Task: {EDD7C042-48CA-42FD-A3EE-A5E5EFC0E3B1} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-03-10] (Synaptics Incorporated)
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-08-22 11:40 - 2013-08-22 11:40 - 00016176 _____ () C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
2013-08-22 11:40 - 2013-08-22 11:40 - 00040240 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherServiceLib.dll
2013-08-22 11:40 - 2013-08-22 11:40 - 00046384 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherHelperLib.dll
2014-01-10 14:53 - 2014-01-10 14:53 - 00016384 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Interfaces.dll
2014-01-10 14:53 - 2014-01-10 14:53 - 00081408 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Objects.dll
2014-01-10 14:53 - 2014-01-10 14:53 - 00815616 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Resources.dll
2014-01-10 15:24 - 2014-01-10 15:24 - 00052736 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.Client.Pulse.Agent.Plugins.SelfUpdate.dll
2014-01-10 15:24 - 2014-01-10 15:24 - 00019968 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.Client.Pulse.Agent.Common.dll
2014-12-07 11:05 - 2014-12-09 12:29 - 00353008 _____ () C:\Program Files (x86)\snipsmart\bin\snipsmart.PurBrowse64.exe
2014-11-09 00:18 - 2014-06-04 15:02 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2014-11-09 00:18 - 2014-06-04 15:02 - 00019744 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2014-11-09 00:18 - 2014-06-04 15:03 - 00035104 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2014-12-09 20:24 - 2014-12-09 14:22 - 03308712 _____ () C:\Users\Allyson\AppData\Local\gmsd_us_11\upgmsd_us_11.exe
2014-12-07 10:59 - 2014-12-07 10:59 - 05812224 _____ () C:\Program Files (x86)\Search Extensions\Client.exe
2014-02-26 00:46 - 2014-02-26 00:46 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 00:43 - 2014-02-26 00:43 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-26 00:50 - 2014-02-26 00:50 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2014-09-02 11:40 - 2014-09-02 11:40 - 00462160 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
2014-12-09 20:24 - 2014-12-09 14:22 - 03979944 _____ () C:\Program Files (x86)\gmsd_us_11\gmsd_us_11.exe
2014-12-09 19:49 - 2014-12-09 19:49 - 00528384 _____ () C:\Users\Allyson\AppData\Local\wincheck\wincheck.exe
2014-03-18 01:40 - 2014-03-18 01:40 - 01895424 _____ () C:\Program Files\WindowsApps\Microsoft.HelpAndTips_6.3.9654.20428_x64__8wekyb3d8bbwe\HelpAndTips.exe
2014-11-09 00:18 - 2014-07-02 21:55 - 00487144 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2014-09-02 11:40 - 2014-09-02 11:40 - 00214352 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\Ledger.dll
2014-09-02 11:40 - 2014-09-02 11:40 - 00114000 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\zlib1.dll
2014-11-09 00:18 - 2014-07-30 17:37 - 01906464 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-11-09 00:18 - 2012-11-25 23:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-11-09 00:17 - 2012-11-25 23:19 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2014-12-07 11:02 - 2014-11-24 22:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-12-07 11:02 - 2014-11-24 22:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-12-07 11:02 - 2014-11-24 22:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-12-07 11:02 - 2014-11-24 22:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
2014-12-07 11:02 - 2014-11-24 22:39 - 14910280 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Allyson\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-4117855597-3340283673-3293475651-500 - Administrator - Disabled)
Allyson (S-1-5-21-4117855597-3340283673-3293475651-1001 - Administrator - Enabled) => C:\Users\Allyson
Guest (S-1-5-21-4117855597-3340283673-3293475651-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4117855597-3340283673-3293475651-1003 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/10/2014 09:19:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 39.0.2171.71 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 41c
 
Start Time: 01d0150195f78a17
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: 4866eca8-80f5-11e4-8258-c03896277c18
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (12/10/2014 00:12:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mfevtps.exe, version: 15.1.0.666, time stamp: 0x531e5404
Faulting module name: ntdll.dll, version: 6.3.9600.17114, time stamp: 0x53649e73
Exception code: 0xc0000374
Fault offset: 0x00000000000f87a8
Faulting process id: 0x1c0
Faulting application start time: 0xmfevtps.exe0
Faulting application path: mfevtps.exe1
Faulting module path: mfevtps.exe2
Report Id: mfevtps.exe3
Faulting package full name: mfevtps.exe4
Faulting package-relative application ID: mfevtps.exe5
 
Error: (12/09/2014 11:38:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20413 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: ebc
 
Start Time: 01d0144b69e241e3
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 70032583-803f-11e4-8258-c03896277c18
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (12/09/2014 10:39:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20413 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: e84
 
Start Time: 01d01442a66f7a4e
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 0bf90d20-8037-11e4-8258-c03896277c18
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (12/09/2014 10:16:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20413 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1c64
 
Start Time: 01d0143ee72f8092
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: db8507d2-8032-11e4-8258-c03896277c18
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (12/09/2014 09:04:00 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (12/09/2014 08:23:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ALERTH~1.EXE, version: 7.0.154.0, time stamp: 0x529cd577
Faulting module name: ntdll.dll, version: 6.3.9600.17114, time stamp: 0x53649e73
Exception code: 0xc0000005
Fault offset: 0x0000000000037d1a
Faulting process id: 0x844
Faulting application start time: 0xALERTH~1.EXE0
Faulting application path: ALERTH~1.EXE1
Faulting module path: ALERTH~1.EXE2
Report Id: ALERTH~1.EXE3
Faulting package full name: ALERTH~1.EXE4
Faulting package-relative application ID: ALERTH~1.EXE5
 
Error: (12/07/2014 11:00:01 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (12/07/2014 10:51:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AllysPC)
Description: Activation of app Microsoft.XboxLIVEGames_8wekyb3d8bbwe!Microsoft.XboxLIVEGames failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (12/07/2014 10:50:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AllysPC)
Description: Activation of app Microsoft.XboxLIVEGames_8wekyb3d8bbwe!Microsoft.XboxLIVEGames failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
 
System errors:
=============
Error: (12/10/2014 00:20:54 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (12/10/2014 00:13:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update snipsmart service failed to start due to the following error: 
%%2
 
Error: (12/10/2014 00:13:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util snipsmart service failed to start due to the following error: 
%%2
 
Error: (12/10/2014 00:13:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Update snipsmart service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (12/10/2014 00:13:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Util snipsmart service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (12/10/2014 00:12:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The McAfee Validation Trust Protection Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (12/09/2014 08:22:02 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (12/07/2014 11:06:31 AM) (Source: DCOM) (EventID: 10010) (User: AllysPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (12/07/2014 11:06:31 AM) (Source: DCOM) (EventID: 10010) (User: AllysPC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (12/07/2014 11:06:30 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {C13F71BC-CC67-40A4-BEF2-1CBF44BD2A6D}
 
 
Microsoft Office Sessions:
=========================
Error: (12/10/2014 09:19:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe39.0.2171.7141c01d0150195f78a174294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exe4866eca8-80f5-11e4-8258-c03896277c18
 
Error: (12/10/2014 00:12:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mfevtps.exe15.1.0.666531e5404ntdll.dll6.3.9600.1711453649e73c000037400000000000f87a81c001d0119af037fcabC:\Windows\system32\mfevtps.exeC:\Windows\SYSTEM32\ntdll.dll4a9531af-8044-11e4-8258-c03896277c18
 
Error: (12/09/2014 11:38:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20413ebc01d0144b69e241e34294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe70032583-803f-11e4-8258-c03896277c18microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (12/09/2014 10:39:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20413e8401d01442a66f7a4e4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe0bf90d20-8037-11e4-8258-c03896277c18microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (12/09/2014 10:16:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.204131c6401d0143ee72f80924294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exedb8507d2-8032-11e4-8258-c03896277c18microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (12/09/2014 09:04:00 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (12/09/2014 08:23:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ALERTH~1.EXE7.0.154.0529cd577ntdll.dll6.3.9600.1711453649e73c00000050000000000037d1a84401d01430ea8c2b76c:\PROGRA~1\COMMON~1\mcafee\mhn\ALERTH~1.EXEC:\Windows\SYSTEM32\ntdll.dll3ddcd3dc-8024-11e4-8258-c03896277c18
 
Error: (12/07/2014 11:00:01 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (12/07/2014 10:51:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AllysPC)
Description: Microsoft.XboxLIVEGames_8wekyb3d8bbwe!Microsoft.XboxLIVEGames-2144927142
 
Error: (12/07/2014 10:50:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: AllysPC)
Description: Microsoft.XboxLIVEGames_8wekyb3d8bbwe!Microsoft.XboxLIVEGames-2144927142
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-12-06 11:38:53.270
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Celeron® CPU N2830 @ 2.16GHz
Percentage of memory in use: 57%
Total physical RAM: 3979.2 MB
Available physical RAM: 1709.81 MB
Total Pagefile: 5387.2 MB
Available Pagefile: 2736.43 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:456.98 GB) (Free:425.89 GB) NTFS
Drive d: (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32
Drive x: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.46 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:7.39 GB) (Free:0.74 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 95BAA5FB)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
Thank you n advanced. I realize this is a lot of information that I threw at you.
 
Dave
 
 

  • 0

Advertisements

#2
Naathim
Posted 11 December 2014 - 01:27 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Minion%20Welcome.jpg


My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

icon_arrow.gif Analysis and research take some time, also sometimes real life gets in the way, please be patient.
icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif Paste the logs in your posts, attachments make my work harder and more complicated.
icon_arrow.gif Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.

icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!

Give me some time to go through your logs and I should come back to you shortly :)


  • 1

#3
Naathim
Posted 11 December 2014 - 01:59 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi :)


You've got some pretty amount of junk here. Let's try to catch it.



51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;
[-HKLM\SOFTWARE\Policies\Google];r64
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
"gmsd_us_11"=-;r
"WinCheck"=-;r
C:\Program Files (x86)\gmsd_us_11;fs
C:\Users\Allyson\AppData\Local\wincheck;fs
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce];r
"upgmsd_us_11.exe"=-;r
C:\Users\Allyson\AppData\Local\gmsd_us_11;fs
resetieproxy;
{1C97CC9E-CFAD-46EC-A8DB-9D9CB68A89D2};c
{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9};c
nldinbnjamakbcpgbngilmeafgaijenh;chr
Update snipsmart;s
Util snipsmart;s
C:\Program Files (x86)\snipsmart;fs
{1993b064-46e3-4c7d-8b20-2161564a7685}Gw64;s
{1993b064-46e3-4c7d-8b20-2161564a7685}w64;s
{809da842-a636-4d48-aeda-93730ef23d66}Gw64;s
C:\Windows\Sysnative\drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}Gw64.sys;f
C:\Windows\Sysnative\drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}w64.sys;f
C:\Windows\Sysnative\drivers\{809da842-a636-4d48-aeda-93730ef23d66}Gw64.sys;f
C:\Users\Allyson\AppData\Roaming\PCDr;fs
C:\Windows\Sysnative\Tasks\APSnotifierPP3;f
C:\Windows\Tasks\APSnotifierPP1.job;f
C:\Windows\Tasks\APSnotifierPP3.job;f
C:\Windows\Sysnative\Tasks\APSnotifierPP1;f
C:\Windows\Sysnative\Tasks\APSnotifierPP2;f
C:\Users\Allyson\Desktop\AnyProtect.lnk;f
C:\Windows\Tasks\APSnotifierPP2.job;f
C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup;fs
C:\Program Files (x86)\AnyProtectEx;fs
C:\Windows\Sysnative\Tasks\ProPCCleaner_Popup;f
C:\Windows\Sysnative\Tasks\ProPCCleaner_Start;f
C:\Users\Allyson\AppData\Roaming\AnyProtectEx;fs
C:\Users\Allyson\AppData\Local\Pro_PC_Cleaner;fs
C:\Users\Allyson\Documents\ProPCCleaner;fs
C:\Windows\patsearch.bin;f
C:\Windows\sysnative\Drivers\Msft_Kernel_webinstrNewH_01009.Wdf;f
C:\Program Files (x86)\Search Extensions;fs
C:\Windows\Sysnative\Tasks\RocketTab Update Task;f
C:\Windows\Sysnative\Tasks\RocketTab;f
{136073BB-3EB7-438F-A77E-EEF3993B40C6};c
{5282C7D9-2C43-4F36-BEAB-A09F8E6841A1};c
C:\Program Files (x86)\Pro PC Cleaner;fs
{8C38FB5C-2F96-4923-91C9-C81E126D284A};c
{A64A730E-28EE-4DF0-95B2-8740B27CF141};c
{C457524F-6B7F-4CC8-9894-0C76260C6238};c
{DBDCD155-3C0D-4735-914E-F88058439C0E};c
{E00A394B-2519-4A0F-8B8A-9A4AE2F41848};c
autoclean;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Please include its content in your next reply.
Don't forget to re-enable your switched-off protection software!


  • 1

#4
Inner Child
Posted 11 December 2014 - 10:39 PM

Inner Child

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts

Hello Naat.

 

Thank you for the quick response. I thought with the number of daily entries, there would be a larger delay.

 

I downloaded and ran Zoek with the script that you posted and the pop-ups have stopped. I realize that isn't the end of this exercise, though.  Here is the report from Zoek:

 

 
Zoek.exe v5.0.0.0 Updated 10-December-2014
Tool run by Allyson on Thu 12/11/2014 at 20:04:30.38.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Allyson\Downloads\zoek.exe [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
12/11/2014 8:05:49 PM Zoek.exe System Restore Point Created Succesfully.
 
==== Empty Folders Check ======================
 
C:\Users\Allyson\AppData\Local\softthinks deleted successfully
C:\Users\Allyson\AppData\Local\VirtualStore deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
HKEY_USERS\S-1-5-21-4117855597-3340283673-3293475651-1001\Software\Microsoft\Internet Explorer\SearchScopes\{1C97CC9E-CFAD-46EC-A8DB-9D9CB68A89D2} deleted successfully
HKEY_USERS\S-1-5-21-4117855597-3340283673-3293475651-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update snipsmart deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update snipsmart deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util snipsmart deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util snipsmart deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{1993b064-46e3-4c7d-8b20-2161564a7685}Gw64 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{1993b064-46e3-4c7d-8b20-2161564a7685}w64 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{809da842-a636-4d48-aeda-93730ef23d66}Gw64 deleted successfully
 
==== Registry Fix Code ======================
 
Windows Registry Editor Version 5.00
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
"gmsd_us_11"=- 
"WinCheck"=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 
"upgmsd_us_11.exe"=- 
 
==== Registry Fix Code x64 ======================
 
Windows Registry Editor Version 5.00
 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google] 
 
==== Deleting Files \ Folders ======================
 
C:\Program Files (x86)\Pro PC Cleaner not found
C:\Users\Allyson\AppData\Roaming\PCDr deleted
C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup deleted
C:\Program Files (x86)\AnyProtectEx deleted
C:\Users\Allyson\AppData\Roaming\AnyProtectEx deleted
C:\Users\Allyson\AppData\Local\Pro_PC_Cleaner deleted
C:\Users\Allyson\Documents\ProPCCleaner deleted
C:\Program Files (x86)\Search Extensions deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Windows\patsearch.bin deleted
C:\windows\SysNative\tasks\RocketTab deleted
C:\windows\SysNative\tasks\RocketTab Update Task deleted
C:\Windows\tasks\APSnotifierPP1.job deleted
C:\Windows\tasks\APSnotifierPP2.job deleted
C:\Windows\tasks\APSnotifierPP3.job deleted
C:\windows\SysNative\tasks\APSnotifierPP1 deleted
C:\windows\SysNative\tasks\APSnotifierPP2 deleted
C:\windows\SysNative\tasks\APSnotifierPP3 deleted
C:\windows\SysNative\drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}Gw64.sys deleted
C:\windows\SysNative\drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}w64.sys deleted
C:\windows\SysNative\drivers\{809da842-a636-4d48-aeda-93730ef23d66}Gw64.sys deleted
C:\windows\SysNative\drivers\Msft_Kernel_webinstrNewH_01009.Wdf deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\Allyson\Desktop\Continue Live Installation.lnk deleted
C:\Users\Allyson\Desktop\AnyProtect.lnk deleted
"C:\Windows\Sysnative\Tasks\ProPCCleaner_Popup" deleted
"C:\Windows\Sysnative\Tasks\ProPCCleaner_Start" deleted
"C:\Program Files (x86)\gmsd_us_11\gmsd_us_11.exe" deleted
"C:\Users\Allyson\AppData\Local\wincheck\wincheck.exe" deleted
"C:\Users\Allyson\AppData\Local\gmsd_us_11\upgmsd_us_11.exe" deleted
"C:\Program Files (x86)\snipsmart\bin\snipsmart.PurBrowse64.exe" deleted
"C:\PROGRA~2\snipsmart\bin\snipsmart.PurBrowse64.exe" deleted
"C:\Program Files (x86)\gmsd_us_11" deleted
"C:\Users\Allyson\AppData\Local\wincheck" deleted
"C:\Users\Allyson\AppData\Local\gmsd_us_11" deleted
"C:\Program Files (x86)\snipsmart" not deleted
"C:\PROGRA~2\snipsmart" not deleted
"C:\Program Files (x86)\snipsmart\bin" not deleted
"C:\PROGRA~2\snipsmart\bin" not deleted
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [12/07/2014 11:00 AM]
 
==== Chromium Look ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[11/05/2013 01:14 PM]
 
Google Slides - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
SiteAdvisor - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
snipsmart - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nldinbnjamakbcpgbngilmeafgaijenh
Google Wallet - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
 
==== Chromium Fix ======================
 
C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage deleted successfully
C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal deleted successfully
C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nldinbnjamakbcpgbngilmeafgaijenh deleted successfully
C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nldinbnjamakbcpgbngilmeafgaijenh_0.localstorage deleted successfully
C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nldinbnjamakbcpgbngilmeafgaijenh_0.localstorage-journal deleted successfully
C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nldinbnjamakbcpgbngilmeafgaijenh deleted successfully
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.co...={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...ox&FORM=IE8SRC"
{CC865B26-C31D-4D23-B17B-96548EEF03F6} Unknown  Url="Not_Found"
 
==== Deleting CLSID Registry Keys ======================
 
HKEY_USERS\S-1-5-21-4117855597-3340283673-3293475651-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6} deleted successfully
 
==== Deleting CLSID Registry Values ======================
 
 
==== Reset IE Proxy ======================
 
Value(s) before fix:
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000000
 
Value(s) after fix:
"ProxyEnable"=dword:00000000
 
==== Deleting Registry Keys ======================
 
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RocketTab deleted successfully
 
==== Empty IE Cache ======================
 
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Allyson\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Allyson\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Allyson\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Allyson\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
 
==== Empty FireFox Cache ======================
 
No FireFox Profiles found
 
==== Empty Chrome Cache ======================
 
C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
No Java Cache Found
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=120 folders=42 66098316 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Allyson\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\Windows\Temp successfully emptied
C:\Users\Allyson\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== Deleting Files / Folders ======================
 
"C:\Program Files (x86)\snipsmart"  not found
"C:\PROGRA~2\snipsmart"  not found
 
==== EOF on Thu 12/11/2014 at 20:28:22.04 ======================

  • 0

#5
Naathim
Posted 12 December 2014 - 12:49 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi :)

 

Thank you for the quick response. I thought with the number of daily entries, there would be a larger delay.

True, sometimes we get really busy here with the number of requests. However you were just lucky and now you have a minion to work with you :)


This was only the beginning. We've got some more work to do in order to be sure that there's nothing lurking around.


JRTbythisisu.png Fix with Junkware Removal Tool

Please download JRT by Thisisu and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.

Please include the contents of that file in your reply.
Do not forget to re-enable your previously switched off protection software!
Please also manually reboot your machine after this procedure.


adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • The program will begin to update the database (if internet connection is operational). Please wait a little bit.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[S*].txt) will open.

Please include the contents of that file in your reply.


  • 1

#6
Inner Child
Posted 12 December 2014 - 06:45 PM

Inner Child

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts

well Naat,

 

I have to apologize. I ran JRT as requested but didn't save the log file. I continued to AdwCleaner which forced a reboot and wiped the JRT log file from memory,

 

I did look at the report and it was empty with the exception of a couple of directory deletions. Hope this doesn't caused you too much grief.

 

Here is the report from AdwCleaner:

 

# AdwCleaner v4.105 - Report created 12/12/2014 at 16:00:40
# Updated 08/12/2014 by Xplode
# Database : 2014-12-12.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : Admin - ALLYSPC
# Running from : C:\Users\Admin\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : RocketTab Update Task
Task Deleted : RocketTab
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\RocketTab
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\GAMESDESKTOP
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v39.0.2171.71
 
[C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3333568&octid=EB_ORIGINAL_CTID&ISID=MEB995B6E-FFAC-458E-B548-144BAA833EBD&SearchSource=58&CUI=&UM=6&UP=SP617336AC-14FB-41BF-81B6-E85D1F56C5D6&q={searchTerms}&SSPV=
[C:\Users\Allyson\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3333568&octid=EB_ORIGINAL_CTID&ISID=MEB995B6E-FFAC-458E-B548-144BAA833EBD&SearchSource=58&CUI=&UM=6&UP=SP617336AC-14FB-41BF-81B6-E85D1F56C5D6&q={searchTerms}&SSPV=
 
*************************
 
AdwCleaner[R0].txt - [2566 octets] - [12/12/2014 15:56:00]
AdwCleaner[S0].txt - [2515 octets] - [12/12/2014 16:00:40]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2575 octets] ##########
 
 
Dave

  • 0

#7
Naathim
Posted 13 December 2014 - 07:48 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Let's see if we are able to locate it somehow.


51a612a8b27e2-Zoek.png Scan with ZOEK

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;
jrt.txt;z
filesrcm;
systemspecs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Please include its content in your next reply.
Don't forget to re-enable your switched-off protection software!



FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content in your next reply.


  • 1

#8
Naathim
Posted 17 December 2014 - 04:57 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#9
Naathim
Posted 23 December 2014 - 12:02 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
User returned.
  • 1

#10
Inner Child
Posted 23 December 2014 - 11:32 PM

Inner Child

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts

Naat,

 

Thank you for reopening this topic. I will be more responsive with my posts.

 

Here are the log files that you requested.

 

First is Zoek:

 

 
Zoek.exe v5.0.0.0 Updated 22-12-2014
Tool run by Admin on Mon 12/22/2014 at 18:02:02.50.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Admin\AppData\Local\Temp\Temp1_zoek.zip\zoek.exe.exe [Scan all users] [Script inserted] 
 
==== Older Logs ======================
 
C:\zoek-results2014-12-12-042822.log 12144 bytes
 
==== System Restore Info ======================
 
12/22/2014 6:03:40 PM Zoek.exe System Restore Point Created Succesfully.
 
==== Folders Found ======================
 
 
==== Files Found ======================
 
 
--- C:\Users\Admin\Desktop\JRT.txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 746
Created time: 2014-12-12 23:53:42
Modified time: 2014-12-12 23:53:41
MD5: BBC05FBA220A6ABE8BCB29AC4C6F25D6
SHA1: E3D9397DAE29820B54D7929FE60FDE9A804FB586
 
 
==== System Specs ======================
 
Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 3980 MB
CPU Info: Intel® Celeron® CPU  N2830  @ 2.16GHz
CPU Speed: 2216.8 MHz
Sound Card: Speakers / Headphones (Realtek  | 
Display Adapters: Intel® HD Graphics | Intel® HD Graphics
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Bluetooth Device (Personal Area Network) | Microsoft Wi-Fi Direct Virtual Adapter | Dell Wireless 1707 802.11b/g/n (2.4GHZ)
CD / DVD Drives: No optical drives found.
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 2 Button Mouse Present
Hard Disks: C:  457.0GB | D:  496.0MB | X:  750.0MB | Y:  7.4GB
Hard Disks - Free: C:  421.9GB | D:  444.9MB | X:  467.4MB | Y:  753.4MB
Manufacturer *: Dell Inc.
BIOS Info: AT/AT COMPATIBLE |  | DELL   - 3
Time Zone: Pacific Standard Time
Motherboard *: Dell Inc. 0R9H2G
Country: United States 
Language: ENU 
 
==== System Specs (Software) ======================
 
Anti-Virus: McAfee Anti-Virus and Anti-Spyware On-access scanning disabled (Outdated)
Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Spyware: McAfee Anti-Virus and Anti-Spyware disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Firewall: McAfee Firewall disabled
Default Browser: Google Chrome 39.0.2171.95
Internet Explorer Version: 11.0.9600.17498 
 
==== Files Recently Created / Modified ======================
 
====== C:\Windows ====
2014-12-11 05:46:26 ACDBE1ED38167C8B01B8F63161BB2CEA 2374784 ----a-w- C:\Windows\explorer.exe
====== C:\Users\Admin\AppData\Local\Temp ====
2014-12-13 00:41:57 06C97930530AD91A8A6F0AA64C77E813 94460680 ----a-w- C:\Users\Admin\AppData\Local\Temp\FAInstallV4.001.221.Dell.exe
2014-12-12 23:46:30 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\Admin\AppData\Local\Temp\jrt\libiconv2.dll
2014-12-12 23:46:30 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\Admin\AppData\Local\Temp\jrt\libintl3.dll
2014-12-12 23:46:30 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\Admin\AppData\Local\Temp\jrt\pcre3.dll
2014-12-12 23:46:30 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\Admin\AppData\Local\Temp\jrt\regex2.dll
2014-12-12 23:46:30 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Admin\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-12-12 05:22:11 E3B655AABA7A38E2190514EC0F1A3BE4 106976 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 05:22:11 BBD2925C4F2E027254F2420963D4A174 714720 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-11 06:33:44 CA7A00203E710E56C18D15B72148769F 790528 ----a-w- C:\Windows\SysWOW64\MrmCoreR.dll
2014-12-11 05:47:05 DDAAC7C966436938526D4CF4C6042A5C 154112 ----a-w- C:\Windows\SysWOW64\msaudite.dll
2014-12-11 05:47:05 A22688490DCC2DA19441CA09EF7299BF 736768 ----a-w- C:\Windows\SysWOW64\adtschema.dll
2014-12-11 05:47:05 791BDC9FD3C95F92C7DB2162132C8645 324096 ----a-w- C:\Windows\SysWOW64\certcli.dll
2014-12-11 05:46:57 3BF6BEBD0A5666BDB426A734A4578D9B 1346048 ----a-w- C:\Windows\SysWOW64\msxml3.dll
2014-12-11 05:46:51 38045850ACB96313A1983A8803302906 35480 ----a-w- C:\Windows\SysWOW64\TsWpfWrp.exe
2014-12-11 05:46:27 61F5222289E052C40274ECD182A8AA99 98816 ----a-w- C:\Windows\SysWOW64\drvinst.exe
2014-12-11 05:46:27 195822ACCDAA2B4815DD01BAFC335595 2084520 ----a-w- C:\Windows\SysWOW64\explorer.exe
2014-12-11 05:46:21 1E4CD5DB4F61DF2A9053C8B9A46B4013 50176 ----a-w- C:\Windows\SysWOW64\UXInit.dll
2014-12-11 05:46:16 CB90D56DB19B8213CF5F7CB789C1C778 3117568 ----a-w- C:\Windows\SysWOW64\msi.dll
2014-12-11 05:46:16 C49344C2F399A22704C682C5E18B8DF2 2321920 ----a-w- C:\Windows\SysWOW64\authui.dll
2014-12-11 05:46:14 FACBA112943A89FBB8AC25085521924F 344536 ----a-w- C:\Windows\SysWOW64\AUDIOKSE.dll
2014-12-11 05:46:14 22B2920A0857BDD61B1331C30AD76F30 424544 ----a-w- C:\Windows\SysWOW64\AudioEng.dll
2014-12-11 05:46:14 0CBA301F325F922FAFB3B83AD3337BB2 370424 ----a-w- C:\Windows\SysWOW64\AudioSes.dll
2014-12-11 05:46:12 66F97677CC13F7B9E2408CC75750A389 208896 ----a-w- C:\Windows\SysWOW64\pku2u.dll
2014-12-11 05:46:12 4CD4C8D34213975444643A5F9594E363 806400 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2014-12-11 05:45:55 7BEE9E040222E7033A820780E1A61204 5777408 ----a-w- C:\Windows\SysWOW64\mstscax.dll
2014-12-11 05:45:54 074BF061D97E49AAF04F2FAF46409A14 5902848 ----a-w- C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-12-11 05:45:53 A4E624F7658D08C1717542FA10E0A973 1467384 ----a-w- C:\Windows\SysWOW64\ntdll.dll
2014-12-11 05:45:52 E86549FED3008360730A6B722079D537 756224 ----a-w- C:\Windows\SysWOW64\WSShared.dll
2014-12-11 05:45:52 DBA00F3FC75495058A25B24906C24599 1205976 ----a-w- C:\Windows\SysWOW64\propsys.dll
2014-12-11 05:45:52 BFC6F7889A9CFF451A418862444B9F63 321024 ----a-w- C:\Windows\SysWOW64\Wldap32.dll
2014-12-11 05:45:52 76831C139BD9E227712B283A6A5ABBA8 840192 ----a-w- C:\Windows\SysWOW64\SearchFolder.dll
2014-12-11 05:45:52 24B30DB8D1F8CF0F8C1AAAE319BC508E 838144 ----a-w- C:\Windows\SysWOW64\KernelBase.dll
2014-12-11 05:45:49 DA65F1320538BC417B8FAE0BCAC330A0 265216 ----a-w- C:\Windows\SysWOW64\SkyDriveShell.dll
2014-12-11 05:45:48 1FA2D34A17E366C269FBE94DE06B177F 855552 ----a-w- C:\Windows\SysWOW64\rdvidcrl.dll
2014-12-11 05:45:39 D1A07DE4DC408E5AA5CFBAE261919BDC 72192 ----a-w- C:\Windows\SysWOW64\packager.dll
2014-12-11 05:45:35 CA23E168518460519DC8D49EC6AD9550 18723112 ----a-w- C:\Windows\SysWOW64\shell32.dll
2014-12-11 05:45:35 1FB4389CA807D59B105B0827FCC8F768 11820544 ----a-w- C:\Windows\SysWOW64\twinui.dll
2014-12-11 05:45:24 1793FC07D568C930C04F9FF40FFF9A69 799744 ----a-w- C:\Windows\SysWOW64\MFMediaEngine.dll
2014-12-11 05:45:24 0EEE3F2278E447498B2CDBDF34C63C91 670384 ----a-w- C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-12-11 05:45:22 C73E43C0E4BFCF990D9746EDB75DC177 342528 ----a-w- C:\Windows\SysWOW64\schannel.dll
2014-12-11 05:45:20 A208DEE0CD61E24817C26D5A05503DA7 334336 ----a-w- C:\Windows\SysWOW64\puiobj.dll
2014-12-11 05:45:19 710A55B8443155F1FF09E07C2E44D79D 200192 ----a-w- C:\Windows\SysWOW64\DafPrintProvider.dll
2014-12-11 05:45:18 C1AD30D5E28B4291D4A16BC6944ABC0C 2030592 ----a-w- C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 05:45:16 A0E20B50D66FDF786BC2324499F7C482 195584 ----a-w- C:\Windows\SysWOW64\prnntfy.dll
2014-12-11 05:45:16 558838A9A51259F3E76030E3E997A72A 162816 ----a-w- C:\Windows\SysWOW64\puiapi.dll
2014-12-11 05:45:15 17FC09725FEE2546B96A938288509719 485376 ----a-w- C:\Windows\SysWOW64\untfs.dll
2014-12-11 05:45:13 46C1902654FF54C835E4C4E8C14B7F2A 239104 ----a-w- C:\Windows\SysWOW64\FXSAPI.dll
2014-12-11 05:44:33 4C48253C6A21CCEBA071B58A5CDF17C1 875688 ----a-w- C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-12-11 05:44:11 75D0FAD0165770819770628239BF57DB 602768 ----a-w- C:\Windows\SysWOW64\oleaut32.dll
2014-12-11 05:44:06 F34F6DC38A21FCDBB50CDD1EE97B1EA3 1307136 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2014-12-11 05:44:06 F25284C763E728E4DAC248C211D1FC5B 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 05:44:06 D7A98A4CEA2E89F544065A00BF37FC10 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 05:44:06 713407DA59A9DBE5BD64A17D7A267DA1 326656 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 05:44:06 69AC6FD5B0B4DC963723E1EBDEE10A2C 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 05:44:06 45CDC0E37774D30BEE8C5F62CE30D599 1042944 ----a-w- C:\Windows\SysWOW64\actxprxy.dll
2014-12-11 05:44:06 220505B0B3E96C857DD01729AF0CD369 19749376 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2014-12-11 05:44:04 8FC2FB51EB90E6AA582BDBA39C1935FD 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 05:44:04 543ADCEA31CF9C2B4EEB900D4AAFD0F9 2052096 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 05:44:04 01777AB557997E98691E322225314E57 2277888 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2014-12-11 05:44:03 B59E370277EDB6643083B62297175628 12836864 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2014-12-11 05:44:03 7BCC24D058205664BD700D272B169AEC 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 05:44:01 F728E7E9937117E0F32F39840EB6D737 4299264 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2014-12-11 05:44:01 5E4E0E43E0A5BF9F089696DFA7A3D677 1888256 ----a-w- C:\Windows\SysWOW64\wininet.dll
2014-12-11 05:44:01 41AFA61E061E98E97272AC02184C8C2C 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 05:43:56 98F2784FC4A4A80CE20016C6281834EE 880128 ----a-w- C:\Windows\SysWOW64\inetcomm.dll
2014-12-11 05:43:55 C6941899E6B0A1893D2D5A89241A43B6 661504 ----a-w- C:\Windows\SysWOW64\jscript.dll
2014-12-11 05:43:55 37F078B5B435AFC6BF316F2AD14B469A 501248 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2014-12-11 05:43:54 FCAF49AE2E10EF3823262D10E7F2D0DE 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 05:43:53 EF7A48E5955736BEECF0B0ABB478E90E 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll
2014-12-11 05:43:52 476900A8699F5C3D954ADD4A35D33F89 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll
2014-12-11 05:43:50 BE5EDCACB9E83C3695F650094367740C 99328 ----a-w- C:\Windows\SysWOW64\hlink.dll
2014-12-11 05:43:50 86181845803967FC51B64119E80FC18C 340992 ----a-w- C:\Windows\SysWOW64\html.iec
2014-12-11 05:43:49 615D259116D1B331911CE28C8CD1CCF3 73216 ----a-w- C:\Windows\SysWOW64\tdc.ocx
2014-12-11 05:43:49 236AD481F1632F4CE7E9835FFD4AF41D 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll
2014-12-11 05:43:49 1D391C687102569FD1EA154F0C1A4CE8 91136 ----a-w- C:\Windows\SysWOW64\inseng.dll
2014-12-11 05:43:49 0E4D9A13C7C6C8FC3ACCF1C8C28DE200 128000 ----a-w- C:\Windows\SysWOW64\iepeers.dll
2014-12-11 05:43:48 FC51834D5057B9D7847666AE88BC981C 130048 ----a-w- C:\Windows\SysWOW64\occache.dll
2014-12-11 05:43:48 ED5A4451A1A2777C6C5DB4238FD09078 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 05:43:48 DCFF6E5356CFF5B50BBA0FAAE01A0412 90624 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
2014-12-11 05:43:48 0FEEFF4B96CA5972121F59525142A14E 52736 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-11 05:43:47 F1313045CDCBBC4C90C34AEF67CEE088 112128 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll
2014-12-11 05:43:47 29CED1A4777A43526A4ED8A7B6936883 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 05:43:47 159199095C9959BE75E61C0FF947708F 152064 ----a-w- C:\Windows\SysWOW64\iexpress.exe
2014-12-11 05:43:47 02FF387F6228169EDDCB41F5E4B1A4E4 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 05:43:46 A66A88FFE53BBB9DDAACE0110A8232EC 137728 ----a-w- C:\Windows\SysWOW64\wextract.exe
2014-12-11 05:43:46 8D1E12756ED6F1FDB026AD3CF264F90C 40448 ----a-w- C:\Windows\SysWOW64\imgutil.dll
2014-12-11 05:43:46 59607FB7C6B84860CE2D1C5F7C57E052 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 05:43:46 316280CC22CBB15271A91D83CDFB73C3 27136 ----a-w- C:\Windows\SysWOW64\licmgr10.dll
2014-12-11 05:43:46 0812A503FF349D1DCEEB820B2E4FEE15 57344 ----a-w- C:\Windows\SysWOW64\pngfilt.dll
2014-12-11 05:43:45 EF7B7299A1D6604AD3CA2CE1BEF8C8F3 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2014-12-11 05:43:45 3C544C566EE7091AC52D4D9156C62687 235520 ----a-w- C:\Windows\SysWOW64\url.dll
2014-12-11 05:43:45 26F4BDB6EA83011885E217A51A4A3E68 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2014-12-11 05:43:44 1BD4CD20A25B4A3A5F7BAAC25E9D9202 11264 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe
2014-12-11 05:43:43 3FA76B67F25D84B3C2A4E8A8C0919E6E 12800 ----a-w- C:\Windows\SysWOW64\mshta.exe
2014-12-11 05:43:35 A9B598B04606F9869C42728FE95CBC7C 1489072 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 05:43:10 F8D0951A75826AD557CFAC323A936AA6 281088 ----a-w- C:\Windows\SysWOW64\msihnd.dll
2014-12-11 05:43:07 5D2C15BDAD48646C8CBC83903252D87C 514048 ----a-w- C:\Windows\SysWOW64\rastls.dll
2014-12-11 05:43:05 DB3ED0BA26D7C598481A23E7D06A370E 2344448 ----a-w- C:\Windows\SysWOW64\Wpc.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-12-12 05:14:46 A6D61CD951FB0057933FD2D2D8CDBC0B 112710672 ----a-w- C:\Windows\Sysnative\MRT.exe
2014-12-11 06:34:00 2DD8EC6F8DE5F8556ABC5F223D49EA07 412672 ----a-w- C:\Windows\Sysnative\generaltel.dll
2014-12-11 06:33:59 FB7F1B20A2C86D55F731E53EB04C9360 740864 ----a-w- C:\Windows\Sysnative\invagent.dll
2014-12-11 06:33:59 EE5ED8E6998D7E686F614BA8D876829B 192000 ----a-w- C:\Windows\Sysnative\aepic.dll
2014-12-11 06:33:59 C4A550C337ADB0EB4C4D4F388C27B815 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll
2014-12-11 06:33:59 C4859B1344645E6109DE77F5577CD37F 396288 ----a-w- C:\Windows\Sysnative\devinv.dll
2014-12-11 06:33:59 8283D7B0DCB540AB58A864E4BF2451FD 830464 ----a-w- C:\Windows\Sysnative\appraiser.dll
2014-12-11 06:33:59 222F243A138149E51FEA4769A475A144 1083392 ----a-w- C:\Windows\Sysnative\aeinv.dll
2014-12-11 06:33:52 AF33B3D7B32FE39656147E0849D987A4 321536 ----a-w- C:\Windows\Sysnative\lockscreencn.dll
2014-12-11 06:33:44 DB7815ACB2D8F7CB03807059969F13B6 1091072 ----a-w- C:\Windows\Sysnative\MrmCoreR.dll
2014-12-11 05:47:07 1D25CC0A9C480C5D56A5A6CF2B5DEB99 3547648 ----a-w- C:\Windows\Sysnative\rdpcorets.dll
2014-12-11 05:47:06 949E590B76018E4523FC71CE510ED9ED 1441792 ----a-w- C:\Windows\Sysnative\lsasrv.dll
2014-12-11 05:47:05 D7B23B3154508256C9F434EF9B65B91D 131584 ----a-w- C:\Windows\Sysnative\rdpudd.dll
2014-12-11 05:47:05 91E59FCB3B32DD84E5DCDA2EA1583807 736768 ----a-w- C:\Windows\Sysnative\adtschema.dll
2014-12-11 05:47:05 488CEA4F1B4D2446FFB7A94E3CB385FE 445440 ----a-w- C:\Windows\Sysnative\certcli.dll
2014-12-11 05:47:05 3D2D2EA099D98FE6B94C7D8C7992C08C 40448 ----a-w- C:\Windows\Sysnative\rfxvmt.dll
2014-12-11 05:47:04 A8484FB640E044858BA19FB4F13DD4CE 154112 ----a-w- C:\Windows\Sysnative\msaudite.dll
2014-12-11 05:46:57 93645AEBE163230A2ED5050C14AE6603 2149376 ----a-w- C:\Windows\Sysnative\msxml3.dll
2014-12-11 05:46:51 6DBE73C09215E281F4283641144110A5 35480 ----a-w- C:\Windows\Sysnative\TsWpfWrp.exe
2014-12-11 05:46:28 8E472AA2E916417B55BC1E6727957453 110592 ----a-w- C:\Windows\Sysnative\drvinst.exe
2014-12-11 05:46:27 BB7F878413AD3C2E7E89C96193D405DF 57856 ----a-w- C:\Windows\Sysnative\drvcfg.exe
2014-12-11 05:46:27 00CD1254837739E310505EBCB19F7971 796672 ----a-w- C:\Windows\Sysnative\uDWM.dll
2014-12-11 05:46:21 04AE20974DF91DC7B9075FC5A126B77C 68096 ----a-w- C:\Windows\Sysnative\UXInit.dll
2014-12-11 05:46:16 A00B916CD6A67984257DC53052350219 2646016 ----a-w- C:\Windows\Sysnative\authui.dll
2014-12-11 05:46:15 7667B9D81EA8FD6540E6CF72F92161A6 109568 ----a-w- C:\Windows\Sysnative\appinfo.dll
2014-12-11 05:46:15 5DAA60A74D178525DC6ACF53ABE343D6 2779136 ----a-w- C:\Windows\Sysnative\msi.dll
2014-12-11 05:46:14 DFDFDE2EA4B5CD0606BA6E56ECEE502D 272248 ----a-w- C:\Windows\Sysnative\audiodg.exe
2014-12-11 05:46:14 C0484CA5C7F87E38909746B63C7FC868 911360 ----a-w- C:\Windows\Sysnative\audiosrv.dll
2014-12-11 05:46:14 BB93DAAAE9006598935192B9CB65E475 108432 ----a-w- C:\Windows\Sysnative\EncDump.dll
2014-12-11 05:46:14 9F87516BF76C40B41D831F7D729A6044 482872 ----a-w- C:\Windows\Sysnative\AudioEng.dll
2014-12-11 05:46:14 9C88C9397B44B76E5C9A44B8E2CE53A1 500016 ----a-w- C:\Windows\Sysnative\AudioSes.dll
2014-12-11 05:46:14 8085F95BB18A171E7221D2831BC08BC2 394120 ----a-w- C:\Windows\Sysnative\AUDIOKSE.dll
2014-12-11 05:46:14 7F70B1044272982AAEA7C16E83424770 226304 ----a-w- C:\Windows\Sysnative\AudioEndpointBuilder.dll
2014-12-11 05:46:12 E87F8EC00FEEF700E61F6989D88A8BC2 991232 ----a-w- C:\Windows\Sysnative\kerberos.dll
2014-12-11 05:46:12 B31C4917EC5EADE24A90DDAF37EA00E0 4182016 ----a-w- C:\Windows\Sysnative\win32k.sys
2014-12-11 05:46:12 788C7D910267DDCD675DF4AB01961265 259584 ----a-w- C:\Windows\Sysnative\pku2u.dll
2014-12-11 05:45:56 57CA779C19C2F224BE0C5EFC40F54B60 4758528 ----a-w- C:\Windows\Sysnative\SyncEngine.dll
2014-12-11 05:45:56 1676B06421492B439A9E60C55692A921 8757760 ----a-w- C:\Windows\Sysnative\Windows.UI.Search.dll
2014-12-11 05:45:55 8A522BBE4E06586C57E5D9DC50FB88B0 6649344 ----a-w- C:\Windows\Sysnative\mstscax.dll
2014-12-11 05:45:54 37C1CBCB3F420C754E86E3EC313D436D 1112512 ----a-w- C:\Windows\Sysnative\KernelBase.dll
2014-12-11 05:45:53 ACFEE9487693C2BD573DFCA71D98E17C 914432 ----a-w- C:\Windows\Sysnative\iphlpsvc.dll
2014-12-11 05:45:53 5053FE9043FB84D71B04EFC7D5DA13CF 1710184 ----a-w- C:\Windows\Sysnative\ntdll.dll
2014-12-11 05:45:53 2ECA23663D13100032E09062C743C70D 1507648 ----a-w- C:\Windows\Sysnative\propsys.dll
2014-12-11 05:45:53 10CE7F7704E293F6CC6E0AF51DBFD95A 1106432 ----a-w- C:\Windows\Sysnative\SearchFolder.dll
2014-12-11 05:45:52 FD4EA8E9232ADD51DC31C295DDEF2768 287744 ----a-w- C:\Windows\Sysnative\SystemEventsBrokerServer.dll
2014-12-11 05:45:52 F58FBEA392B663B936E62939A877CA80 1120768 ----a-w- C:\Windows\Sysnative\SkyDrive.exe
2014-12-11 05:45:52 ABB028BAB78E7B4AFE374F8246F6CCB6 359424 ----a-w- C:\Windows\Sysnative\Wldap32.dll
2014-12-11 05:45:51 66CBCDDEF429E5BA83C3288EEB0771A6 717824 ----a-w- C:\Windows\Sysnative\SkyDriveTelemetry.dll
2014-12-11 05:45:51 30293301B14D0D11D086B09831F5FE0D 920064 ----a-w- C:\Windows\Sysnative\WSShared.dll
2014-12-11 05:45:50 E325BCD68EC0CF2E2EDD0AB7CC17C698 267776 ----a-w- C:\Windows\Sysnative\bisrv.dll
2014-12-11 05:45:50 0DD29E5328436D51517316CD6D3BACCA 286208 ----a-w- C:\Windows\Sysnative\pcsvDevice.dll
2014-12-11 05:45:49 73F269436228D5625E83A1EAF3549F58 118272 ----a-w- C:\Windows\Sysnative\httpprxm.dll
2014-12-11 05:45:49 5D4A403DAE434FBA11779496EAFBDDE8 75776 ----a-w- C:\Windows\Sysnative\adhsvc.dll
2014-12-11 05:45:49 36F977EDAE6CEE96CE6409B2B16765B4 290816 ----a-w- C:\Windows\Sysnative\ProximityService.dll
2014-12-11 05:45:49 3014CE5846A486C624E3E2CEB8C3290C 286208 ----a-w- C:\Windows\Sysnative\SkyDriveShell.dll
2014-12-11 05:45:49 0B1A9F6F9D2891C0F8783C0444D27DD0 1057280 ----a-w- C:\Windows\Sysnative\rdvidcrl.dll
2014-12-11 05:45:39 84549E8C8BF76B293A7E625A98D4BCF9 81408 ----a-w- C:\Windows\Sysnative\packager.dll
2014-12-11 05:45:34 C4306ADC38939CAC60EA38AAD9F170C0 13424128 ----a-w- C:\Windows\Sysnative\twinui.dll
2014-12-11 05:45:33 A92EF73B02686B7E6F070B486512DB88 389176 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml
2014-12-11 05:45:33 1D303CE5BCBD5B80BBA08321F28A3F86 21197152 ----a-w- C:\Windows\Sysnative\shell32.dll
2014-12-11 05:45:32 BCE66E78D388875B87286CA091E7075F 7484224 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2014-12-11 05:45:29 1907823D5ACFD75D1D8C0D4318299726 2714112 ----a-w- C:\Windows\Sysnative\SettingsHandlers.dll
2014-12-11 05:45:26 C88B63FE96DB4BCED65DD442BC8E77F5 1053184 ----a-w- C:\Windows\Sysnative\localspl.dll
2014-12-11 05:45:25 CA729FCE295895515A09BD6FF7903DC8 836176 ----a-w- C:\Windows\Sysnative\mfmp4srcsnk.dll
2014-12-11 05:45:25 A208498C5CD750A1743C1AC8162A810F 941568 ----a-w- C:\Windows\Sysnative\MFMediaEngine.dll
2014-12-11 05:45:23 ADF90BA6FD79196E5223A20BC8FCA59E 418304 ----a-w- C:\Windows\Sysnative\schannel.dll
2014-12-11 05:45:22 50E96089F9BE352621997143A56C8E76 822272 ----a-w- C:\Windows\Sysnative\win32spl.dll
2014-12-11 05:45:21 5416C603B6C85CF0698E8A2A1D28BAA2 448512 ----a-w- C:\Windows\Sysnative\puiobj.dll
2014-12-11 05:45:20 9CE162EB9057CF079736F4DD00FC0D6C 2480128 ----a-w- C:\Windows\Sysnative\WsmSvc.dll
2014-12-11 05:45:19 12C0733F955E15C3C37DD24C9C7D796A 263680 ----a-w- C:\Windows\Sysnative\DafPrintProvider.dll
2014-12-11 05:45:16 A8732AFE4DB47114355ABB285ED776D2 187392 ----a-w- C:\Windows\Sysnative\puiapi.dll
2014-12-11 05:45:16 118A11C89FAD244A2B85DA7EDC3E9683 215552 ----a-w- C:\Windows\Sysnative\prnntfy.dll
2014-12-11 05:45:15 8758F5DEBD2B950B2D56ED11F9E0B38F 545792 ----a-w- C:\Windows\Sysnative\untfs.dll
2014-12-11 05:45:14 6C118AEDD15FDBEAECC0E85C64B5B86B 615424 ----a-w- C:\Windows\Sysnative\FXSCOMEX.dll
2014-12-11 05:45:13 9C55CE9707B3CA29A6505BCDCC546390 275968 ----a-w- C:\Windows\Sysnative\FXSAPI.dll
2014-12-11 05:45:13 6317C9DB4282CEAA3BAB131BC3839B2A 308736 ----a-w- C:\Windows\Sysnative\compstui.dll
2014-12-11 05:45:12 8CBF1E2761816CFD9D32F8B32531D0FB 118272 ----a-w- C:\Windows\Sysnative\winbici.dll
2014-12-11 05:44:33 8BB7548307EE6147137993A410D64387 869544 ----a-w- C:\Windows\Sysnative\msvcr120_clr0400.dll
2014-12-11 05:44:11 9A108C0A3092110F4651B3AFB9CC7B3D 789184 ----a-w- C:\Windows\Sysnative\oleaut32.dll
2014-12-11 05:44:07 62D54F4673A6208C8CC147758122B3C3 2865152 ----a-w- C:\Windows\Sysnative\actxprxy.dll
2014-12-11 05:44:06 C9AB2198141844D3DF96B4552CE9D5AB 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-12-11 05:44:06 39B512C643812FC2D4843C0D4206C759 718848 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2014-12-11 05:44:04 E7A2061ADF0F4D430FECDA1E8D6B7BA6 1548288 ----a-w- C:\Windows\Sysnative\urlmon.dll
2014-12-11 05:44:04 DDE455CF1B9F43775A53A4E577DFDC54 373760 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2014-12-11 05:44:03 14BA910E7731FC84EB85328BD0F1EE81 800768 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2014-12-11 05:44:03 0AF0AEF0BA9EF6169E61C78504DCAE55 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2014-12-11 05:44:02 982B871A25B5078093FAD82D0AB0E3FC 2885120 ----a-w- C:\Windows\Sysnative\iertutil.dll
2014-12-11 05:44:02 3FE71E2A5BD3EC652E64FC8BCEFEDD2C 2125312 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2014-12-11 05:44:00 556D271F4243B273EDA353512BF3608A 14412800 ----a-w- C:\Windows\Sysnative\ieframe.dll
2014-12-11 05:44:00 175C139D51F99099D1BDA17794B02191 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2014-12-11 05:43:59 EFBA893429814EA3244C87C2D1256618 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2014-12-11 05:43:59 DE58DE2C6C8439B7174D6D3568AA4A80 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2014-12-11 05:43:59 DB10D681314714E0D4623E4C0CF6654A 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2014-12-11 05:43:59 8D64466AD12CA5677CD0099C43C58569 6039552 ----a-w- C:\Windows\Sysnative\jscript9.dll
2014-12-11 05:43:58 D478A4CF07FB8ADF72FB16B88E8030B8 25059840 ----a-w- C:\Windows\Sysnative\mshtml.dll
2014-12-11 05:43:58 4AF089160FE082E5EA5C4AA72782DCA2 2358272 ----a-w- C:\Windows\Sysnative\wininet.dll
2014-12-11 05:43:56 507DC5EE1363EEB7D986B1026DF4E39D 1032704 ----a-w- C:\Windows\Sysnative\inetcomm.dll
2014-12-11 05:43:55 A41AC7E8D142FD0ECF6EF7F1BB63D478 812544 ----a-w- C:\Windows\Sysnative\jscript.dll
2014-12-11 05:43:55 587DEBB59F5F14C9610966FB14A33607 633856 ----a-w- C:\Windows\Sysnative\ieui.dll
2014-12-11 05:43:55 1D294810D3A8A8F722E86AA001F54DCC 580096 ----a-w- C:\Windows\Sysnative\vbscript.dll
2014-12-11 05:43:52 D248949FCF2B72C1FD4EC15DA92065C0 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll
2014-12-11 05:43:50 F0A53129AE95A895EC8C4DC36E1797A2 108544 ----a-w- C:\Windows\Sysnative\hlink.dll
2014-12-11 05:43:49 E40D3696BE4852956669C285038B37A6 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2014-12-11 05:43:49 A348DEFC16B6FBC88B7D61C3B861BCB1 107520 ----a-w- C:\Windows\Sysnative\inseng.dll
2014-12-11 05:43:49 62CFEE2A516C68540486EBF26F18ED4C 145408 ----a-w- C:\Windows\Sysnative\iepeers.dll
2014-12-11 05:43:49 284070B045F8B11B4A1FB32F72023038 417280 ----a-w- C:\Windows\Sysnative\html.iec
2014-12-11 05:43:49 00FB2FB8C27C834CF575BC415B80F995 87552 ----a-w- C:\Windows\Sysnative\tdc.ocx
2014-12-11 05:43:48 F79E5258AF040A8AD83C7C1273A071C3 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2014-12-11 05:43:48 8AE1AC97407CD82D8389390C21430579 111616 ----a-w- C:\Windows\Sysnative\iesysprep.dll
2014-12-11 05:43:48 85E97591864F3125C5B08FB44E0E8078 60416 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll
2014-12-11 05:43:48 1C3C54FA2D620DF3093F356A56EC5957 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2014-12-11 05:43:47 DD8FD33C108F14681A410067AB21DDF3 152064 ----a-w- C:\Windows\Sysnative\occache.dll
2014-12-11 05:43:47 3721721151DB49457B0FD35E0C04594C 199680 ----a-w- C:\Windows\Sysnative\msrating.dll
2014-12-11 05:43:47 17A157A4225CF562202AC71DB8103177 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2014-12-11 05:43:46 D66D11191B48007179B0A77DC0717267 33280 ----a-w- C:\Windows\Sysnative\licmgr10.dll
2014-12-11 05:43:46 6096209CB47D61499C3608B9C25B073C 64512 ----a-w- C:\Windows\Sysnative\pngfilt.dll
2014-12-11 05:43:46 161BC2E883A8D8759A4DCF2A85AF9128 51200 ----a-w- C:\Windows\Sysnative\imgutil.dll
2014-12-11 05:43:45 F54E1190251EB245183BF16D6C315613 237568 ----a-w- C:\Windows\Sysnative\url.dll
2014-12-11 05:43:45 CDC8A85EB301A8CBE55A81A1D55AF5E5 132096 ----a-w- C:\Windows\Sysnative\IEAdvpack.dll
2014-12-11 05:43:45 A7F53772ECAE2F44B455D14F71179940 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2014-12-11 05:43:44 CA2F3153EF3BCB0BD3A8984C933DF604 167424 ----a-w- C:\Windows\Sysnative\iexpress.exe
2014-12-11 05:43:44 6A7F8D139610E5F3F158182778EF9275 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll
2014-12-11 05:43:44 4B9C652BD0FD95A9E6123913C35519D6 143872 ----a-w- C:\Windows\Sysnative\wextract.exe
2014-12-11 05:43:43 E99E2E88BFE584184AE92B1F8995CE93 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll
2014-12-11 05:43:43 A3871DED5ED88F59C0D1396761708F81 13824 ----a-w- C:\Windows\Sysnative\mshta.exe
2014-12-11 05:43:43 66585D645C4E23A0FD5124BD714AE020 12800 ----a-w- C:\Windows\Sysnative\msfeedssync.exe
2014-12-11 05:43:36 418B5117F187DFFD96C52325CA0DF153 1762840 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll
2014-12-11 05:43:10 10D8859CF01C1284603582ABD9B0482C 114520 ----a-w- C:\Windows\Sysnative\consent.exe
2014-12-11 05:43:10 08914C8989AB93F5EC3A452D014E2C8D 356352 ----a-w- C:\Windows\Sysnative\msihnd.dll
2014-12-11 05:43:09 D3AE5DB16EAF913860EC28654CE00E6B 1212928 ----a-w- C:\Windows\Sysnative\schedsvc.dll
2014-12-11 05:43:07 25EE65F2FA154EDED0E87354311FB1E2 590336 ----a-w- C:\Windows\Sysnative\rastls.dll
2014-12-11 05:43:06 E7DE316FEEFC79327CFAD8F527979CC0 3118080 ----a-w- C:\Windows\Sysnative\Wpc.dll
2014-12-11 05:43:06 E2F4125BFAC99244088324A1841C0B83 3048880 ----a-w- C:\Windows\Sysnative\WpcMon.exe
2014-12-11 05:43:05 F381B380B7B2704EA4C0F8D8C49C1C50 623616 ----a-w- C:\Windows\Sysnative\MDMAgent.exe
2014-12-11 05:43:05 6BC31FB4E24A962C98801D3687A984C0 2861056 ----a-w- C:\Windows\Sysnative\WpcWebSync.dll
====== C:\Windows\Sysnative\drivers =====
2014-12-12 03:52:45 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-12-11 05:47:06 4E1207CE16E615B0B7A70DC889F4500E 563976 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
2014-12-11 05:47:05 9F08A6608F98B5407E7DDBCF306573EF 27456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys
2014-12-11 05:47:05 6D2EE96150E35B9EA49F2B481DE0369A 177472 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2014-12-11 05:45:52 97B9076611291AE4C4C107BC915BD026 1200640 ----a-w- C:\Windows\Sysnative\drivers\bthport.sys
2014-12-11 05:45:50 65392F3F3F65E4C6CC82A0F4F8A0B051 468288 ----a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS
2014-12-11 05:45:49 E0927EFA25D473367C3341B9F5969779 115712 ----a-w- C:\Windows\Sysnative\drivers\bridge.sys
2014-12-11 05:45:31 CCB3A2BB60FE5073F2DEA63FE83CF8FE 2497344 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2014-12-11 05:45:23 E3FCE2A6B3533D99A3B498504DF9CC47 474432 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
2014-12-11 05:45:17 7F23E38C5B6448F91439E4066645191E 428864 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2014-12-11 05:45:16 66732C13628BDB1AB0D6FD46027327C2 148800 ----a-w- C:\Windows\Sysnative\drivers\USBSTOR.SYS
2014-12-11 05:43:06 B02118A776C368F7EE1A8CC81378D265 153920 ----a-w- C:\Windows\Sysnative\drivers\dumpsd.sys
2014-12-11 05:43:06 A770340FC02B999EF0DE6C2A6BC8437C 39744 ----a-w- C:\Windows\Sysnative\drivers\intelpep.sys
2014-12-11 05:43:06 7B7C482CF48E6EE33664340D1A78E6FE 238912 ----a-w- C:\Windows\Sysnative\drivers\sdbus.sys
2014-12-11 05:43:06 24A8DFC07E4BAF29AEA26E383D4CC886 86336 ----a-w- C:\Windows\Sysnative\drivers\pdc.sys
2014-12-07 18:59:14 29F981739E50305128022CBE10B3659C 197704 ----a-w- C:\Windows\Sysnative\drivers\HipShieldK.sys
====== C:\Windows\Tasks ======
2014-12-12 05:37:43 23AD46F12A4F26D0E06F159F320D2BF4 3598 ----a-w- C:\Windows\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4117855597-3340283673-3293475651-1004
2014-12-07 19:05:38 -------- d-----w- C:\Windows\Sysnative\Tasks\Aviata
2014-12-07 19:01:59 D19878B5997855DA31CF20F706EA594F 3896 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2014-12-07 19:01:59 812B5C46635E81B4B4E930F10C8C7CAD 924 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 19:01:58 767475E658965944203867F9B76592F8 3660 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2014-12-07 19:01:58 22A69C693AA1ECB4B161F36E51B0F713 920 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 18:53:35 9A19E2DB3278163BD4FF8D6572728625 3440 ----a-w- C:\Windows\Sysnative\Tasks\PCDEventLauncherTask
2014-12-07 18:53:34 91A9DF052827390A4A80BB12736CB1F8 3988 ----a-w- C:\Windows\Sysnative\Tasks\PCDoctorBackgroundMonitorTask
2014-12-07 18:53:32 AFD0AAB7E01B17C413AAE016901444C1 3198 ----a-w- C:\Windows\Sysnative\Tasks\SystemToolsDailyTest
2014-12-07 18:51:25 F43BED108FCA65055EE96D605C2231B2 3930 ----a-w- C:\Windows\Sysnative\Tasks\User_Feed_Synchronization-{AEF6BFD7-412F-49AB-9828-00AD52EA5305}
2014-12-06 19:39:30 28D53FE61764049714A0D00D58ADF818 3598 ----a-w- C:\Windows\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4117855597-3340283673-3293475651-1001
2014-12-06 19:34:38 -------- d-----w- C:\Windows\Sysnative\Tasks\WPD
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-12-12 23:45:10 -------- d-----w- C:\PROGRA~2\Sensible Vision
2014-12-12 04:30:58 -------- d-----w- C:\PROGRA~2\Dell Digital Delivery
2014-12-07 19:01:57 -------- d-----w- C:\PROGRA~2\Google
======= C: =====
2014-12-06 19:40:14 B99B721997D83CF7F2801F5E5027ACAF 113 ---ha-w- C:\DBAR_Ver.txt
====== C:\Users\Admin\AppData\Roaming ======
2014-12-23 02:02:15 -------- d-----w- C:\Users\Admin\AppData\Local\Intel_Corporation
2014-12-23 01:55:27 -------- d-----r- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-12-13 00:04:07 -------- d-----w- C:\Users\Admin\AppData\Roaming\FastAccessSup
2014-12-12 23:40:51 -------- d-----w- C:\Users\Admin\AppData\Roaming\DropboxOEM
2014-12-12 05:35:36 -------- d-----w- C:\Users\Admin\AppData\Local\Aviata
2014-12-12 05:33:35 -------- d-----w- C:\Users\Admin\AppData\Local\BMExplorer
2014-12-12 05:33:16 -------- d-----w- C:\Users\Admin\AppData\Local\DropboxOEM
2014-12-12 05:33:02 -------- d-----w- C:\Users\Admin\AppData\Roaming\Atheros
2014-12-12 05:32:05 -------- d-----r- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-12-12 05:32:05 -------- d-----r- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-12-12 05:31:58 -------- d-----w- C:\Users\Admin\AppData\Roaming\Adobe
2014-12-12 05:31:58 -------- d-----w- C:\Users\Admin\AppData\Local\Packages
2014-12-12 05:31:56 -------- d-----w- C:\Users\Admin\AppData\Local\VirtualStore
2014-12-12 05:31:56 -------- d-----w- C:\Users\Admin\AppData\Local\Google
2014-12-12 05:19:28 61A6BA195C8E177CD54EDF5E9651A3E9 165896 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2014-12-12 04:49:43 -------- d-s---w- C:\Users\Admin\AppData\Locallow\Microsoft
2014-12-12 04:49:39 -------- d-s---w- C:\Users\Admin\AppData\Roaming\Microsoft
2014-12-12 04:49:39 -------- d-----w- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-12 04:49:39 -------- d-----w- C:\Users\Admin\AppData\Local\Temp
2014-12-12 04:49:39 -------- d-----w- C:\Users\Admin\AppData\Local\Microsoft
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-12 04:46:25 -------- d-----r- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-12-12 04:30:22 -------- d-----w- C:\Users\Allyson\AppData\Local\VirtualStore
2014-12-12 04:25:02 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2014-12-12 04:25:01 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2014-12-12 04:25:01 -------- d-----w- C:\Users\Default\AppData\Local\Temp
2014-12-12 04:25:01 -------- d-----w- C:\Users\Default User\AppData\Local\Temp
2014-12-12 04:25:01 -------- d-----w- C:\Users\Allyson\AppData\Local\Temp
2014-12-10 08:12:35 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps
2014-12-10 04:24:19 -------- d-----w- C:\Users\Allyson\AppData\Local\Programs
2014-12-10 04:23:27 -------- d-----w- C:\Users\Allyson\AppData\Local\CrashDumps
2014-12-07 19:06:15 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google
2014-12-07 19:01:57 -------- d-----w- C:\Users\Allyson\AppData\Local\Google
2014-12-07 18:51:33 -------- d-sh--w- C:\Users\Allyson\AppData\Locallow\EmieUserList
2014-12-07 18:51:22 -------- d-sh--w- C:\Users\Allyson\AppData\Local\EmieUserList
2014-12-07 18:51:22 -------- d-sh--w- C:\Users\Allyson\AppData\Local\EmieSiteList
2014-12-07 18:51:17 -------- d-----w- C:\Users\Allyson\AppData\Roaming\DropboxOEM
2014-12-07 18:51:15 -------- d-sh--w- C:\Users\Allyson\AppData\Locallow\EmieSiteList
2014-12-07 18:50:28 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft
2014-12-06 19:37:48 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2014-12-06 19:36:45 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
2014-12-06 19:35:36 -------- d-----w- C:\Users\Allyson\AppData\Local\Aviata
2014-12-06 19:35:31 -------- d-----w- C:\Users\Allyson\AppData\Local\BMExplorer
2014-12-06 19:35:09 -------- d-----w- C:\Users\Allyson\AppData\Local\DropboxOEM
2014-12-06 19:34:55 -------- d-----w- C:\Users\Allyson\AppData\Roaming\Atheros
2014-12-06 19:34:14 -------- d-----r- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-12-06 19:34:14 -------- d-----r- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-12-06 19:34:09 -------- d-----w- C:\Users\Allyson\AppData\Roaming\Adobe
2014-12-06 19:34:01 -------- d-----w- C:\Users\Allyson\AppData\Local\Packages
2014-12-06 19:33:35 -------- d-s---w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft
2014-12-06 19:32:30 -------- d-s---w- C:\Users\Allyson\AppData\Locallow\Microsoft
2014-12-06 19:32:28 -------- d-s---w- C:\Users\Allyson\AppData\Roaming\Microsoft
2014-12-06 19:32:28 -------- d-----w- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-06 19:32:28 -------- d-----w- C:\Users\Allyson\AppData\Local\Microsoft
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
====== C:\Users\Admin ======
2014-12-23 02:00:25 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Searches
2014-12-12 23:46:07 7AC98BE8593253FDDF8293E1C60B04BA 2166272 ----a-w- C:\Users\Admin\Downloads\AdwCleaner.exe
2014-12-12 23:45:44 C254F3ECEB9B1AC795BA6B25DE008EBA 1707646 ----a-w- C:\Users\Admin\Downloads\JRT.exe
2014-12-12 23:45:10 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastAccess Facial Recognition
2014-12-12 23:43:50 -------- d-----w- C:\ProgramData\Package Cache
2014-12-12 05:35:22 -------- d---a-w- C:\Users\Admin\OneDrive
2014-12-12 05:32:05 -------- d-----r- C:\Users\Admin\Searches
2014-12-12 05:32:05 -------- d-----r- C:\Users\Admin\Contacts
2014-12-12 04:49:42 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Admin\ntuser.ini
2014-12-12 04:49:39 -------- d--h--w- C:\Users\Admin\AppData
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Videos
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Saved Games
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Pictures
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Music
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Links
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Favorites
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Downloads
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Documents
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Desktop
2014-12-12 04:27:35 8E1B08222F20E45A3E8DB04C569F9CB7 8 --sha-r- C:\ProgramData\ntuser.pol
2014-12-11 06:04:02 4ADCFEE16EE9978F06157634669D36FB 602112 ----a-w- C:\Users\Allyson\Downloads\OTL.exe
2014-12-11 05:29:39 0C6701C66D7E3E07A498AEFD6C9D0E8A 2119680 ----a-w- C:\Users\Allyson\Downloads\FRST64.exe
2014-12-07 19:02:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-06 21:24:20 -------- d--h--r- C:\Users\Public\AccountPictures
2014-12-06 19:39:42 -------- d-----w- C:\ProgramData\softthinks
2014-12-06 19:38:42 -------- d---a-w- C:\Users\Allyson\OneDrive
2014-12-06 19:35:04 -------- d-----w- C:\ProgramData\Atheros
2014-12-06 19:34:14 -------- d-----r- C:\Users\Allyson\Searches
2014-12-06 19:34:13 -------- d-----r- C:\Users\Allyson\Contacts
2014-12-06 19:32:28 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Allyson\ntuser.ini
2014-12-06 19:32:28 -------- d--h--w- C:\Users\Allyson\AppData
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\Saved Games
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\Pictures
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\Music
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\Links
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\Favorites
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\Downloads
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\Documents
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\Desktop
2014-12-06 19:32:27 -------- d-----r- C:\Users\Allyson\Videos
 
====== C: exe-files ==
2014-12-23 01:59:43 AE1D46B9E4763129402DA59FE02E4B1D 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-4117855597-3340283673-3293475651-1004\$IM0TCRY.exe
2014-12-23 01:59:40 A964F93072E56378F134C945966D87CC 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-4117855597-3340283673-3293475651-1004\$I7F8VT4.exe
2014-12-23 01:56:28 E398F7E550FFBBE2C3E8272776D0D354 46882080 ----a-w- C:\Users\Admin\AppData\Roaming\DropboxOEM\download\5p1ouasl.ijp\DropboxFull_3.0.4.exe
=== C: other files ==
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=120 folders=42 66098316 bytes)
 
==== EOF on Mon 12/22/2014 at 18:10:40.65 ======================

  • 0

Advertisements

#11
Inner Child
Posted 23 December 2014 - 11:34 PM

Inner Child

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts

Here are the rest.

 

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-12-2014 01
Ran by Admin (administrator) on ALLYSPC on 22-12-2014 19:16:00
Running from C:\Users\Allyson\Downloads
Loaded Profile: Admin (Available profiles: Allyson & Admin)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSysSvc64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAsenmon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dell) C:\Program Files\Dell\Dell Data Services\DDSSvc.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FACSMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
() C:\Program Files (x86)\Sensible Vision\Fast Access\FAAppMonOT.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
(Sensible Vision) C:\Program Files (x86)\Sensible Vision\Fast Access\FAupgradeNoticeOT.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634648 2014-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387224 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3775816 2014-02-27] (Dell Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-11-11] (McAfee, Inc.)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [95536 2014-07-01] (Sensible Vision )
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\FastAccess-x32: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll (Sensible Vision )
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] ( (Qualcomm®Atheros®))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
Lsa: [Notification Packages] scecli FAPassSync
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4117855597-3340283673-3293475651-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4117855597-3340283673-3293475651-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @sensiblevision.com/FastAccess,version=4.1.110 -> C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\nprt.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-12-07]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2014-12-12]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-12-07]
 
Chrome: 
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-12]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-12]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-12]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-12]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-12]
CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-12]
CHR Extension: (SiteAdvisor) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-12-12]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-12]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-12]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-12-11]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-12-11]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 0052811418358498mcinstcleanup; C:\Windows\TEMP\005281~1.EXE [827456 2012-01-09] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows ® Win 7 DDK provider)
R2 Dell Data Services; C:\Program Files\Dell\Dell Data Services\DDSSvc.exe [45936 2014-11-13] (Dell)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [73072 2014-11-10] (Dell)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [293440 2014-04-01] (Aviata, Inc.)
S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [148688 2014-07-22] (Dell Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-11] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [333584 2013-09-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601920 2013-12-04] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-11] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-03-17] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-03-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [341288 2013-11-06] (McAfee, Inc.)
S2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1921768 2014-07-02] (SoftThinks SAS)
R2 WavesSysSvc; C:\Program Files\Realtek\Audio\HDA\WavesSysSvc64.exe [497664 2014-04-06] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-08] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-08] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-03-17] (McAfee, Inc.)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S3 facap; C:\Windows\system32\DRIVERS\facap.sys [37888 2012-09-03] (Windows ® Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-03-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-03-17] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2014-03-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-03-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-03-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [345456 2014-03-17] (McAfee, Inc.)
S3 RTLU3E8023-W8-64; C:\Windows\system32\DRIVERS\rtu30x64w8.sys [92376 2013-10-09] (Realtek                                            )
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-11-08] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-11-08] (Microsoft Corporation)
R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [83968 2013-11-21] (STMicroelectronics)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-03-10] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-08] (Microsoft Corporation)
S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-22 19:15 - 2014-12-22 19:15 - 00040098 _____ () C:\Users\Admin\Desktop\zoek-results.txt
2014-12-22 19:15 - 2014-12-22 19:15 - 00000000 ____D () C:\Users\Allyson\Downloads\FRST-OlderVersion
2014-12-22 18:03 - 2014-12-11 20:28 - 00012144 _____ () C:\zoek-results2014-12-12-042822.log
2014-12-22 18:02 - 2014-12-22 18:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Macromedia
2014-12-22 18:02 - 2014-12-22 18:02 - 00000000 ____D () C:\Users\Admin\AppData\Local\Intel_Corporation
2014-12-22 18:02 - 2014-12-22 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-12-22 17:55 - 2014-12-22 17:55 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-12-12 16:04 - 2014-12-12 16:04 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\FastAccessSup
2014-12-12 15:55 - 2014-12-12 16:00 - 00000000 ____D () C:\AdwCleaner
2014-12-12 15:53 - 2014-12-12 15:53 - 00000746 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-12-12 15:46 - 2014-12-12 15:46 - 02166272 _____ () C:\Users\Admin\Downloads\AdwCleaner.exe
2014-12-12 15:45 - 2014-12-12 15:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastAccess Facial Recognition
2014-12-12 15:45 - 2014-12-12 15:45 - 01707646 _____ (Thisisu) C:\Users\Admin\Downloads\JRT.exe
2014-12-12 15:45 - 2014-12-12 15:45 - 00000000 ____D () C:\Program Files (x86)\Sensible Vision
2014-12-12 15:43 - 2014-12-12 15:43 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-12 15:40 - 2014-12-12 15:41 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DropboxOEM
2014-12-11 21:37 - 2014-12-22 18:19 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4117855597-3340283673-3293475651-1004
2014-12-11 21:35 - 2014-12-22 17:54 - 00000000 ____D () C:\Users\Admin\OneDrive
2014-12-11 21:35 - 2014-12-11 21:35 - 00000000 ____D () C:\Users\Admin\AppData\Local\Aviata
2014-12-11 21:33 - 2014-12-11 21:33 - 00000000 ____D () C:\Users\Admin\Documents\Bluetooth Folder
2014-12-11 21:33 - 2014-12-11 21:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Atheros
2014-12-11 21:33 - 2014-12-11 21:33 - 00000000 ____D () C:\Users\Admin\AppData\Local\DropboxOEM
2014-12-11 21:33 - 2014-12-11 21:33 - 00000000 ____D () C:\Users\Admin\AppData\Local\BMExplorer
2014-12-11 21:31 - 2014-12-22 17:55 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
2014-12-11 21:31 - 2014-12-11 21:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Packages
2014-12-11 21:31 - 2014-12-11 21:31 - 00001448 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-11 21:31 - 2014-12-11 21:31 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-12-11 21:31 - 2014-12-11 21:31 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore
2014-12-11 21:22 - 2014-11-26 13:10 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-11 21:22 - 2014-11-26 13:10 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-11 21:17 - 2014-12-11 21:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 21:17 - 2014-12-11 21:17 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 21:14 - 2014-12-11 21:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 21:14 - 2014-11-27 16:40 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-11 20:49 - 2014-12-11 21:35 - 00000000 ____D () C:\Users\Admin
2014-12-11 20:49 - 2014-12-11 20:49 - 00000020 ___SH () C:\Users\Admin\ntuser.ini
2014-12-11 20:49 - 2014-11-09 00:16 - 00000141 _____ () C:\Users\Admin\Desktop\eBay.url
2014-12-11 20:49 - 2014-11-08 23:23 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-11 20:49 - 2014-11-08 23:23 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-11 20:49 - 2014-03-18 01:54 - 00000369 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-12-11 20:49 - 2014-03-18 01:54 - 00000369 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-12-11 20:49 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-11 20:49 - 2013-08-22 07:36 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-11 20:46 - 2014-12-11 20:46 - 00000000 ___RD () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-12-11 20:30 - 2014-12-11 20:30 - 00000000 ____D () C:\Users\Allyson\AppData\Local\VirtualStore
2014-12-11 20:30 - 2014-12-11 20:30 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-12-11 20:27 - 2014-12-11 20:27 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-11 20:05 - 2014-12-22 18:10 - 00040098 _____ () C:\zoek-results.log
2014-12-11 20:04 - 2014-12-11 20:22 - 00000000 ____D () C:\zoek_backup
2014-12-11 19:52 - 2014-12-11 19:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-12-11 19:41 - 2014-12-11 19:44 - 00000000 ____D () C:\Users\Allyson\Downloads\zoek
2014-12-11 19:40 - 2014-12-11 19:40 - 04134156 _____ () C:\Users\Allyson\Downloads\zoek.zip
2014-12-10 23:40 - 2014-12-10 23:40 - 00038400 _____ () C:\Users\Allyson\Downloads\316 Grade Calculator_options (1).xls
2014-12-10 23:39 - 2014-12-10 23:39 - 00038400 _____ () C:\Users\Allyson\Downloads\316 Grade Calculator_options.xls
2014-12-10 23:10 - 2014-12-10 23:10 - 00046134 _____ () C:\Users\Allyson\Downloads\Extras.Txt
2014-12-10 23:08 - 2014-12-10 23:08 - 00129814 _____ () C:\Users\Allyson\Downloads\OTL.Txt
2014-12-10 22:34 - 2014-12-02 15:09 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 22:33 - 2014-12-03 15:37 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 22:33 - 2014-12-03 15:09 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 22:33 - 2014-12-02 15:09 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 22:33 - 2014-12-02 15:09 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 22:33 - 2014-12-02 15:09 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 22:33 - 2014-12-02 15:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 22:33 - 2014-10-31 15:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-12-10 22:33 - 2014-10-31 15:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-12-10 22:33 - 2014-07-09 20:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\lockscreencn.dll
2014-12-10 22:04 - 2014-12-10 22:04 - 00602112 _____ (OldTimer Tools) C:\Users\Allyson\Downloads\OTL.exe
2014-12-10 21:47 - 2014-10-09 17:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-12-10 21:47 - 2014-10-09 17:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-12-10 21:47 - 2014-10-09 17:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-12-10 21:47 - 2014-10-07 23:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-12-10 21:47 - 2014-10-07 23:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-12-10 21:47 - 2014-10-07 23:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-12-10 21:47 - 2014-10-07 23:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2014-12-10 21:47 - 2014-10-07 22:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-12-10 21:47 - 2014-10-07 22:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-12-10 21:47 - 2014-10-07 22:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-12-10 21:47 - 2014-10-07 22:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-12-10 21:47 - 2014-10-07 22:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-12-10 21:47 - 2014-10-07 21:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-12-10 21:46 - 2014-11-09 15:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-12-10 21:46 - 2014-11-09 15:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-12-10 21:46 - 2014-11-09 15:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-12-10 21:46 - 2014-11-09 15:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-12-10 21:46 - 2014-10-06 22:28 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-12-10 21:46 - 2014-10-06 22:27 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-12-10 21:46 - 2014-10-06 22:27 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-12-10 21:46 - 2014-10-06 22:27 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-12-10 21:46 - 2014-10-06 22:27 - 00108432 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-12-10 21:46 - 2014-10-06 19:34 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-12-10 21:46 - 2014-10-06 19:34 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-12-10 21:46 - 2014-10-06 19:33 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-12-10 21:46 - 2014-10-06 19:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-12-10 21:46 - 2014-10-06 17:54 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-12-10 21:46 - 2014-10-06 17:46 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-12-10 21:46 - 2014-08-28 17:58 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-12-10 21:46 - 2014-08-28 17:32 - 02779136 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-12-10 21:46 - 2014-08-28 16:59 - 03117568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-12-10 21:46 - 2014-08-28 15:56 - 02646016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-12-10 21:46 - 2014-08-28 15:47 - 02321920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-12-10 21:46 - 2014-08-22 23:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-12-10 21:46 - 2014-08-22 23:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-12-10 21:46 - 2014-08-22 22:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-12-10 21:46 - 2014-08-22 21:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-12-10 21:46 - 2014-08-22 21:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-12-10 21:46 - 2014-08-22 21:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-12-10 21:46 - 2014-08-22 20:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-12-10 21:46 - 2014-06-09 14:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-12-10 21:46 - 2014-06-09 14:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-12-10 21:46 - 2014-05-18 22:31 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2014-12-10 21:46 - 2014-05-18 22:21 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-12-10 21:46 - 2014-05-18 21:23 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-12-10 21:45 - 2014-10-22 21:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-12-10 21:45 - 2014-10-22 21:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-12-10 21:45 - 2014-09-09 22:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-12-10 21:45 - 2014-09-07 19:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-12-10 21:45 - 2014-09-07 19:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-12-10 21:45 - 2014-09-07 14:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2014-12-10 21:45 - 2014-09-04 14:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-12-10 21:45 - 2014-09-04 14:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-12-10 21:45 - 2014-09-03 19:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-12-10 21:45 - 2014-09-03 18:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-12-10 21:45 - 2014-09-03 17:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-12-10 21:45 - 2014-09-03 16:36 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-10 21:45 - 2014-09-03 16:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-12-10 21:45 - 2014-09-03 16:15 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-12-10 21:45 - 2014-09-03 16:10 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-12-10 21:45 - 2014-08-30 16:17 - 00148800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-12-10 21:45 - 2014-08-30 16:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-12-10 21:45 - 2014-08-30 14:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-12-10 21:45 - 2014-08-30 14:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2014-12-10 21:45 - 2014-08-30 13:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-12-10 21:45 - 2014-08-30 13:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-12-10 21:45 - 2014-08-30 12:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2014-12-10 21:45 - 2014-08-30 12:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-12-10 21:45 - 2014-08-27 18:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-12-10 21:45 - 2014-08-27 16:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 21:45 - 2014-08-27 16:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 21:45 - 2014-08-22 21:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-12-10 21:45 - 2014-08-22 21:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-12-10 21:45 - 2014-08-22 20:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-12-10 21:45 - 2014-08-15 20:08 - 01507648 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-12-10 21:45 - 2014-08-15 20:01 - 01710184 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-12-10 21:45 - 2014-08-15 19:58 - 01112512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-12-10 21:45 - 2014-08-15 19:16 - 01205976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-12-10 21:45 - 2014-08-15 19:03 - 01467384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-12-10 21:45 - 2014-08-15 17:31 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-12-10 21:45 - 2014-08-15 17:04 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-12-10 21:45 - 2014-08-15 16:58 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-12-10 21:45 - 2014-08-15 16:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-12-10 21:45 - 2014-08-15 16:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-12-10 21:45 - 2014-08-15 16:45 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-12-10 21:45 - 2014-08-15 16:43 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2014-12-10 21:45 - 2014-08-15 16:43 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-12-10 21:45 - 2014-08-15 16:31 - 00914432 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-12-10 21:45 - 2014-08-15 16:31 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-12-10 21:45 - 2014-08-15 16:29 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-10 21:45 - 2014-08-15 16:23 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-12-10 21:45 - 2014-08-15 16:22 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-12-10 21:45 - 2014-08-15 16:22 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-12-10 21:45 - 2014-08-15 16:19 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-10 21:45 - 2014-08-15 16:18 - 04758528 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-12-10 21:45 - 2014-08-15 16:17 - 08757760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-12-10 21:45 - 2014-08-15 16:14 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-12-10 21:45 - 2014-08-15 16:13 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-12-10 21:45 - 2014-08-15 16:13 - 05902848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-12-10 21:45 - 2014-08-15 16:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-12-10 21:45 - 2014-08-15 16:11 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-12-10 21:45 - 2014-08-15 16:10 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-12-10 21:45 - 2014-08-15 16:08 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-12-10 21:45 - 2014-08-15 16:07 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-12-10 21:45 - 2014-08-01 16:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-12-10 21:45 - 2014-08-01 16:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-12-10 21:45 - 2014-07-24 07:28 - 00468288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-12-10 21:45 - 2014-07-24 03:42 - 01200640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-12-10 21:45 - 2014-07-24 03:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-12-10 21:45 - 2014-07-24 03:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2014-12-10 21:45 - 2014-07-24 02:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-12-10 21:45 - 2014-07-24 01:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-12-10 21:45 - 2014-07-24 01:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-12-10 21:45 - 2014-07-24 01:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2014-12-10 21:45 - 2014-07-24 00:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-12-10 21:45 - 2014-07-24 00:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2014-12-10 21:45 - 2014-07-23 23:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2014-12-10 21:45 - 2014-07-23 23:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2014-12-10 21:44 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 21:44 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 21:44 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 21:44 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 21:44 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 21:44 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 21:44 - 2014-11-21 17:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 21:44 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 21:44 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 21:44 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 21:44 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 21:44 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 21:44 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 21:44 - 2014-11-21 17:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 21:44 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 21:44 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 21:44 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 21:44 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 21:44 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 21:44 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 21:44 - 2014-10-30 20:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 21:44 - 2014-10-30 20:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 21:44 - 2014-10-30 19:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-12-10 21:44 - 2014-10-30 19:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 21:44 - 2014-10-30 19:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 21:44 - 2014-10-30 18:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-12-10 21:44 - 2014-10-16 23:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-12-10 21:44 - 2014-10-16 22:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-12-10 21:44 - 2014-07-23 19:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-12-10 21:44 - 2014-07-23 19:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-12-10 21:43 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 21:43 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 21:43 - 2014-11-21 18:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-10 21:43 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 21:43 - 2014-11-21 18:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-10 21:43 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 21:43 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 21:43 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 21:43 - 2014-11-21 18:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-10 21:43 - 2014-11-21 18:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-10 21:43 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 21:43 - 2014-11-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-10 21:43 - 2014-11-21 17:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-10 21:43 - 2014-11-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-10 21:43 - 2014-11-21 17:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-10 21:43 - 2014-11-21 17:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-12-10 21:43 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 21:43 - 2014-11-21 17:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-10 21:43 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 21:43 - 2014-11-06 20:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 21:43 - 2014-11-06 19:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 21:43 - 2014-10-30 21:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-12-10 21:43 - 2014-10-30 21:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-10 21:43 - 2014-10-30 21:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-12-10 21:43 - 2014-10-30 21:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-12-10 21:43 - 2014-10-30 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-10 21:43 - 2014-10-30 21:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-10 21:43 - 2014-10-30 21:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 21:43 - 2014-10-30 21:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 21:43 - 2014-10-30 20:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 21:43 - 2014-10-30 20:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 21:43 - 2014-10-30 20:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-12-10 21:43 - 2014-10-30 20:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 21:43 - 2014-10-30 20:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2014-12-10 21:43 - 2014-10-30 20:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 21:43 - 2014-10-30 20:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 21:43 - 2014-10-30 20:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 21:43 - 2014-10-30 20:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-12-10 21:43 - 2014-10-30 20:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-10 21:43 - 2014-10-30 20:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-12-10 21:43 - 2014-10-30 20:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-12-10 21:43 - 2014-10-30 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 21:43 - 2014-10-30 20:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-10 21:43 - 2014-10-30 20:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-12-10 21:43 - 2014-10-30 19:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-12-10 21:43 - 2014-10-30 19:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-12-10 21:43 - 2014-10-30 19:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-10 21:43 - 2014-10-30 19:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-12-10 21:43 - 2014-10-30 19:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-12-10 21:43 - 2014-10-30 19:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-10 21:43 - 2014-10-30 19:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-10 21:43 - 2014-10-30 19:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 21:43 - 2014-10-30 19:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 21:43 - 2014-10-30 19:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 21:43 - 2014-10-30 19:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 21:43 - 2014-10-30 19:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-12-10 21:43 - 2014-10-30 19:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 21:43 - 2014-10-30 19:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2014-12-10 21:43 - 2014-10-30 19:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 21:43 - 2014-10-30 19:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-12-10 21:43 - 2014-10-30 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 21:43 - 2014-10-30 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-12-10 21:43 - 2014-10-30 18:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-10 21:43 - 2014-10-30 18:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-12-10 21:43 - 2014-10-30 18:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 21:43 - 2014-10-30 18:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-10 21:43 - 2014-10-30 18:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-12-10 21:43 - 2014-10-30 18:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-12-10 21:43 - 2014-10-12 18:43 - 00238912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-12-10 21:43 - 2014-10-12 18:43 - 00153920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-12-10 21:43 - 2014-10-12 18:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-12-10 21:43 - 2014-10-12 18:43 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-12-10 21:43 - 2014-09-03 16:12 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-12-10 21:43 - 2014-09-03 16:01 - 00514048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-12-10 21:43 - 2014-08-01 16:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-12-10 21:43 - 2014-07-15 10:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-12-10 21:43 - 2014-07-15 00:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-12-10 21:43 - 2014-07-15 00:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-12-10 21:43 - 2014-07-15 00:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-12-10 21:43 - 2014-07-11 20:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-12-10 21:43 - 2014-06-04 01:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-12-10 21:43 - 2014-06-03 21:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-12-10 21:43 - 2014-06-03 20:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-12-10 21:33 - 2014-12-10 21:36 - 00026405 _____ () C:\Users\Allyson\Downloads\Addition.txt
2014-12-10 21:30 - 2014-12-22 19:16 - 00017780 _____ () C:\Users\Allyson\Downloads\FRST.txt
2014-12-10 21:30 - 2014-12-22 19:16 - 00000000 ____D () C:\FRST
2014-12-10 21:29 - 2014-12-22 19:15 - 02122240 _____ (Farbar) C:\Users\Allyson\Downloads\FRST64.exe
2014-12-09 20:23 - 2014-12-10 21:53 - 00000000 ____D () C:\Users\Allyson\AppData\Local\CrashDumps
2014-12-07 11:05 - 2014-12-07 11:05 - 00000000 ____D () C:\Windows\System32\Tasks\Aviata
2014-12-07 11:02 - 2014-12-12 16:45 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-07 11:02 - 2014-12-07 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-07 11:01 - 2014-12-22 18:11 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 11:01 - 2014-12-22 17:54 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 11:01 - 2014-12-07 11:06 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-07 11:01 - 2014-12-07 11:06 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-07 11:01 - 2014-12-07 11:03 - 00000000 ____D () C:\Users\Allyson\AppData\Local\Google
2014-12-07 11:01 - 2014-12-07 11:02 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-07 11:01 - 2014-12-07 11:01 - 00819176 _____ (Google Inc.) C:\Users\Allyson\Desktop\Setup_product_2937.exe
2014-12-07 10:59 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-12-07 10:53 - 2014-12-07 10:53 - 00003988 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-12-07 10:53 - 2014-12-07 10:53 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-12-07 10:53 - 2014-12-07 10:53 - 00003198 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-12-07 10:51 - 2014-12-11 19:37 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{AEF6BFD7-412F-49AB-9828-00AD52EA5305}
2014-12-07 10:51 - 2014-12-07 10:51 - 00000000 __SHD () C:\Users\Allyson\AppData\Local\EmieUserList
2014-12-07 10:51 - 2014-12-07 10:51 - 00000000 __SHD () C:\Users\Allyson\AppData\Local\EmieSiteList
2014-12-07 10:51 - 2014-12-07 10:51 - 00000000 ____D () C:\Users\Allyson\AppData\Roaming\DropboxOEM
2014-12-06 11:40 - 2014-08-13 11:19 - 00000113 ____H () C:\DBAR_Ver.txt
2014-12-06 11:39 - 2014-12-11 20:33 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4117855597-3340283673-3293475651-1001
2014-12-06 11:39 - 2014-12-06 11:40 - 00000000 ____D () C:\ProgramData\softthinks
2014-12-06 11:39 - 2014-12-06 11:39 - 00000000 ____D () C:\Users\Allyson\AppData\Roaming\Macromedia
2014-12-06 11:38 - 2014-12-11 20:29 - 00000000 ____D () C:\Users\Allyson\OneDrive
2014-12-06 11:35 - 2014-12-11 21:33 - 00000000 ____D () C:\ProgramData\Atheros
2014-12-06 11:35 - 2014-12-11 20:46 - 00000000 ____D () C:\Users\Allyson\Documents\Bluetooth Folder
2014-12-06 11:35 - 2014-12-06 11:35 - 00000000 ____D () C:\Users\Allyson\AppData\Local\DropboxOEM
2014-12-06 11:35 - 2014-12-06 11:35 - 00000000 ____D () C:\Users\Allyson\AppData\Local\BMExplorer
2014-12-06 11:35 - 2014-12-06 11:35 - 00000000 ____D () C:\Users\Allyson\AppData\Local\Aviata
2014-12-06 11:34 - 2014-12-11 21:32 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-12-06 11:34 - 2014-12-06 11:38 - 00000000 ____D () C:\Users\Allyson\AppData\Local\Packages
2014-12-06 11:34 - 2014-12-06 11:34 - 00001448 _____ () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-06 11:34 - 2014-12-06 11:34 - 00000000 ____D () C:\Users\Allyson\AppData\Roaming\Atheros
2014-12-06 11:34 - 2014-12-06 11:34 - 00000000 ____D () C:\Users\Allyson\AppData\Roaming\Adobe
2014-12-06 11:32 - 2014-12-06 11:38 - 00000000 ____D () C:\Users\Allyson
2014-12-06 11:32 - 2014-12-06 11:32 - 00000020 ___SH () C:\Users\Allyson\ntuser.ini
2014-12-06 11:32 - 2014-11-09 00:16 - 00000141 _____ () C:\Users\Allyson\Desktop\eBay.url
2014-12-06 11:32 - 2014-11-08 23:23 - 00000000 ___RD () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-06 11:32 - 2014-11-08 23:23 - 00000000 ___RD () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-06 11:32 - 2014-03-18 01:54 - 00000369 _____ () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-12-06 11:32 - 2014-03-18 01:54 - 00000369 _____ () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-12-06 11:32 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-06 11:32 - 2013-08-22 07:36 - 00000000 ____D () C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-22 19:00 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-22 18:38 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\rescache
2014-12-22 18:23 - 2014-11-09 00:02 - 01839185 _____ () C:\Windows\WindowsUpdate.log
2014-12-22 18:05 - 2013-08-22 07:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-22 18:00 - 2014-11-09 00:17 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-12-22 17:59 - 2013-08-22 05:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-12-12 16:03 - 2014-11-09 00:20 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-12-12 16:02 - 2014-03-18 01:44 - 00025780 _____ () C:\Windows\PFRO.log
2014-12-12 16:02 - 2013-08-22 06:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-12 16:02 - 2013-08-22 06:44 - 00337840 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-12 16:01 - 2013-08-22 05:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-12-12 00:39 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-11 21:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\Windows\ToastData
2014-12-11 21:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-12-11 21:17 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\WinStore
2014-12-11 21:17 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 21:17 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-12-11 21:17 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\FileManager
2014-12-11 21:17 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\Camera
2014-12-11 21:17 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-11 20:42 - 2014-11-09 00:10 - 00000000 ____D () C:\Program Files\Dell
2014-12-11 20:30 - 2014-11-09 00:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-12-11 20:22 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-12-11 20:02 - 2014-03-18 01:53 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-11 19:52 - 2013-08-22 06:46 - 00015492 _____ () C:\Windows\setupact.log
2014-12-10 00:10 - 2013-08-22 05:25 - 00000194 _____ () C:\Windows\win.ini
2014-12-07 11:01 - 2014-11-09 00:20 - 00000000 ____D () C:\ProgramData\McAfee
2014-12-07 11:00 - 2014-11-09 00:20 - 00000000 ____D () C:\Program Files\mcafee
2014-12-06 11:34 - 2014-11-08 22:32 - 00000000 ____D () C:\Windows\Panther
 
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\FAInstallV4.001.221.Dell.exe
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-22 18:19
 
==================== End Of Log ============================
 
Addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2014 01
Ran by Admin at 2014-12-22 19:17:39
Running from C:\Users\Allyson\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Data Services (HKLM\...\{90F9BFC9-A2A9-403F-9A40-1063FAD035BA}) (Version: 1.1.6.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{0D2426EF-A4D1-403B-B78B-2897D6AD3021}) (Version: 1.1.333.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{17FFE63C-6734-4950-B488-134B5A2505F7}) (Version: 2.04.0280 - Aviata Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.1.2.3 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{D9D0E75C-F791-402A-98E2-A2F43E7B0CE3}) (Version: 1.1.1054.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
Face Recognition (HKLM\...\{AE8001CB-8ED9-46FD-838F-837C3CEC9AFD}) (Version: 4.1.201.1 - Sensible Vision)
GamesDesktop 025.11 (HKLM-x32\...\gmsd_us_11_is1) (Version:  - GAMESDESKTOP)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 13.0.244 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.154 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell)
My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden
PocketCloud (HKLM-x32\...\{D9752C7D-A595-4687-A0D5-362E9C311C55}) (Version: 2.7.14 - Wyse Technology)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.21 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7283 - Realtek Semiconductor Corp.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0052 - ST Microelectronics)
WinCheck (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - WinCheck) <==== ATTENTION!
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
11-12-2014 20:05:18 zoek.exe restore point
22-12-2014 17:53:44 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {14F1847F-B03E-417E-AA31-01677A2A961C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {3F43B385-A5ED-4FDF-9635-193FAE831FAC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-11-27] (Microsoft Corporation)
Task: {4548EA78-4A0C-4C9C-9970-199C8D95478C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {47459B24-1873-45BB-B4FA-A16F729860D9} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {5282C7D9-2C43-4F36-BEAB-A09F8E6841A1} - \ProPCCleaner_Start No Task File <==== ATTENTION
Task: {5523321B-BB31-4C22-9F12-E6C554D2378D} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-01] (Aviata Inc)
Task: {5BCF0D7A-CBD8-4558-B1CC-662A2A83CEA0} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-06-30] (Realtek Semiconductor)
Task: {68D97962-2EED-4BC3-BE59-B207D6803CCC} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer.exe [2013-08-22] ()
Task: {7D934710-A1DC-4186-BE5F-178F4074E4B4} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {913F5FF9-2166-42EA-A001-F1060858965A} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-01] (Aviata Inc)
Task: {94490385-679F-43D9-9AE7-AE8D0FCE9CDA} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {C457524F-6B7F-4CC8-9894-0C76260C6238} - \ProPCCleaner_Popup No Task File <==== ATTENTION
Task: {D0F0557A-040E-4331-B466-1B9076A804B7} - System32\Tasks\PocketCloudUpdater => C:\Program
Task: {D42B7F01-DA4F-4E3C-AE3F-563A37E82355} - System32\Tasks\Aviata\PowerRegister\Dell Reminder (Allyson) => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-01] (Aviata Inc)
Task: {DC9E9420-B4C4-4537-8418-8AB1A05C504C} - System32\Tasks\PocketCloud => C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe [2013-08-22] ()
Task: {EDD7C042-48CA-42FD-A3EE-A5E5EFC0E3B1} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-03-10] (Synaptics Incorporated)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-08-22 11:40 - 2013-08-22 11:40 - 00016176 _____ () C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
2013-08-22 11:40 - 2013-08-22 11:40 - 00040240 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherServiceLib.dll
2013-08-22 11:40 - 2013-08-22 11:40 - 00046384 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherHelperLib.dll
2014-11-09 00:18 - 2014-06-04 15:02 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2014-11-09 00:18 - 2014-06-04 15:02 - 00019744 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2014-02-26 00:46 - 2014-02-26 00:46 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 00:43 - 2014-02-26 00:43 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-26 00:50 - 2014-02-26 00:50 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2014-09-02 11:40 - 2014-09-02 11:40 - 00462160 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
2014-07-01 15:43 - 2014-07-01 15:43 - 04357936 _____ () C:\Program Files (x86)\Sensible Vision\Fast Access\FAAppMonOT.exe
2014-11-09 00:18 - 2014-07-02 21:55 - 00487144 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2014-07-01 16:00 - 2014-07-01 16:00 - 00094000 _____ () C:\Windows\SYSTEM32\FAIEExtension.DLL
2013-04-04 14:42 - 2013-04-04 14:42 - 00012424 _____ () C:\Program Files (x86)\Sensible Vision\Fast Access\MFCaptureD3D_2_DLL.dll
2014-11-24 11:39 - 2014-11-24 11:39 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2014-09-02 11:40 - 2014-09-02 11:40 - 00214352 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\Ledger.dll
2014-09-02 11:40 - 2014-09-02 11:40 - 00114000 _____ () C:\Program Files (x86)\Dropbox\DropboxOEM\zlib1.dll
2014-07-01 16:01 - 2014-07-01 16:01 - 00028976 _____ () C:\Program Files (x86)\Sensible Vision\Fast Access\QtSolutions_MFCMigrationFramework-2.8.dll
2014-12-12 16:45 - 2014-12-05 17:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 16:45 - 2014-12-05 17:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 16:45 - 2014-12-05 17:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 16:45 - 2014-12-05 17:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-11-09 00:18 - 2014-07-30 17:37 - 01906464 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-11-09 00:18 - 2012-11-25 23:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-11-09 00:17 - 2012-11-25 23:19 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Admin\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Allyson\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Admin (S-1-5-21-4117855597-3340283673-3293475651-1004 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-4117855597-3340283673-3293475651-500 - Administrator - Disabled)
Allyson (S-1-5-21-4117855597-3340283673-3293475651-1001 - Limited - Enabled) => C:\Users\Allyson
Guest (S-1-5-21-4117855597-3340283673-3293475651-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4117855597-3340283673-3293475651-1003 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: facap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/22/2014 05:55:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 50c
 
Start Time: 01d01e53622de336
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: c9e6f44d-8a46-11e4-825b-c03896277c18
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (12/22/2014 05:55:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ALLYSPC)
Description: Package microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe+ppleae38af2e007f4358a809ac99a64a67c1 was terminated because it took too long to suspend.
 
Error: (12/22/2014 05:55:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALLYSPC)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (12/22/2014 05:55:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ALLYSPC)
Description: Package microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe+Microsoft.WindowsLive.Mail was terminated because it took too long to suspend.
 
Error: (12/12/2014 03:55:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program prodreg.exe version 2.4.280.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1ac8
 
Start Time: 01d016665ceb66c8
 
Termination Time: 156
 
Application Path: C:\Program Files (x86)\Dell Product Registration\prodreg.exe
 
Report Id: 4abd704c-825a-11e4-825a-c03896277c18
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (12/22/2014 05:54:49 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (12/12/2014 04:03:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The My Dell Client Framework service failed to start due to the following error: 
%%1053
 
Error: (12/12/2014 04:03:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the My Dell Client Framework service to connect.
 
Error: (12/12/2014 03:58:22 PM) (Source: DCOM) (EventID: 10010) (User: ALLYSPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (12/12/2014 03:57:51 PM) (Source: DCOM) (EventID: 10010) (User: ALLYSPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (12/12/2014 03:57:21 PM) (Source: DCOM) (EventID: 10010) (User: ALLYSPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (12/12/2014 03:56:51 PM) (Source: DCOM) (EventID: 10010) (User: ALLYSPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (12/12/2014 03:56:20 PM) (Source: DCOM) (EventID: 10010) (User: ALLYSPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (12/12/2014 03:55:50 PM) (Source: DCOM) (EventID: 10010) (User: ALLYSPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (12/12/2014 03:55:19 PM) (Source: DCOM) (EventID: 10010) (User: ALLYSPC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
 
Microsoft Office Sessions:
=========================
Error: (12/22/2014 05:55:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2068950c01d01e53622de3364294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exec9e6f44d-8a46-11e4-825b-c03896277c18microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (12/22/2014 05:55:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ALLYSPC)
Description: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe+ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (12/22/2014 05:55:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALLYSPC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927142
 
Error: (12/22/2014 05:55:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ALLYSPC)
Description: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe+Microsoft.WindowsLive.Mail
 
Error: (12/12/2014 03:55:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: prodreg.exe2.4.280.01ac801d016665ceb66c8156C:\Program Files (x86)\Dell Product Registration\prodreg.exe4abd704c-825a-11e4-825a-c03896277c18
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-12-06 11:38:53.270
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Celeron® CPU N2830 @ 2.16GHz
Percentage of memory in use: 61%
Total physical RAM: 3979.2 MB
Available physical RAM: 1541.48 MB
Total Pagefile: 5387.2 MB
Available Pagefile: 3132.95 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:456.98 GB) (Free:420.51 GB) NTFS
Drive d: (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32
Drive x: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.46 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:7.39 GB) (Free:0.74 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 95BAA5FB)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
And the lost JRT.txt:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 8.1 x64
Ran by Admin on Fri 12/12/2014 at 15:47:12.14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 12/12/2014 at 15:53:41.73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
Thank you again,
Dave

  • 0

#12
Naathim
Posted 24 December 2014 - 08:56 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Hi :)
 
Please post me the contents of this file:
 
C:\Users\Admin\Desktop\JRT.txt


Merry Christmas! :)
  • 1

#13
Inner Child
Posted 24 December 2014 - 10:46 AM

Inner Child

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts

I attached the JRT.txt to the last post. I guess it becomes overwhelming to have multiple log files in a single post. I will seperate them in the future.

 

Here is the JRT.txt file that you requested.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 8.1 x64
Ran by Admin on Fri 12/12/2014 at 15:47:12.14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 12/12/2014 at 15:53:41.73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
Merry Christmas to you and yours.
 
Dave

  • 0

#14
Naathim
Posted 27 December 2014 - 08:57 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Hi :)

Sorry for the delay, Christmas happened here. I hope you had pleasant time lately :)


I'd like you to download a fresh ZOEK version and run the following:


51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;
process;
services-list;
systemspecs;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;
installedprogs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Please include its content in your next reply.
Don't forget to re-enable your switched-off protection software!
  • 1

#15
Inner Child
Posted 28 December 2014 - 11:25 PM

Inner Child

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts

Naat,

 

I trust that your Christmas went well. 

 

Here is the Zoek log file:

 

 
Zoek.exe v5.0.0.0 Updated 28-12-2014
Tool run by Admin on Sun 12/28/2014 at 21:13:54.26.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Admin\Downloads\zoek.exe [Scan all users] [Script inserted] 
 
==== Older Logs ======================
 
C:\zoek-results2014-12-12-042822.log 12144 bytes
C:\zoek-results2014-12-23-021040.log 40098 bytes
 
==== System Restore Info ======================
 
12/28/2014 9:16:53 PM Zoek.exe System Restore Point Created Succesfully.
 
==== Installed Programs ======================
 
Amazon 1Button App  
Dell Backup and Recovery  
Dell Data Services  
Dell Digital Delivery  
Dell Foundation Services  
Dell Product Registration  
Dell Touchpad  
Dell Update  
Dell WLAN and Bluetooth Client Installation  
Dropbox 20 GB  
DSC/AA Factory Installer  
Face Recognition  
GamesDesktop 025.11  
Google Chrome  
Google Update Helper  
Intel® Processor Graphics  
McAfee LiveSafe - Internet Security  
McAfee SiteAdvisor  
Microsoft Office  
Microsoft Visual C++ 2005 Redistributable (x64)  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727  
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106  
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727  
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727  
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106  
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106  
My Dell  
My Dell Client Framework  
PocketCloud  
Qualcomm Atheros Bluetooth Suite (64)  
Quickset64  
Realtek High Definition Audio Driver  
ST Microelectronics 3 Axis Digital Accelerometer Solution  
WinCheck  
 
==== Running Processes ======================
 
C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FAsenmon.exe
C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FACSMon.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FAAppMonOT.exe
C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
C:\Users\Admin\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
 
==== Services(whitelist) ======================
Powered by E Dev
 
R2 - [AERTFilters] - Andrea RT Filters Service - c:\program files\realtek\audio\hda\aertsr64.exe
R2 - [AtherosSvc] - AtherosSvc - c:\program files (x86)\dell wireless\bluetooth suite\adminservice.exe
R2 - [Dell Data Services] - Dell Data Services - c:\program files\dell\dell data services\ddssvc.exe
R2 - [Dell Foundation Services] - Dell Foundation Services - c:\program files\dell\dell foundation services\dfssvc.exe
R2 - [DellDigitalDelivery] - Dell Digital Delivery Service - c:\program files (x86)\dell digital delivery\deliveryservice.exe
R2 - [FAService] - FAService - c:\program files (x86)\sensible vision\fast access\faservice.exe
R2 - [McAPExe] - McAfee AP Service - c:\program files\mcafee\msc\mcapexe.exe
R2 - [mfecore] - McAfee Anti-Malware Core - c:\program files\common files\mcafee\amcore\mcshield.exe
R2 - [mfefire] - McAfee Firewall Core Service - c:\program files\common files\mcafee\systemcore\\mfefire.exe
R2 - [mfevtp] - McAfee Validation Trust Protection Service - c:\windows\system32\mfevtps.exe
R2 - [RtkAudioService] - Realtek Audio Service - c:\program files\realtek\audio\hda\rtkaudioservice64.exe
R2 - [SftService] - SoftThinks Agent Service - c:\program files (x86)\dell backup and recovery\sftservice.exe
R2 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
R2 - [WavesSysSvc] - Waves System Service - c:\program files\realtek\audio\hda\wavessyssvc64.exe
R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R2 - [WysePocketCloud] - Wyse PocketCloud - c:\program files (x86)\wyse\pocketcloud\pocketcloudservice.exe
R2 - [WyseRemoteAccess] - Wyse RemoteAccess - c:\program files (x86)\wyse\pocketcloud\wyseremoteaccess.exe
R3 - [McODS] - McAfee Scanner - c:\program files\mcafee\virusscan\mcods.exe
R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
S2 - [0052811418358498mcinstcleanup] - McAfee Application Installer Cleanup (0052811418358498) - c:\windows\temp\005281~1.exe
S2 - [DellUpdate] - Dell Update Service - c:\program files (x86)\dell update\dellupservice.exe
S2 - [gupdate] - Google Update Service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [My Dell Client Framework] - My Dell Client Framework - c:\program files (x86)\dell\my dell client framework\dell.clientframework.exe
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [cphs] - Intel® Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
S3 - [DellProdRegManager] - Dell Product Registration Manager - c:\program files (x86)\dell product registration\regmgrsvc.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [gupdatem] - Google Update Service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [ICCS] - Intel® Integrated Clock Controller Service - Intel® ICCS - c:\program files (x86)\intel\intel® integrated clock controller service\iccproxy.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [McAWFwk] - McAfee Activation Service - c:\progra~1\common~1\mcafee\actwiz\mcawfwk.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe
S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
 
==== System Specs ======================
 
Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 3980 MB
CPU Info: Intel® Celeron® CPU  N2830  @ 2.16GHz
CPU Speed: 2171.0 MHz
Sound Card: Speakers / Headphones (Realtek  | 
Display Adapters: Intel® HD Graphics | Intel® HD Graphics
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Bluetooth Device (Personal Area Network) | Microsoft Wi-Fi Direct Virtual Adapter | Dell Wireless 1707 802.11b/g/n (2.4GHZ)
CD / DVD Drives: No optical drives found.
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 2 Button Mouse Present
Hard Disks: C:  457.0GB | D:  496.0MB | X:  750.0MB | Y:  7.4GB
Hard Disks - Free: C:  419.5GB | D:  444.9MB | X:  467.4MB | Y:  753.4MB
Manufacturer *: Dell Inc.
BIOS Info: AT/AT COMPATIBLE |  | DELL   - 3
Time Zone: Pacific Standard Time
Motherboard *: Dell Inc. 0R9H2G
Country: United States 
Language: ENU 
 
==== System Specs (Software) ======================
 
Anti-Virus: McAfee Anti-Virus and Anti-Spyware On-access scanning disabled (Outdated)
Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Spyware: McAfee Anti-Virus and Anti-Spyware disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Firewall: McAfee Firewall disabled
Default Browser: Google Chrome 39.0.2171.95
Internet Explorer Version: 11.0.9600.17498 
 
==== Files Recently Created / Modified ======================
 
====== C:\Windows ====
2014-12-11 05:46:26 ACDBE1ED38167C8B01B8F63161BB2CEA 2374784 ----a-w- C:\Windows\explorer.exe
====== C:\Users\Admin\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2014-12-12 03:52:45 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-12-11 05:47:06 4E1207CE16E615B0B7A70DC889F4500E 563976 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
2014-12-11 05:47:05 9F08A6608F98B5407E7DDBCF306573EF 27456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys
2014-12-11 05:47:05 6D2EE96150E35B9EA49F2B481DE0369A 177472 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2014-12-11 05:45:52 97B9076611291AE4C4C107BC915BD026 1200640 ----a-w- C:\Windows\Sysnative\drivers\bthport.sys
2014-12-11 05:45:50 65392F3F3F65E4C6CC82A0F4F8A0B051 468288 ----a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS
2014-12-11 05:45:49 E0927EFA25D473367C3341B9F5969779 115712 ----a-w- C:\Windows\Sysnative\drivers\bridge.sys
2014-12-11 05:45:31 CCB3A2BB60FE5073F2DEA63FE83CF8FE 2497344 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2014-12-11 05:45:23 E3FCE2A6B3533D99A3B498504DF9CC47 474432 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
2014-12-11 05:45:17 7F23E38C5B6448F91439E4066645191E 428864 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2014-12-11 05:45:16 66732C13628BDB1AB0D6FD46027327C2 148800 ----a-w- C:\Windows\Sysnative\drivers\USBSTOR.SYS
2014-12-11 05:43:06 B02118A776C368F7EE1A8CC81378D265 153920 ----a-w- C:\Windows\Sysnative\drivers\dumpsd.sys
2014-12-11 05:43:06 A770340FC02B999EF0DE6C2A6BC8437C 39744 ----a-w- C:\Windows\Sysnative\drivers\intelpep.sys
2014-12-11 05:43:06 7B7C482CF48E6EE33664340D1A78E6FE 238912 ----a-w- C:\Windows\Sysnative\drivers\sdbus.sys
2014-12-11 05:43:06 24A8DFC07E4BAF29AEA26E383D4CC886 86336 ----a-w- C:\Windows\Sysnative\drivers\pdc.sys
2014-12-07 18:59:14 29F981739E50305128022CBE10B3659C 197704 ----a-w- C:\Windows\Sysnative\drivers\HipShieldK.sys
====== C:\Windows\Tasks ======
2014-12-12 05:37:43 23AD46F12A4F26D0E06F159F320D2BF4 3598 ----a-w- C:\Windows\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4117855597-3340283673-3293475651-1004
2014-12-07 19:05:38 -------- d-----w- C:\Windows\Sysnative\Tasks\Aviata
2014-12-07 19:01:59 D19878B5997855DA31CF20F706EA594F 3896 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2014-12-07 19:01:59 0A55DDA8E3304523FB7B19F62F81922D 924 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 19:01:58 767475E658965944203867F9B76592F8 3660 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2014-12-07 19:01:58 22A69C693AA1ECB4B161F36E51B0F713 920 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 18:53:35 9A19E2DB3278163BD4FF8D6572728625 3440 ----a-w- C:\Windows\Sysnative\Tasks\PCDEventLauncherTask
2014-12-07 18:53:34 91A9DF052827390A4A80BB12736CB1F8 3988 ----a-w- C:\Windows\Sysnative\Tasks\PCDoctorBackgroundMonitorTask
2014-12-07 18:53:32 AFD0AAB7E01B17C413AAE016901444C1 3198 ----a-w- C:\Windows\Sysnative\Tasks\SystemToolsDailyTest
2014-12-07 18:51:25 F43BED108FCA65055EE96D605C2231B2 3930 ----a-w- C:\Windows\Sysnative\Tasks\User_Feed_Synchronization-{AEF6BFD7-412F-49AB-9828-00AD52EA5305}
2014-12-06 19:39:30 28D53FE61764049714A0D00D58ADF818 3598 ----a-w- C:\Windows\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4117855597-3340283673-3293475651-1001
2014-12-06 19:34:38 -------- d-----w- C:\Windows\Sysnative\Tasks\WPD
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-12-12 23:45:10 -------- d-----w- C:\PROGRA~2\Sensible Vision
2014-12-12 04:30:58 -------- d-----w- C:\PROGRA~2\Dell Digital Delivery
2014-12-07 19:01:57 -------- d-----w- C:\PROGRA~2\Google
======= C: =====
2014-12-06 19:40:14 B99B721997D83CF7F2801F5E5027ACAF 113 ---ha-w- C:\DBAR_Ver.txt
====== C:\Users\Admin\AppData\Roaming ======
2014-12-23 02:02:15 -------- d-----w- C:\Users\Admin\AppData\Local\Intel_Corporation
2014-12-23 01:55:27 -------- d-----r- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-12-13 00:04:07 -------- d-----w- C:\Users\Admin\AppData\Roaming\FastAccessSup
2014-12-12 23:40:51 -------- d-----w- C:\Users\Admin\AppData\Roaming\DropboxOEM
2014-12-12 05:35:36 -------- d-----w- C:\Users\Admin\AppData\Local\Aviata
2014-12-12 05:33:35 -------- d-----w- C:\Users\Admin\AppData\Local\BMExplorer
2014-12-12 05:33:16 -------- d-----w- C:\Users\Admin\AppData\Local\DropboxOEM
2014-12-12 05:33:02 -------- d-----w- C:\Users\Admin\AppData\Roaming\Atheros
2014-12-12 05:32:05 -------- d-----r- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-12-12 05:32:05 -------- d-----r- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-12-12 05:31:58 -------- d-----w- C:\Users\Admin\AppData\Roaming\Adobe
2014-12-12 05:31:58 -------- d-----w- C:\Users\Admin\AppData\Local\Packages
2014-12-12 05:31:56 -------- d-----w- C:\Users\Admin\AppData\Local\VirtualStore
2014-12-12 05:31:56 -------- d-----w- C:\Users\Admin\AppData\Local\Google
2014-12-12 05:19:28 61A6BA195C8E177CD54EDF5E9651A3E9 165896 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2014-12-12 04:49:43 -------- d-s---w- C:\Users\Admin\AppData\Locallow\Microsoft
2014-12-12 04:49:39 -------- d-s---w- C:\Users\Admin\AppData\Roaming\Microsoft
2014-12-12 04:49:39 -------- d-----w- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-12 04:49:39 -------- d-----w- C:\Users\Admin\AppData\Local\Temp
2014-12-12 04:49:39 -------- d-----w- C:\Users\Admin\AppData\Local\Microsoft
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-12 04:46:25 -------- d-----r- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-12-12 04:30:22 -------- d-----w- C:\Users\Allyson\AppData\Local\VirtualStore
2014-12-12 04:25:02 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2014-12-12 04:25:01 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2014-12-12 04:25:01 -------- d-----w- C:\Users\Default\AppData\Local\Temp
2014-12-12 04:25:01 -------- d-----w- C:\Users\Default User\AppData\Local\Temp
2014-12-12 04:25:01 -------- d-----w- C:\Users\Allyson\AppData\Local\Temp
2014-12-10 08:12:35 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps
2014-12-10 04:24:19 -------- d-----w- C:\Users\Allyson\AppData\Local\Programs
2014-12-10 04:23:27 -------- d-----w- C:\Users\Allyson\AppData\Local\CrashDumps
2014-12-07 19:06:15 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google
2014-12-07 19:01:57 -------- d-----w- C:\Users\Allyson\AppData\Local\Google
2014-12-07 18:51:33 -------- d-sh--w- C:\Users\Allyson\AppData\Locallow\EmieUserList
2014-12-07 18:51:22 -------- d-sh--w- C:\Users\Allyson\AppData\Local\EmieUserList
2014-12-07 18:51:22 -------- d-sh--w- C:\Users\Allyson\AppData\Local\EmieSiteList
2014-12-07 18:51:17 -------- d-----w- C:\Users\Allyson\AppData\Roaming\DropboxOEM
2014-12-07 18:51:15 -------- d-sh--w- C:\Users\Allyson\AppData\Locallow\EmieSiteList
2014-12-07 18:50:28 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft
2014-12-06 19:37:48 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2014-12-06 19:36:45 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
2014-12-06 19:35:36 -------- d-----w- C:\Users\Allyson\AppData\Local\Aviata
2014-12-06 19:35:31 -------- d-----w- C:\Users\Allyson\AppData\Local\BMExplorer
2014-12-06 19:35:09 -------- d-----w- C:\Users\Allyson\AppData\Local\DropboxOEM
2014-12-06 19:34:55 -------- d-----w- C:\Users\Allyson\AppData\Roaming\Atheros
2014-12-06 19:34:14 -------- d-----r- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-12-06 19:34:14 -------- d-----r- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-12-06 19:34:09 -------- d-----w- C:\Users\Allyson\AppData\Roaming\Adobe
2014-12-06 19:34:01 -------- d-----w- C:\Users\Allyson\AppData\Local\Packages
2014-12-06 19:33:35 -------- d-s---w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft
2014-12-06 19:32:30 -------- d-s---w- C:\Users\Allyson\AppData\Locallow\Microsoft
2014-12-06 19:32:28 -------- d-s---w- C:\Users\Allyson\AppData\Roaming\Microsoft
2014-12-06 19:32:28 -------- d-----w- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-06 19:32:28 -------- d-----w- C:\Users\Allyson\AppData\Local\Microsoft
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
====== C:\Users\Admin ======
2014-12-23 02:00:25 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Searches
2014-12-12 23:45:10 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastAccess Facial Recognition
2014-12-12 23:43:50 -------- d-----w- C:\ProgramData\Package Cache
2014-12-12 05:35:22 -------- d---a-w- C:\Users\Admin\OneDrive
2014-12-12 05:32:05 -------- d-----r- C:\Users\Admin\Searches
2014-12-12 05:32:05 -------- d-----r- C:\Users\Admin\Contacts
2014-12-12 04:49:42 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Admin\ntuser.ini
2014-12-12 04:49:39 -------- d--h--w- C:\Users\Admin\AppData
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Videos
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Saved Games
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Pictures
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Music
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Links
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Favorites
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Downloads
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Documents
2014-12-12 04:49:39 -------- d-----r- C:\Users\Admin\Desktop
2014-12-12 04:27:35 8E1B08222F20E45A3E8DB04C569F9CB7 8 --sha-r- C:\ProgramData\ntuser.pol
2014-12-07 19:02:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-06 21:24:20 -------- d--h--r- C:\Users\Public\AccountPictures
2014-12-06 19:39:42 -------- d-----w- C:\ProgramData\softthinks
2014-12-06 19:38:42 -------- d---a-w- C:\Users\Allyson\OneDrive
2014-12-06 19:35:04 -------- d-----w- C:\ProgramData\Atheros
2014-12-06 19:34:14 -------- d-----r- C:\Users\Allyson\Searches
2014-12-06 19:34:13 -------- d-----r- C:\Users\Allyson\Contacts
2014-12-06 19:32:28 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Allyson\ntuser.ini
2014-12-06 19:32:28 -------- d--h--w- C:\Users\Allyson\AppData
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\Saved Games
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\Pictures
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\Music
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\Links
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\Favorites
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\Downloads
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\Documents
2014-12-06 19:32:28 -------- d-----r- C:\Users\Allyson\Desktop
2014-12-06 19:32:27 -------- d-----r- C:\Users\Allyson\Videos
 
====== C: exe-files ==
2014-12-23 03:15:37 55DBDB936D733425340DAB3BE4B13900 2122240 ----a-w- C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\2NO76NG0\FRST64[1].exe
2014-12-23 01:59:43 AE1D46B9E4763129402DA59FE02E4B1D 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-4117855597-3340283673-3293475651-1004\$IM0TCRY.exe
2014-12-23 01:59:40 A964F93072E56378F134C945966D87CC 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-4117855597-3340283673-3293475651-1004\$I7F8VT4.exe
2014-12-23 01:56:28 E398F7E550FFBBE2C3E8272776D0D354 46882080 ----a-w- C:\Users\Admin\AppData\Roaming\DropboxOEM\download\5p1ouasl.ijp\DropboxFull_3.0.4.exe
=== C: other files ==
 
==== Startup Registry Enabled ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"
"DropboxOEM"="C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe auto"
"FATrayAlert"="C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe"
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
 
==== Startup Registry Enabled x64 ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX5"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"QuickSet"="c:\Program Files\Dell\QuickSet\QuickSet.exe"
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
 
==== Task Scheduler Jobs ======================
 
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12/07/2014 11:01 AM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12/07/2014 11:01 AM]
 
==== Other Scheduled Tasks ======================
 
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\My Dell\sessionchecker.exe"]
"C:\Windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\My Dell\uaclauncher.exe"]
"C:\Windows\SysNative\tasks\PocketCloud" [C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe]
"C:\Windows\SysNative\tasks\PocketCloudUpdater" [C:\Program]
"C:\Windows\SysNative\tasks\PocketCloudVirtualChannel" [C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer.exe]
"C:\Windows\SysNative\tasks\RtHDVBg_PushButton" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"]
"C:\Windows\SysNative\tasks\Synaptics TouchPad Enhancements" ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"]
"C:\Windows\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{AEF6BFD7-412F-49AB-9828-00AD52EA5305}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Aviata\PowerRegister\Dell Reminder (Allyson)" [C:\Program Files (x86)\Dell Product Registration\prodreg.exe]
"C:\Windows\SysNative\tasks\Dell\Dell Product Registration" [C:\Program Files (x86)\Dell Product Registration\prodreg.exe]
"C:\Windows\SysNative\tasks\Dell\Dell Product Registration Update" [C:\Program Files (x86)\Dell Product Registration\prodreg.exe]
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso" [12/12/2014 03:45 PM]
 
==== Chromium Look ======================
 
Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[04/23/2014 05:50 PM]
 
Google Slides - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
SiteAdvisor - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
Google Wallet - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Slides - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
SiteAdvisor - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
Google Wallet - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Allyson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
 
==== IE Start and Search Settings ======================
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...ox&FORM=IE8SRC"
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=120 folders=42 66098316 bytes)
 
==== EOF on Sun 12/28/2014 at 21:22:29.07 ======================
 
Dave

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP