Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Videos won't run, websites won't work properly


  • This topic is locked This topic is locked
14 replies to this topic

#1 kmorrissey

kmorrissey

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:15 AM

Posted 23 March 2015 - 10:26 PM

Videos no longer play in some websites. Commerce websites not working properly either. Wonder if I'm infected with a virus?

Attached Files



BC AdBot (Login to Remove)

 


m

#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:15 AM

Posted 25 March 2015 - 09:43 AM

Please post the logs directly into the thread rather than attaching them. :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 kmorrissey

kmorrissey
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:15 AM

Posted 25 March 2015 - 09:53 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by kellymorrissey (administrator) on KELSXPS13 on 23-03-2015 20:22:18
Running from C:\Users\kellymorrissey\Downloads
Loaded Profiles: kellymorrissey (Available profiles: kellymorrissey & test & Kel)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\41.0.2272.41\remoting_host.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\41.0.2272.41\remoting_host.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.1.4\LavasoftTcpService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Amazon.com) C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\imstrayicon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3058848 2012-07-24] (Dell Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [95216 2012-08-15] (Sensible Vision )
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [EKStatusMonitor] => C:\PROGRAM FILES (X86)\KODAK\AIO\STATUSMONITOR\EKStatusMonitor.EXE [2750840 2013-12-11] (Eastman Kodak Company)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\FastAccess-x32: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll (Sensible Vision )
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-07-29] (Siber Systems)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1380672 2015-01-23] (Lavasoft)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe [473352 2013-12-18] ()
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [SansaDispatch] => C:\Users\kellymorrissey\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe [613888 2014-01-22] (SanDisk Corporation)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {67340e0b-189c-11e4-828a-5c514f70bf97} - "D:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {9378e0d6-211d-11e4-828a-5c514f70bf97} - "D:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {a4741e79-a017-11e3-826d-5c514f70bf97} - "F:\MotoCastSetup.exe" -a
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {b7398425-24af-11e4-828e-5c514f70bf97} - "K:\MotoCastSetup.exe" -a
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {b7398483-24af-11e4-828e-5c514f70bf97} - "K:\MotoCastSetup.exe" -a
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {bf34476b-cfbd-11e4-82e6-5c514f70bf97} - "F:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {e6ccc05a-21ce-11e4-828b-5c514f70bf97} - "F:\MotoCastSetup.exe" -a
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2234064 2014-05-06] (Eastman Kodak Company)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Unbox.lnk
ShortcutTarget: Amazon Unbox.lnk -> C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe (Amazon.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-838906522-1154930953-3695442700-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=cosp&ptag=d012615-ac44713a88d0b45ffa7f&form=conmhp&conlogo=ct3331981
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> DefaultScope {E406E668-CFB4-456A-BB2A-5798BBD05F7E} URL =
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?pc=COSP&ptag=D012615-AC44713A88D0B45FFA7F&form=CONBDF&conlogo=CT3331981&q={searchTerms}
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={A6292D66-6BD9-4B67-8F08-1AEA923FE123}&mid=ffd2c11bae0347d2a1e08d1809945664-aceeab40bdd668a0d9ed80095235dfa2aa73f985&lang=en&ds=gf011&coid=avgtbdisgf&cmpid=&pr=sa&d=2014-01-07 17:03:31&v=17.2.0.38&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=S1122&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> {E406E668-CFB4-456A-BB2A-5798BBD05F7E} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-07-29] (Siber Systems Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll [2012-08-15] (Sensible Vision )
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-08-25] (Symantec Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2014-07-29] (Siber Systems Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll [2012-08-15] (Sensible Vision )
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-07-29] (Siber Systems Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2014-07-29] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-07-29] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [332216] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [332216] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [332216] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [332216] (Lavasoft Limited)
Winsock: Catalog9 16 C:\Windows\SysWOW64\LavasoftTcpService.dll [332216] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [378832] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [378832] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [378832] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [378832] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\Windows\system32\LavasoftTcpService64.dll [378832] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\eu430qb2.default
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D012615-AC44713A88D0B45FFA7F&form=CONMHP&conlogo=CT3331981
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.bing.com/?pc=cosp&ptag=d012615-ac44713a88d0b45ffa7f&form=conmhp&conlogo=ct3331981
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-16] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-16] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-12-24] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-12-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF SearchPlugin: C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\eu430qb2.default\searchplugins\safesearch.xml [2015-01-26]
FF Extension: Garmin Communicator - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\eu430qb2.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-09-12]
FF Extension: Duplicate This Tab - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\eu430qb2.default\Extensions\duplicate-this-tab@mozilla.org.xpi [2013-12-22]
FF Extension: New Tab Homepage - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\eu430qb2.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2014-03-15]
FF Extension: Adblock Plus - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\eu430qb2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-20]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2013-12-21]
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2014-10-23]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-03-22]
FF HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Firefox\Extensions: [{E9489C32-B6E1-4E83-D8AE-2B4C80C857FF}] - C:\Program Files (x86)\-ViewPassword-soft\174.xpi
FF HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.bing.com/"
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSearchURL: Default -> https://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN
CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> https://www.bing.com/osjson.aspx?query={searchTerms}&language={language}&PC=U316
CHR Profile: C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-31]
CHR Extension: (Google Drive) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-31]
CHR Extension: (YouTube) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-31]
CHR Extension: (Google Search) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-31]
CHR Extension: (HTML5 video for YouTube™) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolajcekhnohkpncmhgledbmndjpblei [2015-02-16]
CHR Extension: (Chrome Remote Desktop) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-12-25]
CHR Extension: (Norton Identity Safe) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-11-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-23]
CHR Extension: (Norton Security Toolbar) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-11-24]
CHR Extension: (Google Wallet) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-31]
CHR Extension: (Gmail) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-31]
CHR Extension: (RoboForm) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-07-04]
CHR HKLM\...\Chrome\Extension: [feocblgcojafilfbgoineopkngchgaei] - C:\Program Files (x86)\Sensible Vision\Fast Access\chrome_fasso\extension.crx [2012-04-25]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-11-23]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [feocblgcojafilfbgoineopkngchgaei] - C:\Program Files (x86)\Sensible Vision\Fast Access\chrome_fasso\extension.crx [2012-04-25]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-11-23]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-06-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 ADVService; C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [25704 2011-11-23] (Amazon.com) [File not signed]
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\41.0.2272.41\remoting_host.exe [56648 2015-02-01] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [447888 2013-12-10] (Nuance Communications, Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
R2 FAService; C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2860528 2012-08-15] (Sensible Vision ) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-09-05] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [783264 2013-09-08] (Intel Corporation)
R2 ISCTAgent; c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.1.4\LavasoftTcpService.exe [1364392 2015-01-23] (Lavasoft Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe [265040 2014-10-02] (Symantec Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-08-23] (Realtek Semiconductor)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [15208 2015-01-23] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-15] (DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-03-04] (Dell Inc.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-11-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AX88179; C:\Windows\system32\DRIVERS\ax88179_178a.sys [73216 2014-08-07] (ASIX Electronics Corp.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150309.001\BHDrvx64.sys [1622744 2015-02-02] (Symantec Corporation)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-29] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-08-08] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-08] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [83960 2013-08-08] (Intel Corporation)
S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [129528 2013-08-08] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [117192 2013-09-05] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150323.001\IDSvia64.sys [669400 2015-02-04] (Symantec Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [20192 2013-09-08] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
S3 LAN7500; C:\Windows\system32\DRIVERS\lan7500-x64-n630f.sys [96256 2013-04-05] (SMSC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
S2 MCSTRM; No ImagePath
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150323.001\ENG64.SYS [129752 2015-02-14] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150323.001\EX64.SYS [2137304 2015-02-14] (Symantec Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-30] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [24744 2013-12-18] (Audials AG)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-30] (Microsoft Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1506000.020\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2013-10-16] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-23 20:22 - 2015-03-23 20:22 - 00042209 _____ () C:\Users\kellymorrissey\Downloads\FRST.txt
2015-03-23 20:22 - 2015-03-23 20:22 - 00000000 ____D () C:\FRST
2015-03-23 20:21 - 2015-03-23 20:22 - 02095616 _____ (Farbar) C:\Users\kellymorrissey\Downloads\FRST64.exe
2015-03-23 03:11 - 2015-03-23 03:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-22 14:41 - 2015-03-22 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-03-22 14:38 - 2015-03-22 14:38 - 1044797941 _____ () C:\Windows\MEMORY.DMP
2015-03-22 14:38 - 2015-03-22 14:38 - 01610584 _____ () C:\Windows\Minidump\032215-10500-01.dmp
2015-03-22 09:25 - 2015-03-22 14:42 - 00002136 _____ () C:\Windows\setupact.log
2015-03-22 09:25 - 2015-03-22 09:25 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-22 00:32 - 2015-03-23 20:18 - 00823730 _____ () C:\Windows\WindowsUpdate.log
2015-03-21 00:30 - 2015-03-23 20:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2015-03-16 05:59 - 2015-03-16 05:59 - 00000000 ____D () C:\Users\test\AppData\Local\Eastman Kodak Company
2015-03-14 20:02 - 2015-03-21 21:40 - 00000000 ____D () C:\Users\kellymorrissey\Documents\Travel
2015-03-13 13:33 - 2015-03-13 13:33 - 01054912 _____ (Adobe) C:\Users\test\Downloads\install_flashplayer17x32au_mssd_aaa_aih.exe
2015-03-11 19:25 - 2015-03-11 19:26 - 00000000 ____D () C:\Users\kellymorrissey\Desktop\microwave
2015-03-11 16:40 - 2015-01-26 20:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-11 16:40 - 2015-01-23 18:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-11 16:40 - 2015-01-23 00:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-11 16:40 - 2015-01-22 22:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-11 16:39 - 2015-03-05 19:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 16:39 - 2015-03-05 19:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 16:39 - 2015-02-25 16:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 16:39 - 2015-02-19 20:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 16:39 - 2015-02-19 19:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 16:39 - 2015-02-19 19:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 16:39 - 2015-02-19 19:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 16:39 - 2015-02-03 16:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-11 16:39 - 2015-02-03 16:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-11 16:39 - 2015-02-03 16:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-11 16:39 - 2015-02-02 16:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-11 16:39 - 2015-02-02 16:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-11 16:39 - 2015-01-30 16:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-11 16:39 - 2015-01-30 16:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-11 16:39 - 2015-01-28 18:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-11 16:39 - 2015-01-28 18:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-11 16:39 - 2015-01-28 18:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-11 16:39 - 2015-01-28 18:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-11 16:39 - 2014-10-28 19:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 16:39 - 2014-10-28 19:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 16:39 - 2014-10-28 19:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 16:39 - 2014-10-28 19:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2015-03-11 16:39 - 2014-10-28 19:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-03-11 16:39 - 2014-10-28 19:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2015-03-11 16:39 - 2014-10-28 19:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 16:39 - 2014-10-28 19:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 16:39 - 2014-10-28 19:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 16:39 - 2014-10-28 18:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2015-03-11 16:39 - 2014-10-28 18:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2015-03-11 16:39 - 2014-10-28 18:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-03-11 16:39 - 2014-10-28 18:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-03-11 16:39 - 2014-10-28 18:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2015-03-11 16:39 - 2014-10-28 18:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-03-11 16:39 - 2014-10-28 18:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-03-11 16:39 - 2014-10-28 17:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-03-11 16:39 - 2014-10-28 17:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-03-11 16:39 - 2014-10-28 17:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-03-11 16:39 - 2014-10-28 17:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-03-11 16:38 - 2015-02-20 18:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 16:38 - 2015-02-20 17:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 16:38 - 2015-02-20 17:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 16:38 - 2015-02-20 17:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-11 16:38 - 2015-02-20 17:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 16:38 - 2015-02-20 16:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 16:38 - 2015-02-20 16:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 16:38 - 2015-02-19 19:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 16:38 - 2015-02-19 19:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 16:38 - 2015-02-19 19:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 16:38 - 2015-02-19 19:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-11 16:38 - 2015-02-19 19:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 16:38 - 2015-02-19 19:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 16:38 - 2015-02-19 19:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 16:38 - 2015-02-19 19:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-11 16:38 - 2015-02-19 19:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 16:38 - 2015-02-19 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 16:38 - 2015-02-19 19:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 16:38 - 2015-02-19 18:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-11 16:38 - 2015-02-19 18:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-11 16:38 - 2015-02-19 18:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-11 16:38 - 2015-02-19 18:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 16:38 - 2015-02-19 18:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 16:38 - 2015-02-19 18:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 16:38 - 2015-02-19 18:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 16:38 - 2015-02-19 18:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 16:38 - 2015-02-19 18:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-11 16:38 - 2015-02-19 18:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-11 16:38 - 2015-02-19 18:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 16:38 - 2015-02-19 18:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-11 16:38 - 2015-02-19 18:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 16:38 - 2015-02-19 18:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 16:38 - 2015-02-19 18:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 16:38 - 2015-02-19 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 16:38 - 2015-02-19 18:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 16:38 - 2015-02-19 17:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 16:38 - 2015-02-19 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 16:38 - 2015-02-12 10:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 16:38 - 2015-02-12 10:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 16:38 - 2015-02-07 16:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-11 16:38 - 2015-02-07 16:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-11 16:38 - 2015-02-06 16:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-11 16:38 - 2015-02-05 18:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-11 16:38 - 2015-02-05 18:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-11 16:38 - 2015-02-05 13:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-11 16:38 - 2015-02-02 17:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-11 16:38 - 2015-02-02 17:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-11 16:38 - 2015-01-30 16:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 16:38 - 2015-01-29 20:01 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthA2DP.sys
2015-03-11 16:38 - 2015-01-29 20:01 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-11 16:38 - 2015-01-29 20:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-03-11 16:38 - 2015-01-29 19:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-11 16:38 - 2015-01-29 19:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-11 16:38 - 2015-01-29 19:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-11 16:38 - 2015-01-29 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-11 16:38 - 2015-01-29 18:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-11 16:38 - 2015-01-29 18:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-11 16:38 - 2015-01-29 18:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-11 16:38 - 2015-01-29 18:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-11 16:38 - 2015-01-29 18:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-11 16:38 - 2015-01-29 18:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-11 16:38 - 2015-01-29 18:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-11 16:38 - 2015-01-29 18:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-11 16:38 - 2015-01-29 18:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-11 16:38 - 2015-01-29 11:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 16:38 - 2015-01-29 11:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 16:38 - 2015-01-28 18:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 16:38 - 2015-01-28 18:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 16:38 - 2015-01-28 17:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-11 16:38 - 2015-01-28 17:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-11 16:38 - 2015-01-28 17:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-11 16:38 - 2015-01-28 17:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-11 16:38 - 2015-01-28 08:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 16:38 - 2015-01-28 08:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-11 16:38 - 2015-01-28 08:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-11 16:38 - 2015-01-27 19:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-11 16:38 - 2015-01-27 18:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-11 16:38 - 2015-01-27 18:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 16:38 - 2015-01-27 18:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 16:38 - 2015-01-27 16:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-11 16:38 - 2015-01-27 16:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-11 16:38 - 2015-01-26 21:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 16:38 - 2015-01-26 19:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 16:38 - 2015-01-20 22:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 16:38 - 2015-01-20 22:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 16:38 - 2014-12-10 22:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-11 16:38 - 2014-10-28 20:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-11 16:38 - 2014-10-28 19:46 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-03-11 16:38 - 2014-10-28 19:46 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-03-11 16:38 - 2014-10-28 19:45 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-03-11 16:38 - 2014-10-28 19:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-03-11 16:38 - 2014-10-28 19:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-03-11 16:38 - 2014-10-28 19:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-03-11 16:38 - 2014-10-28 19:03 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2015-03-11 16:38 - 2014-10-28 18:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-03-11 16:38 - 2014-10-28 18:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2015-03-11 16:38 - 2014-10-28 18:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-03-11 16:38 - 2014-10-28 17:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2015-03-11 16:38 - 2014-10-28 17:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 16:38 - 2014-10-08 00:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthHfAud.sys
2015-03-09 15:01 - 2015-03-09 15:01 - 00000000 ____D () C:\Users\kellymorrissey\Documents\Home Depot
2015-03-05 17:01 - 2015-03-05 17:31 - 00000000 ____D () C:\ProgramData\SupportAssistAgent
2015-03-05 17:01 - 2015-03-05 17:01 - 00003612 _____ () C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-03-05 17:01 - 2015-03-05 17:01 - 00000000 __HDC () C:\ProgramData\{6AACA38B-2810-4B47-BDEC-D7A1F38B1531}
2015-03-05 17:01 - 2015-03-05 17:01 - 00000000 ____D () C:\Program Files (x86)\Dell
2015-03-04 08:03 - 2015-03-04 08:09 - 786515305 _____ () C:\Users\kellymorrissey\Downloads\jamwithjimihendrixv2_part1.zip
2015-02-26 09:00 - 2015-02-26 09:00 - 00023760 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DDDriver64Dcsa.sys
2015-02-26 09:00 - 2015-02-26 09:00 - 00023312 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DellProf.sys
2015-02-25 19:04 - 2015-02-25 19:04 - 00000020 ___SH () C:\Users\Kel\ntuser.ini
2015-02-25 19:04 - 2015-02-25 19:04 - 00000000 ____D () C:\Users\Kel\AppData\Roaming\Leadertech
2015-02-25 18:59 - 2015-02-25 18:59 - 00000000 ___RD () C:\Users\Kel\SkyDrive
2015-02-25 18:58 - 2015-02-25 18:58 - 00000000 ____D () C:\Users\Kel\Halloween vintage photos
2015-02-25 18:58 - 2015-02-21 14:09 - 131523824 _____ (Microsoft Corporation) C:\Users\Kel\Downloads\msert.exe
2015-02-25 18:58 - 2015-02-04 18:20 - 00000892 _____ () C:\Users\Kel\Downloads\wave-interference_en.jnlp
2015-02-25 18:58 - 2015-01-05 18:03 - 00824200 _____ () C:\Users\Kel\Downloads\TSC_Spreadsheet.zip
2015-02-25 18:58 - 2015-01-05 17:27 - 00065082 _____ () C:\Users\Kel\Downloads\Meal-Plans.zip
2015-02-25 18:58 - 2014-12-26 12:15 - 26413824 _____ () C:\Users\Kel\Downloads\FW_RT_N66U_30043763602.zip
2015-02-25 18:58 - 2014-12-25 19:26 - 08317952 _____ () C:\Users\Kel\Downloads\chromeremotedesktophost.msi
2015-02-25 18:58 - 2014-12-20 09:51 - 36281408 _____ (Garmin Ltd or its subsidiaries) C:\Users\Kel\Downloads\GarminExpress.exe
2015-02-25 18:58 - 2014-12-10 18:21 - 180623036 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_3s-5s-part-1-yt65(1).mp4
2015-02-25 18:58 - 2014-12-10 18:19 - 111281394 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_5s-and-3s-part-2-gf65.mp4
2015-02-25 18:58 - 2014-12-10 18:17 - 00000000 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-2.mp4
2015-02-25 18:58 - 2014-12-10 17:47 - 218305374 _____ () C:\Users\Kel\Downloads\Show-Off-Lick-1.mp4
2015-02-25 18:58 - 2014-12-10 17:46 - 156984206 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-5.mp4
2015-02-25 18:58 - 2014-12-10 17:46 - 142171920 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-4.mp4
2015-02-25 18:58 - 2014-12-10 17:45 - 180623036 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-1.mp4
2015-02-25 18:58 - 2014-12-10 17:45 - 105580781 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-3.mp4
2015-02-25 18:58 - 2014-12-10 17:43 - 188772588 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-6.mp4
2015-02-25 18:58 - 2014-11-23 15:00 - 01021632 _____ (Symantec Corporation) C:\Users\Kel\Downloads\Norton_Download_Manager.exe
2015-02-25 18:58 - 2014-11-19 08:53 - 23940056 _____ (ReviverSoft) C:\Users\Kel\Downloads\PCReviverSetup-SpeedTest.exe
2015-02-25 18:58 - 2014-11-17 16:39 - 793681209 _____ () C:\Users\Kel\Downloads\fingerstyleacousticforbeginners.zip
2015-02-25 18:58 - 2014-10-22 16:50 - 01054912 _____ (Adobe) C:\Users\Kel\Downloads\install_flashplayer15x32au_mssa_aaa_aih.exe
2015-02-25 18:58 - 2014-10-21 18:14 - 1051063036 _____ () C:\Users\Kel\Downloads\rocklicksforabsolutebeginners.zip
2015-02-25 18:58 - 2014-09-16 06:21 - 01241504 _____ () C:\Users\Kel\Downloads\HP_DJ2540_hpu_Alert_000_007.exe
2015-02-25 18:58 - 2014-09-03 20:52 - 41139112 _____ (Wondershare ) C:\Users\Kel\Downloads\mobilego_full818.exe
2015-02-25 18:58 - 2014-09-03 18:52 - 05148672 _____ () C:\Users\Kel\Downloads\HPSupportSolutionsFramework-11.51.0004.msi
2015-02-25 18:58 - 2014-08-28 14:03 - 24743106 _____ () C:\Users\Kel\Downloads\vlc-2.1.5-win32.exe
2015-02-25 18:58 - 2014-08-13 14:08 - 00736256 _____ (Wondershare) C:\Users\Kel\Downloads\mobilego_setup_full818.exe
2015-02-25 18:58 - 2014-08-12 16:28 - 00417824 _____ () C:\Users\Kel\Downloads\DellSystemDetect.exe
2015-02-25 18:58 - 2014-08-11 20:31 - 34888280 _____ (Wondershare ) C:\Users\Kel\Downloads\ws_mobiletrans_win_av.exe
2015-02-25 18:58 - 2014-08-11 20:22 - 24111736 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Kel\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones(1).exe
2015-02-25 18:58 - 2014-08-11 20:10 - 16007072 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Kel\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.45.0.exe
2015-02-25 18:58 - 2014-08-11 20:06 - 24111736 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Kel\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
2015-02-25 18:58 - 2014-08-11 20:05 - 11060224 _____ () C:\Users\Kel\Downloads\CarbonSetup.msi
2015-02-25 18:58 - 2014-08-02 18:22 - 114078456 _____ (Intuit Inc. ) C:\Users\Kel\Downloads\Quicken_Deluxe_2014(1).exe
2015-02-25 18:58 - 2014-08-02 17:50 - 38426504 _____ (Intuit ) C:\Users\Kel\Downloads\QW2014R7MPatch.exe
2015-02-25 18:58 - 2014-07-29 20:12 - 16658872 _____ (Siber Systems) C:\Users\Kel\Downloads\RoboForm-Setup.exe
2015-02-25 18:58 - 2014-07-29 18:11 - 114078456 _____ (Intuit Inc. ) C:\Users\Kel\Downloads\Quicken_Deluxe_2014.exe
2015-02-25 18:58 - 2014-07-11 15:40 - 06598344 _____ () C:\Users\Kel\Downloads\HPPSdr.exe
2015-02-25 18:58 - 2014-06-29 14:15 - 01940600 _____ (TODO: <Company name>) C:\Users\Kel\Downloads\SocialMedia_Login.exe
2015-02-25 18:58 - 2014-06-24 19:20 - 106859936 _____ () C:\Users\Kel\Downloads\DJ2540_188.exe
2015-02-25 18:58 - 2014-06-16 19:04 - 119249873 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_Building-Samba-Independence-1-re54.mp4
2015-02-25 18:58 - 2014-06-16 19:04 - 116938660 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_Building-Samba-Independence-4-hg31.mp4
2015-02-25 18:58 - 2014-06-16 19:04 - 109092279 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_Building-Samba-Independence-5-hg65.mp4
2015-02-25 18:58 - 2014-06-16 19:04 - 101381081 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_Building-Samba-Independence-2-ytre.mp4
2015-02-25 18:58 - 2014-06-16 19:04 - 101080883 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_Building-Samba-Independence-3-na32.mp4
2015-02-25 18:58 - 2014-06-06 11:20 - 03673008 _____ (Piriform Ltd) C:\Users\Kel\Downloads\ccsetup414_pro.exe
2015-02-25 18:58 - 2014-06-06 11:04 - 79453904 _____ () C:\Users\Kel\Downloads\vlcmediaplayer-setup.exe
2015-02-25 18:58 - 2014-06-05 18:54 - 16616928 _____ (Siber Systems) C:\Users\Kel\Downloads\RoboForm-Setup-cnetc.exe
2015-02-25 18:58 - 2014-06-03 20:37 - 147349383 _____ () C:\Users\Kel\Downloads\RR1_disc_2_of_3.zip
2015-02-25 18:58 - 2014-06-03 20:13 - 138796475 _____ () C:\Users\Kel\Downloads\R_disc_3_of_3.zip
2015-02-25 18:58 - 2014-06-03 20:11 - 140388787 _____ () C:\Users\Kel\Downloads\R_disc_2_of_3.zip
2015-02-25 18:58 - 2014-06-03 20:08 - 139300139 _____ () C:\Users\Kel\Downloads\R_disc_1_of_3.zip
2015-02-25 18:58 - 2014-05-21 10:35 - 13808408 _____ (DigiTech ) C:\Users\Kel\Downloads\JamManagerXTSetup.exe
2015-02-25 18:58 - 2014-05-02 18:20 - 00347816 _____ (Microsoft Corporation) C:\Users\Kel\Downloads\MicrosoftFixit.AudioPlayback.Run.exe
2015-02-25 18:57 - 2015-02-25 18:57 - 00000000 ____D () C:\Users\Kel\Documents\Woodworking
2015-02-25 18:57 - 2015-02-25 18:57 - 00000000 ____D () C:\Users\Kel\Documents\~Trossachs
2015-02-25 18:57 - 2015-01-14 18:27 - 09432773 _____ () C:\Users\Kel\Downloads\33_paint_stroke_brushes_ps7__by_keepwaiting-d2xmll9.zip
2015-02-25 18:57 - 2015-01-02 12:55 - 00270918 _____ () C:\Users\Kel\Downloads\attachments.zip
2015-02-25 18:57 - 2014-11-17 16:54 - 1285507894 _____ () C:\Users\Kel\Downloads\blueslicksforabsolutebeginners.zip
2015-02-25 18:57 - 2014-11-17 16:26 - 1124317518 _____ () C:\Users\Kel\Downloads\bluesguitarforabsolutebeginners.zip
2015-02-25 18:57 - 2014-09-05 16:52 - 00000420 _____ () C:\Users\Kel\Downloads\2_Duck_Walkin.mp3.zip
2015-02-25 18:57 - 2014-05-30 21:24 - 10003416 _____ (Eastman Kodak Company) C:\Users\Kel\Downloads\aio_install.exe
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Wondershare
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Wallpaper
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\UX Certificate
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Symantec
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Sumner Home Sale
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\SSN
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Setlists
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Salt Lake City
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Recipes
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Quicken
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Photography
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Phone bill
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Outlook Files
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Nutrition
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\NewBlueFX
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\My RoboForm Data
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\My Lyrics
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Kai
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Home
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Hester Recipies
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Hester
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Halloween
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Guitar
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Garmin
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Garage door opener
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Fitness
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Finance
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Fax
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\ControlMyNikon v4.3
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Christmas
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Allyson Wedding
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Allyson School
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Alanon
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\ADT Alarm System
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Adobe
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Wedding chalk menus
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Vintage Illustrations
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Sundown bill
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\notification mp3s
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\New folder
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Kel's Droid photos
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Hester's photos
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Droid backup
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Damaged gutters
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Built-in Shelves
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\BACKUP
2015-02-25 18:56 - 2015-02-21 19:10 - 00000000 ____D () C:\Users\Kel\Desktop\kel user profile info
2015-02-25 18:56 - 2015-02-21 13:54 - 00000346 _____ () C:\Users\Kel\Desktop\Rhapsody.appref-ms
2015-02-25 18:56 - 2015-02-21 13:41 - 00062794 _____ () C:\Users\Kel\Desktop\RhapsodyErrorFile.txt
2015-02-25 18:56 - 2015-02-05 14:04 - 00062754 _____ () C:\Users\Kel\Desktop\rhapsody error message.txt
2015-02-25 18:56 - 2015-01-30 18:46 - 00062776 _____ () C:\Users\Kel\Desktop\Rhapsody error.txt
2015-02-25 18:56 - 2015-01-30 17:42 - 00000000 ____D () C:\Users\Kel\Desktop\01-30-2015
2015-02-25 18:56 - 2015-01-14 18:08 - 01725886 _____ () C:\Users\Kel\Desktop\K-20_Pipeline_and_Capacity_charts-10-31-14 (KM4).pptx
2015-02-25 18:56 - 2015-01-14 17:57 - 01866488 _____ () C:\Users\Kel\Desktop\K-20_Pipeline_and_Capacity_charts-10-31-14 (KM3).pptx
2015-02-25 18:56 - 2015-01-14 17:34 - 01858256 _____ () C:\Users\Kel\Desktop\K-20_Pipeline_and_Capacity_charts-10-31-14 (KM2).pptx
2015-02-25 18:56 - 2015-01-12 20:13 - 02897008 _____ () C:\Users\Kel\Desktop\kellymorrissey's quicken data_SyncLog.dat
2015-02-25 18:56 - 2015-01-12 20:04 - 00157360 _____ () C:\Users\Kel\Desktop\Kellymorrissey's Quicken DataOFXLOG.DAT
2015-02-25 18:56 - 2014-12-15 20:21 - 45073929 _____ () C:\Users\Kel\Desktop\Kai and Aidan.psd
2015-02-25 18:56 - 2014-11-23 15:01 - 00001252 _____ () C:\Users\Kel\Desktop\Norton Installation Files.lnk
2015-02-25 18:56 - 2014-10-26 08:26 - 00000000 _____ () C:\Users\Kel\Documents\FAPCD54.tmp
2015-02-25 18:56 - 2014-10-26 08:26 - 00000000 _____ () C:\Users\Kel\Documents\FAPCCF4.tmp
2015-02-25 18:56 - 2014-10-26 08:26 - 00000000 _____ () C:\Users\Kel\Documents\FAP83F3.tmp
2015-02-25 18:56 - 2014-10-26 08:14 - 00000000 _____ () C:\Users\Kel\Documents\FAP95D8.tmp
2015-02-25 18:56 - 2014-10-26 08:14 - 00000000 _____ () C:\Users\Kel\Documents\FAP8FCB.tmp
2015-02-25 18:56 - 2014-10-26 08:12 - 00000000 _____ () C:\Users\Kel\Documents\FAP3819.tmp
2015-02-25 18:56 - 2014-10-26 08:09 - 00000000 _____ () C:\Users\Kel\Documents\FAPFF02.tmp
2015-02-25 18:56 - 2014-10-26 08:09 - 00000000 _____ () C:\Users\Kel\Documents\FAPFDE7.tmp
2015-02-25 18:56 - 2014-10-26 08:09 - 00000000 _____ () C:\Users\Kel\Documents\FAP117.tmp
2015-02-25 18:56 - 2014-10-26 08:06 - 00000000 _____ () C:\Users\Kel\Documents\FAP5AF8.tmp
2015-02-25 18:56 - 2014-10-26 08:06 - 00000000 _____ () C:\Users\Kel\Documents\FAP598E.tmp
2015-02-25 18:56 - 2014-10-26 08:06 - 00000000 _____ () C:\Users\Kel\Documents\FAP5844.tmp
2015-02-25 18:56 - 2014-10-26 08:04 - 00000000 _____ () C:\Users\Kel\Documents\FAPFA77.tmp
2015-02-25 18:56 - 2014-10-26 08:04 - 00000000 _____ () C:\Users\Kel\Documents\FAPF8C0.tmp
2015-02-25 18:56 - 2014-10-26 08:03 - 00000000 _____ () C:\Users\Kel\Documents\FAPF21B.tmp
2015-02-25 18:56 - 2014-10-26 08:03 - 00000000 _____ () C:\Users\Kel\Documents\FAPE97E.tmp
2015-02-25 18:56 - 2014-10-26 07:54 - 00000000 _____ () C:\Users\Kel\Documents\FAPD0AC.tmp
2015-02-25 18:56 - 2014-10-26 07:54 - 00000000 _____ () C:\Users\Kel\Documents\FAP3091.tmp
2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAPC7BA.tmp
2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAP981D.tmp
2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAP741.tmp
2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAP6D71.tmp
2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAP5D52.tmp
2015-02-25 18:56 - 2014-10-25 09:48 - 00179572 _____ () C:\Users\Kel\Desktop\Food for thought.psd
2015-02-25 18:56 - 2014-10-12 10:19 - 10125312 _____ () C:\Users\Kel\Desktop\Kellymorrissey's Quicken Data.QDF
2015-02-25 18:56 - 2014-10-12 10:19 - 08130560 _____ () C:\Users\Kel\Desktop\Kellymorrissey's Quicken Data.QDF-backup
2015-02-25 18:56 - 2014-09-21 18:11 - 00604310 _____ () C:\Users\Kel\Documents\script furniture and pillows.pptx
2015-02-25 18:56 - 2014-09-03 18:52 - 00000329 _____ () C:\Users\Kel\Desktop\HP Printer Diagnostic Tools.url
2015-02-25 18:56 - 2014-08-28 22:07 - 00011268 _____ () C:\Users\Kel\Documents\Aidan's Soccer Schedule.xlsx
2015-02-25 18:56 - 2014-08-28 22:03 - 00000000 ____D () C:\Users\Kel\Documents\Soccer
2015-02-25 18:56 - 2014-08-02 18:00 - 06004736 _____ () C:\Users\Kel\Desktop\Kellymorrissey's Quicken Data-2014-08-02.QDF-backup
2015-02-25 18:56 - 2014-08-02 14:02 - 00000000 ____D () C:\Users\Kel\Documents\New folder
2015-02-25 18:56 - 2014-06-25 15:04 - 00013560 _____ () C:\Users\Kel\Desktop\Weekly chore schedule 2014.xlsx
2015-02-25 18:56 - 2014-06-23 14:50 - 00000239 _____ () C:\Users\Kel\Desktop\Practical Disaster Preparedness for the Family Worksheets.URL
2015-02-25 18:56 - 2014-06-23 14:48 - 00020291 _____ () C:\Users\Kel\Desktop\Disaster Worksheets.xlsx
2015-02-25 18:56 - 2014-03-15 16:56 - 00000000 ____D () C:\Users\Kel\Documents\OneNote Notebooks
2015-02-25 18:56 - 2014-02-24 19:16 - 00023510 _____ () C:\Users\Kel\Documents\Checklist for My Ideal Apartment.dotx
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Wondershare
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Western_Digital
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\VirtualStore
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Rhapsody
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\RapidSolution
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\QuickenWindow
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Packages
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Mozilla
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Microsoft Help
2015-02-25 18:43 - 2013-12-21 22:01 - 00000000 ____D () C:\Users\Kel\AppData\Local\softthinks
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 __SHD () C:\Users\Kel\AppData\Local\EmieUserList
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 __SHD () C:\Users\Kel\AppData\Local\EmieSiteList
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 __SHD () C:\Users\Kel\AppData\Local\EmieBrowserModeList
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Macromedia
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\LogMeIn Rescue Applet
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Lavasoft
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\IsolatedStorage
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Intel_Corporation
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\HP
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Hewlett-Packard
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Google
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\globalUpdate
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Garmin
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Easy Blue Print
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Eastman_Kodak_Company
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Eastman Kodak Company
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Downloaded Installations
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\CrashRpt
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\CrashDumps
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Citrix
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Apps\2.0
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Adobe
2015-02-25 18:42 - 2015-02-25 17:54 - 00000000 ____D () C:\Users\Kel\AppData\Local\Deployment
2015-02-25 18:42 - 2015-02-18 13:10 - 00000236 _____ () C:\Users\Kel\AppData\Local\LaunchHomeCenter.log
2015-02-25 18:42 - 2015-01-07 19:15 - 00001456 _____ () C:\Users\Kel\AppData\Local\Adobe Save for Web 12.0 Prefs
2015-02-25 18:42 - 2014-06-06 11:02 - 00003584 _____ () C:\Users\Kel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-25 18:20 - 2015-02-25 18:21 - 00000000 ____D () C:\Users\kellymorrissey\Desktop\Sundown bill
2015-02-25 00:22 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 00:22 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-02-25 00:22 - 2014-10-28 18:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-25 00:22 - 2014-10-28 18:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-02-25 00:22 - 2014-10-28 18:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-25 00:22 - 2014-10-28 18:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-02-21 19:30 - 2015-02-21 19:30 - 00000000 ____D () C:\Users\Kel\AppData\Roaming\Intel
2015-02-21 19:22 - 2015-02-25 19:04 - 00000000 ____D () C:\Users\Kel
2015-02-21 19:10 - 2015-02-21 19:10 - 00000000 ____D () C:\Users\kellymorrissey\Desktop\kel user profile info
2015-02-21 14:09 - 2015-02-21 14:09 - 131523824 _____ (Microsoft Corporation) C:\Users\kellymorrissey\Downloads\msert.exe
2015-02-21 13:54 - 2015-02-21 13:54 - 00000346 _____ () C:\Users\kellymorrissey\Desktop\Rhapsody.appref-ms
2015-02-21 13:54 - 2015-02-21 13:54 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rhapsody International Inc
2015-02-21 13:53 - 2015-02-21 13:53 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Local\Apps\2.0
2015-02-21 13:41 - 2015-02-21 13:41 - 00062794 _____ () C:\Users\kellymorrissey\Desktop\RhapsodyErrorFile.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-23 20:00 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-23 19:54 - 2014-06-20 14:46 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8cd123329adb.job
2015-03-23 19:50 - 2014-06-06 11:07 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Roaming\vlc
2015-03-23 19:36 - 2014-03-25 18:41 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf489473ef515f.job
2015-03-23 19:31 - 2013-12-22 11:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-23 19:23 - 2014-03-30 18:23 - 00000000 ____D () C:\Users\kellymorrissey\Documents\Outlook Files
2015-03-23 15:14 - 2014-05-30 21:25 - 00000000 ____D () C:\ProgramData\Kodak
2015-03-23 14:01 - 2014-12-05 16:51 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2015-03-23 14:01 - 2014-06-06 16:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-23 14:01 - 2013-12-13 14:26 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-03-23 03:05 - 2014-06-06 16:48 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-23 02:00 - 2014-06-24 17:12 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Local\Adobe
2015-03-23 01:54 - 2014-10-19 19:31 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfec0de611f7bb.job
2015-03-22 15:03 - 2014-08-15 07:56 - 00005012 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for KELSXPS13-kellymorrissey KelsXPS13
2015-03-22 14:47 - 2013-12-21 16:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-22 14:43 - 2014-02-20 20:01 - 00000000 ___DO () C:\Users\kellymorrissey\SkyDrive
2015-03-22 14:43 - 2013-12-13 14:23 - 00003278 _____ () C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager
2015-03-22 14:41 - 2013-12-13 14:14 - 00005598 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-22 14:39 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-22 14:39 - 2013-08-22 07:44 - 00564712 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-22 14:38 - 2014-09-19 16:16 - 00000000 ____D () C:\Windows\Minidump
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-22 14:30 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-22 14:28 - 2014-03-27 14:23 - 00003612 _____ () C:\Windows\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-838906522-1154930953-3695442700-1001
2015-03-22 14:25 - 2013-08-22 06:25 - 01310720 ___SH () C:\Windows\system32\config\BBI
2015-03-22 08:03 - 2014-07-29 10:10 - 00000000 ___RD () C:\Users\kellymorrissey\Dropbox
2015-03-22 08:03 - 2014-07-29 10:09 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Roaming\Dropbox
2015-03-22 00:00 - 2014-10-16 17:16 - 00000258 _____ () C:\Windows\Tasks\CCleanerClean.job
2015-03-22 00:00 - 2013-12-21 21:47 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Local\CrashDumps
2015-03-21 14:28 - 2013-12-21 18:57 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-838906522-1154930953-3695442700-1001
2015-03-21 07:06 - 2015-02-04 12:30 - 00000000 ____D () C:\Users\kellymorrissey\Documents\~Trossachs
2015-03-17 04:05 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\rescache
2015-03-16 06:33 - 2013-12-22 11:29 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-16 06:06 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-16 06:05 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-14 16:04 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-14 15:14 - 2014-07-29 10:10 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-13 18:58 - 2015-02-18 10:35 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-838906522-1154930953-3695442700-1002
2015-03-13 13:48 - 2013-12-23 18:50 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-11 16:51 - 2013-12-26 21:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 16:48 - 2013-12-26 21:13 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-05 17:01 - 2013-12-13 14:23 - 00000000 ____D () C:\Program Files\Dell
2015-03-04 14:24 - 2014-04-28 14:10 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 14:24 - 2014-04-28 14:10 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-04 13:27 - 2014-06-06 11:21 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-04 10:28 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\Recovery
2015-03-04 10:10 - 2014-11-09 12:40 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-04 10:09 - 2014-11-09 12:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-04 10:09 - 2014-11-09 12:40 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-04 06:14 - 2013-12-21 18:52 - 00000000 ____D () C:\Users\kellymorrissey
2015-02-26 15:40 - 2015-01-26 15:38 - 00003736 _____ () C:\Windows\System32\Tasks\DriverRestore_ScheduledScan
2015-02-26 15:40 - 2015-01-26 15:38 - 00003592 _____ () C:\Windows\System32\Tasks\DriverRestore_DailyScan
2015-02-25 18:02 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-25 17:54 - 2013-12-21 16:46 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Local\Deployment
2015-02-21 13:54 - 2014-12-09 21:43 - 00001555 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-02-21 13:39 - 2013-12-21 18:52 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Local\Packages

==================== Files in the root of some directories =======

2014-01-07 18:04 - 2014-01-07 18:23 - 0000473 _____ () C:\Users\kellymorrissey\AppData\Roaming\burnaware.ini
2013-12-22 12:52 - 2015-02-05 13:46 - 0000004 _____ () C:\Users\kellymorrissey\AppData\Roaming\DEA82C
2013-12-22 12:52 - 2015-02-05 13:46 - 0870128 _____ () C:\Users\kellymorrissey\AppData\Roaming\mcs.rma
2014-01-04 20:35 - 2015-01-07 19:15 - 0001456 _____ () C:\Users\kellymorrissey\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-06-06 11:02 - 2014-06-06 11:02 - 0003584 _____ () C:\Users\kellymorrissey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-18 13:10 - 2015-02-18 13:10 - 0000236 _____ () C:\Users\kellymorrissey\AppData\Local\LaunchHomeCenter.log
2014-04-24 16:19 - 2014-04-24 16:19 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-12-13 14:08 - 2013-12-13 14:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-07-23 10:19 - 2014-07-23 10:19 - 0000252 _____ () C:\ProgramData\FastPics.log
2014-07-23 10:35 - 2014-07-23 10:35 - 0000256 _____ () C:\ProgramData\lxea.log
2014-07-23 10:21 - 2014-07-23 10:21 - 0001122 _____ () C:\ProgramData\lxeaJSW.log
2014-07-23 10:17 - 2014-07-23 10:35 - 0001724 _____ () C:\ProgramData\lxeascan.log
2014-12-09 21:43 - 2015-02-21 13:54 - 0001555 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-07-23 10:16 - 2014-07-23 10:16 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

Some content of TEMP:
====================
C:\Users\kellymorrissey\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2ykbit.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-16 02:01

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by kellymorrissey at 2015-03-23 20:22:44
Running from C:\Users\kellymorrissey\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security Suite (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Security Suite (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security Suite (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Web Companion (x32 Version: 1.1.862.1653 - Lavasoft) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.2 64-bit (HKLM\...\{54E6C675-3AD4-42E4-957F-31666ABF1603}) (Version: 5.2.1 - Adobe)
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (HKLM\...\PremElem110) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Amazon Unbox Video (HKLM-x32\...\InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}) (Version: 2.2.0.153 - Amazon.com)
Amazon Unbox Video (x32 Version: 2.2.0.153 - Amazon.com) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
Audials (HKLM-x32\...\{DF83FFB3-D4E3-4A9B-9775-3982D23208B0}) (Version: 11.0.48200.0 - Audials AG)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Chrome Remote Desktop Host (HKLM-x32\...\{C9F8858E-B6F9-4E56-B155-2A5CE7FC74B9}) (Version: 41.0.2272.41 - Google Inc.)
ControlMyNikon version 4.3 (HKLM-x32\...\{DFC5625B-66D6-40E0-8D66-BC54747D306E}_is1) (Version: 4.3 - Tetherscript Technology Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.)
Dell Custom Help (Version: 16.05.1000.0264 - Intel Corporation) Hidden
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell)
Dell System Detect (HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\9204f5692a8faf3b) (Version: 5.9.0.5 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.15.6 - Synaptics Incorporated)
DJ2540FWUpdateAlert (x32 Version: 1.00.0000 - HP) Hidden
Dragon Assistant version 1.5.17 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.17 - Nuance Communications, Inc.)
Dropbox (HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Elements+ for PSE 11, v.6.0 (HKLM-x32\...\Elements+ for PSE 11_is1) (Version:  - Andrei Doubrovski)
Elevated Installer (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Face Recognition (HKLM\...\{770ED7E8-31F7-4F8E-887A-220B66865D4B}) (Version: 4.0.71.1 - Sensible Vision)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{348A1F5B-07B3-4436-9A47-FFE44EFE856E}) (Version: 11.51.0004 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel® Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1335.5) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel® Rapid Start Technology (HKLM-x32\...\{3D073343-CEEB-4ce7-85AC-A69A7631B5D6}) (Version: 3.0.0.1056 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{D6FBF816-ACB8-46CC-ACC6-C8BBA85F497D}) (Version: 4.2.40.2418 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{0d7a3647-915a-40be-a6ba-a0228bd48150}) (Version: 16.5.3 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
JamManagerXT version 2.0 (HKLM-x32\...\{777248DB-00AD-4567-9382-E991118BC6CC}_is1) (Version: 2.0 - Harman International, Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LavasoftTcpService (x32 Version: 2.3.1.4 - Lavasoft) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mavis Beacon Teaches Typing Deluxe 20 (HKLM-x32\...\{23B591D7-1C20-44FB-97C2-6953AE67DE18}) (Version: 20.00.0000 - Broderbund)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Software Update (x32 Version: 1.0.41 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 5.9.0 (Version: 5.9.0 - Motorola Inc.) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
Nuance Speech Component DA-A en-US version 1.5.17 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.17 - Nuance Communications, Inc.)
Nuance Speech Component DA-C version 1.1.19 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.19 - Nuance Communications, Inc.)
Nuance Speech Component DA-L en-US version 1.1.5 (HKLM-x32\...\{4C0C1E4E-D3B1-4496-98EC-DA14D45EC855}_is1) (Version: 1.1.5 - Nuance Communications, Inc.)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Photomatix Pro version 5.0 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0 - HDRsoft Ltd)
PlusVid (HKLM-x32\...\PlusVid) (Version: 1.34.6.10 - Phoenix Media)
PocketCloud (HKLM-x32\...\{D9752C7D-A595-4687-A0D5-362E9C311C55}) (Version: 2.7.14 - Wyse Technology)
PRE11 STI 64Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.7.6 - Intuit)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.2.04 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7039 - Realtek Semiconductor Corp.)
Rhapsody (HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\8aa854a199af1b36) (Version: 6.9.3.0 - Rhapsody International Inc.)
RoboForm 7-9-8-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-8-5 - Siber Systems)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Sansa Updater (HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Sansa Updater) (Version: 1.406 - SanDisk Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{7431ED5D-9247-4F17-91C9-702D9B36FAC4}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{6FE8A1DA-8CA6-4801-BF0F-0F2FED143FF4}) (Version: 1.6.4.7 - Western Digital Technologies, Inc.)
Web Companion (HKLM-x32\...\{8BC95771-8634-499F-9EA5-1498A2701C7A}_WebCompanion) (Version: 1.1.862.1653 - Lavasoft)
Windows Driver Package - Digitech (usbser) Ports  (04/24/2009 1.1.2600.0) (HKLM\...\9A5D99BED6F7F105B74795DCF16F3088223BEFBB) (Version: 04/24/2009 1.1.2600.0 - Digitech)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-838906522-1154930953-3695442700-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-838906522-1154930953-3695442700-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-838906522-1154930953-3695442700-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-838906522-1154930953-3695442700-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-838906522-1154930953-3695442700-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-838906522-1154930953-3695442700-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-838906522-1154930953-3695442700-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-838906522-1154930953-3695442700-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-838906522-1154930953-3695442700-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-838906522-1154930953-3695442700-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03A743F3-BA1F-4400-883A-EEE594B8A513} - System32\Tasks\GoogleUpdateTaskMachineCore1cfec0de611f7bb => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-31] (Google Inc.)
Task: {0FD071D6-5CC0-4679-962E-903D5EEC74D3} - \92bf8bbc-dba1-4bf8-8f5d-49741cf15757-5 No Task File <==== ATTENTION
Task: {1556B30C-2136-4A0A-92EF-E286904D9ECA} - System32\Tasks\PocketCloudUpdater => C:\Program
Task: {177EA853-3441-43D2-B57C-DEF6F5D0FEAD} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {179079E7-3A59-433E-87EF-0FC8F5B3227E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {2E2834EB-5F41-43A2-8268-8EA0899AE234} - System32\Tasks\PocketCloud => C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe [2013-08-22] ()
Task: {344EB50A-8C2A-44AE-8B19-EA094357DB3A} - System32\Tasks\RtHDVBg_MA3Firmware => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-08-30] (Realtek Semiconductor)
Task: {3775F40B-3DE1-4173-8418-76D1A64A88F9} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMMMNJKMMJOJMMPMOMCNKMLJJMLJCNLMKJHMJJCNOJGMJJLMCNGMMMJJNJJMPMNJGMKMHMGMHMJNJICMIMCNGMCNHMFMOMOMCNPMCNGMJMPMPMFMJMCNMMCNGMJMPMPMCNNMJNPICMOMFMEKMICNJJCKFMNMOMGMJNHICMOMPMKJGIMIJNBJCMEJKJDJDJGICJAJNINIGJMIMIKJGIJNKJCMJNNICMJNDJCMKJBJJNMJCMNMFMGMLMIMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
Task: {41469B6F-FD13-4BD5-B2C2-F57C92B9F078} - \TidyNetwork Update No Task File <==== ATTENTION
Task: {42CF8560-F63F-4B56-BA86-A8B70A386E06} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {44681EEE-FA93-4F91-9473-E3BBF6CCAD5E} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-16] (Synaptics Incorporated)
Task: {45F0C22B-9AE3-42E1-8EA7-1C70EB191C4F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-02-03] (PC-Doctor, Inc.)
Task: {4C010AE2-35A2-4D23-B885-665CD2A31A4B} - System32\Tasks\DriverRestore_ScheduledScan => C:\Program Files (x86)\DriverRestore\DriverRestore.exe
Task: {4E76A8E7-49A4-42A6-B2D5-6C5DD5CDCA37} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {524A3EBC-5AE2-4B02-A859-1BAF85F3C27C} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {67D943C5-CC99-4570-BDC4-CACB639FCBD4} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-kelly.morrissey@comcast.net => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {68FD85DA-1317-4765-B312-9AA8E1C7C6F8} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6be03bafc6f0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-31] (Google Inc.)
Task: {6A83210E-6D17-49D6-B8F0-F77E618F3919} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.)
Task: {6AFC2E77-9476-4F38-A71D-0FA900BD55B6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-16] (Adobe Systems Incorporated)
Task: {73DD6127-B946-440D-9D76-5143F36C3D8C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {7BD4C3BF-A8A9-47C8-AB9D-16A1245DBE8D} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-838906522-1154930953-3695442700-1001
Task: {7E923A02-4C0D-4367-9AF9-AFB70F8955B0} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {7FF4E2D5-0243-4856-B307-B07C764058B9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-11] (Microsoft Corporation)
Task: {9051DED9-C363-4EFC-B11C-00208F3003A3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {92C8CDF6-D9D7-4095-A2B9-F81D031FE558} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-02-03] (PC-Doctor, Inc.)
Task: {97910C2D-49A2-4830-AD03-D5F4E6618F63} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {98B350CD-749C-435E-8600-C40457ACA796} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {9955D177-35EE-428D-93B3-5209784FEC3E} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer.exe [2013-08-22] ()
Task: {B537CD9D-4333-4A61-B30C-13C0BB495B30} - System32\Tasks\Microsoft Office 15 Sync Maintenance for KELSXPS13-kellymorrissey KelsXPS13 => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)
Task: {B59C3F7F-8D71-41EA-97EA-5505EA8B8C57} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {C2DCA186-B595-4ABA-A347-7346317CCF8F} - System32\Tasks\DriverRestore_DailyScan => C:\Program Files (x86)\DriverRestore\DriverRestore.exe
Task: {C6810228-0C8A-4FD9-9864-BADB59E8755B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-12-31] ()
Task: {CD45ED19-F03F-4D78-AFF4-5C63CF6D36B6} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {D6E85636-84B1-4392-8CA3-1AABA4BE2B93} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E4733025-6AFB-44D6-A421-CC4B566A2595} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8cd123329adb => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-31] (Google Inc.)
Task: {E5B5EB5A-DEEB-4E8A-80C2-0853AB5FE96C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {EBBB465B-E93A-446F-9371-B5503CE08B72} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2013-09-08] (Intel)
Task: {ED50FE68-EA2E-4496-BD7C-B3046BE1F6F4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {EEAC4ACC-328E-4591-8C25-9DF48BFDF2B9} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-09-05] (Realtek Semiconductor)
Task: {F383F2F3-B7A9-4875-BB2D-346865849405} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-07-29] (Siber Systems)
Task: {F87DA2D5-96D8-4B1D-88F7-9CB05FBBA16C} - System32\Tasks\GoogleUpdateTaskMachineCore1cf489473ef515f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-31] (Google Inc.)
Task: {FA848CB5-BC3D-461A-8698-A1E55EA51E86} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-08-30] (Realtek Semiconductor)
Task: {FBFB700F-5A40-47CC-B1B1-08EE6A610EF9} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {FCD2A68D-B6E9-430B-912F-30DA22A72D9D} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf489473ef515f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfec0de611f7bb.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8cd123329adb.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-03-26 16:45 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-08-01 18:31 - 2013-08-01 18:31 - 00198120 _____ () c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-08-01 18:31 - 2013-08-01 18:31 - 00054760 _____ () c:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-01 18:31 - 2013-08-01 18:31 - 00034792 _____ () c:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2015-01-23 07:38 - 2015-01-23 07:38 - 00015208 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2015-01-23 07:38 - 2015-01-23 07:38 - 00012144 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2015-01-23 07:38 - 2015-01-23 07:38 - 00032616 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
2013-08-22 12:40 - 2013-08-22 12:40 - 00016176 _____ () C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
2013-08-22 12:40 - 2013-08-22 12:40 - 00040240 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherServiceLib.dll
2013-08-22 12:40 - 2013-08-22 12:40 - 00046384 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherHelperLib.dll
2015-03-13 13:48 - 2015-01-27 08:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-09-18 12:37 - 2014-07-02 20:55 - 00487144 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2015-02-13 10:07 - 2015-01-30 00:15 - 00107256 _____ () C:\Program Files\Dell\SupportAssist\libCSharpCommonCS.dll
2015-02-13 10:07 - 2015-01-30 00:15 - 00545528 _____ () C:\Program Files\Dell\SupportAssist\libAsapiCSharp.dll
2012-08-15 10:13 - 2012-08-15 10:13 - 00093680 _____ () C:\Windows\SYSTEM32\FAIEExtension.DLL
2013-12-21 21:47 - 2013-12-10 14:52 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
2013-12-21 21:47 - 2013-12-10 14:52 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
2013-12-21 21:47 - 2013-12-10 14:52 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
2013-12-21 21:47 - 2013-12-10 14:52 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
2013-12-21 21:47 - 2013-12-10 14:52 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
2013-12-21 21:47 - 2013-12-10 14:52 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
2011-11-23 21:21 - 2011-11-23 21:21 - 00105576 ____R () C:\Program Files (x86)\Amazon\Amazon Unbox Video\LimelightDownloadManager.dll
2014-11-24 12:39 - 2014-11-24 12:39 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2013-12-13 14:14 - 2013-09-03 17:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-03-13 13:48 - 2015-01-27 07:13 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2015-01-23 07:38 - 2015-01-23 07:38 - 00072000 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2015-01-23 07:38 - 2015-01-23 07:38 - 00174440 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2015-01-23 07:38 - 2015-01-23 07:38 - 00094536 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2015-01-23 07:38 - 2015-01-23 07:38 - 00033136 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll
2015-01-23 07:38 - 2015-01-23 07:38 - 00015696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
2015-01-23 07:39 - 2015-01-23 07:39 - 00119128 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2015-01-23 07:38 - 2015-01-23 07:38 - 00039256 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2014-09-18 12:37 - 2014-07-30 16:37 - 01906464 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2013-12-13 14:27 - 2012-11-26 00:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-09-18 12:37 - 2012-11-25 22:19 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2014-11-21 06:22 - 2014-11-21 06:22 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-03-13 13:47 - 2015-03-13 13:48 - 01754296 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\tmpod.dll
2015-03-13 13:48 - 2015-02-10 02:59 - 01032352 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\kellymorrissey\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\kellymorrissey\SkyDrive.old:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-838906522-1154930953-3695442700-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Amazon Unbox.lnk"
HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\Run: => "AudialsNotifier"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\Run: => "SansaDispatch"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_47515865E6C1E3749B7552B111E8840A"

==================== Accounts: =============================

Administrator (S-1-5-21-838906522-1154930953-3695442700-500 - Administrator - Disabled)
Guest (S-1-5-21-838906522-1154930953-3695442700-501 - Limited - Disabled)
Kel (S-1-5-21-838906522-1154930953-3695442700-1003 - Administrator - Enabled) => C:\Users\Kel
kellymorrissey (S-1-5-21-838906522-1154930953-3695442700-1001 - Administrator - Enabled) => C:\Users\kellymorrissey
test (S-1-5-21-838906522-1154930953-3695442700-1002 - Limited - Enabled) => C:\Users\test

==================== Faulty Device Manager Devices =============

Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/22/2015 02:41:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (03/22/2015 02:41:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (03/22/2015 02:39:43 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider ProtectionManagement attempted to register query "select * from MSFT_MpEvent" whose target class "MSFT_MpEvent" in //./root/microsoft/protectionManagement namespace does not exist. The query will be ignored.

Error: (03/22/2015 02:39:43 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider  attempted to register query "select * from MSFT_MpEvent" whose target class "MSFT_MpEvent" in //./root/microsoft/protectionManagement namespace does not exist. The query will be ignored.

Error: (03/22/2015 02:39:31 PM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-03-22 14:39:31.705638 [CRIT ] AudioClient\AudioClient.c    :273  * 1936* No speech stream COM server available, please register at least one

Error: (03/22/2015 02:39:31 PM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-03-22 14:39:31.705638 [ERROR] AudioClient\AudioClient.c    :250  * 1936* Error initializing NAS Client

Error: (03/22/2015 02:39:31 PM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-03-22 14:39:31.705638 [ERROR] AudioClient\NASClient.cpp    :184  * 1936* Error with NAS GetCaptureDevicesInfo: 1

Error: (03/22/2015 02:38:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe, version: 6.3.9600.16384, time stamp: 0x5215dfe3
Faulting module name: gpsvc.dll, version: 6.3.9600.17238, time stamp: 0x53d0c970
Exception code: 0xc0000005
Fault offset: 0x00000000000326b2
Faulting process id: 0x320
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Faulting package full name: svchost.exe4
Faulting package-relative application ID: svchost.exe5

Error: (03/22/2015 02:38:51 PM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-03-22 14:38:51.507935 [CRIT ] AudioClient\AudioClient.c    :273  * 1972* No speech stream COM server available, please register at least one

Error: (03/22/2015 02:38:51 PM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-03-22 14:38:51.507935 [ERROR] AudioClient\AudioClient.c    :250  * 1972* Error initializing NAS Client


System errors:
=============
Error: (03/22/2015 02:39:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (03/22/2015 02:38:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (03/22/2015 02:38:50 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000003, 0xffffe001cf091980, 0xfffff803c4466960, 0xffffe001d0ca38a0)C:\Windows\MEMORY.DMP032215-10500-01

Error: (03/22/2015 02:32:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%32

Error: (03/22/2015 02:26:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0841: Cumulative Security Update for Internet Explorer 11 for Windows 8.1 for x64-based Systems (KB3032359).

Error: (03/22/2015 02:25:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (03/22/2015 02:25:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Server service terminated with the following error:
%%1115

Error: (03/22/2015 02:25:32 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: 1069netprofmUnavailable{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (03/22/2015 02:25:32 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: 1069WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (03/22/2015 02:25:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Network List Service service failed to start due to the following error:
%%1069


Microsoft Office Sessions:
=========================
Error: (03/22/2015 02:41:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F2030000E5050000

Error: (03/22/2015 02:41:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance163707000000000000000000008F020000

Error: (03/22/2015 02:39:43 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: ProtectionManagementselect * from MSFT_MpEventMSFT_MpEvent//./root/microsoft/protectionManagement

Error: (03/22/2015 02:39:43 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: select * from MSFT_MpEventMSFT_MpEvent//./root/microsoft/protectionManagement

Error: (03/22/2015 02:39:31 PM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-03-22 14:39:31.705638 [CRIT ] AudioClient\AudioClient.c    :273  * 1936* No speech stream COM server available, please register at least one

Error: (03/22/2015 02:39:31 PM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-03-22 14:39:31.705638 [ERROR] AudioClient\AudioClient.c    :250  * 1936* Error initializing NAS Client

Error: (03/22/2015 02:39:31 PM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-03-22 14:39:31.705638 [ERROR] AudioClient\NASClient.cpp    :184  * 1936* Error with NAS GetCaptureDevicesInfo: 1

Error: (03/22/2015 02:38:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe6.3.9600.163845215dfe3gpsvc.dll6.3.9600.1723853d0c970c000000500000000000326b232001d064e895774a58C:\Windows\system32\svchost.exec:\windows\system32\gpsvc.dlld8a804c5-d0db-11e4-82e9-5c514f70bf97

Error: (03/22/2015 02:38:51 PM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-03-22 14:38:51.507935 [CRIT ] AudioClient\AudioClient.c    :273  * 1972* No speech stream COM server available, please register at least one

Error: (03/22/2015 02:38:51 PM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-03-22 14:38:51.507935 [ERROR] AudioClient\AudioClient.c    :250  * 1972* Error initializing NAS Client


==================== Memory info ===========================

Processor: Intel® Core™ i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 41%
Total physical RAM: 8097.32 MB
Available physical RAM: 4743.89 MB
Total Pagefile: 16289.32 MB
Available Pagefile: 12464.78 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:222.45 GB) (Free:67.56 GB) NTFS
Drive x: (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.2 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:6.89 GB) (Free:0.76 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 4FA06305)

Partition: GPT Partition Type.

==================== End Of Log ============================



#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:15 AM

Posted 25 March 2015 - 09:58 AM

Hey, :)

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
  • Note: The log can also be found in here: C:\AdwCleaner\

    Step 2: Malwarebytes

    Iconic_normal.png Please download Malwarebytes Anti-Malware to your desktop
    • Double-click mbam-setup-version.exe and follow the prompts to install the program.
    • At the end, be sure a check-mark is placed next to the following:
      • Enable free trial of Malwarebytes Anti-Malware Premium
      • Launch Malwarebytes Anti-Malware
    • Then click Finish.
    • If an update is found, you will be prompted to download and install the latest version.
    • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
    • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
    • Reboot your computer if prompted.
    Extra Note:

    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

    The log is available throughout History ->Application logs. Please post it contents in your next reply.

    Step 3: Junkware Removal Tool

    thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    Step 4: FRST Scan
    • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
    • Click Scan to start FRST.
    • When FRST finishes scanning, a log, FRST.txt, will open.
    • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 kmorrissey

kmorrissey
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:15 AM

Posted 25 March 2015 - 10:42 AM

Thank you for your help so far! Here are the logs:

 

# AdwCleaner v4.113 - Logfile created 25/03/2015 at 08:08:08
# Updated 22/03/2015 by Xplode
# Database : 2015-03-23.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : kellymorrissey - KELSXPS13
# Running from : C:\Users\kellymorrissey\Downloads\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\PlusVid
Folder Deleted : C:\Program Files (x86)\TidyNetwork
Folder Deleted : C:\Program Files\003
Folder Deleted : C:\Users\Kel\AppData\Local\globalUpdate
Folder Deleted : C:\Users\kellymorrissey\AppData\Local\globalUpdate
Folder Deleted : C:\Users\kellymorrissey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather Alerts
Folder Deleted : C:\Users\Kel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Folder Deleted : C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
File Deleted : C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\eu430qb2.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
File Deleted : C:\END
File Deleted : C:\Windows\SysWOW64\SecureAssist.ini
File Deleted : C:\Windows\SysWOW64\SecureAssistOff.ini
File Deleted : C:\Windows\System32\SecureAssist.ini
File Deleted : C:\Windows\System32\SecureAssistOff.ini
File Deleted : C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\eu430qb2.default\searchplugins\safesearch.xml

***** [ Scheduled tasks ] *****

Task Deleted : DriverRestore_ScheduledScan
Task Deleted : DriverRestore_DailyScan

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{E9489C32-B6E1-4E83-D8AE-2B4C80C857FF}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\feocblgcojafilfbgoineopkngchgaei
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\feocblgcojafilfbgoineopkngchgaei
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\eSupport.com
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\DriverRestore
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : [x64] HKLM\SOFTWARE\DriverRestore
Key Deleted : [x64] HKLM\SOFTWARE\WebBar
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\BD04C21DD7DC68D42958E5F22E63394E
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\8B501B6E56F182443979D1DFA8309BD4
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\BD04C21DD7DC68D42958E5F22E63394E
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\8B501B6E56F182443979D1DFA8309BD4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\32DA746012E6D4F488AAD113D6FA4A44
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3FB1AAC4382437047A03618BF727B859
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BD04C21DD7DC68D42958E5F22E63394E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8B501B6E56F182443979D1DFA8309BD4

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v36.0.4 (x86 en-US)


-\\ Google Chrome v41.0.2272.101

[C:\Users\Kel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Kel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [11339 bytes] - [25/03/2015 08:03:21]
AdwCleaner[R1].txt - [11399 bytes] - [25/03/2015 08:06:32]
AdwCleaner[S0].txt - [10987 bytes] - [25/03/2015 08:08:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11047  bytes] ##########
 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3/25/2015
Scan Time: 8:11:54 AM
Logfile: malwarelog.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.03.25.04
Rootkit Database: v2015.02.25.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: kellymorrissey

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 448400
Time Elapsed: 7 min, 33 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

Junkware Removal Tool

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.6 (03.22.2015:1)
OS: Windows 8.1 x64
Ran by kellymorrissey on Wed 03/25/2015 at  8:29:58.82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\kellymorrissey\AppData\Roaming\pcdr"
Successfully deleted: [Folder] "C:\Users\kellymorrissey\appdata\locallow\pcdr"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\kellymorrissey\AppData\Roaming\mozilla\firefox\profiles\eu430qb2.default\minidumps [26 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 03/25/2015 at  8:34:47.61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by kellymorrissey (administrator) on KELSXPS13 on 25-03-2015 08:38:21
Running from C:\Users\kellymorrissey\Desktop\Bleeping Computer files
Loaded Profiles: kellymorrissey (Available profiles: kellymorrissey & test & Kel)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.1.4\LavasoftTcpService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Amazon.com) C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3058848 2012-07-24] (Dell Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [95216 2012-08-15] (Sensible Vision )
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\FastAccess-x32: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll (Sensible Vision )
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-07-29] (Siber Systems)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1380672 2015-01-23] (Lavasoft)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe [473352 2013-12-18] ()
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [SansaDispatch] => C:\Users\kellymorrissey\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe [613888 2014-01-22] (SanDisk Corporation)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {67340e0b-189c-11e4-828a-5c514f70bf97} - "D:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {9378e0d6-211d-11e4-828a-5c514f70bf97} - "D:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {a4741e79-a017-11e3-826d-5c514f70bf97} - "F:\MotoCastSetup.exe" -a
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {b7398425-24af-11e4-828e-5c514f70bf97} - "K:\MotoCastSetup.exe" -a
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {b7398483-24af-11e4-828e-5c514f70bf97} - "K:\MotoCastSetup.exe" -a
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {bf34476b-cfbd-11e4-82e6-5c514f70bf97} - "F:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {e6ccc05a-21ce-11e4-828b-5c514f70bf97} - "F:\MotoCastSetup.exe" -a
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2234064 2014-05-06] (Eastman Kodak Company)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Unbox.lnk
ShortcutTarget: Amazon Unbox.lnk -> C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe (Amazon.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-838906522-1154930953-3695442700-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=cosp&ptag=d012615-ac44713a88d0b45ffa7f&form=conmhp&conlogo=ct3331981
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> {E406E668-CFB4-456A-BB2A-5798BBD05F7E} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-07-29] (Siber Systems Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll [2012-08-15] (Sensible Vision )
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-08-25] (Symantec Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2014-07-29] (Siber Systems Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll [2012-08-15] (Sensible Vision )
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-07-29] (Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2014-07-29] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-07-29] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\eu430qb2.default
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D012615-AC44713A88D0B45FFA7F&form=CONMHP&conlogo=CT3331981
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.bing.com/?pc=cosp&ptag=d012615-ac44713a88d0b45ffa7f&form=conmhp&conlogo=ct3331981
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-16] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-16] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-12-24] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-12-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Extension: Garmin Communicator - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\eu430qb2.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-09-12]
FF Extension: Duplicate This Tab - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\eu430qb2.default\Extensions\duplicate-this-tab@mozilla.org.xpi [2013-12-22]
FF Extension: Adblock Plus - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\eu430qb2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-20]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2013-12-21]
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2014-10-23]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-03-25]
FF HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.bing.com/"
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSearchURL: Default -> https://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN
CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> https://www.bing.com/osjson.aspx?query={searchTerms}&language={language}&PC=U316
CHR Profile: C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-31]
CHR Extension: (Google Drive) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-31]
CHR Extension: (YouTube) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-31]
CHR Extension: (Google Search) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-31]
CHR Extension: (HTML5 video for YouTube™) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolajcekhnohkpncmhgledbmndjpblei [2015-02-16]
CHR Extension: (Chrome Remote Desktop) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-12-25]
CHR Extension: (Norton Identity Safe) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-11-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-23]
CHR Extension: (Google Wallet) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-31]
CHR Extension: (Gmail) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-31]
CHR Extension: (RoboForm) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-07-04]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-06-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 ADVService; C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [25704 2011-11-23] (Amazon.com) [File not signed]
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.36\remoting_host.exe [56648 2015-03-08] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [447888 2013-12-10] (Nuance Communications, Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
R2 FAService; C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2860528 2012-08-15] (Sensible Vision ) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-09-05] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [783264 2013-09-08] (Intel Corporation)
R2 ISCTAgent; c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.1.4\LavasoftTcpService.exe [1364392 2015-01-23] (Lavasoft Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe [265040 2014-10-02] (Symantec Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-08-23] (Realtek Semiconductor)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [15208 2015-01-23] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-15] (DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-03-04] (Dell Inc.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-11-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AX88179; C:\Windows\system32\DRIVERS\ax88179_178a.sys [73216 2014-08-07] (ASIX Electronics Corp.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150321.001\BHDrvx64.sys [1622744 2015-02-02] (Symantec Corporation)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-29] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-08-08] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-08] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [83960 2013-08-08] (Intel Corporation)
S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [129528 2013-08-08] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [117192 2013-09-05] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150323.001\IDSvia64.sys [669400 2015-02-04] (Symantec Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [20192 2013-09-08] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
S3 LAN7500; C:\Windows\system32\DRIVERS\lan7500-x64-n630f.sys [96256 2013-04-05] (SMSC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
S2 MCSTRM; No ImagePath
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150324.019\ENG64.SYS [129752 2015-02-14] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150324.019\EX64.SYS [2137304 2015-02-14] (Symantec Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-30] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [24744 2013-12-18] (Audials AG)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-30] (Microsoft Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1506000.020\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2013-10-16] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 08:34 - 2015-03-25 08:34 - 00001055 _____ () C:\Users\kellymorrissey\Desktop\JRT.txt
2015-03-25 08:09 - 2015-03-25 08:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-03-25 08:08 - 2015-03-25 08:08 - 00002204 _____ () C:\Windows\PFRO.log
2015-03-25 08:05 - 2015-03-25 08:38 - 00000000 ____D () C:\Users\kellymorrissey\Desktop\Bleeping Computer files
2015-03-25 08:02 - 2015-03-25 08:08 - 00000000 ____D () C:\AdwCleaner
2015-03-23 20:22 - 2015-03-25 08:38 - 00000000 ____D () C:\FRST
2015-03-23 20:22 - 2015-03-23 20:23 - 00091725 _____ () C:\Users\kellymorrissey\Downloads\FRST.txt
2015-03-23 20:22 - 2015-03-23 20:23 - 00042661 _____ () C:\Users\kellymorrissey\Downloads\Addition.txt
2015-03-23 20:21 - 2015-03-23 20:22 - 02095616 _____ (Farbar) C:\Users\kellymorrissey\Downloads\FRST64.exe
2015-03-23 03:11 - 2015-03-23 03:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-22 14:38 - 2015-03-22 14:38 - 1044797941 _____ () C:\Windows\MEMORY.DMP
2015-03-22 14:38 - 2015-03-22 14:38 - 01610584 _____ () C:\Windows\Minidump\032215-10500-01.dmp
2015-03-22 09:25 - 2015-03-25 08:09 - 00002973 _____ () C:\Windows\setupact.log
2015-03-22 09:25 - 2015-03-22 09:25 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-22 00:32 - 2015-03-25 08:23 - 01149873 _____ () C:\Windows\WindowsUpdate.log
2015-03-21 00:30 - 2015-03-23 20:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2015-03-16 05:59 - 2015-03-16 05:59 - 00000000 ____D () C:\Users\test\AppData\Local\Eastman Kodak Company
2015-03-14 20:02 - 2015-03-21 21:40 - 00000000 ____D () C:\Users\kellymorrissey\Documents\Travel
2015-03-13 13:33 - 2015-03-13 13:33 - 01054912 _____ (Adobe) C:\Users\test\Downloads\install_flashplayer17x32au_mssd_aaa_aih.exe
2015-03-11 19:25 - 2015-03-11 19:26 - 00000000 ____D () C:\Users\kellymorrissey\Desktop\microwave
2015-03-11 16:40 - 2015-01-26 20:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-11 16:40 - 2015-01-23 18:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-11 16:40 - 2015-01-23 00:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-11 16:40 - 2015-01-22 22:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-11 16:39 - 2015-03-05 19:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 16:39 - 2015-03-05 19:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 16:39 - 2015-02-25 16:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 16:39 - 2015-02-19 20:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 16:39 - 2015-02-19 19:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 16:39 - 2015-02-19 19:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 16:39 - 2015-02-19 19:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 16:39 - 2015-02-03 16:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-11 16:39 - 2015-02-03 16:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-11 16:39 - 2015-02-03 16:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-11 16:39 - 2015-02-02 16:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-11 16:39 - 2015-02-02 16:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-11 16:39 - 2015-01-30 16:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-11 16:39 - 2015-01-30 16:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-11 16:39 - 2015-01-28 18:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-11 16:39 - 2015-01-28 18:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-11 16:39 - 2015-01-28 18:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-11 16:39 - 2015-01-28 18:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-11 16:39 - 2014-10-28 19:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 16:39 - 2014-10-28 19:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 16:39 - 2014-10-28 19:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 16:39 - 2014-10-28 19:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2015-03-11 16:39 - 2014-10-28 19:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-03-11 16:39 - 2014-10-28 19:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2015-03-11 16:39 - 2014-10-28 19:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 16:39 - 2014-10-28 19:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 16:39 - 2014-10-28 19:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 16:39 - 2014-10-28 18:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2015-03-11 16:39 - 2014-10-28 18:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2015-03-11 16:39 - 2014-10-28 18:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-03-11 16:39 - 2014-10-28 18:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-03-11 16:39 - 2014-10-28 18:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2015-03-11 16:39 - 2014-10-28 18:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-03-11 16:39 - 2014-10-28 18:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-03-11 16:39 - 2014-10-28 17:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-03-11 16:39 - 2014-10-28 17:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-03-11 16:39 - 2014-10-28 17:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-03-11 16:39 - 2014-10-28 17:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-03-11 16:38 - 2015-02-20 18:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 16:38 - 2015-02-20 17:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 16:38 - 2015-02-20 17:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 16:38 - 2015-02-20 17:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-11 16:38 - 2015-02-20 17:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 16:38 - 2015-02-20 16:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 16:38 - 2015-02-20 16:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 16:38 - 2015-02-19 19:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 16:38 - 2015-02-19 19:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 16:38 - 2015-02-19 19:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 16:38 - 2015-02-19 19:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-11 16:38 - 2015-02-19 19:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 16:38 - 2015-02-19 19:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 16:38 - 2015-02-19 19:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 16:38 - 2015-02-19 19:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-11 16:38 - 2015-02-19 19:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 16:38 - 2015-02-19 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 16:38 - 2015-02-19 19:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 16:38 - 2015-02-19 18:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-11 16:38 - 2015-02-19 18:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-11 16:38 - 2015-02-19 18:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-11 16:38 - 2015-02-19 18:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 16:38 - 2015-02-19 18:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 16:38 - 2015-02-19 18:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 16:38 - 2015-02-19 18:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 16:38 - 2015-02-19 18:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 16:38 - 2015-02-19 18:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-11 16:38 - 2015-02-19 18:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-11 16:38 - 2015-02-19 18:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 16:38 - 2015-02-19 18:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-11 16:38 - 2015-02-19 18:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 16:38 - 2015-02-19 18:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 16:38 - 2015-02-19 18:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 16:38 - 2015-02-19 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 16:38 - 2015-02-19 18:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 16:38 - 2015-02-19 17:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 16:38 - 2015-02-19 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 16:38 - 2015-02-12 10:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 16:38 - 2015-02-12 10:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 16:38 - 2015-02-07 16:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-11 16:38 - 2015-02-07 16:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-11 16:38 - 2015-02-06 16:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-11 16:38 - 2015-02-05 18:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-11 16:38 - 2015-02-05 18:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-11 16:38 - 2015-02-05 13:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-11 16:38 - 2015-02-02 17:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-11 16:38 - 2015-02-02 17:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-11 16:38 - 2015-01-30 16:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 16:38 - 2015-01-29 20:01 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthA2DP.sys
2015-03-11 16:38 - 2015-01-29 20:01 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-11 16:38 - 2015-01-29 20:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-03-11 16:38 - 2015-01-29 19:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-11 16:38 - 2015-01-29 19:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-11 16:38 - 2015-01-29 19:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-11 16:38 - 2015-01-29 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-11 16:38 - 2015-01-29 18:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-11 16:38 - 2015-01-29 18:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-11 16:38 - 2015-01-29 18:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-11 16:38 - 2015-01-29 18:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-11 16:38 - 2015-01-29 18:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-11 16:38 - 2015-01-29 18:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-11 16:38 - 2015-01-29 18:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-11 16:38 - 2015-01-29 18:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-11 16:38 - 2015-01-29 18:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-11 16:38 - 2015-01-29 11:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 16:38 - 2015-01-29 11:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 16:38 - 2015-01-28 18:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 16:38 - 2015-01-28 18:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 16:38 - 2015-01-28 17:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-11 16:38 - 2015-01-28 17:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-11 16:38 - 2015-01-28 17:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-11 16:38 - 2015-01-28 17:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-11 16:38 - 2015-01-28 08:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 16:38 - 2015-01-28 08:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-11 16:38 - 2015-01-28 08:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-11 16:38 - 2015-01-27 19:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-11 16:38 - 2015-01-27 18:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-11 16:38 - 2015-01-27 18:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 16:38 - 2015-01-27 18:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 16:38 - 2015-01-27 16:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-11 16:38 - 2015-01-27 16:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-11 16:38 - 2015-01-26 21:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 16:38 - 2015-01-26 19:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 16:38 - 2015-01-20 22:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 16:38 - 2015-01-20 22:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 16:38 - 2014-12-10 22:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-11 16:38 - 2014-10-28 20:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-11 16:38 - 2014-10-28 19:46 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-03-11 16:38 - 2014-10-28 19:46 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-03-11 16:38 - 2014-10-28 19:45 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-03-11 16:38 - 2014-10-28 19:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-03-11 16:38 - 2014-10-28 19:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-03-11 16:38 - 2014-10-28 19:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-03-11 16:38 - 2014-10-28 19:03 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2015-03-11 16:38 - 2014-10-28 18:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-03-11 16:38 - 2014-10-28 18:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2015-03-11 16:38 - 2014-10-28 18:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-03-11 16:38 - 2014-10-28 17:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2015-03-11 16:38 - 2014-10-28 17:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 16:38 - 2014-10-08 00:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthHfAud.sys
2015-03-09 15:01 - 2015-03-09 15:01 - 00000000 ____D () C:\Users\kellymorrissey\Documents\Home Depot
2015-03-05 17:01 - 2015-03-05 17:31 - 00000000 ____D () C:\ProgramData\SupportAssistAgent
2015-03-05 17:01 - 2015-03-05 17:01 - 00003612 _____ () C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-03-05 17:01 - 2015-03-05 17:01 - 00000000 __HDC () C:\ProgramData\{6AACA38B-2810-4B47-BDEC-D7A1F38B1531}
2015-03-05 17:01 - 2015-03-05 17:01 - 00000000 ____D () C:\Program Files (x86)\Dell
2015-03-04 08:03 - 2015-03-04 08:09 - 786515305 _____ () C:\Users\kellymorrissey\Downloads\jamwithjimihendrixv2_part1.zip
2015-02-26 09:00 - 2015-02-26 09:00 - 00023760 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DDDriver64Dcsa.sys
2015-02-26 09:00 - 2015-02-26 09:00 - 00023312 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DellProf.sys
2015-02-25 19:04 - 2015-02-25 19:04 - 00000020 ___SH () C:\Users\Kel\ntuser.ini
2015-02-25 19:04 - 2015-02-25 19:04 - 00000000 ____D () C:\Users\Kel\AppData\Roaming\Leadertech
2015-02-25 18:59 - 2015-02-25 18:59 - 00000000 ___RD () C:\Users\Kel\SkyDrive
2015-02-25 18:58 - 2015-02-25 18:58 - 00000000 ____D () C:\Users\Kel\Halloween vintage photos
2015-02-25 18:58 - 2015-02-21 14:09 - 131523824 _____ (Microsoft Corporation) C:\Users\Kel\Downloads\msert.exe
2015-02-25 18:58 - 2015-02-04 18:20 - 00000892 _____ () C:\Users\Kel\Downloads\wave-interference_en.jnlp
2015-02-25 18:58 - 2015-01-05 18:03 - 00824200 _____ () C:\Users\Kel\Downloads\TSC_Spreadsheet.zip
2015-02-25 18:58 - 2015-01-05 17:27 - 00065082 _____ () C:\Users\Kel\Downloads\Meal-Plans.zip
2015-02-25 18:58 - 2014-12-26 12:15 - 26413824 _____ () C:\Users\Kel\Downloads\FW_RT_N66U_30043763602.zip
2015-02-25 18:58 - 2014-12-25 19:26 - 08317952 _____ () C:\Users\Kel\Downloads\chromeremotedesktophost.msi
2015-02-25 18:58 - 2014-12-20 09:51 - 36281408 _____ (Garmin Ltd or its subsidiaries) C:\Users\Kel\Downloads\GarminExpress.exe
2015-02-25 18:58 - 2014-12-10 18:21 - 180623036 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_3s-5s-part-1-yt65(1).mp4
2015-02-25 18:58 - 2014-12-10 18:19 - 111281394 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_5s-and-3s-part-2-gf65.mp4
2015-02-25 18:58 - 2014-12-10 18:17 - 00000000 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-2.mp4
2015-02-25 18:58 - 2014-12-10 17:47 - 218305374 _____ () C:\Users\Kel\Downloads\Show-Off-Lick-1.mp4
2015-02-25 18:58 - 2014-12-10 17:46 - 156984206 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-5.mp4
2015-02-25 18:58 - 2014-12-10 17:46 - 142171920 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-4.mp4
2015-02-25 18:58 - 2014-12-10 17:45 - 180623036 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-1.mp4
2015-02-25 18:58 - 2014-12-10 17:45 - 105580781 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-3.mp4
2015-02-25 18:58 - 2014-12-10 17:43 - 188772588 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-6.mp4
2015-02-25 18:58 - 2014-11-23 15:00 - 01021632 _____ (Symantec Corporation) C:\Users\Kel\Downloads\Norton_Download_Manager.exe
2015-02-25 18:58 - 2014-11-19 08:53 - 23940056 _____ (ReviverSoft) C:\Users\Kel\Downloads\PCReviverSetup-SpeedTest.exe
2015-02-25 18:58 - 2014-11-17 16:39 - 793681209 _____ () C:\Users\Kel\Downloads\fingerstyleacousticforbeginners.zip
2015-02-25 18:58 - 2014-10-22 16:50 - 01054912 _____ (Adobe) C:\Users\Kel\Downloads\install_flashplayer15x32au_mssa_aaa_aih.exe
2015-02-25 18:58 - 2014-10-21 18:14 - 1051063036 _____ () C:\Users\Kel\Downloads\rocklicksforabsolutebeginners.zip
2015-02-25 18:58 - 2014-09-16 06:21 - 01241504 _____ () C:\Users\Kel\Downloads\HP_DJ2540_hpu_Alert_000_007.exe
2015-02-25 18:58 - 2014-09-03 20:52 - 41139112 _____ (Wondershare ) C:\Users\Kel\Downloads\mobilego_full818.exe
2015-02-25 18:58 - 2014-09-03 18:52 - 05148672 _____ () C:\Users\Kel\Downloads\HPSupportSolutionsFramework-11.51.0004.msi
2015-02-25 18:58 - 2014-08-28 14:03 - 24743106 _____ () C:\Users\Kel\Downloads\vlc-2.1.5-win32.exe
2015-02-25 18:58 - 2014-08-13 14:08 - 00736256 _____ (Wondershare) C:\Users\Kel\Downloads\mobilego_setup_full818.exe
2015-02-25 18:58 - 2014-08-12 16:28 - 00417824 _____ () C:\Users\Kel\Downloads\DellSystemDetect.exe
2015-02-25 18:58 - 2014-08-11 20:31 - 34888280 _____ (Wondershare ) C:\Users\Kel\Downloads\ws_mobiletrans_win_av.exe
2015-02-25 18:58 - 2014-08-11 20:22 - 24111736 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Kel\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones(1).exe
2015-02-25 18:58 - 2014-08-11 20:10 - 16007072 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Kel\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.45.0.exe
2015-02-25 18:58 - 2014-08-11 20:06 - 24111736 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Kel\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
2015-02-25 18:58 - 2014-08-11 20:05 - 11060224 _____ () C:\Users\Kel\Downloads\CarbonSetup.msi
2015-02-25 18:58 - 2014-08-02 18:22 - 114078456 _____ (Intuit Inc. ) C:\Users\Kel\Downloads\Quicken_Deluxe_2014(1).exe
2015-02-25 18:58 - 2014-08-02 17:50 - 38426504 _____ (Intuit ) C:\Users\Kel\Downloads\QW2014R7MPatch.exe
2015-02-25 18:58 - 2014-07-29 20:12 - 16658872 _____ (Siber Systems) C:\Users\Kel\Downloads\RoboForm-Setup.exe
2015-02-25 18:58 - 2014-07-29 18:11 - 114078456 _____ (Intuit Inc. ) C:\Users\Kel\Downloads\Quicken_Deluxe_2014.exe
2015-02-25 18:58 - 2014-07-11 15:40 - 06598344 _____ () C:\Users\Kel\Downloads\HPPSdr.exe
2015-02-25 18:58 - 2014-06-29 14:15 - 01940600 _____ (TODO: <Company name>) C:\Users\Kel\Downloads\SocialMedia_Login.exe
2015-02-25 18:58 - 2014-06-24 19:20 - 106859936 _____ () C:\Users\Kel\Downloads\DJ2540_188.exe
2015-02-25 18:58 - 2014-06-16 19:04 - 119249873 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_Building-Samba-Independence-1-re54.mp4
2015-02-25 18:58 - 2014-06-16 19:04 - 116938660 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_Building-Samba-Independence-4-hg31.mp4
2015-02-25 18:58 - 2014-06-16 19:04 - 109092279 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_Building-Samba-Independence-5-hg65.mp4
2015-02-25 18:58 - 2014-06-16 19:04 - 101381081 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_Building-Samba-Independence-2-ytre.mp4
2015-02-25 18:58 - 2014-06-16 19:04 - 101080883 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_Building-Samba-Independence-3-na32.mp4
2015-02-25 18:58 - 2014-06-06 11:20 - 03673008 _____ (Piriform Ltd) C:\Users\Kel\Downloads\ccsetup414_pro.exe
2015-02-25 18:58 - 2014-06-06 11:04 - 79453904 _____ () C:\Users\Kel\Downloads\vlcmediaplayer-setup.exe
2015-02-25 18:58 - 2014-06-05 18:54 - 16616928 _____ (Siber Systems) C:\Users\Kel\Downloads\RoboForm-Setup-cnetc.exe
2015-02-25 18:58 - 2014-06-03 20:37 - 147349383 _____ () C:\Users\Kel\Downloads\RR1_disc_2_of_3.zip
2015-02-25 18:58 - 2014-06-03 20:13 - 138796475 _____ () C:\Users\Kel\Downloads\R_disc_3_of_3.zip
2015-02-25 18:58 - 2014-06-03 20:11 - 140388787 _____ () C:\Users\Kel\Downloads\R_disc_2_of_3.zip
2015-02-25 18:58 - 2014-06-03 20:08 - 139300139 _____ () C:\Users\Kel\Downloads\R_disc_1_of_3.zip
2015-02-25 18:58 - 2014-05-21 10:35 - 13808408 _____ (DigiTech ) C:\Users\Kel\Downloads\JamManagerXTSetup.exe
2015-02-25 18:58 - 2014-05-02 18:20 - 00347816 _____ (Microsoft Corporation) C:\Users\Kel\Downloads\MicrosoftFixit.AudioPlayback.Run.exe
2015-02-25 18:57 - 2015-02-25 18:57 - 00000000 ____D () C:\Users\Kel\Documents\Woodworking
2015-02-25 18:57 - 2015-02-25 18:57 - 00000000 ____D () C:\Users\Kel\Documents\~Trossachs
2015-02-25 18:57 - 2015-01-14 18:27 - 09432773 _____ () C:\Users\Kel\Downloads\33_paint_stroke_brushes_ps7__by_keepwaiting-d2xmll9.zip
2015-02-25 18:57 - 2015-01-02 12:55 - 00270918 _____ () C:\Users\Kel\Downloads\attachments.zip
2015-02-25 18:57 - 2014-11-17 16:54 - 1285507894 _____ () C:\Users\Kel\Downloads\blueslicksforabsolutebeginners.zip
2015-02-25 18:57 - 2014-11-17 16:26 - 1124317518 _____ () C:\Users\Kel\Downloads\bluesguitarforabsolutebeginners.zip
2015-02-25 18:57 - 2014-09-05 16:52 - 00000420 _____ () C:\Users\Kel\Downloads\2_Duck_Walkin.mp3.zip
2015-02-25 18:57 - 2014-05-30 21:24 - 10003416 _____ (Eastman Kodak Company) C:\Users\Kel\Downloads\aio_install.exe
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Wondershare
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Wallpaper
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\UX Certificate
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Symantec
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Sumner Home Sale
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\SSN
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Setlists
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Salt Lake City
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Recipes
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Quicken
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Photography
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Phone bill
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Outlook Files
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Nutrition
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\NewBlueFX
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\My RoboForm Data
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\My Lyrics
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Kai
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Home
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Hester Recipies
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Hester
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Halloween
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Guitar
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Garmin
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Garage door opener
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Fitness
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Finance
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Fax
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\ControlMyNikon v4.3
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Christmas
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Allyson Wedding
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Allyson School
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Alanon
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\ADT Alarm System
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Adobe
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Wedding chalk menus
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Vintage Illustrations
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Sundown bill
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\notification mp3s
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\New folder
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Kel's Droid photos
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Hester's photos
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Droid backup
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Damaged gutters
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Built-in Shelves
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\BACKUP
2015-02-25 18:56 - 2015-02-21 19:10 - 00000000 ____D () C:\Users\Kel\Desktop\kel user profile info
2015-02-25 18:56 - 2015-02-21 13:54 - 00000346 _____ () C:\Users\Kel\Desktop\Rhapsody.appref-ms
2015-02-25 18:56 - 2015-02-21 13:41 - 00062794 _____ () C:\Users\Kel\Desktop\RhapsodyErrorFile.txt
2015-02-25 18:56 - 2015-02-05 14:04 - 00062754 _____ () C:\Users\Kel\Desktop\rhapsody error message.txt
2015-02-25 18:56 - 2015-01-30 18:46 - 00062776 _____ () C:\Users\Kel\Desktop\Rhapsody error.txt
2015-02-25 18:56 - 2015-01-30 17:42 - 00000000 ____D () C:\Users\Kel\Desktop\01-30-2015
2015-02-25 18:56 - 2015-01-14 18:08 - 01725886 _____ () C:\Users\Kel\Desktop\K-20_Pipeline_and_Capacity_charts-10-31-14 (KM4).pptx
2015-02-25 18:56 - 2015-01-14 17:57 - 01866488 _____ () C:\Users\Kel\Desktop\K-20_Pipeline_and_Capacity_charts-10-31-14 (KM3).pptx
2015-02-25 18:56 - 2015-01-14 17:34 - 01858256 _____ () C:\Users\Kel\Desktop\K-20_Pipeline_and_Capacity_charts-10-31-14 (KM2).pptx
2015-02-25 18:56 - 2015-01-12 20:13 - 02897008 _____ () C:\Users\Kel\Desktop\kellymorrissey's quicken data_SyncLog.dat
2015-02-25 18:56 - 2015-01-12 20:04 - 00157360 _____ () C:\Users\Kel\Desktop\Kellymorrissey's Quicken DataOFXLOG.DAT
2015-02-25 18:56 - 2014-12-15 20:21 - 45073929 _____ () C:\Users\Kel\Desktop\Kai and Aidan.psd
2015-02-25 18:56 - 2014-11-23 15:01 - 00001252 _____ () C:\Users\Kel\Desktop\Norton Installation Files.lnk
2015-02-25 18:56 - 2014-10-26 08:26 - 00000000 _____ () C:\Users\Kel\Documents\FAPCD54.tmp
2015-02-25 18:56 - 2014-10-26 08:26 - 00000000 _____ () C:\Users\Kel\Documents\FAPCCF4.tmp
2015-02-25 18:56 - 2014-10-26 08:26 - 00000000 _____ () C:\Users\Kel\Documents\FAP83F3.tmp
2015-02-25 18:56 - 2014-10-26 08:14 - 00000000 _____ () C:\Users\Kel\Documents\FAP95D8.tmp
2015-02-25 18:56 - 2014-10-26 08:14 - 00000000 _____ () C:\Users\Kel\Documents\FAP8FCB.tmp
2015-02-25 18:56 - 2014-10-26 08:12 - 00000000 _____ () C:\Users\Kel\Documents\FAP3819.tmp
2015-02-25 18:56 - 2014-10-26 08:09 - 00000000 _____ () C:\Users\Kel\Documents\FAPFF02.tmp
2015-02-25 18:56 - 2014-10-26 08:09 - 00000000 _____ () C:\Users\Kel\Documents\FAPFDE7.tmp
2015-02-25 18:56 - 2014-10-26 08:09 - 00000000 _____ () C:\Users\Kel\Documents\FAP117.tmp
2015-02-25 18:56 - 2014-10-26 08:06 - 00000000 _____ () C:\Users\Kel\Documents\FAP5AF8.tmp
2015-02-25 18:56 - 2014-10-26 08:06 - 00000000 _____ () C:\Users\Kel\Documents\FAP598E.tmp
2015-02-25 18:56 - 2014-10-26 08:06 - 00000000 _____ () C:\Users\Kel\Documents\FAP5844.tmp
2015-02-25 18:56 - 2014-10-26 08:04 - 00000000 _____ () C:\Users\Kel\Documents\FAPFA77.tmp
2015-02-25 18:56 - 2014-10-26 08:04 - 00000000 _____ () C:\Users\Kel\Documents\FAPF8C0.tmp
2015-02-25 18:56 - 2014-10-26 08:03 - 00000000 _____ () C:\Users\Kel\Documents\FAPF21B.tmp
2015-02-25 18:56 - 2014-10-26 08:03 - 00000000 _____ () C:\Users\Kel\Documents\FAPE97E.tmp
2015-02-25 18:56 - 2014-10-26 07:54 - 00000000 _____ () C:\Users\Kel\Documents\FAPD0AC.tmp
2015-02-25 18:56 - 2014-10-26 07:54 - 00000000 _____ () C:\Users\Kel\Documents\FAP3091.tmp
2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAPC7BA.tmp
2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAP981D.tmp
2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAP741.tmp
2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAP6D71.tmp
2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAP5D52.tmp
2015-02-25 18:56 - 2014-10-25 09:48 - 00179572 _____ () C:\Users\Kel\Desktop\Food for thought.psd
2015-02-25 18:56 - 2014-10-12 10:19 - 10125312 _____ () C:\Users\Kel\Desktop\Kellymorrissey's Quicken Data.QDF
2015-02-25 18:56 - 2014-10-12 10:19 - 08130560 _____ () C:\Users\Kel\Desktop\Kellymorrissey's Quicken Data.QDF-backup
2015-02-25 18:56 - 2014-09-21 18:11 - 00604310 _____ () C:\Users\Kel\Documents\script furniture and pillows.pptx
2015-02-25 18:56 - 2014-09-03 18:52 - 00000329 _____ () C:\Users\Kel\Desktop\HP Printer Diagnostic Tools.url
2015-02-25 18:56 - 2014-08-28 22:07 - 00011268 _____ () C:\Users\Kel\Documents\Aidan's Soccer Schedule.xlsx
2015-02-25 18:56 - 2014-08-28 22:03 - 00000000 ____D () C:\Users\Kel\Documents\Soccer
2015-02-25 18:56 - 2014-08-02 18:00 - 06004736 _____ () C:\Users\Kel\Desktop\Kellymorrissey's Quicken Data-2014-08-02.QDF-backup
2015-02-25 18:56 - 2014-08-02 14:02 - 00000000 ____D () C:\Users\Kel\Documents\New folder
2015-02-25 18:56 - 2014-06-25 15:04 - 00013560 _____ () C:\Users\Kel\Desktop\Weekly chore schedule 2014.xlsx
2015-02-25 18:56 - 2014-06-23 14:50 - 00000239 _____ () C:\Users\Kel\Desktop\Practical Disaster Preparedness for the Family Worksheets.URL
2015-02-25 18:56 - 2014-06-23 14:48 - 00020291 _____ () C:\Users\Kel\Desktop\Disaster Worksheets.xlsx
2015-02-25 18:56 - 2014-03-15 16:56 - 00000000 ____D () C:\Users\Kel\Documents\OneNote Notebooks
2015-02-25 18:56 - 2014-02-24 19:16 - 00023510 _____ () C:\Users\Kel\Documents\Checklist for My Ideal Apartment.dotx
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Wondershare
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Western_Digital
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\VirtualStore
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Rhapsody
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\RapidSolution
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\QuickenWindow
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Packages
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Mozilla
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Microsoft Help
2015-02-25 18:43 - 2013-12-21 22:01 - 00000000 ____D () C:\Users\Kel\AppData\Local\softthinks
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 __SHD () C:\Users\Kel\AppData\Local\EmieUserList
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 __SHD () C:\Users\Kel\AppData\Local\EmieSiteList
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 __SHD () C:\Users\Kel\AppData\Local\EmieBrowserModeList
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Macromedia
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\LogMeIn Rescue Applet
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Lavasoft
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\IsolatedStorage
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Intel_Corporation
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\HP
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Hewlett-Packard
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Google
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Garmin
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Easy Blue Print
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Eastman_Kodak_Company
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Eastman Kodak Company
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Downloaded Installations
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\CrashRpt
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\CrashDumps
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Citrix
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Apps\2.0
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Adobe
2015-02-25 18:42 - 2015-02-25 17:54 - 00000000 ____D () C:\Users\Kel\AppData\Local\Deployment
2015-02-25 18:42 - 2015-02-18 13:10 - 00000236 _____ () C:\Users\Kel\AppData\Local\LaunchHomeCenter.log
2015-02-25 18:42 - 2015-01-07 19:15 - 00001456 _____ () C:\Users\Kel\AppData\Local\Adobe Save for Web 12.0 Prefs
2015-02-25 18:42 - 2014-06-06 11:02 - 00003584 _____ () C:\Users\Kel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-25 18:20 - 2015-02-25 18:21 - 00000000 ____D () C:\Users\kellymorrissey\Desktop\Sundown bill
2015-02-25 00:22 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 00:22 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-02-25 00:22 - 2014-10-28 18:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-25 00:22 - 2014-10-28 18:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-02-25 00:22 - 2014-10-28 18:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-25 00:22 - 2014-10-28 18:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 08:31 - 2014-03-27 14:23 - 00003612 _____ () C:\Windows\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-838906522-1154930953-3695442700-1001
2015-03-25 08:31 - 2013-12-22 11:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-25 08:30 - 2013-12-21 21:47 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Local\CrashDumps
2015-03-25 08:24 - 2013-12-21 18:57 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-838906522-1154930953-3695442700-1001
2015-03-25 08:20 - 2014-08-15 07:56 - 00005014 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for KELSXPS13-kellymorrissey KelsXPS13
2015-03-25 08:16 - 2013-12-13 14:26 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-03-25 08:11 - 2014-06-06 16:48 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-25 08:11 - 2014-02-20 20:01 - 00000000 ___DO () C:\Users\kellymorrissey\SkyDrive
2015-03-25 08:09 - 2014-10-19 19:31 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfec0de611f7bb.job
2015-03-25 08:09 - 2014-05-30 21:25 - 00000000 ____D () C:\ProgramData\Kodak
2015-03-25 08:09 - 2014-03-25 18:41 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf489473ef515f.job
2015-03-25 08:09 - 2013-12-13 14:23 - 00003278 _____ () C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager
2015-03-25 08:09 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-25 08:08 - 2013-12-21 16:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-25 08:08 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-25 08:08 - 2013-08-22 06:25 - 01310720 ___SH () C:\Windows\system32\config\BBI
2015-03-25 08:00 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-25 07:54 - 2014-06-20 14:46 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8cd123329adb.job
2015-03-25 06:10 - 2015-02-18 10:35 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-838906522-1154930953-3695442700-1002
2015-03-25 05:44 - 2014-03-30 18:23 - 00000000 ____D () C:\Users\kellymorrissey\Documents\Outlook Files
2015-03-25 05:33 - 2014-12-05 16:51 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2015-03-25 05:33 - 2014-06-06 16:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-25 05:23 - 2014-06-24 17:12 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Local\Adobe
2015-03-24 03:03 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\rescache
2015-03-23 20:31 - 2013-12-13 14:14 - 00005598 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-23 19:50 - 2014-06-06 11:07 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Roaming\vlc
2015-03-22 14:39 - 2013-08-22 07:44 - 00564712 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-22 14:38 - 2014-09-19 16:16 - 00000000 ____D () C:\Windows\Minidump
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-22 14:30 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-22 08:03 - 2014-07-29 10:10 - 00000000 ___RD () C:\Users\kellymorrissey\Dropbox
2015-03-22 08:03 - 2014-07-29 10:09 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Roaming\Dropbox
2015-03-22 00:00 - 2014-10-16 17:16 - 00000258 _____ () C:\Windows\Tasks\CCleanerClean.job
2015-03-21 07:06 - 2015-02-04 12:30 - 00000000 ____D () C:\Users\kellymorrissey\Documents\~Trossachs
2015-03-16 06:33 - 2013-12-22 11:29 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-16 06:06 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-14 16:04 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-14 15:14 - 2014-07-29 10:10 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-13 13:48 - 2013-12-23 18:50 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-11 16:51 - 2013-12-26 21:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 16:48 - 2013-12-26 21:13 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-05 17:01 - 2013-12-13 14:23 - 00000000 ____D () C:\Program Files\Dell
2015-03-04 14:24 - 2014-04-28 14:10 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 14:24 - 2014-04-28 14:10 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-04 13:27 - 2014-06-06 11:21 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-04 10:28 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\Recovery
2015-03-04 10:10 - 2014-11-09 12:40 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-04 10:09 - 2014-11-09 12:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-04 10:09 - 2014-11-09 12:40 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-04 06:14 - 2013-12-21 18:52 - 00000000 ____D () C:\Users\kellymorrissey
2015-02-25 19:04 - 2015-02-21 19:22 - 00000000 ____D () C:\Users\Kel
2015-02-25 18:02 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-25 17:54 - 2013-12-21 16:46 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Local\Deployment

==================== Files in the root of some directories =======

2014-01-07 18:04 - 2014-01-07 18:23 - 0000473 _____ () C:\Users\kellymorrissey\AppData\Roaming\burnaware.ini
2013-12-22 12:52 - 2015-02-05 13:46 - 0000004 _____ () C:\Users\kellymorrissey\AppData\Roaming\DEA82C
2013-12-22 12:52 - 2015-02-05 13:46 - 0870128 _____ () C:\Users\kellymorrissey\AppData\Roaming\mcs.rma
2014-01-04 20:35 - 2015-01-07 19:15 - 0001456 _____ () C:\Users\kellymorrissey\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-06-06 11:02 - 2014-06-06 11:02 - 0003584 _____ () C:\Users\kellymorrissey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-18 13:10 - 2015-02-18 13:10 - 0000236 _____ () C:\Users\kellymorrissey\AppData\Local\LaunchHomeCenter.log
2014-04-24 16:19 - 2014-04-24 16:19 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-12-13 14:08 - 2013-12-13 14:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-07-23 10:19 - 2014-07-23 10:19 - 0000252 _____ () C:\ProgramData\FastPics.log
2014-07-23 10:35 - 2014-07-23 10:35 - 0000256 _____ () C:\ProgramData\lxea.log
2014-07-23 10:21 - 2014-07-23 10:21 - 0001122 _____ () C:\ProgramData\lxeaJSW.log
2014-07-23 10:17 - 2014-07-23 10:35 - 0001724 _____ () C:\ProgramData\lxeascan.log
2014-12-09 21:43 - 2015-02-21 13:54 - 0001555 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-07-23 10:16 - 2014-07-23 10:16 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

Some content of TEMP:
====================
C:\Users\kellymorrissey\AppData\Local\Temp\Quarantine.exe
C:\Users\kellymorrissey\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-23 20:30

==================== End Of Log ============================



#6 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:15 AM

Posted 25 March 2015 - 11:15 AM

Well done. :)

Step 1: FRST Fix
  • Please open Notepad.exe. Make sure that you don't use any other software than Notepad.exe!
  • Copy and Paste the content of the codebox below into the empty textfile:

    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [FAStartup] => [X]
    HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {67340e0b-189c-11e4-828a-5c514f70bf97} - "D:\VZW_Software_upgrade_assistant.exe"
    HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {9378e0d6-211d-11e4-828a-5c514f70bf97} - "D:\VZW_Software_upgrade_assistant.exe"
    HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {a4741e79-a017-11e3-826d-5c514f70bf97} - "F:\MotoCastSetup.exe" -a
    HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {b7398425-24af-11e4-828e-5c514f70bf97} - "K:\MotoCastSetup.exe" -a
    HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {b7398483-24af-11e4-828e-5c514f70bf97} - "K:\MotoCastSetup.exe" -a
    HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {bf34476b-cfbd-11e4-82e6-5c514f70bf97} - "F:\VZW_Software_upgrade_assistant.exe"
    HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {e6ccc05a-21ce-11e4-828b-5c514f70bf97} - "F:\MotoCastSetup.exe" -a
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> {E406E668-CFB4-456A-BB2A-5798BBD05F7E} URL =
    FF NetworkProxy: "type", 0
    2015-02-25 18:56 - 2014-10-26 08:26 - 00000000 _____ () C:\Users\Kel\Documents\FAPCD54.tmp
    2015-02-25 18:56 - 2014-10-26 08:26 - 00000000 _____ () C:\Users\Kel\Documents\FAPCCF4.tmp
    2015-02-25 18:56 - 2014-10-26 08:26 - 00000000 _____ () C:\Users\Kel\Documents\FAP83F3.tmp
    2015-02-25 18:56 - 2014-10-26 08:14 - 00000000 _____ () C:\Users\Kel\Documents\FAP95D8.tmp
    2015-02-25 18:56 - 2014-10-26 08:14 - 00000000 _____ () C:\Users\Kel\Documents\FAP8FCB.tmp
    2015-02-25 18:56 - 2014-10-26 08:12 - 00000000 _____ () C:\Users\Kel\Documents\FAP3819.tmp
    2015-02-25 18:56 - 2014-10-26 08:09 - 00000000 _____ () C:\Users\Kel\Documents\FAPFF02.tmp
    2015-02-25 18:56 - 2014-10-26 08:09 - 00000000 _____ () C:\Users\Kel\Documents\FAPFDE7.tmp
    2015-02-25 18:56 - 2014-10-26 08:09 - 00000000 _____ () C:\Users\Kel\Documents\FAP117.tmp
    2015-02-25 18:56 - 2014-10-26 08:06 - 00000000 _____ () C:\Users\Kel\Documents\FAP5AF8.tmp
    2015-02-25 18:56 - 2014-10-26 08:06 - 00000000 _____ () C:\Users\Kel\Documents\FAP598E.tmp
    2015-02-25 18:56 - 2014-10-26 08:06 - 00000000 _____ () C:\Users\Kel\Documents\FAP5844.tmp
    2015-02-25 18:56 - 2014-10-26 08:04 - 00000000 _____ () C:\Users\Kel\Documents\FAPFA77.tmp
    2015-02-25 18:56 - 2014-10-26 08:04 - 00000000 _____ () C:\Users\Kel\Documents\FAPF8C0.tmp
    2015-02-25 18:56 - 2014-10-26 08:03 - 00000000 _____ () C:\Users\Kel\Documents\FAPF21B.tmp
    2015-02-25 18:56 - 2014-10-26 08:03 - 00000000 _____ () C:\Users\Kel\Documents\FAPE97E.tmp
    2015-02-25 18:56 - 2014-10-26 07:54 - 00000000 _____ () C:\Users\Kel\Documents\FAPD0AC.tmp
    2015-02-25 18:56 - 2014-10-26 07:54 - 00000000 _____ () C:\Users\Kel\Documents\FAP3091.tmp
    2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAPC7BA.tmp
    2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAP981D.tmp
    2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAP741.tmp
    2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAP6D71.tmp
    2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAP5D52.tmp
    EmptyTemp:
  • Then click on File >> Save as
    • File Name: Fixlist.txt
    • From the Save as type drop down list, choose All Files
  • It is very important that you save this textfile on your Desktop!
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe (Note: If FRST advises there is a new updated version to be downloaded, allow this.)and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Step 2: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
Step 3: ESET

Please run a free online scan with the ESET Online Scanner:

IMPORTANT: You MUST use Internet Explorer for this step!
  • Visit the ESET Online Scanner Web Page
  • Select the blue Run ESET Online Scanner button:
    ESET1_zps23a5e840.png
  • Tick the box next to YES, I accept the Terms of Use and click Start
    ESET_EULA2_zps9451f1c3.png
  • When asked, allow the ActiveX control to install.
  • Select Enable detection of potentially unwanted applications and select Advanced Settings:
    ESET2_zpsc701c045.png
  • Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
    ESET4_zps0afafd0d.png
  • Click Start. (This scan can take several hours, so please be patient):
    ESET3_zpsccd1657d.png
  • Once the scan is completed, select List of found threats:
    ESET5_zpsd27be299.png
  • Select Export to text file... and save the file as ESETlog.txt on your Desktop:
    ESET6_zpsc17d154e.png
  • Click the Back button.
  • Click the Finish button:
    ESET9_zps51587217.png
  • Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
  • Copy and paste that log as a reply to this topic.
Step 4: Question

How is your PC running?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#7 kmorrissey

kmorrissey
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:15 AM

Posted 25 March 2015 - 11:52 AM

What is the difference between "Run FRST.exe/FRST64.exe" in Step 1 and "Run FRST" in Step 2?



#8 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:15 AM

Posted 25 March 2015 - 03:26 PM

No, difference. Just run the main FRST Program. If you have 32bit use FRST.exe, if you have 64bit use FRST64.exe

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#9 kmorrissey

kmorrissey
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:15 AM

Posted 27 March 2015 - 05:46 PM

I've posted fixlist and FRST logs below. I ran ESET; it found 7 threats and cleaned them. But then it took me to a free/purchase option for the produt and never generated a ESET.txt log. I'll trust that it worked since if found and cleaned the 7 threats.

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by kellymorrissey at 2015-03-27 14:17:51 Run:1
Running from C:\Users\kellymorrissey\Desktop
Loaded Profiles: kellymorrissey &  (Available profiles: kellymorrissey & test & Kel)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [FAStartup] => [X]
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {67340e0b-189c-11e4-828a-5c514f70bf97} - "D:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {9378e0d6-211d-11e4-828a-5c514f70bf97} - "D:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {a4741e79-a017-11e3-826d-5c514f70bf97} - "F:\MotoCastSetup.exe" -a
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {b7398425-24af-11e4-828e-5c514f70bf97} - "K:\MotoCastSetup.exe" -a
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {b7398483-24af-11e4-828e-5c514f70bf97} - "K:\MotoCastSetup.exe" -a
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {bf34476b-cfbd-11e4-82e6-5c514f70bf97} - "F:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {e6ccc05a-21ce-11e4-828b-5c514f70bf97} - "F:\MotoCastSetup.exe" -a
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> {E406E668-CFB4-456A-BB2A-5798BBD05F7E} URL =
FF NetworkProxy: "type", 0
2015-02-25 18:56 - 2014-10-26 08:26 - 00000000 _____ () C:\Users\Kel\Documents\FAPCD54.tmp
2015-02-25 18:56 - 2014-10-26 08:26 - 00000000 _____ () C:\Users\Kel\Documents\FAPCCF4.tmp
2015-02-25 18:56 - 2014-10-26 08:26 - 00000000 _____ () C:\Users\Kel\Documents\FAP83F3.tmp
2015-02-25 18:56 - 2014-10-26 08:14 - 00000000 _____ () C:\Users\Kel\Documents\FAP95D8.tmp
2015-02-25 18:56 - 2014-10-26 08:14 - 00000000 _____ () C:\Users\Kel\Documents\FAP8FCB.tmp
2015-02-25 18:56 - 2014-10-26 08:12 - 00000000 _____ () C:\Users\Kel\Documents\FAP3819.tmp
2015-02-25 18:56 - 2014-10-26 08:09 - 00000000 _____ () C:\Users\Kel\Documents\FAPFF02.tmp
2015-02-25 18:56 - 2014-10-26 08:09 - 00000000 _____ () C:\Users\Kel\Documents\FAPFDE7.tmp
2015-02-25 18:56 - 2014-10-26 08:09 - 00000000 _____ () C:\Users\Kel\Documents\FAP117.tmp
2015-02-25 18:56 - 2014-10-26 08:06 - 00000000 _____ () C:\Users\Kel\Documents\FAP5AF8.tmp
2015-02-25 18:56 - 2014-10-26 08:06 - 00000000 _____ () C:\Users\Kel\Documents\FAP598E.tmp
2015-02-25 18:56 - 2014-10-26 08:06 - 00000000 _____ () C:\Users\Kel\Documents\FAP5844.tmp
2015-02-25 18:56 - 2014-10-26 08:04 - 00000000 _____ () C:\Users\Kel\Documents\FAPFA77.tmp
2015-02-25 18:56 - 2014-10-26 08:04 - 00000000 _____ () C:\Users\Kel\Documents\FAPF8C0.tmp
2015-02-25 18:56 - 2014-10-26 08:03 - 00000000 _____ () C:\Users\Kel\Documents\FAPF21B.tmp
2015-02-25 18:56 - 2014-10-26 08:03 - 00000000 _____ () C:\Users\Kel\Documents\FAPE97E.tmp
2015-02-25 18:56 - 2014-10-26 07:54 - 00000000 _____ () C:\Users\Kel\Documents\FAPD0AC.tmp
2015-02-25 18:56 - 2014-10-26 07:54 - 00000000 _____ () C:\Users\Kel\Documents\FAP3091.tmp
2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAPC7BA.tmp
2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAP981D.tmp
2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAP741.tmp
2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAP6D71.tmp
2015-02-25 18:56 - 2014-10-26 07:44 - 00000000 _____ () C:\Users\Kel\Documents\FAP5D52.tmp
EmptyTemp:
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\FAStartup => value deleted successfully.
"HKU\S-1-5-21-838906522-1154930953-3695442700-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67340e0b-189c-11e4-828a-5c514f70bf97}" => Key deleted successfully.
HKCR\CLSID\{67340e0b-189c-11e4-828a-5c514f70bf97} => Key not found.
"HKU\S-1-5-21-838906522-1154930953-3695442700-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9378e0d6-211d-11e4-828a-5c514f70bf97}" => Key deleted successfully.
HKCR\CLSID\{9378e0d6-211d-11e4-828a-5c514f70bf97} => Key not found.
"HKU\S-1-5-21-838906522-1154930953-3695442700-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4741e79-a017-11e3-826d-5c514f70bf97}" => Key deleted successfully.
HKCR\CLSID\{a4741e79-a017-11e3-826d-5c514f70bf97} => Key not found.
"HKU\S-1-5-21-838906522-1154930953-3695442700-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7398425-24af-11e4-828e-5c514f70bf97}" => Key deleted successfully.
HKCR\CLSID\{b7398425-24af-11e4-828e-5c514f70bf97} => Key not found.
"HKU\S-1-5-21-838906522-1154930953-3695442700-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7398483-24af-11e4-828e-5c514f70bf97}" => Key deleted successfully.
HKCR\CLSID\{b7398483-24af-11e4-828e-5c514f70bf97} => Key not found.
"HKU\S-1-5-21-838906522-1154930953-3695442700-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bf34476b-cfbd-11e4-82e6-5c514f70bf97}" => Key deleted successfully.
HKCR\CLSID\{bf34476b-cfbd-11e4-82e6-5c514f70bf97} => Key not found.
"HKU\S-1-5-21-838906522-1154930953-3695442700-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6ccc05a-21ce-11e4-828b-5c514f70bf97}" => Key deleted successfully.
HKCR\CLSID\{e6ccc05a-21ce-11e4-828b-5c514f70bf97} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-838906522-1154930953-3695442700-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E406E668-CFB4-456A-BB2A-5798BBD05F7E}" => Key deleted successfully.
HKCR\CLSID\{E406E668-CFB4-456A-BB2A-5798BBD05F7E} => Key not found.
Firefox Proxy settings were reset.
C:\Users\Kel\Documents\FAPCD54.tmp => Moved successfully.
C:\Users\Kel\Documents\FAPCCF4.tmp => Moved successfully.
C:\Users\Kel\Documents\FAP83F3.tmp => Moved successfully.
C:\Users\Kel\Documents\FAP95D8.tmp => Moved successfully.
C:\Users\Kel\Documents\FAP8FCB.tmp => Moved successfully.
C:\Users\Kel\Documents\FAP3819.tmp => Moved successfully.
C:\Users\Kel\Documents\FAPFF02.tmp => Moved successfully.
C:\Users\Kel\Documents\FAPFDE7.tmp => Moved successfully.
C:\Users\Kel\Documents\FAP117.tmp => Moved successfully.
C:\Users\Kel\Documents\FAP5AF8.tmp => Moved successfully.
C:\Users\Kel\Documents\FAP598E.tmp => Moved successfully.
C:\Users\Kel\Documents\FAP5844.tmp => Moved successfully.
C:\Users\Kel\Documents\FAPFA77.tmp => Moved successfully.
C:\Users\Kel\Documents\FAPF8C0.tmp => Moved successfully.
C:\Users\Kel\Documents\FAPF21B.tmp => Moved successfully.
C:\Users\Kel\Documents\FAPE97E.tmp => Moved successfully.
C:\Users\Kel\Documents\FAPD0AC.tmp => Moved successfully.
C:\Users\Kel\Documents\FAP3091.tmp => Moved successfully.
C:\Users\Kel\Documents\FAPC7BA.tmp => Moved successfully.
C:\Users\Kel\Documents\FAP981D.tmp => Moved successfully.
C:\Users\Kel\Documents\FAP741.tmp => Moved successfully.
C:\Users\Kel\Documents\FAP6D71.tmp => Moved successfully.
C:\Users\Kel\Documents\FAP5D52.tmp => Moved successfully.
EmptyTemp: => Removed 222.8 MB temporary data.


The system needed a reboot.

==== End of Fixlog 14:18:13 ====

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by kellymorrissey (administrator) on KELSXPS13 on 27-03-2015 14:22:16
Running from C:\Users\kellymorrissey\Desktop
Loaded Profiles: kellymorrissey (Available profiles: kellymorrissey & test & Kel)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.1.4\LavasoftTcpService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Amazon.com) C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3058848 2012-07-24] (Dell Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [95216 2012-08-15] (Sensible Vision )
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [FAStartup] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\FastAccess-x32: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll (Sensible Vision )
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-07-29] (Siber Systems)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1380672 2015-01-23] (Lavasoft)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe [473352 2013-12-18] ()
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [SansaDispatch] => C:\Users\kellymorrissey\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe [613888 2014-01-22] (SanDisk Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2234064 2014-05-06] (Eastman Kodak Company)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Unbox.lnk
ShortcutTarget: Amazon Unbox.lnk -> C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe (Amazon.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\kellymorrissey\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-838906522-1154930953-3695442700-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=cosp&ptag=d012615-ac44713a88d0b45ffa7f&form=conmhp&conlogo=ct3331981
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-07-29] (Siber Systems Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll [2012-08-15] (Sensible Vision )
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-08-25] (Symantec Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2014-07-29] (Siber Systems Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll [2012-08-15] (Sensible Vision )
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-07-29] (Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2014-07-29] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-07-29] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\eu430qb2.default
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D012615-AC44713A88D0B45FFA7F&form=CONMHP&conlogo=CT3331981
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.bing.com/?pc=cosp&ptag=d012615-ac44713a88d0b45ffa7f&form=conmhp&conlogo=ct3331981
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-16] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-16] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-12-24] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-12-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Extension: Garmin Communicator - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\eu430qb2.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-09-12]
FF Extension: Duplicate This Tab - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\eu430qb2.default\Extensions\duplicate-this-tab@mozilla.org.xpi [2013-12-22]
FF Extension: Adblock Plus - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\eu430qb2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-20]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2013-12-21]
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2014-10-23]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-03-27]
FF HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.bing.com/"
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSearchURL: Default -> https://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN
CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> https://www.bing.com/osjson.aspx?query={searchTerms}&language={language}&PC=U316
CHR Profile: C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-31]
CHR Extension: (Google Drive) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-31]
CHR Extension: (YouTube) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-31]
CHR Extension: (Google Search) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-31]
CHR Extension: (HTML5 video for YouTube™) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolajcekhnohkpncmhgledbmndjpblei [2015-02-16]
CHR Extension: (Chrome Remote Desktop) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-12-25]
CHR Extension: (Norton Identity Safe) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-11-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-23]
CHR Extension: (Google Wallet) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-31]
CHR Extension: (Gmail) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-31]
CHR Extension: (RoboForm) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-07-04]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-11-23]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-11-23]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-06-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 ADVService; C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [25704 2011-11-23] (Amazon.com) [File not signed]
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.36\remoting_host.exe [56648 2015-03-08] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [447888 2013-12-10] (Nuance Communications, Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
R2 FAService; C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2860528 2012-08-15] (Sensible Vision ) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-09-05] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [783264 2013-09-08] (Intel Corporation)
R2 ISCTAgent; c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.1.4\LavasoftTcpService.exe [1364392 2015-01-23] (Lavasoft Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe [265040 2014-10-02] (Symantec Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-08-23] (Realtek Semiconductor)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [15208 2015-01-23] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-15] (DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-03-04] (Dell Inc.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-11-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AX88179; C:\Windows\system32\DRIVERS\ax88179_178a.sys [73216 2014-08-07] (ASIX Electronics Corp.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150321.001\BHDrvx64.sys [1622744 2015-02-02] (Symantec Corporation)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-29] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-08-08] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-08] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [83960 2013-08-08] (Intel Corporation)
S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [129528 2013-08-08] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [117192 2013-09-05] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150323.001\IDSvia64.sys [669400 2015-02-04] (Symantec Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [20192 2013-09-08] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
S3 LAN7500; C:\Windows\system32\DRIVERS\lan7500-x64-n630f.sys [96256 2013-04-05] (SMSC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-27] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
S2 MCSTRM; No ImagePath
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150326.002\ENG64.SYS [129752 2015-02-14] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150326.002\EX64.SYS [2137304 2015-02-14] (Symantec Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-30] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [24744 2013-12-18] (Audials AG)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-30] (Microsoft Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1506000.020\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2013-10-16] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-27 14:19 - 2015-03-27 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-03-25 09:50 - 2015-03-27 14:22 - 00036855 _____ () C:\Users\kellymorrissey\Desktop\FRST.txt
2015-03-25 09:50 - 2015-03-25 09:50 - 00035740 _____ () C:\Users\kellymorrissey\Desktop\Addition.txt
2015-03-25 08:38 - 2015-03-23 20:22 - 02095616 _____ (Farbar) C:\Users\kellymorrissey\Desktop\FRST64.exe
2015-03-25 08:34 - 2015-03-25 08:34 - 00001055 _____ () C:\Users\kellymorrissey\Desktop\JRT.txt
2015-03-25 08:08 - 2015-03-27 14:18 - 00003092 _____ () C:\Windows\PFRO.log
2015-03-25 08:05 - 2015-03-25 09:49 - 00000000 ____D () C:\Users\kellymorrissey\Desktop\Bleeping Computer files
2015-03-25 08:02 - 2015-03-25 08:08 - 00000000 ____D () C:\AdwCleaner
2015-03-23 20:22 - 2015-03-27 14:22 - 00000000 ____D () C:\FRST
2015-03-23 20:22 - 2015-03-23 20:23 - 00091725 _____ () C:\Users\kellymorrissey\Downloads\FRST.txt
2015-03-23 20:22 - 2015-03-23 20:23 - 00042661 _____ () C:\Users\kellymorrissey\Downloads\Addition.txt
2015-03-23 20:21 - 2015-03-23 20:22 - 02095616 _____ (Farbar) C:\Users\kellymorrissey\Downloads\FRST64.exe
2015-03-23 03:11 - 2015-03-23 03:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-22 14:38 - 2015-03-22 14:38 - 1044797941 _____ () C:\Windows\MEMORY.DMP
2015-03-22 14:38 - 2015-03-22 14:38 - 01610584 _____ () C:\Windows\Minidump\032215-10500-01.dmp
2015-03-22 09:25 - 2015-03-27 14:18 - 00003810 _____ () C:\Windows\setupact.log
2015-03-22 09:25 - 2015-03-22 09:25 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-22 00:32 - 2015-03-27 14:18 - 01241064 _____ () C:\Windows\WindowsUpdate.log
2015-03-21 00:30 - 2015-03-23 20:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2015-03-16 05:59 - 2015-03-16 05:59 - 00000000 ____D () C:\Users\test\AppData\Local\Eastman Kodak Company
2015-03-14 20:02 - 2015-03-21 21:40 - 00000000 ____D () C:\Users\kellymorrissey\Documents\Travel
2015-03-13 13:33 - 2015-03-13 13:33 - 01054912 _____ (Adobe) C:\Users\test\Downloads\install_flashplayer17x32au_mssd_aaa_aih.exe
2015-03-11 19:25 - 2015-03-11 19:26 - 00000000 ____D () C:\Users\kellymorrissey\Desktop\microwave
2015-03-11 16:40 - 2015-01-26 20:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-11 16:40 - 2015-01-23 18:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-11 16:40 - 2015-01-23 00:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-11 16:40 - 2015-01-22 22:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-11 16:39 - 2015-03-05 19:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 16:39 - 2015-03-05 19:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 16:39 - 2015-02-25 16:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 16:39 - 2015-02-19 20:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 16:39 - 2015-02-19 19:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 16:39 - 2015-02-19 19:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 16:39 - 2015-02-19 19:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 16:39 - 2015-02-03 16:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-11 16:39 - 2015-02-03 16:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-11 16:39 - 2015-02-03 16:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-11 16:39 - 2015-02-02 16:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-11 16:39 - 2015-02-02 16:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-11 16:39 - 2015-01-30 16:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-11 16:39 - 2015-01-30 16:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-11 16:39 - 2015-01-28 18:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-11 16:39 - 2015-01-28 18:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-11 16:39 - 2015-01-28 18:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-11 16:39 - 2015-01-28 18:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-11 16:39 - 2014-10-28 19:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 16:39 - 2014-10-28 19:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 16:39 - 2014-10-28 19:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 16:39 - 2014-10-28 19:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2015-03-11 16:39 - 2014-10-28 19:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-03-11 16:39 - 2014-10-28 19:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2015-03-11 16:39 - 2014-10-28 19:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 16:39 - 2014-10-28 19:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 16:39 - 2014-10-28 19:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 16:39 - 2014-10-28 18:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2015-03-11 16:39 - 2014-10-28 18:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2015-03-11 16:39 - 2014-10-28 18:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-03-11 16:39 - 2014-10-28 18:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-03-11 16:39 - 2014-10-28 18:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2015-03-11 16:39 - 2014-10-28 18:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-03-11 16:39 - 2014-10-28 18:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-03-11 16:39 - 2014-10-28 17:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-03-11 16:39 - 2014-10-28 17:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-03-11 16:39 - 2014-10-28 17:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-03-11 16:39 - 2014-10-28 17:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-03-11 16:38 - 2015-02-20 18:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 16:38 - 2015-02-20 17:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 16:38 - 2015-02-20 17:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 16:38 - 2015-02-20 17:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-11 16:38 - 2015-02-20 17:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 16:38 - 2015-02-20 16:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 16:38 - 2015-02-20 16:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 16:38 - 2015-02-19 19:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 16:38 - 2015-02-19 19:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 16:38 - 2015-02-19 19:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 16:38 - 2015-02-19 19:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-11 16:38 - 2015-02-19 19:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 16:38 - 2015-02-19 19:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 16:38 - 2015-02-19 19:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 16:38 - 2015-02-19 19:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-11 16:38 - 2015-02-19 19:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 16:38 - 2015-02-19 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 16:38 - 2015-02-19 19:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 16:38 - 2015-02-19 18:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-11 16:38 - 2015-02-19 18:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-11 16:38 - 2015-02-19 18:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-11 16:38 - 2015-02-19 18:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 16:38 - 2015-02-19 18:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 16:38 - 2015-02-19 18:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 16:38 - 2015-02-19 18:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 16:38 - 2015-02-19 18:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 16:38 - 2015-02-19 18:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-11 16:38 - 2015-02-19 18:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-11 16:38 - 2015-02-19 18:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 16:38 - 2015-02-19 18:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-11 16:38 - 2015-02-19 18:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 16:38 - 2015-02-19 18:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 16:38 - 2015-02-19 18:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 16:38 - 2015-02-19 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 16:38 - 2015-02-19 18:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 16:38 - 2015-02-19 17:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 16:38 - 2015-02-19 17:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 16:38 - 2015-02-12 10:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 16:38 - 2015-02-12 10:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 16:38 - 2015-02-07 16:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-11 16:38 - 2015-02-07 16:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-11 16:38 - 2015-02-06 16:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-11 16:38 - 2015-02-05 18:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-11 16:38 - 2015-02-05 18:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-11 16:38 - 2015-02-05 13:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-11 16:38 - 2015-02-02 17:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-11 16:38 - 2015-02-02 17:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-11 16:38 - 2015-01-30 16:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 16:38 - 2015-01-29 20:01 - 00132608 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BthA2DP.sys
2015-03-11 16:38 - 2015-01-29 20:01 - 00097792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-11 16:38 - 2015-01-29 20:00 - 00167424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-03-11 16:38 - 2015-01-29 19:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-11 16:38 - 2015-01-29 19:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-11 16:38 - 2015-01-29 19:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-11 16:38 - 2015-01-29 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-11 16:38 - 2015-01-29 18:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-11 16:38 - 2015-01-29 18:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-11 16:38 - 2015-01-29 18:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-11 16:38 - 2015-01-29 18:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-11 16:38 - 2015-01-29 18:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-11 16:38 - 2015-01-29 18:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-11 16:38 - 2015-01-29 18:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-11 16:38 - 2015-01-29 18:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-11 16:38 - 2015-01-29 18:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-11 16:38 - 2015-01-29 11:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 16:38 - 2015-01-29 11:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 16:38 - 2015-01-28 18:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 16:38 - 2015-01-28 18:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 16:38 - 2015-01-28 17:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-11 16:38 - 2015-01-28 17:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-11 16:38 - 2015-01-28 17:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-11 16:38 - 2015-01-28 17:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-11 16:38 - 2015-01-28 08:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 16:38 - 2015-01-28 08:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-11 16:38 - 2015-01-28 08:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-11 16:38 - 2015-01-27 19:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-11 16:38 - 2015-01-27 18:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-11 16:38 - 2015-01-27 18:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 16:38 - 2015-01-27 18:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 16:38 - 2015-01-27 16:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-11 16:38 - 2015-01-27 16:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-11 16:38 - 2015-01-26 21:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 16:38 - 2015-01-26 19:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 16:38 - 2015-01-20 22:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 16:38 - 2015-01-20 22:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 16:38 - 2014-12-10 22:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-11 16:38 - 2014-10-28 20:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-11 16:38 - 2014-10-28 19:46 - 00081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-03-11 16:38 - 2014-10-28 19:46 - 00053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-03-11 16:38 - 2014-10-28 19:45 - 01198080 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-03-11 16:38 - 2014-10-28 19:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-03-11 16:38 - 2014-10-28 19:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-03-11 16:38 - 2014-10-28 19:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-03-11 16:38 - 2014-10-28 19:03 - 00241152 ____C (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2015-03-11 16:38 - 2014-10-28 18:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-03-11 16:38 - 2014-10-28 18:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2015-03-11 16:38 - 2014-10-28 18:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-03-11 16:38 - 2014-10-28 17:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2015-03-11 16:38 - 2014-10-28 17:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 16:38 - 2014-10-08 00:33 - 00032768 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BthHfAud.sys
2015-03-09 15:01 - 2015-03-09 15:01 - 00000000 ____D () C:\Users\kellymorrissey\Documents\Home Depot
2015-03-05 17:01 - 2015-03-05 17:31 - 00000000 ____D () C:\ProgramData\SupportAssistAgent
2015-03-05 17:01 - 2015-03-05 17:01 - 00003612 _____ () C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-03-05 17:01 - 2015-03-05 17:01 - 00000000 __HDC () C:\ProgramData\{6AACA38B-2810-4B47-BDEC-D7A1F38B1531}
2015-03-05 17:01 - 2015-03-05 17:01 - 00000000 ____D () C:\Program Files (x86)\Dell
2015-03-04 08:03 - 2015-03-04 08:09 - 786515305 _____ () C:\Users\kellymorrissey\Downloads\jamwithjimihendrixv2_part1.zip
2015-02-26 09:00 - 2015-02-26 09:00 - 00023760 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DDDriver64Dcsa.sys
2015-02-26 09:00 - 2015-02-26 09:00 - 00023312 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DellProf.sys
2015-02-25 19:04 - 2015-02-25 19:04 - 00000020 ___SH () C:\Users\Kel\ntuser.ini
2015-02-25 19:04 - 2015-02-25 19:04 - 00000000 ____D () C:\Users\Kel\AppData\Roaming\Leadertech
2015-02-25 18:59 - 2015-02-25 18:59 - 00000000 ___RD () C:\Users\Kel\SkyDrive
2015-02-25 18:58 - 2015-02-25 18:58 - 00000000 ____D () C:\Users\Kel\Halloween vintage photos
2015-02-25 18:58 - 2015-02-21 14:09 - 131523824 _____ (Microsoft Corporation) C:\Users\Kel\Downloads\msert.exe
2015-02-25 18:58 - 2015-02-04 18:20 - 00000892 _____ () C:\Users\Kel\Downloads\wave-interference_en.jnlp
2015-02-25 18:58 - 2015-01-05 18:03 - 00824200 _____ () C:\Users\Kel\Downloads\TSC_Spreadsheet.zip
2015-02-25 18:58 - 2015-01-05 17:27 - 00065082 _____ () C:\Users\Kel\Downloads\Meal-Plans.zip
2015-02-25 18:58 - 2014-12-26 12:15 - 26413824 _____ () C:\Users\Kel\Downloads\FW_RT_N66U_30043763602.zip
2015-02-25 18:58 - 2014-12-25 19:26 - 08317952 _____ () C:\Users\Kel\Downloads\chromeremotedesktophost.msi
2015-02-25 18:58 - 2014-12-20 09:51 - 36281408 _____ (Garmin Ltd or its subsidiaries) C:\Users\Kel\Downloads\GarminExpress.exe
2015-02-25 18:58 - 2014-12-10 18:21 - 180623036 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_3s-5s-part-1-yt65(1).mp4
2015-02-25 18:58 - 2014-12-10 18:19 - 111281394 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_5s-and-3s-part-2-gf65.mp4
2015-02-25 18:58 - 2014-12-10 18:17 - 00000000 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-2.mp4
2015-02-25 18:58 - 2014-12-10 17:47 - 218305374 _____ () C:\Users\Kel\Downloads\Show-Off-Lick-1.mp4
2015-02-25 18:58 - 2014-12-10 17:46 - 156984206 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-5.mp4
2015-02-25 18:58 - 2014-12-10 17:46 - 142171920 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-4.mp4
2015-02-25 18:58 - 2014-12-10 17:45 - 180623036 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-1.mp4
2015-02-25 18:58 - 2014-12-10 17:45 - 105580781 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-3.mp4
2015-02-25 18:58 - 2014-12-10 17:43 - 188772588 _____ () C:\Users\Kel\Downloads\Odd-Grouping-Fills-6.mp4
2015-02-25 18:58 - 2014-11-23 15:00 - 01021632 _____ (Symantec Corporation) C:\Users\Kel\Downloads\Norton_Download_Manager.exe
2015-02-25 18:58 - 2014-11-19 08:53 - 23940056 _____ (ReviverSoft) C:\Users\Kel\Downloads\PCReviverSetup-SpeedTest.exe
2015-02-25 18:58 - 2014-11-17 16:39 - 793681209 _____ () C:\Users\Kel\Downloads\fingerstyleacousticforbeginners.zip
2015-02-25 18:58 - 2014-10-22 16:50 - 01054912 _____ (Adobe) C:\Users\Kel\Downloads\install_flashplayer15x32au_mssa_aaa_aih.exe
2015-02-25 18:58 - 2014-10-21 18:14 - 1051063036 _____ () C:\Users\Kel\Downloads\rocklicksforabsolutebeginners.zip
2015-02-25 18:58 - 2014-09-16 06:21 - 01241504 _____ () C:\Users\Kel\Downloads\HP_DJ2540_hpu_Alert_000_007.exe
2015-02-25 18:58 - 2014-09-03 20:52 - 41139112 _____ (Wondershare ) C:\Users\Kel\Downloads\mobilego_full818.exe
2015-02-25 18:58 - 2014-09-03 18:52 - 05148672 _____ () C:\Users\Kel\Downloads\HPSupportSolutionsFramework-11.51.0004.msi
2015-02-25 18:58 - 2014-08-28 14:03 - 24743106 _____ () C:\Users\Kel\Downloads\vlc-2.1.5-win32.exe
2015-02-25 18:58 - 2014-08-13 14:08 - 00736256 _____ (Wondershare) C:\Users\Kel\Downloads\mobilego_setup_full818.exe
2015-02-25 18:58 - 2014-08-12 16:28 - 00417824 _____ () C:\Users\Kel\Downloads\DellSystemDetect.exe
2015-02-25 18:58 - 2014-08-11 20:31 - 34888280 _____ (Wondershare ) C:\Users\Kel\Downloads\ws_mobiletrans_win_av.exe
2015-02-25 18:58 - 2014-08-11 20:22 - 24111736 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Kel\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones(1).exe
2015-02-25 18:58 - 2014-08-11 20:10 - 16007072 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Kel\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.45.0.exe
2015-02-25 18:58 - 2014-08-11 20:06 - 24111736 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Kel\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
2015-02-25 18:58 - 2014-08-11 20:05 - 11060224 _____ () C:\Users\Kel\Downloads\CarbonSetup.msi
2015-02-25 18:58 - 2014-08-02 18:22 - 114078456 _____ (Intuit Inc. ) C:\Users\Kel\Downloads\Quicken_Deluxe_2014(1).exe
2015-02-25 18:58 - 2014-08-02 17:50 - 38426504 _____ (Intuit ) C:\Users\Kel\Downloads\QW2014R7MPatch.exe
2015-02-25 18:58 - 2014-07-29 20:12 - 16658872 _____ (Siber Systems) C:\Users\Kel\Downloads\RoboForm-Setup.exe
2015-02-25 18:58 - 2014-07-29 18:11 - 114078456 _____ (Intuit Inc. ) C:\Users\Kel\Downloads\Quicken_Deluxe_2014.exe
2015-02-25 18:58 - 2014-07-11 15:40 - 06598344 _____ () C:\Users\Kel\Downloads\HPPSdr.exe
2015-02-25 18:58 - 2014-06-29 14:15 - 01940600 _____ (TODO: <Company name>) C:\Users\Kel\Downloads\SocialMedia_Login.exe
2015-02-25 18:58 - 2014-06-24 19:20 - 106859936 _____ () C:\Users\Kel\Downloads\DJ2540_188.exe
2015-02-25 18:58 - 2014-06-16 19:04 - 119249873 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_Building-Samba-Independence-1-re54.mp4
2015-02-25 18:58 - 2014-06-16 19:04 - 116938660 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_Building-Samba-Independence-4-hg31.mp4
2015-02-25 18:58 - 2014-06-16 19:04 - 109092279 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_Building-Samba-Independence-5-hg65.mp4
2015-02-25 18:58 - 2014-06-16 19:04 - 101381081 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_Building-Samba-Independence-2-ytre.mp4
2015-02-25 18:58 - 2014-06-16 19:04 - 101080883 _____ () C:\Users\Kel\Downloads\http___c358681.r81.cf0.rackcdn.com_Building-Samba-Independence-3-na32.mp4
2015-02-25 18:58 - 2014-06-06 11:20 - 03673008 _____ (Piriform Ltd) C:\Users\Kel\Downloads\ccsetup414_pro.exe
2015-02-25 18:58 - 2014-06-06 11:04 - 79453904 _____ () C:\Users\Kel\Downloads\vlcmediaplayer-setup.exe
2015-02-25 18:58 - 2014-06-05 18:54 - 16616928 _____ (Siber Systems) C:\Users\Kel\Downloads\RoboForm-Setup-cnetc.exe
2015-02-25 18:58 - 2014-06-03 20:37 - 147349383 _____ () C:\Users\Kel\Downloads\RR1_disc_2_of_3.zip
2015-02-25 18:58 - 2014-06-03 20:13 - 138796475 _____ () C:\Users\Kel\Downloads\R_disc_3_of_3.zip
2015-02-25 18:58 - 2014-06-03 20:11 - 140388787 _____ () C:\Users\Kel\Downloads\R_disc_2_of_3.zip
2015-02-25 18:58 - 2014-06-03 20:08 - 139300139 _____ () C:\Users\Kel\Downloads\R_disc_1_of_3.zip
2015-02-25 18:58 - 2014-05-21 10:35 - 13808408 _____ (DigiTech ) C:\Users\Kel\Downloads\JamManagerXTSetup.exe
2015-02-25 18:58 - 2014-05-02 18:20 - 00347816 _____ (Microsoft Corporation) C:\Users\Kel\Downloads\MicrosoftFixit.AudioPlayback.Run.exe
2015-02-25 18:57 - 2015-02-25 18:57 - 00000000 ____D () C:\Users\Kel\Documents\Woodworking
2015-02-25 18:57 - 2015-02-25 18:57 - 00000000 ____D () C:\Users\Kel\Documents\~Trossachs
2015-02-25 18:57 - 2015-01-14 18:27 - 09432773 _____ () C:\Users\Kel\Downloads\33_paint_stroke_brushes_ps7__by_keepwaiting-d2xmll9.zip
2015-02-25 18:57 - 2015-01-02 12:55 - 00270918 _____ () C:\Users\Kel\Downloads\attachments.zip
2015-02-25 18:57 - 2014-11-17 16:54 - 1285507894 _____ () C:\Users\Kel\Downloads\blueslicksforabsolutebeginners.zip
2015-02-25 18:57 - 2014-11-17 16:26 - 1124317518 _____ () C:\Users\Kel\Downloads\bluesguitarforabsolutebeginners.zip
2015-02-25 18:57 - 2014-09-05 16:52 - 00000420 _____ () C:\Users\Kel\Downloads\2_Duck_Walkin.mp3.zip
2015-02-25 18:57 - 2014-05-30 21:24 - 10003416 _____ (Eastman Kodak Company) C:\Users\Kel\Downloads\aio_install.exe
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Wondershare
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Wallpaper
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\UX Certificate
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Symantec
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Sumner Home Sale
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\SSN
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Setlists
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Salt Lake City
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Recipes
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Quicken
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Photography
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Phone bill
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Outlook Files
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Nutrition
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\NewBlueFX
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\My RoboForm Data
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\My Lyrics
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Kai
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Home
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Hester Recipies
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Hester
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Halloween
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Guitar
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Garmin
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Garage door opener
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Fitness
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Finance
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Fax
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\ControlMyNikon v4.3
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Christmas
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Allyson Wedding
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Allyson School
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Alanon
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\ADT Alarm System
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Documents\Adobe
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Wedding chalk menus
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Vintage Illustrations
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Sundown bill
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\notification mp3s
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\New folder
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Kel's Droid photos
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Hester's photos
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Droid backup
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Damaged gutters
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\Built-in Shelves
2015-02-25 18:56 - 2015-02-25 18:56 - 00000000 ____D () C:\Users\Kel\Desktop\BACKUP
2015-02-25 18:56 - 2015-02-21 19:10 - 00000000 ____D () C:\Users\Kel\Desktop\kel user profile info
2015-02-25 18:56 - 2015-02-21 13:54 - 00000346 _____ () C:\Users\Kel\Desktop\Rhapsody.appref-ms
2015-02-25 18:56 - 2015-02-21 13:41 - 00062794 _____ () C:\Users\Kel\Desktop\RhapsodyErrorFile.txt
2015-02-25 18:56 - 2015-02-05 14:04 - 00062754 _____ () C:\Users\Kel\Desktop\rhapsody error message.txt
2015-02-25 18:56 - 2015-01-30 18:46 - 00062776 _____ () C:\Users\Kel\Desktop\Rhapsody error.txt
2015-02-25 18:56 - 2015-01-30 17:42 - 00000000 ____D () C:\Users\Kel\Desktop\01-30-2015
2015-02-25 18:56 - 2015-01-14 18:08 - 01725886 _____ () C:\Users\Kel\Desktop\K-20_Pipeline_and_Capacity_charts-10-31-14 (KM4).pptx
2015-02-25 18:56 - 2015-01-14 17:57 - 01866488 _____ () C:\Users\Kel\Desktop\K-20_Pipeline_and_Capacity_charts-10-31-14 (KM3).pptx
2015-02-25 18:56 - 2015-01-14 17:34 - 01858256 _____ () C:\Users\Kel\Desktop\K-20_Pipeline_and_Capacity_charts-10-31-14 (KM2).pptx
2015-02-25 18:56 - 2015-01-12 20:13 - 02897008 _____ () C:\Users\Kel\Desktop\kellymorrissey's quicken data_SyncLog.dat
2015-02-25 18:56 - 2015-01-12 20:04 - 00157360 _____ () C:\Users\Kel\Desktop\Kellymorrissey's Quicken DataOFXLOG.DAT
2015-02-25 18:56 - 2014-12-15 20:21 - 45073929 _____ () C:\Users\Kel\Desktop\Kai and Aidan.psd
2015-02-25 18:56 - 2014-11-23 15:01 - 00001252 _____ () C:\Users\Kel\Desktop\Norton Installation Files.lnk
2015-02-25 18:56 - 2014-10-25 09:48 - 00179572 _____ () C:\Users\Kel\Desktop\Food for thought.psd
2015-02-25 18:56 - 2014-10-12 10:19 - 10125312 _____ () C:\Users\Kel\Desktop\Kellymorrissey's Quicken Data.QDF
2015-02-25 18:56 - 2014-10-12 10:19 - 08130560 _____ () C:\Users\Kel\Desktop\Kellymorrissey's Quicken Data.QDF-backup
2015-02-25 18:56 - 2014-09-21 18:11 - 00604310 _____ () C:\Users\Kel\Documents\script furniture and pillows.pptx
2015-02-25 18:56 - 2014-09-03 18:52 - 00000329 _____ () C:\Users\Kel\Desktop\HP Printer Diagnostic Tools.url
2015-02-25 18:56 - 2014-08-28 22:07 - 00011268 _____ () C:\Users\Kel\Documents\Aidan's Soccer Schedule.xlsx
2015-02-25 18:56 - 2014-08-28 22:03 - 00000000 ____D () C:\Users\Kel\Documents\Soccer
2015-02-25 18:56 - 2014-08-02 18:00 - 06004736 _____ () C:\Users\Kel\Desktop\Kellymorrissey's Quicken Data-2014-08-02.QDF-backup
2015-02-25 18:56 - 2014-08-02 14:02 - 00000000 ____D () C:\Users\Kel\Documents\New folder
2015-02-25 18:56 - 2014-06-25 15:04 - 00013560 _____ () C:\Users\Kel\Desktop\Weekly chore schedule 2014.xlsx
2015-02-25 18:56 - 2014-06-23 14:50 - 00000239 _____ () C:\Users\Kel\Desktop\Practical Disaster Preparedness for the Family Worksheets.URL
2015-02-25 18:56 - 2014-06-23 14:48 - 00020291 _____ () C:\Users\Kel\Desktop\Disaster Worksheets.xlsx
2015-02-25 18:56 - 2014-03-15 16:56 - 00000000 ____D () C:\Users\Kel\Documents\OneNote Notebooks
2015-02-25 18:56 - 2014-02-24 19:16 - 00023510 _____ () C:\Users\Kel\Documents\Checklist for My Ideal Apartment.dotx
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Wondershare
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Western_Digital
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\VirtualStore
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Rhapsody
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\RapidSolution
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\QuickenWindow
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Packages
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Mozilla
2015-02-25 18:43 - 2015-02-25 18:43 - 00000000 ____D () C:\Users\Kel\AppData\Local\Microsoft Help
2015-02-25 18:43 - 2013-12-21 22:01 - 00000000 ____D () C:\Users\Kel\AppData\Local\softthinks
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 __SHD () C:\Users\Kel\AppData\Local\EmieUserList
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 __SHD () C:\Users\Kel\AppData\Local\EmieSiteList
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 __SHD () C:\Users\Kel\AppData\Local\EmieBrowserModeList
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Macromedia
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\LogMeIn Rescue Applet
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Lavasoft
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\IsolatedStorage
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Intel_Corporation
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\HP
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Hewlett-Packard
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Google
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Garmin
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Easy Blue Print
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Eastman_Kodak_Company
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Eastman Kodak Company
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Downloaded Installations
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\CrashRpt
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\CrashDumps
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Citrix
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Apps\2.0
2015-02-25 18:42 - 2015-02-25 18:42 - 00000000 ____D () C:\Users\Kel\AppData\Local\Adobe
2015-02-25 18:42 - 2015-02-25 17:54 - 00000000 ____D () C:\Users\Kel\AppData\Local\Deployment
2015-02-25 18:42 - 2015-02-18 13:10 - 00000236 _____ () C:\Users\Kel\AppData\Local\LaunchHomeCenter.log
2015-02-25 18:42 - 2015-01-07 19:15 - 00001456 _____ () C:\Users\Kel\AppData\Local\Adobe Save for Web 12.0 Prefs
2015-02-25 18:42 - 2014-06-06 11:02 - 00003584 _____ () C:\Users\Kel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-25 18:20 - 2015-02-25 18:21 - 00000000 ____D () C:\Users\kellymorrissey\Desktop\Sundown bill
2015-02-25 00:22 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 00:22 - 2014-12-13 14:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-02-25 00:22 - 2014-10-28 18:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-25 00:22 - 2014-10-28 18:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-02-25 00:22 - 2014-10-28 18:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-25 00:22 - 2014-10-28 18:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-27 14:21 - 2013-12-13 14:26 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-03-27 14:21 - 2013-12-13 14:14 - 00005598 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-27 14:20 - 2014-12-04 16:22 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-27 14:20 - 2014-06-06 16:48 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-27 14:20 - 2014-06-06 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-27 14:20 - 2014-06-06 16:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-27 14:19 - 2014-10-19 19:31 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfec0de611f7bb.job
2015-03-27 14:19 - 2014-03-25 18:41 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf489473ef515f.job
2015-03-27 14:19 - 2014-02-20 20:01 - 00000000 ___DO () C:\Users\kellymorrissey\SkyDrive
2015-03-27 14:19 - 2013-12-13 14:23 - 00003276 _____ () C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager
2015-03-27 14:18 - 2014-05-30 21:25 - 00000000 ____D () C:\ProgramData\Kodak
2015-03-27 14:18 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-27 14:18 - 2013-08-22 06:25 - 01310720 ___SH () C:\Windows\system32\config\BBI
2015-03-27 14:09 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-27 14:07 - 2014-06-24 17:12 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Local\Adobe
2015-03-26 16:31 - 2013-12-22 11:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-25 13:11 - 2014-03-30 18:23 - 00000000 ____D () C:\Users\kellymorrissey\Documents\Outlook Files
2015-03-25 12:54 - 2014-06-20 14:46 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8cd123329adb.job
2015-03-25 12:54 - 2014-03-27 14:23 - 00003612 _____ () C:\Windows\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-838906522-1154930953-3695442700-1001
2015-03-25 12:31 - 2014-12-05 16:51 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2015-03-25 09:54 - 2013-12-13 14:22 - 00005788 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-25 08:30 - 2013-12-21 21:47 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Local\CrashDumps
2015-03-25 08:24 - 2013-12-21 18:57 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-838906522-1154930953-3695442700-1001
2015-03-25 08:20 - 2014-08-15 07:56 - 00005014 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for KELSXPS13-kellymorrissey KelsXPS13
2015-03-25 08:09 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-25 08:08 - 2013-12-21 16:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-25 06:10 - 2015-02-18 10:35 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-838906522-1154930953-3695442700-1002
2015-03-24 03:03 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\rescache
2015-03-23 19:50 - 2014-06-06 11:07 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Roaming\vlc
2015-03-22 14:39 - 2013-08-22 07:44 - 00564712 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-22 14:38 - 2014-09-19 16:16 - 00000000 ____D () C:\Windows\Minidump
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-22 14:38 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-22 14:30 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-22 08:03 - 2014-07-29 10:10 - 00000000 ___RD () C:\Users\kellymorrissey\Dropbox
2015-03-22 08:03 - 2014-07-29 10:09 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Roaming\Dropbox
2015-03-22 00:00 - 2014-10-16 17:16 - 00000258 _____ () C:\Windows\Tasks\CCleanerClean.job
2015-03-21 07:06 - 2015-02-04 12:30 - 00000000 ____D () C:\Users\kellymorrissey\Documents\~Trossachs
2015-03-17 06:15 - 2014-06-06 16:48 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-17 06:15 - 2014-06-06 16:48 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-17 06:15 - 2014-06-06 16:48 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-16 06:33 - 2013-12-22 11:29 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-16 06:06 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-14 16:04 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-14 15:14 - 2014-07-29 10:10 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-13 13:48 - 2013-12-23 18:50 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-11 16:51 - 2013-12-26 21:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 16:48 - 2013-12-26 21:13 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-05 17:01 - 2013-12-13 14:23 - 00000000 ____D () C:\Program Files\Dell
2015-03-04 14:24 - 2014-04-28 14:10 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 14:24 - 2014-04-28 14:10 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-04 13:27 - 2014-06-06 11:21 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-04 10:28 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\Recovery
2015-03-04 10:10 - 2014-11-09 12:40 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-04 10:09 - 2014-11-09 12:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-04 10:09 - 2014-11-09 12:40 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-04 06:14 - 2013-12-21 18:52 - 00000000 ____D () C:\Users\kellymorrissey
2015-02-25 19:04 - 2015-02-21 19:22 - 00000000 ____D () C:\Users\Kel
2015-02-25 18:02 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-25 17:54 - 2013-12-21 16:46 - 00000000 ____D () C:\Users\kellymorrissey\AppData\Local\Deployment

==================== Files in the root of some directories =======

2014-01-07 18:04 - 2014-01-07 18:23 - 0000473 _____ () C:\Users\kellymorrissey\AppData\Roaming\burnaware.ini
2013-12-22 12:52 - 2015-02-05 13:46 - 0000004 _____ () C:\Users\kellymorrissey\AppData\Roaming\DEA82C
2013-12-22 12:52 - 2015-02-05 13:46 - 0870128 _____ () C:\Users\kellymorrissey\AppData\Roaming\mcs.rma
2014-01-04 20:35 - 2015-01-07 19:15 - 0001456 _____ () C:\Users\kellymorrissey\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-06-06 11:02 - 2014-06-06 11:02 - 0003584 _____ () C:\Users\kellymorrissey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-18 13:10 - 2015-02-18 13:10 - 0000236 _____ () C:\Users\kellymorrissey\AppData\Local\LaunchHomeCenter.log
2014-04-24 16:19 - 2014-04-24 16:19 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-12-13 14:08 - 2013-12-13 14:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-07-23 10:19 - 2014-07-23 10:19 - 0000252 _____ () C:\ProgramData\FastPics.log
2014-07-23 10:35 - 2014-07-23 10:35 - 0000256 _____ () C:\ProgramData\lxea.log
2014-07-23 10:21 - 2014-07-23 10:21 - 0001122 _____ () C:\ProgramData\lxeaJSW.log
2014-07-23 10:17 - 2014-07-23 10:35 - 0001724 _____ () C:\ProgramData\lxeascan.log
2014-12-09 21:43 - 2015-02-21 13:54 - 0001555 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-07-23 10:16 - 2014-07-23 10:16 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-23 20:30

==================== End Of Log ============================



#10 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:15 AM

Posted 28 March 2015 - 07:38 AM

How is your system running? :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#11 kmorrissey

kmorrissey
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:15 AM

Posted 28 March 2015 - 11:43 AM

Much better, thank you. Sent you a PayPal donation. Regards!



#12 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:15 AM

Posted 28 March 2015 - 08:13 PM

Thank your for the donation. :)

 

Hello,
in my opinion your PC is clean. :)

We need to remove the tools we've used during cleaning your machine.
  • Download Delfix from here and run it (If you have Windows Vista / Windows 7 / Windows 8 please do a Right click on the Delfix icon and select Run as Administrator).
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    delfix.jpg
  • Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply

 

Exercise common sense

Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to look before you leap. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully and look at the file extensions to make sure that you know what you're getting. Using peer-to-peer file sharing programs or downloading cracks and keygens is something else to avoid - the files you will be downloading are infected in the vast majority of cases, and the benefits simply aren't worth the risk to your computer.

Keep up on Windows updates

Along with keeping all of the security programs that you choose to use updated, it is also important to keep up on system updates from Microsoft, as these patch critical security vulnerabilities and help to keep you safe. Typically the windows update icon will appear in your taskbar when new updates are available, whenever you see it you should open the menu up and install the updates that are available. Although it may be an annoyance, that little bit of extra time it takes to stay updated is very well worth it instead of getting infected from an exploit and having to clean your PC again.

Slow computer?

If your computer begins to slow down again in the future for no particular reason, your first step should not be to come back to the malware forum. As your computer ages and is used, its parts wear, files and programs accumulate, and its performance speed can decrease. To restore your computer's performance to its best possible level, follow the steps in this guide written by tech expert Artellos.

Keep Safe! :thumbsup:

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#13 kmorrissey

kmorrissey
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:07:15 AM

Posted 28 March 2015 - 08:55 PM

# DelFix v10.9 - Logfile created 28/03/2015 at 18:54:04
# Updated 27/02/2015 by Xplode
# Username : kellymorrissey - KELSXPS13
# Operating System : Windows 8.1  (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\kellymorrissey\Desktop\Addition.txt
Deleted : C:\Users\kellymorrissey\Desktop\Fixlog.txt
Deleted : C:\Users\kellymorrissey\Desktop\FRST.txt
Deleted : C:\Users\kellymorrissey\Desktop\FRST64.exe
Deleted : C:\Users\kellymorrissey\Desktop\JRT.txt
Deleted : C:\Users\kellymorrissey\Downloads\Addition.txt
Deleted : C:\Users\kellymorrissey\Downloads\FRST.txt
Deleted : C:\Users\kellymorrissey\Downloads\FRST64.exe
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...


New restore point created !

########## - EOF - ##########
 



#14 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:15 AM

Posted 29 March 2015 - 06:41 AM

Any further questions before I close this topic as solved? :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#15 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:15 AM

Posted 03 April 2015 - 01:08 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users