Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Mouse sometimes not working and monitor turning itself off. Started ha


  • Please log in to reply

#1
betsym

betsym

    Member

  • Member
  • PipPipPip
  • 129 posts

Everything was working fine until I decided to upgrade to Windows 10 before the deadline. But it didn't want to work right on my computer so I rolled it back to Windows 7. That made things even worse and I ended up having to have my hard drive wiped clean and Windows 7 Home Premium reinstalled. My monitor then went out. It would power on but I couldn't see the desktop. So I got a new monitor. I also had issues opening folders. I would get an error message saying that "Windows cannot open this file. Access denied." Well, the new monitor started shutting itself off and I'd have to restart my computer. It would come back on for a minute and then turn off again and the mouse wouldn't work. I finally restarted it in safe mode and both the monitor and worse work in safe mode. Is this a virus or what?

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-08-2016 01
Ran by Betsy (administrator) on BETSY-PC (09-08-2016 21:32:46)
Running from C:\Users\Betsy\Desktop
Loaded Profiles: Betsy (Available Profiles: Betsy)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [Onboard] => C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe [3164536 2013-06-19] (Western Digital Technologies, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [BCU] => C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [411864 2010-03-05] (DeviceVM, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5524336 2013-06-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-12-07] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [293768 2016-08-04] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [55264 2016-03-10] (Malwarebytes)
HKU\S-1-5-21-1972514636-2645274826-1508751941-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-08-04] (SUPERAntiSpyware)
HKU\S-1-5-21-1972514636-2645274826-1508751941-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-08-04]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{36C3AFAC-E506-41FE-9BD4-D198B8B01804}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1972514636-2645274826-1508751941-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/
SearchScopes: HKU\S-1-5-21-1972514636-2645274826-1508751941-1000 -> {20568616-9DCF-4d7f-938E-035F9452ECD1} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
SearchScopes: HKU\S-1-5-21-1972514636-2645274826-1508751941-1000 -> {62D5BD73-04F3-4333-8679-D258A413D897} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=en&q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13] (RealDownloader)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-09] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-08-09] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-09] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-08-09] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-09] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-09] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-09] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-09] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-09] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-02-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-02-28] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-08-04] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-08-04] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2016-08-04]
CHR Extension: (Google Slides) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-03]
CHR Extension: (Radio) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh [2016-08-04]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2016-08-04]
CHR Extension: (Ancient History Encyclopedia) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahggffalhoajbhlaogbplamaaghnncle [2016-08-04]
CHR Extension: (IconSmash - Free Icons) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahphhkpleajnegckhjiogcpojdjimcob [2016-08-04]
CHR Extension: (Theme Creator) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc [2016-08-04]
CHR Extension: (Google Docs) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-03]
CHR Extension: (Google Drive) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-03]
CHR Extension: (MindMeister) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdehgigffdnkjpaindemkaniebfaepjm [2016-08-04]
CHR Extension: (TV) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2016-08-04]
CHR Extension: (YouTube) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-03]
CHR Extension: (Bible) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\boljbeanmjklkbfnppfedajbgeongccb [2016-08-04]
CHR Extension: (Radio Paradise HD) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfipoepojmpflbibfkabgamkgcppgao [2016-08-04]
CHR Extension: (BookSliced ) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbmmmggneafjbjafolahmjlniibamgm [2016-08-04]
CHR Extension: (Yo Jigsaw Puzzle) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcgbpljnllgngdokjdahglhopnckdel [2016-08-04]
CHR Extension: (Word Search) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj [2016-08-04]
CHR Extension: (Free Online Games) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eciikokclglkbdhbmecaodaanacocdda [2016-08-04]
CHR Extension: (Feltipen) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocigfodbakglnhcfokapbcgbmnjnnna [2016-08-04]
CHR Extension: (Pandora) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2016-08-04]
CHR Extension: (Google Sheets) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-03]
CHR Extension: (Causality Games) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\femoooemgmjaebeodbbikbkmhlafenpl [2016-08-04]
CHR Extension: (Sherwood Dungeon) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchmabiifbainacfbjdnphikecbelkoo [2016-08-04]
CHR Extension: (Museum of Thieves) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfmfcbbfpfhgimahmdgbakemclmkklge [2016-08-04]
CHR Extension: (Google Docs Offline) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-03]
CHR Extension: (MagicScroll eBook Reader) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2016-08-04]
CHR Extension: (Creatures & Castles) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpeacgpdnhofhebmincihdelcemhagd [2016-08-04]
CHR Extension: (Flixster) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh [2016-08-04]
CHR Extension: (Fashion Arena) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjeihoebllhjahohmmbledgkgapldmlf [2016-08-04]
CHR Extension: (NPR Infinite Player) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpcelemhneoooapbbopolpjhmbfmnbf [2016-08-04]
CHR Extension: (Crackle) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2016-08-04]
CHR Extension: (Word Search) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibgcembfplpfknjdcjifgfgpnijeppei [2016-08-04]
CHR Extension: (Mind42) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icodbndgedclejcmgnjfigcclgafddhh [2016-08-04]
CHR Extension: (Rack ur Brain) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifniicpaikdndebancakkbmjjfhloena [2016-08-04]
CHR Extension: (Escape the Mansion) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\igidehinggodbiknfganhbghapfcmgkg [2016-08-04]
CHR Extension: (The VW Beetle club) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihlacjigajombjbafklhimhglgnnmoaf [2016-08-04]
CHR Extension: (Murder Files) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijfecbiladpinddbjfodaaiahggomhaf [2016-08-04]
CHR Extension: (Roomstyler 3D planner) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfnniehafojoidolddmhfnpnbiolbppi [2016-08-04]
CHR Extension: (Typing Test - KeyHero) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm [2016-08-04]
CHR Extension: (Lady Popular) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnamdlacgipmoldlhfgjficjiclhgibm [2016-08-04]
CHR Extension: (The Raven) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kffogcmhohbenlbliifpbbcnnokgoaao [2016-08-04]
CHR Extension: (Alarm Clock Radio) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipdhcpepbpjaoggihaloebfjfafagmi [2016-08-04]
CHR Extension: (Radio Paradise Now Playing) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjkilieinibghgmehadakcmdonfljmod [2016-08-04]
CHR Extension: (Little Alchemy) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-08-04]
CHR Extension: (Google Play) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-08-04]
CHR Extension: (Cute Kitty's Candies) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lannihfmgffechdnmnbfmkokfpobfbap [2016-08-04]
CHR Extension: (LIFEYO) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lclfjapeleajldloiflhdagnfkmijmea [2016-08-04]
CHR Extension: (ourWorld) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lepkjinjcnnhflmcfgofdnmahpdeaeoh [2016-08-04]
CHR Extension: (TV for Google Chrome™) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe [2016-08-04]
CHR Extension: (Maukie Matching) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfjkehpnfnehklmfppkdlkpgngnfdcn [2016-08-04]
CHR Extension: (Google Maps) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-08-04]
CHR Extension: (Plink) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\loeiekheegipnnbcfbfkanbbegkhjjcm [2016-08-04]
CHR Extension: (Lazarus: Form Recovery) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2016-08-04]
CHR Extension: (Readable Colors) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\macccnigegaaklkmimficcofikbblncb [2016-08-04]
CHR Extension: (Rising Cities) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdiapnkglobpcfafhmcoecifdkegnkgi [2016-08-04]
CHR Extension: (Books to Buy) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\miiilkecoabpckpkdlliifhboklfmpac [2016-08-04]
CHR Extension: (Mixify) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkjlbfglfefcmkmglakdocbgnggeieno [2016-08-04]
CHR Extension: (Google Play Books) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2016-08-04]
CHR Extension: (My Time Organizer) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbgjpoemniodpkigbjkleiaoifclhfdm [2016-08-04]
CHR Extension: (Pirates Glory) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbbhdhkbdhdnegpeadgangnbomcegca [2016-08-04]
CHR Extension: (Word Search) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbimfhkdlhlflmfikaglfelodpcdfmd [2016-08-04]
CHR Extension: (Vilanoise TV) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlpooomomkhnelcnlomcoffaaofhfmmf [2016-08-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-03]
CHR Extension: (TypingClub) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah [2016-08-04]
CHR Extension: (Print Friendly & PDF) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlencieiipommannpdfcmfdpjjmeolj [2016-08-04]
CHR Extension: (Psykopaint) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2016-08-04]
CHR Extension: (Gmail) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-03]
CHR Extension: (Chrome Media Router) - C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2016-08-04] (SUPERAntiSpyware.com)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2950856 2016-07-25] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [200240 2016-07-23] (Microsoft Corporation) [File not signed]
S2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-05-13] ()
S2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095440 2016-08-04] (RealNetworks, Inc.)
S2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-06-19] (Western Digital Technologies, Inc.)
S2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [308088 2015-12-07] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-09] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [23200 2015-12-07] (Western Digital Technologies)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-09 21:32 - 2016-08-09 21:32 - 02393600 _____ (Farbar) C:\Users\Betsy\Desktop\FRST64.exe
2016-08-09 21:32 - 2016-08-09 21:32 - 00021466 _____ C:\Users\Betsy\Desktop\FRST.txt
2016-08-09 21:30 - 2016-08-09 21:30 - 02393600 _____ (Farbar) C:\Users\Betsy\Downloads\FRST64.exe
2016-08-09 21:27 - 2016-08-09 21:32 - 00000000 ____D C:\FRST
2016-08-09 19:27 - 2016-08-09 19:27 - 00015346 _____ C:\Windows\SysWOW64\rsslogs.20160809192645
2016-08-09 19:20 - 2016-08-09 19:20 - 00443792 _____ C:\Windows\Minidump\080916-17846-01.dmp
2016-08-09 17:28 - 2016-08-09 17:28 - 00645729 _____ (WDS Team) C:\Users\Betsy\Downloads\windirstat1_1_2_setup.exe
2016-08-09 17:28 - 2016-08-09 17:28 - 00001035 _____ C:\Users\Betsy\Desktop\WinDirStat.lnk
2016-08-09 17:28 - 2016-08-09 17:28 - 00000000 ____D C:\Users\Betsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2016-08-09 17:28 - 2016-08-09 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2016-08-09 17:28 - 2016-08-09 17:28 - 00000000 ____D C:\Program Files (x86)\WinDirStat
2016-08-09 17:25 - 2016-08-09 17:25 - 00002676 _____ C:\Windows\System32\Tasks\MasterSeeker.UACBypass.b507f59b81ca571c278ee2e5dee3973c
2016-08-09 17:25 - 2016-08-09 17:25 - 00001529 _____ C:\Users\Betsy\Desktop\MasterSeeker.lnk
2016-08-09 17:24 - 2016-08-09 17:24 - 00000000 ____D C:\Program Files (x86)\New folder
2016-08-09 17:24 - 2016-08-09 17:24 - 00000000 ____D C:\Program Files (x86)\Master Seeker
2016-08-09 17:06 - 2016-08-09 21:06 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-09 17:06 - 2016-08-09 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-09 17:06 - 2016-08-09 17:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-09 17:06 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-09 17:06 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-09 17:05 - 2016-08-09 17:05 - 22851472 _____ (Malwarebytes ) C:\Users\Betsy\Downloads\mbam-setup-2.2.1.1043.exe
2016-08-09 16:54 - 2016-08-09 16:54 - 00028422 _____ C:\Windows\SysWOW64\rsslogs.20160809165354
2016-08-09 16:45 - 2016-08-09 16:45 - 00002122 _____ C:\Users\Betsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-08-09 16:45 - 2016-08-09 16:45 - 00002104 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-08-09 16:45 - 2016-08-09 16:45 - 00002104 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-08-09 16:45 - 2016-08-09 16:45 - 00000000 ___RD C:\Users\Betsy\OneDrive
2016-08-09 16:45 - 2016-08-09 16:45 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-09 16:45 - 2016-08-09 16:45 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-08-09 16:44 - 2015-07-18 09:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-08-09 16:44 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-08-09 16:40 - 2016-08-09 16:40 - 00002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-08-09 16:40 - 2016-08-09 16:40 - 00002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-08-09 16:40 - 2016-08-09 16:40 - 00002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-08-09 16:40 - 2016-08-09 16:40 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-08-09 16:40 - 2016-08-09 16:40 - 00002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-08-09 16:40 - 2016-08-09 16:40 - 00002366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-08-09 16:40 - 2016-08-09 16:40 - 00002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-08-09 16:40 - 2016-08-09 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-08-09 16:37 - 2016-08-09 16:43 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-09 16:37 - 2016-08-09 16:37 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-08-09 16:35 - 2016-08-09 20:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-08-09 16:35 - 2016-08-09 16:35 - 03518656 _____ (Microsoft Corporation) C:\Users\Betsy\Downloads\Setup.X86.en-US_O365HomePremRetail_0dcc681e-60c3-4d59-af17-088ef1d75226_TX_PR_.exe
2016-08-09 16:35 - 2016-08-09 16:35 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-08-09 16:14 - 2016-08-09 16:14 - 00043665 _____ C:\Windows\SysWOW64\rsslogs.20160809161351
2016-08-09 16:10 - 2016-08-09 16:13 - 00000000 ____D C:\AVG_Remover
2016-08-09 16:09 - 2016-08-09 16:09 - 08111408 _____ ( ) C:\Users\Betsy\Downloads\AVG_Remover.exe
2016-08-09 16:08 - 2016-08-09 21:18 - 00188860 _____ C:\Windows\ntbtlog.txt
2016-08-09 16:05 - 2016-08-09 16:05 - 00468616 _____ C:\Windows\Minidump\080916-41465-01.dmp
2016-08-09 15:44 - 2016-08-09 15:44 - 00020063 _____ C:\Windows\SysWOW64\rsslogs.20160809154346
2016-08-09 15:39 - 2016-08-09 15:39 - 00000000 ____D C:\Users\Betsy\AppData\Local\CrashRpt
2016-08-09 15:18 - 2016-08-09 15:18 - 01610560 _____ (Malwarebytes) C:\Users\Betsy\Downloads\JRT (1).exe
2016-08-09 15:17 - 2016-08-09 15:17 - 01610560 _____ (Malwarebytes) C:\Users\Betsy\Downloads\JRT.exe
2016-08-09 15:04 - 2016-08-09 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Rich Tools
2016-08-09 15:04 - 2016-08-09 15:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Rich Tools
2016-08-09 15:03 - 2016-08-09 15:03 - 00000000 ____D C:\TechNetMagazine
2016-08-09 15:01 - 2016-08-09 15:01 - 06078344 _____ (Microsoft Corporation) C:\Users\Betsy\Downloads\HoffmanUtilitySpotlight2009_04.exe
2016-08-09 15:00 - 2016-08-09 15:01 - 170493768 _____ (Apple Inc.) C:\Users\Betsy\Downloads\iTunes6464Setup.exe
2016-08-09 14:34 - 2016-08-09 14:34 - 00002880 _____ C:\Windows\System32\Tasks\MasterSeeker.UACBypass.d672e9b0175dd51abe22b3f9d8db0478
2016-08-09 14:34 - 2016-08-09 14:34 - 00000000 ____D C:\Users\Betsy\AppData\Roaming\DxCK
2016-08-09 14:32 - 2016-08-09 14:33 - 00575378 _____ C:\Users\Betsy\Downloads\MasterSeeker1.5.1.zip
2016-08-09 14:27 - 2016-08-09 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screen+
2016-08-09 14:27 - 2016-08-09 14:27 - 00000000 ____D C:\Program Files\Screen+
2016-08-09 14:20 - 2016-08-09 14:20 - 00000000 ____D C:\Users\Betsy\AppData\Roaming\Macromedia
2016-08-09 14:17 - 2016-08-09 14:17 - 00094364 _____ C:\Windows\SysWOW64\rsslogs.20160809141642
2016-08-09 11:10 - 2016-08-09 11:10 - 00015336 _____ C:\Windows\SysWOW64\rsslogs.20160809110901
2016-08-09 11:07 - 2016-08-09 11:07 - 00292536 _____ C:\Windows\Minidump\080916-35786-01.dmp
2016-08-09 11:02 - 2016-08-09 19:20 - 353465739 _____ C:\Windows\MEMORY.DMP
2016-08-09 11:02 - 2016-08-09 19:20 - 00000000 ____D C:\Windows\Minidump
2016-08-09 11:02 - 2016-08-09 11:02 - 00292752 _____ C:\Windows\Minidump\080916-33665-01.dmp
2016-08-05 03:03 - 2016-08-05 03:03 - 00000000 ____D C:\Users\Default\AppData\Roaming\RealNetworks
2016-08-05 03:03 - 2016-08-05 03:03 - 00000000 ____D C:\Users\Default User\AppData\Roaming\RealNetworks
2016-08-05 02:42 - 2012-02-17 02:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-08-05 02:42 - 2012-02-17 01:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-08-05 02:42 - 2012-02-17 00:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2016-08-05 02:42 - 2012-02-17 00:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2016-08-05 02:18 - 2016-08-05 02:18 - 00000000 ____D C:\Users\Betsy\Downloads\produkey-x64
2016-08-04 18:30 - 2016-08-09 20:26 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2016-08-04 05:41 - 2016-08-09 15:03 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-04 05:41 - 2016-08-09 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-04 05:40 - 2016-08-04 05:41 - 00000000 ____D C:\Program Files\iTunes
2016-08-04 05:40 - 2016-08-04 05:40 - 00000000 ____D C:\Program Files\iPod
2016-08-04 05:19 - 2016-08-04 05:19 - 00003424 _____ C:\Windows\System32\Tasks\RealDownloader Update Check
2016-08-04 05:17 - 2016-08-09 20:25 - 00003362 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1972514636-2645274826-1508751941-1000
2016-08-04 05:17 - 2016-08-09 20:25 - 00003228 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1972514636-2645274826-1508751941-1000
2016-08-04 05:17 - 2016-08-04 05:17 - 00285576 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2016-08-04 05:17 - 2016-08-04 05:17 - 00207752 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2016-08-04 05:17 - 2016-08-04 05:17 - 00001208 _____ C:\Users\Public\Desktop\RealPlayer (RealTimes).lnk
2016-08-04 05:17 - 2016-08-04 05:17 - 00000000 ____D C:\Users\Betsy\AppData\Roaming\RealNetworks
2016-08-04 05:17 - 2016-08-04 05:17 - 00000000 ____D C:\ProgramData\RealNetworks
2016-08-04 05:17 - 2016-08-04 05:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2016-08-04 05:16 - 2016-08-04 05:16 - 00512392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2016-08-04 05:16 - 2016-08-04 05:16 - 00360840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2016-08-04 05:08 - 2016-08-09 14:56 - 00000000 ____D C:\Users\Betsy\AppData\Roaming\Apple Computer
2016-08-04 05:08 - 2016-08-04 05:08 - 00000000 ____D C:\Users\Betsy\AppData\Local\Apple Computer
2016-08-04 05:08 - 2016-08-04 05:08 - 00000000 ____D C:\ProgramData\Apple Computer
2016-08-04 05:08 - 2016-08-04 05:08 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-04 05:07 - 2016-08-04 05:40 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-04 05:07 - 2016-08-04 05:07 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-08-04 05:07 - 2016-08-04 05:07 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-08-04 05:07 - 2016-08-04 05:07 - 00000000 ____D C:\Users\Betsy\AppData\Local\Apple
2016-08-04 05:07 - 2016-08-04 05:07 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-08-04 05:06 - 2016-08-04 05:07 - 00000000 ____D C:\ProgramData\Apple
2016-08-04 04:58 - 2016-08-09 19:38 - 00000000 ____D C:\Users\Betsy\AppData\Local\CrashDumps
2016-08-04 04:31 - 2016-08-04 05:17 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2016-08-04 04:29 - 2016-08-04 05:18 - 00000000 ____D C:\Users\Betsy\AppData\Roaming\Real
2016-08-04 04:29 - 2016-08-04 05:17 - 00000000 ____D C:\Program Files (x86)\Real
2016-08-04 04:29 - 2016-08-04 04:29 - 00000000 ____D C:\Users\Betsy\AppData\Local\Real
2016-08-04 04:27 - 2016-08-04 05:17 - 00000000 ____D C:\ProgramData\Real
2016-08-04 04:11 - 2016-08-04 04:11 - 00000000 ____D C:\Users\Betsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-08-04 03:49 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-08-04 03:49 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-08-04 03:49 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-08-04 03:49 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-08-04 03:49 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-08-04 03:49 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-08-04 03:49 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-08-04 03:49 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-08-04 03:49 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-08-04 03:49 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-08-04 03:49 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-08-04 03:49 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-08-04 03:49 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-08-04 03:49 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-08-04 03:40 - 2016-08-04 03:40 - 00000000 ____D C:\ProgramData\HP
2016-08-04 03:38 - 2016-08-09 17:06 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-04 03:38 - 2016-08-09 17:06 - 00000000 ____D C:\Users\Betsy\AppData\Roaming\Malwarebytes
2016-08-04 03:38 - 2016-08-09 17:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-04 03:38 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-08-04 03:33 - 2016-08-09 19:47 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-08-04 03:33 - 2016-08-09 19:33 - 00000510 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 94e38eca-7229-4ad1-935e-75b43ae23839.job
2016-08-04 03:33 - 2016-08-05 02:00 - 00000510 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f372dc70-af40-42ef-867b-e27053405cdf.job
2016-08-04 03:33 - 2016-08-04 03:33 - 00003584 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task f372dc70-af40-42ef-867b-e27053405cdf
2016-08-04 03:33 - 2016-08-04 03:33 - 00003510 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 94e38eca-7229-4ad1-935e-75b43ae23839
2016-08-04 03:33 - 2016-08-04 03:33 - 00001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2016-08-04 03:33 - 2016-08-04 03:33 - 00000000 ____D C:\Users\Betsy\AppData\Roaming\SUPERAntiSpyware.com
2016-08-04 03:33 - 2016-08-04 03:33 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-08-04 03:33 - 2016-08-04 03:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-08-04 03:09 - 2016-08-09 16:11 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-04 03:09 - 2016-08-04 03:09 - 00000000 ____D C:\Users\Betsy\AppData\Roaming\TuneUp Software
2016-08-04 03:01 - 2016-08-09 16:13 - 00000000 ____D C:\Users\Betsy\AppData\Local\Avg
2016-08-04 03:01 - 2016-08-09 16:11 - 00000000 ____D C:\ProgramData\Avg
2016-08-03 12:56 - 2016-08-03 12:56 - 00000000 ____D C:\_OTL
2016-08-03 12:45 - 2016-08-03 12:45 - 00000000 ____D C:\Users\Public\Documents\Speedbit
2016-08-03 12:43 - 2016-08-03 12:43 - 00000000 ____D C:\Users\Betsy\Downloads\util
2016-08-03 12:43 - 2016-08-03 12:43 - 00000000 ____D C:\Users\Betsy\Downloads\licensing
2016-08-03 12:43 - 2016-08-03 12:43 - 00000000 ____D C:\Users\Betsy\Downloads\help
2016-08-03 12:43 - 2016-08-03 12:43 - 00000000 ____D C:\Users\Betsy\Documents\My Scans
2016-08-03 12:42 - 2016-08-03 12:42 - 00000000 ____D C:\Users\Betsy\Documents\Amazon MP3
2016-08-03 12:40 - 2016-08-03 12:46 - 00000000 ____D C:\Users\Betsy\Desktop\Morgan Backup20120131
2016-08-03 12:39 - 2016-08-03 12:39 - 00000000 ____D C:\Users\Public\Documents\The Clockwork Man 2
2016-08-03 12:39 - 2016-08-03 12:39 - 00000000 ____D C:\Users\Public\Documents\A Series of Unfortunate Events
2016-08-03 12:36 - 2016-08-03 12:43 - 00000000 ____D C:\Users\Betsy\Downloads\__MACOSX
2016-08-03 12:36 - 2016-08-03 12:36 - 00000000 ____D C:\Users\Betsy\Downloads\WE ARE FM - Season One
2016-08-03 12:36 - 2016-08-03 12:36 - 00000000 ____D C:\Users\Betsy\Downloads\Vol.1
2016-08-03 12:36 - 2016-08-03 12:36 - 00000000 ____D C:\Users\Betsy\Downloads\Underground Highway [email protected] - Mike Evans
2016-08-03 12:36 - 2016-08-03 12:36 - 00000000 ____D C:\Users\Betsy\Downloads\Subconscious Success Activator
2016-08-03 12:35 - 2016-08-03 12:50 - 00000000 ____D C:\Users\Betsy\Downloads\setup
2016-08-03 12:35 - 2016-08-03 12:43 - 00000000 ____D C:\Users\Betsy\Downloads\images
2016-08-03 12:35 - 2016-08-03 12:43 - 00000000 ____D C:\Users\Betsy\Documents\My Digital Editions
2016-08-03 12:35 - 2016-08-03 12:42 - 00000000 ____D C:\Users\Betsy\Documents\access_application.do_files
2016-08-03 12:35 - 2016-08-03 12:42 - 00000000 ____D C:\Users\Betsy\Documents\2013-06-19 Rachel
2016-08-03 12:35 - 2016-08-03 12:40 - 00000000 ____D C:\Users\Betsy\Desktop\Complete Internet Repair
2016-08-03 12:35 - 2016-08-03 12:38 - 00000000 ____D C:\Users\Betsy\SkyDrive
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Tracing
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Downloads\ROYALTY
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Downloads\Ingenious Problem Solving
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Downloads\GMP Services Inc Store_ Order Details_files
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\Windows 8 Upgrade Assistant_files
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\Trial Transcipt » Lizzie Andrew Borden Virtual Museum and Library_files
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\Snagit
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\ResultReport_files
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\preview.php_files
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\Other People and Things
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\My Kindle Content
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\My DAP Downloads
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\Elvis- 30 #1 Hits
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2014-01-10 Verizon 003
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2014-01-10 Verizon 002
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2014-01-10 Verizon
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2014-01-10
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-12-11 Scrapbook pic
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Rebecca age 2
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Rebecca age 15 months
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Rebecca age 11 months
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Rebecca age 10 months
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Rachel age 5 months
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Rachel age 2 months
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Rachel age 18
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Rachel age 15 months
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Rachel age 14 months
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Rachel age 12 months
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Rachel age 1 week
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Rachel age  3
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 painting #4
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 painting #2
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Painting #1
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Mom and Rachel, age 2 months
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 landscape painting I did between 2000-2004
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Hannah Rae age 8 weeks
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Hannah Rae age 3 months
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Hannah Rae age 2
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Bob (age 51) and Betsy (age 19) Daytona Beach Florida at  condo
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-11-19 Betsy April 2002
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-07-30 Rachel and Kelly 1994
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-07-30 Hannah (age 2) and Kelly 1994
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-07-30 Hannah (age 2) and Kelly
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-07-27 Hannah's SS #
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-06-25 kitty kitty
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-06-25 10 of Hearts
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-06-20 Rebecca at age 4
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-06-20 Rebecca and Tigger
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-06-20 Rachel, age 4 at Ceelee's house
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-06-20 Panama City Beach 1998
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-06-20 Hannah Rae's Glamour shot age 9
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-06-20 Hannah Rae at age 2
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-06-20 Hannah at age 9
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-06-20 Betsy- modeling pics
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-06-20 Betsy
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-06-20
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-06-19
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2013-03-01 Cook County Family medicine
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Documents\2012-05-14 Bs
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Desktop\GMP Services Inc Store_ Order Details_files
2016-08-03 12:35 - 2016-08-03 12:35 - 00000000 ____D C:\Users\Betsy\Desktop\Chameleon
2016-08-03 12:24 - 2016-08-03 12:46 - 00000000 ____D C:\Users\Betsy\.alice3installer
2016-08-03 12:24 - 2016-08-03 12:24 - 00000000 ____D C:\Zylom Games
2016-08-03 12:24 - 2016-08-03 12:24 - 00000000 ____D C:\TDSSKiller_Quarantine
2016-08-03 12:24 - 2016-08-03 12:24 - 00000000 ____D C:\Games
2016-08-03 12:22 - 2016-08-03 12:24 - 00000000 ____D C:\VIPRERESCUE
2016-08-03 12:22 - 2016-08-03 12:24 - 00000000 ____D C:\inetpub
2016-08-03 12:22 - 2016-08-03 12:24 - 00000000 ____D C:\BigFishGamesCache
2016-08-03 12:22 - 2016-08-03 12:24 - 00000000 ____D C:\BigFishCache
2016-08-03 12:22 - 2016-08-03 12:23 - 00000000 ____D C:\Remote Programs
2016-08-03 12:22 - 2016-08-03 12:22 - 00000000 ____D C:\AdwCleaner
2016-08-03 12:22 - 2016-08-03 12:22 - 00000000 ____D C:\ActiveWorlds
2016-08-03 12:00 - 2016-08-03 12:00 - 00001172 _____ C:\Users\Public\Desktop\WD Security.lnk
2016-08-03 11:59 - 2016-08-03 11:59 - 00771962 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-08-03 11:58 - 2016-08-05 03:03 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-03 11:58 - 2016-08-03 11:58 - 00001144 _____ C:\Users\Public\Desktop\WD SmartWare.lnk
2016-08-03 11:58 - 2016-08-03 11:58 - 00001117 _____ C:\Users\Public\Desktop\WD Drive Utilities.lnk
2016-08-03 11:58 - 2016-08-03 11:58 - 00000000 ____D C:\Users\Betsy\AppData\Local\Western_Digital_Technolog
2016-08-03 11:58 - 2016-08-03 11:58 - 00000000 ____D C:\Users\Betsy\AppData\Local\Western Digital
2016-08-03 11:58 - 2016-08-03 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2016-08-03 11:58 - 2016-08-03 11:58 - 00000000 ____D C:\Program Files\Western Digital
2016-08-03 11:58 - 2016-08-03 11:58 - 00000000 ____D C:\Program Files\Common Files\Western Digital
2016-08-03 11:57 - 2016-08-03 11:58 - 00000000 ____D C:\Program Files (x86)\Western Digital
2016-08-03 11:55 - 2016-08-03 11:58 - 00000000 ____D C:\ProgramData\Western Digital
2016-08-03 11:48 - 2008-11-04 13:12 - 00023096 _____ (Samsung Electronics, Inc. ) C:\Windows\system32\Drivers\MTiCtwl.sys
2016-08-03 11:47 - 2016-08-03 11:47 - 18515492 _____ C:\Users\Betsy\Downloads\MagicTunePremium_Win7_WinVista_64Bit_4.0.07_29Oct2010.zip
2016-08-03 11:47 - 2016-08-03 11:47 - 00000000 ____D C:\Users\Betsy\Downloads\MagicTunePremium_Win7_WinVista_64Bit_4.0.07_29Oct2010
2016-08-03 11:44 - 2016-08-03 11:45 - 00000000 ____D C:\Program Files (x86)\MonitorDriver
2016-08-03 11:44 - 2016-08-03 11:44 - 00001642 _____ C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
2016-08-03 11:36 - 2016-08-09 17:23 - 00000000 ____D C:\Samsung
2016-08-03 10:46 - 2016-08-03 10:46 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-08-03 07:44 - 2016-08-03 07:44 - 00000000 ____D C:\Users\Betsy\AppData\LocalLow\Adobe
2016-08-03 07:44 - 2016-08-03 07:44 - 00000000 ____D C:\Users\Betsy\AppData\Local\CEF
2016-08-03 07:43 - 2016-08-03 07:43 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-08-03 07:42 - 2016-08-03 10:59 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-03 07:42 - 2016-08-03 10:58 - 00000000 ____D C:\ProgramData\Adobe
2016-08-03 07:42 - 2016-08-03 07:42 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-08-03 07:42 - 2016-08-03 07:42 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-03 07:40 - 2016-08-03 07:44 - 00000000 ____D C:\Users\Betsy\AppData\Local\Adobe
2016-08-03 07:33 - 2016-08-08 15:45 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-03 07:33 - 2016-08-08 15:45 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-03 07:32 - 2016-08-09 20:43 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-03 07:32 - 2016-08-09 20:25 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-03 07:32 - 2016-08-04 04:31 - 00000000 ____D C:\Users\Betsy\AppData\Local\Google
2016-08-03 07:32 - 2016-08-03 07:38 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-03 07:32 - 2016-08-03 07:38 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-03 07:32 - 2016-08-03 07:33 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-03 07:32 - 2016-08-03 07:32 - 00000000 ____D C:\Users\Betsy\AppData\Local\Deployment
2016-08-03 07:32 - 2016-08-03 07:32 - 00000000 ____D C:\Users\Betsy\AppData\Local\Apps\2.0
2016-08-03 07:26 - 2016-08-03 07:44 - 00000000 ____D C:\Users\Betsy\AppData\Roaming\Adobe
2016-08-03 07:24 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2016-08-03 07:22 - 2016-08-03 07:22 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-08-03 07:22 - 2016-08-03 07:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-03 07:22 - 2016-08-03 07:22 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-03 07:22 - 2016-08-03 07:22 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-03 07:22 - 2016-08-03 07:22 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2016-08-03 07:22 - 2016-08-03 07:22 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2016-08-03 07:22 - 2016-08-03 07:22 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-03 07:22 - 2016-08-03 07:22 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-08-03 07:22 - 2016-08-03 07:22 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2016-08-03 07:22 - 2016-08-03 07:22 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2016-08-03 07:22 - 2016-08-03 07:22 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2016-08-03 07:22 - 2016-08-03 07:22 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-08-03 07:22 - 2016-08-03 07:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-08-03 07:21 - 2016-08-03 07:21 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-08-03 07:21 - 2016-08-03 07:21 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-08-03 07:21 - 2016-08-03 07:21 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-08-03 07:21 - 2016-08-03 07:21 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-08-03 07:21 - 2016-08-03 07:21 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-08-03 07:21 - 2016-08-03 07:21 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-08-03 07:21 - 2016-08-03 07:21 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-08-03 07:21 - 2016-08-03 07:21 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-08-03 07:21 - 2016-08-03 07:21 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2016-08-03 07:21 - 2016-08-03 07:21 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-08-03 07:21 - 2016-08-03 07:21 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-08-03 07:21 - 2016-08-03 07:21 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-08-03 07:21 - 2016-08-03 07:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-08-03 07:20 - 2016-08-03 07:20 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-08-03 07:20 - 2016-08-03 07:20 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-08-03 07:19 - 2016-08-03 07:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-08-03 07:19 - 2016-08-03 07:19 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-08-03 07:17 - 2016-08-03 07:17 - 55915216 _____ (Microsoft Corporation) C:\Users\Betsy\Downloads\IE11-Windows6.1-x64-en-us.exe
2016-08-03 07:11 - 2016-08-03 07:11 - 00000000 ____D C:\Users\Betsy\Outlook
2016-08-03 07:08 - 2016-08-03 07:08 - 00001125 _____ C:\Users\Betsy\Desktop\Old Drive - Shortcut.lnk
2016-08-03 07:07 - 2016-08-09 17:25 - 00111056 _____ C:\Users\Betsy\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-02 23:25 - 2016-08-02 19:30 - 00000000 ____D C:\Windows\Panther
2016-08-02 22:28 - 2016-08-02 22:28 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-08-02 22:28 - 2016-08-02 22:28 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-08-02 21:02 - 2016-08-03 06:26 - 00000000 ____D C:\Users\Betsy\Old Drive
2016-08-02 19:53 - 2016-08-02 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-02 19:51 - 2016-08-09 20:25 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-02 19:51 - 2016-08-02 19:51 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-02 19:51 - 2016-08-02 19:51 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-08-02 19:51 - 2016-08-02 19:51 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-08-02 19:51 - 2011-03-01 00:37 - 01614440 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco642090.dll
2016-08-02 19:51 - 2011-03-01 00:37 - 01359976 _____ (NVIDIA Corporation) C:\Windows\system32\nvgenco642040.dll
2016-08-02 19:51 - 2011-03-01 00:37 - 00007621 _____ C:\Windows\system32\nvinfo.pb
2016-08-02 19:51 - 2011-01-25 11:28 - 01359976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco642040.dll
2016-08-02 19:51 - 2011-01-25 11:28 - 00172648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-08-02 19:51 - 2011-01-25 11:28 - 00029288 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-08-02 19:50 - 2016-08-02 19:51 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-02 19:50 - 2011-03-01 00:37 - 20487784 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 18580072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 15063656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 13014632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-08-02 19:50 - 2011-03-01 00:37 - 13011560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 12870248 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 10084968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 07740520 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 06607976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 05661288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 04943976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 03113576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 02897512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 02482280 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 02252904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 02221672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 01986152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 00067176 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 00057960 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-08-02 19:50 - 2011-03-01 00:37 - 00011240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvBridge.kmd
2016-08-02 19:41 - 2016-08-04 05:46 - 00000000 ____D C:\ProgramData\Norton
2016-08-02 19:39 - 2016-08-02 19:39 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-08-02 19:39 - 2016-08-02 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2016-08-02 19:39 - 2016-08-02 19:39 - 00000000 ____D C:\Program Files (x86)\Renesas Electronics
2016-08-02 19:38 - 2010-12-20 18:08 - 00008192 _____ C:\Windows\system32\Drivers\IntelMEFWVer.dll
2016-08-02 19:38 - 2010-10-19 16:34 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2016-08-02 19:36 - 2016-08-02 19:36 - 00001454 _____ C:\Users\Betsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
2016-08-02 19:36 - 2016-08-02 19:36 - 00000000 ___HD C:\Program Files (x86)\DeviceVM
2016-08-02 19:36 - 2016-08-02 19:36 - 00000000 ____D C:\Users\Betsy\AppData\Roaming\DeviceVm
2016-08-02 19:36 - 2016-08-02 19:36 - 00000000 ____D C:\ProgramData\DeviceVm
2016-08-02 19:36 - 2010-05-20 00:09 - 00097792 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2016-08-02 19:36 - 2010-05-20 00:09 - 00067584 _____ C:\Windows\system32\RtNicProp64.dll
2016-08-02 19:35 - 2016-08-09 16:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-02 19:35 - 2016-08-02 19:35 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-08-02 19:35 - 2016-08-02 19:35 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-08-02 19:35 - 2016-08-02 19:35 - 00000000 ____D C:\Program Files\Realtek
2016-08-02 19:35 - 2016-08-02 19:35 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-08-02 19:35 - 2010-11-23 06:44 - 01247848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-08-02 19:35 - 2010-11-23 06:16 - 02565736 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-08-02 19:35 - 2010-11-21 23:39 - 00626792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-08-02 19:35 - 2010-11-18 03:01 - 02813544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2016-08-02 19:35 - 2010-11-18 03:01 - 02186344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-08-02 19:35 - 2010-11-17 23:49 - 00121744 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-08-02 19:35 - 2010-11-15 10:56 - 02580824 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2016-08-02 19:35 - 2010-11-15 10:56 - 01870680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2016-08-02 19:35 - 2010-11-11 01:27 - 00083048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2016-08-02 19:35 - 2010-11-08 06:36 - 00544768 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-08-02 19:35 - 2010-11-07 19:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-08-02 19:35 - 2010-11-07 19:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-08-02 19:35 - 2010-11-07 19:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-08-02 19:35 - 2010-11-07 19:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-08-02 19:35 - 2010-11-07 19:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-08-02 19:35 - 2010-11-07 19:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-08-02 19:35 - 2010-11-03 06:31 - 01146984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-08-02 19:35 - 2010-11-03 06:31 - 00332392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-08-02 19:35 - 2010-11-03 06:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-08-02 19:35 - 2010-11-03 06:29 - 01327208 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-08-02 19:35 - 2010-11-03 06:29 - 01179752 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-08-02 19:35 - 2010-11-03 06:29 - 01111656 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-08-02 19:35 - 2010-11-03 06:29 - 00504936 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-08-02 19:35 - 2010-11-03 06:29 - 00491112 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-08-02 19:35 - 2010-11-03 06:29 - 00475752 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-08-02 19:35 - 2010-11-03 06:29 - 00317032 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-08-02 19:35 - 2010-11-03 06:29 - 00269928 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-08-02 19:35 - 2010-11-03 06:29 - 00266856 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-08-02 19:35 - 2010-11-03 06:29 - 00126056 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-08-02 19:35 - 2010-11-03 06:29 - 00125544 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-08-02 19:35 - 2010-11-03 06:29 - 00125032 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-08-02 19:35 - 2010-11-01 21:35 - 01718616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-08-02 19:35 - 2010-11-01 21:35 - 00127832 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-08-02 19:35 - 2010-11-01 21:34 - 00421720 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-08-02 19:35 - 2010-11-01 21:34 - 00108888 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-08-02 19:35 - 2010-11-01 21:34 - 00074584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-08-02 19:35 - 2010-10-28 22:29 - 01937312 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-08-02 19:35 - 2010-10-27 22:46 - 01251944 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2016-08-02 19:35 - 2010-10-03 01:46 - 00341336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-08-02 19:35 - 2010-09-26 21:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-08-02 19:35 - 2010-07-22 04:48 - 00220496 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFNHK64.dll
2016-08-02 19:35 - 2010-07-22 04:48 - 00081232 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFCOM64.dll
2016-08-02 19:35 - 2010-07-22 04:48 - 00078160 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFAPO64.dll
2016-08-02 19:35 - 2010-07-22 04:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-08-02 19:35 - 2010-07-22 04:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-08-02 19:35 - 2010-05-20 00:09 - 00239616 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2016-08-02 19:35 - 2010-05-06 05:34 - 00334680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-08-02 19:35 - 2009-11-23 21:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-08-02 19:35 - 2009-11-23 21:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-08-02 19:35 - 2009-11-23 21:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-08-02 19:35 - 2009-11-23 21:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-08-02 19:35 - 2009-11-18 06:42 - 02197264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2016-08-02 19:35 - 2009-11-17 06:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-08-02 19:34 - 2016-08-02 19:41 - 00034300 _____ C:\Windows\Ascd_log.ini
2016-08-02 19:34 - 2016-08-02 19:38 - 00000000 ____D C:\Program Files (x86)\Intel
2016-08-02 19:34 - 2016-08-02 19:34 - 00000000 ____D C:\Intel
2016-08-02 19:34 - 2010-12-22 23:09 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2016-08-02 19:33 - 2016-08-02 19:33 - 00023898 _____ C:\Windows\Ascd_tmp.ini
2016-08-02 19:33 - 2016-08-02 19:33 - 00001769 _____ C:\Windows\Language_trs.ini
2016-08-02 19:31 - 2016-08-09 16:45 - 00000000 ____D C:\Users\Betsy
2016-08-02 19:31 - 2016-08-03 07:26 - 00001417 _____ C:\Users\Betsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-08-02 19:31 - 2016-08-02 19:31 - 00000020 ___SH C:\Users\Betsy\ntuser.ini
2016-08-02 19:31 - 2016-08-02 19:31 - 00000000 _SHDL C:\Users\Betsy\My Documents
2016-08-02 19:31 - 2016-08-02 19:31 - 00000000 _SHDL C:\Users\Betsy\Documents\My Videos
2016-08-02 19:31 - 2016-08-02 19:31 - 00000000 _SHDL C:\Users\Betsy\Documents\My Pictures
2016-08-02 19:31 - 2016-08-02 19:31 - 00000000 _SHDL C:\Users\Betsy\Documents\My Music
2016-08-02 19:31 - 2016-08-02 19:31 - 00000000 ____D C:\Users\Betsy\AppData\Local\VirtualStore
2016-08-02 19:31 - 2011-04-12 04:28 - 00000000 ____D C:\Users\Betsy\AppData\Roaming\Media Center Programs
2016-07-23 10:51 - 2016-07-23 10:51 - 00635040 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2016-07-23 10:51 - 2016-07-23 10:51 - 00390320 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2016-07-23 10:51 - 2016-07-23 10:51 - 00332968 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2016-07-23 10:51 - 2016-07-23 10:51 - 00088752 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2016-07-23 09:53 - 2016-07-23 09:53 - 00439608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2016-07-23 09:53 - 2016-07-23 09:53 - 00266928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
2016-07-23 09:53 - 2016-07-23 09:53 - 00243520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2016-07-23 09:53 - 2016-07-23 09:53 - 00085328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-09 21:18 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-08-09 20:24 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-09 19:52 - 2009-07-14 00:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-09 19:52 - 2009-07-14 00:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-09 19:13 - 2009-07-14 01:13 - 00778150 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-09 16:54 - 2009-07-14 00:45 - 00433832 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-09 16:37 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-08-05 03:05 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\LiveKernelReports
2016-08-03 15:23 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2016-08-03 07:24 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-08-02 23:25 - 2009-07-14 01:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-08-02 22:28 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-02 22:28 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-08-02 19:51 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Help

==================== Files in the root of some directories =======

2016-08-04 03:40 - 2016-08-04 03:46 - 0000301 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Betsy\AppData\Local\Temp\lowproc.exe
C:\Users\Betsy\AppData\Local\Temp\SAS6_Update.exe
C:\Users\Betsy\AppData\Local\Temp\stubhelper.dll
C:\Users\Betsy\AppData\Local\Temp\_is7695.exe
C:\Users\Betsy\AppData\Local\Temp\_isAC84.exe
C:\Users\Betsy\AppData\Local\Temp\_isAF03.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-08-02 22:45

==================== End of FRST.txt ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2016 01
Ran by Betsy (2016-08-09 21:33:01)
Running from C:\Users\Betsy\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-08-02 23:30:58)
Boot Mode: Safe Mode (with Networking)
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1972514636-2645274826-1508751941-500 - Administrator - Disabled)
Betsy (S-1-5-21-1972514636-2645274826-1508751941-1000 - Administrator - Enabled) => C:\Users\Betsy
Guest (S-1-5-21-1972514636-2645274826-1508751941-501 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS nVidia Driver (x32 Version: 1.00.0000 - ASUSTek) Hidden
Browser Configuration Utility (HKLM-x32\...\{BA88EE67-8974-459D-A1DB-C8281D9AC6F6}) (Version: 1.0.12.1 - DeviceVM, Inc.) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.7070.2033 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1972514636-2645274826-1508751941-1000\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft RichCopy 4.0 (HKLM-x32\...\{86F4F32B-77C7-4951-B33C-05D41A8190C1}) (Version: 4.0.216 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
NVIDIA 3D Vision Driver 267.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.42 - NVIDIA Corporation)
NVIDIA Graphics Driver 267.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.42 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.18.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7030.1021 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7030.1021 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7030.1021 - Microsoft Corporation) Hidden
RealDownloader (x32 Version: 18.1.4.137 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.4.144 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.4 - RealNetworks)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Screen+ version Screen+ 1.4.2 (HKLM\...\Screen+_is1) (Version: Screen+ 1.4.2 - AOC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1040 - SUPERAntiSpyware.com)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden
Video Downloader (x32 Version: 1.2.0 - RealNetworks) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD Drive Utilities (HKLM-x32\...\{2F540611-6560-470F-924A-5F52EFA9156F}) (Version: 1.0.5.7 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.)
WD Security (x32 Version: 1.3.1.2 - Western Digital Technologies, Inc.) Hidden
WD SmartWare (HKLM\...\{EC54143B-24CC-47D2-AB39-0F5701988BA4}) (Version: 2.1.0.11 - Western Digital Technologies, Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-1972514636-2645274826-1508751941-1000\...\WinDirStat) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1972514636-2645274826-1508751941-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Betsy\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-1972514636-2645274826-1508751941-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Betsy\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AA4A12D-CFF1-4D00-BF4A-493A60600E12} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-08-09] (Microsoft Corporation)
Task: {0E9E3824-4ABF-45DE-A5AC-6E61C188FCA4} - System32\Tasks\MasterSeeker.UACBypass.b507f59b81ca571c278ee2e5dee3973c => C:\Samsung\MasterSeeker.exe [2016-08-09] (DxCK)
Task: {174FDFFE-714F-42D1-A766-7975A99E171D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-03] (Google Inc.)
Task: {5F91123E-6FA2-4919-A141-47C58554A7A7} - System32\Tasks\MasterSeeker.UACBypass.d672e9b0175dd51abe22b3f9d8db0478 => C:\Users\Betsy\AppData\Local\Temp\Temp1_MasterSeeker1.5.1.zip\MasterSeeker.exe [2016-08-09] (DxCK) <==== ATTENTION
Task: {6550A84D-1CB6-40D0-89B4-E4A20AA53367} - System32\Tasks\SUPERAntiSpyware Scheduled Task 94e38eca-7229-4ad1-935e-75b43ae23839 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2016-08-04] (SUPERAdBlocker.com)
Task: {94AC0217-BDFB-44DB-AE3D-4A8F11D97168} - System32\Tasks\SUPERAntiSpyware Scheduled Task f372dc70-af40-42ef-867b-e27053405cdf => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2016-08-04] (SUPERAdBlocker.com)
Task: {BC435786-D20A-42BF-80CC-9EA4E1BE7061} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {C3348D4D-2A36-436A-8116-EF3AA4C650F9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-07-25] (Microsoft Corporation)
Task: {C754049E-0E9A-4B8A-9171-98CE8A57AAE2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-07-25] (Microsoft Corporation)
Task: {D8EA974C-8187-4031-807F-EA5C9A3D8DFF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {F0F8C1E8-225E-4065-8909-CD12C7B5C73B} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1972514636-2645274826-1508751941-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {F295C66F-CFF3-40FB-A226-EE42729A87F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-03] (Google Inc.)
Task: {FCD4B92D-CCD3-4011-B00C-68DF8318D23E} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-07-05] ()
Task: {FE7BDB31-3865-4064-A3B1-00322BDADF8F} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1972514636-2645274826-1508751941-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 94e38eca-7229-4ad1-935e-75b43ae23839.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f372dc70-af40-42ef-867b-e27053405cdf.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Betsy\Old Drive\Favorites\Music\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.html
Shortcut: C:\Users\Betsy\Old Drive\Favorites\Medical\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.html
Shortcut: C:\Users\Betsy\Old Drive\Desktop\Morgan Backup20120131\Morgan Backup20120131\Favorites\NCH Software Download.lnk -> hxxp://www.nchsoftware.com/index.html
Shortcut: C:\Users\Betsy\Old Drive\Desktop\Downloaded computer games\Alice 3.lnk -> C:\Program Files\Alice3\Alice3.bat (No File)
Shortcut: C:\Users\Betsy\Old Drive\Desktop\Downloaded computer games\Play The 11th Hour (2).lnk -> C:\Program Files (x86)\DotEmu\The 11th Hour\11th_Hour.bat (No File)
Shortcut: C:\Users\Betsy\Old Drive\Desktop\Downloaded computer games\Play The 11th Hour.lnk -> C:\Program Files (x86)\DotEmu\The 11th Hour\11th_Hour.bat (No File)
Shortcut: C:\Users\Betsy\Old Drive\Desktop\Downloaded computer games\Play The 7th Guest (2).lnk -> C:\Program Files (x86)\DotEmu\The 7th Guest\The_7th_Guest.bat (No File)
Shortcut: C:\Users\Betsy\Old Drive\Desktop\Downloaded computer games\Play The 7th Guest.lnk -> C:\Program Files (x86)\DotEmu\The 7th Guest\The_7th_Guest.bat (No File)
Shortcut: C:\Users\Betsy\Favorites\Music\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.html
Shortcut: C:\Users\Betsy\Favorites\Medical\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.html

ShortcutWithArgument: C:\Users\Betsy\Old Drive\Desktop\Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hgakehlldcacnfhjampnkihibmkgclhk
ShortcutWithArgument: C:\Users\Betsy\Old Drive\Desktop\My Chrome Theme.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=oehpjpccmlcalbenfhnacjeocbjdonic
ShortcutWithArgument: C:\Users\Betsy\Old Drive\Desktop\My Time Organizer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=nbgjpoemniodpkigbjkleiaoifclhfdm
ShortcutWithArgument: C:\Users\Betsy\Old Drive\Desktop\Morgan Backup20120131\Morgan Backup20120131\Desktop\Microsoft Fix it.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\WINDOWS\system32\url.dll",FileProtocolHandler "hxxp://support.microsoft.com/fixit"
ShortcutWithArgument: C:\Users\Betsy\Old Drive\Desktop\Downloaded computer games\Escape the Mansion.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=igidehinggodbiknfganhbghapfcmgkg
ShortcutWithArgument: C:\Users\Betsy\Old Drive\Desktop\Downloaded computer games\Murder Files.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=ijfecbiladpinddbjfodaaiahggomhaf
ShortcutWithArgument: C:\Users\Betsy\Old Drive\Desktop\Downloaded computer games\Museum of Thieves.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gfmfcbbfpfhgimahmdgbakemclmkklge
ShortcutWithArgument: C:\Users\Betsy\Old Drive\Desktop\Downloaded computer games\Princess Match.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=mnclclbcpgdlfbdacfgfolncclkbjcge
ShortcutWithArgument: C:\Users\Betsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Murder Files.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=ijfecbiladpinddbjfodaaiahggomhaf

==================== Loaded Modules (Whitelisted) ==============

2016-08-09 16:40 - 2016-08-09 16:40 - 08921792 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1972514636-2645274826-1508751941-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Betsy\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{1350F913-A226-47D4-83CE-29A0A7E8BB6B}C:\program files (x86)\magictune premium\magictune.exe] => (Allow) C:\program files (x86)\magictune premium\magictune.exe
FirewallRules: [UDP Query User{ADD52E03-C423-4FE8-8CF7-AA9FD3E3994E}C:\program files (x86)\magictune premium\magictune.exe] => (Allow) C:\program files (x86)\magictune premium\magictune.exe
FirewallRules: [{AC6A0E88-915F-4BB6-A6C3-60F52292BB9C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{1C84F57B-E217-4DAC-9125-8E7768A1B314}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{0F387565-59FD-4564-A421-3FEF7B8AD44C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{735F521E-5EBA-4201-99F9-E3D30D0C15D3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{88D4EFCA-8DFF-4D94-AA23-A2DC9A452C66}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{6EA1C1C4-843C-458B-83E1-5C4B35CCEBD5}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{35044FDF-C27D-49E5-93F3-81728DBA268C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CACAC51B-18DD-4282-950A-B2BA593E167E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{835E9597-9987-4997-BA66-2E5C7210B6CE}C:\program files\magictune premium\magictune.exe] => (Block) C:\program files\magictune premium\magictune.exe
FirewallRules: [UDP Query User{46F27360-7C5E-45B1-8BCC-FE7C0E6F2236}C:\program files\magictune premium\magictune.exe] => (Block) C:\program files\magictune premium\magictune.exe

==================== Restore Points =========================

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (08/09/2016 09:19:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2016 09:05:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2016 09:03:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.
.

Error: (08/09/2016 08:54:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2016 08:26:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2016 07:45:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2016 07:28:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MagicTune.exe, version: 1.0.0.1, time stamp: 0x4cca62fb
Faulting module name: MSVCR90.dll, version: 9.0.30729.4940, time stamp: 0x4ca2e32e
Exception code: 0xc0000417
Fault offset: 0x00000000000552c0
Faulting process id: 0x11a4
Faulting application start time: 0xMagicTune.exe0
Faulting application path: MagicTune.exe1
Faulting module path: MagicTune.exe2
Report Id: MagicTune.exe3

Error: (08/09/2016 07:25:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2016 07:22:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2016 07:18:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (08/09/2016 09:32:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.

Error: (08/09/2016 09:32:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.

Error: (08/09/2016 09:32:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.

Error: (08/09/2016 09:32:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.

Error: (08/09/2016 09:32:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.

Error: (08/09/2016 09:32:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.

Error: (08/09/2016 09:27:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.

Error: (08/09/2016 09:27:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.

Error: (08/09/2016 09:27:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.

Error: (08/09/2016 09:27:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.

CodeIntegrity:
===================================
  Date: 2016-08-09 19:17:25.680
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64_prewin8.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-08-09 19:17:25.680
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64_prewin8.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-08-09 19:11:42.810
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64_prewin8.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-08-09 19:11:42.810
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64_prewin8.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-08-09 17:21:38.578
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64_prewin8.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-08-09 17:21:38.251
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64_prewin8.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-08-03 12:00:06.288
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64_prewin8.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-08-03 12:00:06.287
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64_prewin8.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 31%
Total physical RAM: 4077.25 MB
Available physical RAM: 2779.47 MB
Total Virtual: 8152.67 MB
Available Virtual: 6971.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:224.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BCEED626)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,015 posts
  • MVP

Right click on Computer and select Manage and then Device Manager then View, Show Hidden Drivers.  Now look in the right pane for yellow flagged devices.  Right click on one and select properties then click on the Details tab.  Change Property to Hardware IDs.  Click on the top one then right click and copy.  Paste that into a reply.  Repeat for all yellow flagged devices.

 

 
Right click on (My) Computer and select Manage  Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
 
Reboot. 
 
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
sfc  /scannow
 
 
 
Copy the next two lines:
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 
 
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator.  Right click and Paste (or Edit then Paste) and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

  • 0

#3
betsym

betsym

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 129 posts

I restarted computer in safe  mode and ran a virus scan and the problem was solved. Sorry it took me so long to reply back. I don't seem to be having any more problems. do I still need to do what you outlined above???


  • 0

#4
betsym

betsym

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 129 posts

There were NO yellow flagged devices in Device Manager. I guess everything is ok then.


  • 0

#5
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,015 posts
  • MVP

If you are happy then I am happy.  Don't suppose you know what the scan removed?

 

 

We usually clean up with Delfix.  This removes our tools and their logs and quarantines and also removes all but the latest System Restore point so there is no chance of the malware coming back with a system restore. Delfix has been a tad too aggressive recently and seems to dislike pdf files in the Downloads folder so if you have any you should move them to a different folder before running Delfix.
 
Ensure Remove disinfection tools is ticked
Also tick:
Create registry backup
Purge system restore
 
Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply
 
If we installed Speccy it needs to be uninstalled.  Process Explorer, VEW  and their logs and Speccy's log can just be deleted.
 
Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.  Flash is now the most malware targeted program so it must be kept up to date.  Be careful with Adobe.  They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan.  Go slow and uncheck the optional stuff.
 
Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions. 
 
 
If you use Chrome/Firefox/IE then get the AdBlock Plus Add-on.  Go to adblockplus.org with each browser and get the add-on.  (It's actually a program for IE)
 
If Chrome/Firefox is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox.  Close Chrome/Firefox/Skpe. Hit Optimize.   You can run it any time that Chrome/Firefox seems slow starting..
 
Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.combeforeyou open them.
 
Due to a recent rise in the number of Crytolocker infections I am now recommending you install:
 
CryptoPrevent
 
 
Last time I downloaded it you had to give them your IP address and they would send you the link to download it.  When it ran it asked if you were sure your PC was clean then it would try to allow everything on your PC to continue running.  The free version does not update on its own so you should check for updated versions once in a while.  If you have problems after installing CryptoPrevent you can just uninstall it.
 
If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.  See http://www.king5.com...0637284.htmlandhttp://www.seattlepi...ted-1344185.php for why encryption is important.  If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.
 
Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 25 or better.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.  IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level.  OK.

  • 0

#6
betsym

betsym

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 129 posts

Ok, before I do all that, it was a PUP(Potentially Unwanted Program) Produkey that was removed. I couldn't find the key for my Microsoft Office 2010 after my computer was wiped and it wasn't on the back-up disk and this program promised to find it. However, I decided to use the Microsoft Office 365 Home (2016) online version for $9.99 a month because you get constant updates and stuff you don't get when purchasing a disk. I use Outlook for my email (through Mediacom) but all the folders I had created with various important emails were lost. Don't suppose you know how to recover THOSE, do you?

 

Also, I'm having a problem displaying webpage images in Internet Explorer. For example, I went to Big Fish Games, and couldn't see any of the images advertising the various games. I thought it was just THEIR website but then I checked by going to ANY websites in Internet Explorer and it was the same thing. However, I had NO problem in Firefox, Opera, or Google Chrome. I thought that you might want me to check some things BEFORE doing any of the steps above in case the problem is there anywhere. I KNOW that everybody says that Internet Explorer is the worst search engine, it's just the one I'm most familiar with but I use MOST of the other ones, as well, and starting to use them more, but I want Internet Explorer to work right when I DO use it. That said, can you help me fix it? I made a copy of the instructions you gave above because I have to go step-by-step when fixing things (like most folks I imagine) and referring back to the website can get confusing. I didn't actually DO any of the steps you had outlined previously because I had already rebooted the computer in safe mode and run the virus scan
BEFORE I had read those instructions. Also, the dude who had wiped my computer told me that my AVG PC Tune-up wouldn't protect my computer so NOT to use anything BUT Malware Bytes Pro, which I already had on my computer. He said that SuperAntiSpyware was nothing but Malware itself and to take it off!. If I need more than that, please let me know.


  • 0

#7
betsym

betsym

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 129 posts

Also, I noticed that that there is music missing from my iTunes library. I backed up my whole hard drive onto a "My Book" external hard drive. Can you tell me how to retrieve my music from off of that and get it back into my iTunes library?


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,015 posts
  • MVP

To fix IE, open it, click on the gear icon in the upper right corner.  Then on Internet Options, Advanced, Reset.

 

To see if your email folders are still around , first make sure you can see them as they are normally hidden:

 

 
 
 
Open an elevated Command Prompt 
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator
 
Type with an Enter after each line:
 
c:
dir /a /s *.pst
 
This will take a few minutes.
Does it  find any other than in  c:\Users\Betsy\AppData\Local\Microsoft\Outlook\  ?
 
If you find  a .pst file then see https://support.offi...48-ded54b3440ac
 
on how to impiort them.
 
Your  .pst files should be backed up on your external drive so if they are not still on the C: drive then look there.
 
 
To restore files look on page 17 of the WD manual:
 
 
 
I like the free Avast anti-virus myself.  It can be a nuisance with its popups in the bottom right corner but it does a good job.
 
Click on Download then choose the free version.
 
 
Download, Save, and right click and Run As Administrator.
 
Decline any additional software like GoogleToolbar, Chrome or Dropbox.  Make sure you take the free version and not the trial.  Be sure to register.  It's free and they just want a name and an email address.  They don't spam you.
 
 
They have  started using their info popup to try and get you to upgrade so I go into Settings, General, Popups and change the first two to 1 second.
 
I don't like their Browser Cleanup so I turn it off:
Settings, Tools, Browser Cleanup (click on the white space to the right of On.)
 
 
The registration is good for 12-14 months then you will need to register again.  They will, of course, try to talk you into buying the product but you can always register again for another year free tho it may not be the default.
 

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP