Jump to content

GJEMom

Members
 View Profile  See their activity

  • Posts

    6

  • Joined

  • Last visited

Reputation

0 Neutral
  1. GJEMom
    here's the report from Adwcleaner AdwCleanerS0.txt
  2. GJEMom
    Here's the screenshot of what Sophos says. I will run that tool and post log when I get home from work. Should I just delete that video downloader file? I have no idea where that came from. (Maybe one of the kids?) Thanks!
  3. GJEMom
    Attached is the screen shot. Sophos tells me at least 3-4 times its found this during startup. I always hit quarantine, but it always comes back.
  4. GJEMom
    I rant the fix but upon reboot Sophos still found it, and my computer froze. (I have no idea if the two are related) Attached is the log. Thanks again for your help. I really appreciate it. Fixlog.txt
  5. GJEMom
    I ran the anti-root kit and farbar again. Attached are the reports. Though anti-root kit said it didn't find anything, Sophos again found it upon reboot. Thanks for your help. I really appreciate it. FRST-2ndrun.txt mbar-log-2015-02-16 (18-51-55).txt system-log.txt
  6. GJEMom
    Hi. My computer has been getting slower and freezing up all the time. Not sure if it's hardware issue, but I know that Sophos keeps detecting Bundlore. I ran Malwarebytes and it found it and deleted it, but then its back on reboot. Any help would be greatly appreciated. Here are my logs: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015Ran by Veronica (administrator) on WOODARDFAMILY on 16-02-2015 18:28:36Running from C:\Users\Veronica\DownloadsLoaded Profiles: Veronica (Available profiles: UpdatusUser & Veronica)Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe() C:\Program Files (x86)\Backblaze\bzserv.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe() C:\Program Files (x86)\Backblaze\bzfilelist.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe() C:\Program Files (x86)\Backblaze\bzbui.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe(Dropbox, Inc.) C:\Users\Veronica\AppData\Roaming\Dropbox\bin\Dropbox.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe() C:\Program Files (x86)\Backblaze\x64\bztransmit64.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6457960 2011-12-23] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [1014432 2011-12-29] (Atheros Commnucations)HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [800416 2011-12-29] (Atheros Commnucations)HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-17] (Intel Corporation)HKLM-x32\...\Run: [shwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)HKLM-x32\...\Run: [bDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [76872 2012-03-27] (cyberlink)HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)HKLM-x32\...\Run: [sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1593640 2015-02-16] (Sophos Limited)HKU\S-1-5-21-1377778939-2559714766-621400335-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23308256 2015-01-15] (Google)HKU\S-1-5-21-1377778939-2559714766-621400335-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)HKU\S-1-5-21-1377778939-2559714766-621400335-1001\...\Run: [GoogleChromeAutoLaunch_E4479FD7F732273378D06E166F1696C7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-04] (Google Inc.)HKU\S-1-5-21-1377778939-2559714766-621400335-1001\...\Run: [backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [493672 2014-12-11] ()HKU\S-1-5-18\...\Run: [backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [493672 2014-12-11] ()AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217672 2015-02-16] (Sophos Limited)AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2015-02-16] (Sophos Limited)Startup: C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Veronica\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Veronica\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Veronica\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Veronica\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Veronica\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Veronica\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Veronica\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Veronica\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1377778939-2559714766-621400335-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.msn.com/?mkt=en-ca&pc=MDDC&ocid=bb7hpHKU\S-1-5-21-1377778939-2559714766-621400335-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1SearchScopes: HKLM -> DefaultScope {A93C2C60-D86A-4972-9749-4041DFF199F7} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBoxSearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {A93C2C60-D86A-4972-9749-4041DFF199F7} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBoxSearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {A93C2C60-D86A-4972-9749-4041DFF199F7} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBoxSearchScopes: HKU\S-1-5-21-1377778939-2559714766-621400335-1001 -> {A93C2C60-D86A-4972-9749-4041DFF199F7} URL = SearchScopes: HKU\S-1-5-21-1377778939-2559714766-621400335-1001 -> {AE878CDC-EE9F-415B-8321-ED798F8F2B0B} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCA&apn_uid=ACD2ECFA-0160-4485-B7D5-CCAAA7F815B6&apn_sauid=F94966F8-0736-40AA-8E28-A837569CADD8SearchScopes: HKU\S-1-5-21-1377778939-2559714766-621400335-1001 -> {EE0886A9-5741-49BF-9195-E4AA6E2E5E50} URL = http://www.bing.com/search?FORM=DLCBDF&PC=MDDC&q={searchTerms}&src=IE-SearchBoxBHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)Winsock: Catalog9 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)Winsock: Catalog9-x64 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)Tcpip\Parameters: [DhcpNameServer] 64.71.255.204 64.71.255.198 FireFox:========FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) Chrome: =======CHR Profile: C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Drive) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-27]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-27]CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-08]CHR Extension: (Google Wallet) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-27]CHR HKU\S-1-5-21-1377778939-2559714766-621400335-1001\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Veronica\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-06]CHR HKU\S-1-5-21-1377778939-2559714766-621400335-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [106144 2011-12-29] (Atheros Commnucations) [File not signed]R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [234600 2014-12-11] ()S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [242448 2012-03-27] (CyberLink)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-05-31] (Nalpeiron Ltd.) [File not signed]R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-05-20] (Sophos Limited)R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [208168 2014-10-18] (Sophos Limited)R2 Sophos Agent; C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe [289856 2012-11-03] (Sophos Limited)R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [340776 2015-02-16] (Sophos Limited)R2 Sophos Message Router; C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe [818240 2012-11-03] (Sophos Limited)R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [341800 2014-10-18] (Sophos Limited)R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3274536 2015-02-16] (Sophos Limited)S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2015-02-16] (Sophos Limited)R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-12-29] (Atheros) [File not signed]R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [76960 2011-12-26] (Atheros) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-16] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-05-20] (Sophos Limited)S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-05-20] (Sophos Limited)S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-05-20] (Sophos Limited) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-16 18:28 - 2015-02-16 18:28 - 02085888 _____ (Farbar) C:\Users\Veronica\Downloads\FRST64.exe2015-02-16 18:28 - 2015-02-16 18:28 - 00022740 _____ () C:\Users\Veronica\Downloads\FRST.txt2015-02-16 18:28 - 2015-02-16 18:28 - 00000000 ____D () C:\FRST2015-02-16 18:19 - 2015-02-16 18:19 - 00000000 ___RD () C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices2015-02-16 16:47 - 2015-02-03 22:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll2015-02-16 16:47 - 2015-02-03 22:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll2015-02-16 16:47 - 2015-02-03 22:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2015-02-16 16:47 - 2015-02-03 22:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll2015-02-16 16:47 - 2015-02-03 22:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2015-02-16 16:47 - 2015-02-03 22:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll2015-02-16 16:47 - 2015-02-03 22:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2015-02-16 16:47 - 2015-01-27 18:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe2015-02-16 16:47 - 2015-01-10 01:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2015-02-16 16:47 - 2015-01-10 01:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2015-02-16 16:47 - 2015-01-10 01:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2015-02-16 16:47 - 2015-01-10 01:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2015-02-16 16:47 - 2015-01-10 01:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2015-02-16 16:47 - 2015-01-10 01:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2015-02-16 16:47 - 2015-01-10 01:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2015-02-16 16:47 - 2015-01-10 01:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2015-02-16 16:47 - 2015-01-10 01:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2015-02-16 16:47 - 2015-01-10 01:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2015-02-16 16:47 - 2015-01-10 01:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2015-02-16 16:47 - 2015-01-10 01:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2015-02-16 16:47 - 2015-01-10 01:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2015-02-16 16:47 - 2015-01-10 01:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2015-02-16 16:47 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll2015-02-16 16:46 - 2015-01-15 03:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2015-02-16 16:46 - 2015-01-15 03:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2015-02-16 16:46 - 2015-01-15 03:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2015-02-16 16:46 - 2015-01-15 03:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2015-02-16 16:46 - 2015-01-15 03:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2015-02-16 16:46 - 2015-01-15 03:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2015-02-16 16:46 - 2015-01-15 03:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2015-02-16 16:46 - 2015-01-15 03:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe2015-02-16 16:46 - 2015-01-15 03:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2015-02-16 16:46 - 2015-01-15 03:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll2015-02-16 16:46 - 2015-01-15 03:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2015-02-16 16:46 - 2015-01-15 02:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe2015-02-16 16:46 - 2015-01-15 02:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2015-02-16 16:46 - 2015-01-15 02:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2015-02-16 16:46 - 2015-01-15 02:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2015-02-16 16:46 - 2015-01-15 02:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll2015-02-16 16:46 - 2015-01-15 02:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2015-02-16 16:46 - 2015-01-14 23:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys2015-02-16 16:46 - 2015-01-14 00:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2015-02-16 16:46 - 2015-01-14 00:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2015-02-16 16:46 - 2015-01-12 22:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll2015-02-16 16:46 - 2015-01-12 21:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll2015-02-16 16:46 - 2015-01-11 22:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-02-16 16:46 - 2015-01-11 22:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2015-02-16 16:46 - 2015-01-11 22:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2015-02-16 16:46 - 2015-01-11 21:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2015-02-16 16:46 - 2015-01-11 21:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-02-16 16:46 - 2015-01-11 21:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-02-16 16:46 - 2015-01-11 21:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2015-02-16 16:46 - 2015-01-11 21:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2015-02-16 16:46 - 2015-01-11 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2015-02-16 16:46 - 2015-01-11 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2015-02-16 16:46 - 2015-01-11 21:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2015-02-16 16:46 - 2015-01-11 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2015-02-16 16:46 - 2015-01-11 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2015-02-16 16:46 - 2015-01-11 21:33 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2015-02-16 16:46 - 2015-01-11 21:32 - 06041088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-02-16 16:46 - 2015-01-11 21:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-02-16 16:46 - 2015-01-11 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2015-02-16 16:46 - 2015-01-11 21:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2015-02-16 16:46 - 2015-01-11 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2015-02-16 16:46 - 2015-01-11 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2015-02-16 16:46 - 2015-01-11 21:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2015-02-16 16:46 - 2015-01-11 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2015-02-16 16:46 - 2015-01-11 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2015-02-16 16:46 - 2015-01-11 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2015-02-16 16:46 - 2015-01-11 21:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2015-02-16 16:46 - 2015-01-11 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2015-02-16 16:46 - 2015-01-11 21:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2015-02-16 16:46 - 2015-01-11 21:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-02-16 16:46 - 2015-01-11 21:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2015-02-16 16:46 - 2015-01-11 20:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2015-02-16 16:46 - 2015-01-11 20:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2015-02-16 16:46 - 2015-01-11 20:55 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2015-02-16 16:46 - 2015-01-11 20:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2015-02-16 16:46 - 2015-01-11 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-02-16 16:46 - 2015-01-11 20:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2015-02-16 16:46 - 2015-01-11 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2015-02-16 16:46 - 2015-01-11 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2015-02-16 16:46 - 2015-01-11 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2015-02-16 16:46 - 2015-01-11 20:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-02-16 16:46 - 2015-01-11 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2015-02-16 16:46 - 2015-01-11 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2015-02-16 16:46 - 2015-01-11 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2015-02-16 16:46 - 2015-01-11 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2015-02-16 16:46 - 2015-01-11 20:29 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2015-02-16 16:46 - 2015-01-11 20:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-02-16 16:46 - 2015-01-11 20:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2015-02-16 16:46 - 2015-01-11 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2015-02-16 16:46 - 2015-01-11 20:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2015-02-16 16:46 - 2015-01-11 20:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-02-16 16:46 - 2015-01-11 20:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-02-16 16:46 - 2015-01-11 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2015-02-16 16:46 - 2015-01-11 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2015-02-16 16:46 - 2015-01-11 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-02-16 16:46 - 2015-01-11 19:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2015-02-16 16:46 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys2015-02-16 16:46 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll2015-02-16 16:46 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll2015-02-16 16:46 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll2015-02-16 16:45 - 2014-12-12 00:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2015-02-16 16:45 - 2014-12-12 00:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll2015-02-16 16:45 - 2014-12-11 12:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe2015-02-16 16:45 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll2015-02-16 16:45 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll2015-02-16 16:45 - 2014-11-25 22:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll2015-02-16 16:45 - 2014-11-25 22:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll2015-02-16 16:45 - 2014-07-06 21:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll2015-02-16 16:45 - 2014-07-06 21:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll2015-02-16 16:45 - 2014-07-06 20:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll2015-02-16 16:45 - 2014-07-06 20:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll2015-02-16 16:44 - 2015-01-14 01:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2015-02-16 16:44 - 2015-01-14 01:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll2015-02-16 16:44 - 2015-01-14 01:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll2015-02-16 16:44 - 2015-01-14 01:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe2015-02-16 16:44 - 2015-01-14 00:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2015-02-16 16:44 - 2015-01-14 00:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2015-02-16 16:44 - 2015-01-14 00:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll2015-02-16 16:44 - 2015-01-08 21:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-16 18:22 - 2012-09-06 22:05 - 01727243 _____ () C:\Windows\WindowsUpdate.log2015-02-16 18:22 - 2009-07-14 00:13 - 00006506 _____ () C:\Windows\system32\PerfStringBackup.INI2015-02-16 18:21 - 2012-12-23 12:11 - 00000000 ___RD () C:\Users\Veronica\Dropbox2015-02-16 18:21 - 2009-07-13 23:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-02-16 18:21 - 2009-07-13 23:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-02-16 18:20 - 2013-03-16 08:11 - 00000000 ___RD () C:\Users\Veronica\Google Drive2015-02-16 18:20 - 2012-12-23 12:10 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Dropbox2015-02-16 18:20 - 2012-09-06 22:26 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup2015-02-16 18:19 - 2014-06-23 07:27 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-02-16 18:19 - 2012-10-05 08:51 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-02-16 18:19 - 2012-09-06 22:40 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks2015-02-16 18:19 - 2012-09-06 22:40 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks2015-02-16 18:14 - 2012-09-06 22:03 - 00000000 ____D () C:\ProgramData\NVIDIA2015-02-16 18:14 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2015-02-16 18:14 - 2009-07-13 23:51 - 00073843 _____ () C:\Windows\setupact.log2015-02-16 18:14 - 2009-07-13 23:45 - 00341704 _____ () C:\Windows\system32\FNTCACHE.DAT2015-02-16 18:12 - 2014-12-12 03:20 - 00000000 ____D () C:\Windows\system32\appraiser2015-02-16 18:12 - 2014-05-07 02:02 - 00000000 ___SD () C:\Windows\system32\CompatTel2015-02-16 18:11 - 2010-11-20 22:47 - 00171074 _____ () C:\Windows\PFRO.log2015-02-16 17:28 - 2012-10-08 19:32 - 00000000 ____D () C:\ProgramData\Microsoft Help2015-02-16 17:27 - 2013-08-15 02:01 - 00000000 ____D () C:\Windows\system32\MRT2015-02-16 17:20 - 2012-10-05 08:51 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-02-16 16:55 - 2013-03-16 08:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive2015-02-16 16:49 - 2012-10-05 08:51 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-02-16 16:49 - 2012-10-05 08:51 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-02-16 16:39 - 2012-10-13 08:32 - 00000000 ____D () C:\Users\Veronica\Documents\Veronica2015-02-16 16:35 - 2012-11-03 20:14 - 00000000 ____D () C:\Program Files (x86)\Sophos2015-02-16 16:29 - 2014-06-23 07:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-02-16 16:29 - 2014-06-23 07:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-02-16 16:29 - 2012-11-13 10:10 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-02-16 16:27 - 2012-12-23 12:10 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2015-01-29 17:49 - 2012-12-07 14:46 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Files in the root of some directories ======= 2013-09-21 20:08 - 2013-10-02 21:07 - 0003072 _____ () C:\Users\Veronica\AppData\Roaming\Photobook Designer Prefsv3 Some content of TEMP:====================C:\Users\Veronica\AppData\Local\Temp\APNStub.exeC:\Users\Veronica\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppbzz8p.dllC:\Users\Veronica\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exeC:\Users\Veronica\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exeC:\Users\Veronica\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exeC:\Users\Veronica\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exeC:\Users\Veronica\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exeC:\Users\Veronica\AppData\Local\Temp\vlc-2.1.2-win32.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-05-10 07:11 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015Ran by Veronica at 2015-02-16 18:29:06Running from C:\Users\Veronica\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Sophos Anti-Virus (Enabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}AS: Sophos Anti-Virus (Enabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.115 - Atheros)Backblaze (HKLM-x32\...\Backblaze) (Version: - Backblaze, Inc)Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)Connect (HKLM-x32\...\Connect) (Version: 1.4.12253.0 - Cisco Consumer Products LLC)Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.5127 - CyberLink Corp.)D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) HiddenDell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment)Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)Dropbox (HKU\S-1-5-21-1377778939-2559714766-621400335-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)GMATPrep (HKLM-x32\...\GMATPrep 2.1.279) (Version: 2.1.279 - Graduate Management Admission Council (GMAC))Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)Google Drive (HKLM-x32\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.)Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) HiddenGoogle Update Helper (x32 Version: 1.3.26.9 - Google Inc.) HiddeniCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.600 - Oracle)Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenMalwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version: - Microsoft)Microsoft Office Project Professional 2007 (HKLM-x32\...\PRJPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)Multimedia Card Reader (HKLM-x32\...\InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower)Multimedia Card Reader (x32 Version: 1.7.915.93 - Fitipower) HiddenNVIDIA 3D Vision Driver 320.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.78 - NVIDIA Corporation)NVIDIA Graphics Driver 320.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.78 - NVIDIA Corporation)NVIDIA HD Audio Driver 1.3.12.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.12.0 - NVIDIA Corporation)NVIDIA PhysX System Software 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.1 - Frank Heindörfer, Philip Chinery)Photobook Designer (HKU\S-1-5-21-1377778939-2559714766-621400335-1001\...\Photobook Designer) (Version: Photobook Designer 3.3.0 - Photobook Canada)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6537 - Realtek Semiconductor Corp.)Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.3.12 - Sophos Limited)Sophos AutoUpdate (HKLM-x32\...\{7CD26A0C-9B59-4E84-B5EE-B386B2F7AA16}) (Version: 4.1.0.65 - Sophos Limited)Sophos Remote Management System (HKLM-x32\...\{FED1005D-CBC8-45D5-A288-FFC7BB304121}) (Version: 3.4.1 - Sophos Limited)swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) HiddenUpdate for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1377778939-2559714766-621400335-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Veronica\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1377778939-2559714766-621400335-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Veronica\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1377778939-2559714766-621400335-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Veronica\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1377778939-2559714766-621400335-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Veronica\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1377778939-2559714766-621400335-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Veronica\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1377778939-2559714766-621400335-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Veronica\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1377778939-2559714766-621400335-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Veronica\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1377778939-2559714766-621400335-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Veronica\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1377778939-2559714766-621400335-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Veronica\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1377778939-2559714766-621400335-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Veronica\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Restore Points ========================= 04-11-2014 02:18:06 Windows Update11-11-2014 17:12:14 Windows Update12-11-2014 03:00:30 Windows Update23-11-2014 08:58:11 Windows Update24-11-2014 03:00:50 Windows Update02-12-2014 17:05:06 Windows Update11-12-2014 19:53:35 Windows Update12-12-2014 03:00:14 Windows Update16-02-2015 16:41:03 Windows Update16-02-2015 17:22:02 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05BC2E6D-A6FA-4455-941E-C30239763841} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {4CB8416F-4F0E-474A-B32A-F8A3DA4ABE14} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-05] (Google Inc.)Task: {8E7A58C5-98C7-4D4E-B90D-896B0184A952} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvcTask: {D34688FD-E15E-4624-B413-20E0F6A5B6FF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)Task: {F5B81882-62E8-4DCF-8108-646F39424D7E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-05] (Google Inc.)Task: {F8B2352F-3DCB-478F-8153-ED59EC225390} - System32\Tasks\{FC28B528-D2B1-4A9E-9B17-B3AE8BF021D2} => pcalua.exe -a C:\Windows\Temp\savinst\SAVSCFXP\setup.exe -d C:\Windows\Temp\savinst -c -mng yes -ni -s -crt R -g "\se-socon10\Ryerson" -updp C:\Windows\Temp\savinst\SAVSCFXPXMLTask: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2006-12-04 00:26 - 2006-12-04 00:26 - 00022016 _____ () C:\Windows\System32\sugs2l6.dll2014-10-04 09:35 - 2014-12-11 19:57 - 00234600 _____ () C:\Program Files (x86)\Backblaze\bzserv.exe2012-09-07 00:00 - 2013-08-09 15:07 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll2014-10-04 09:35 - 2014-12-11 19:57 - 00303208 _____ () C:\Program Files (x86)\Backblaze\bzfilelist.exe2012-09-06 22:26 - 2012-01-26 21:49 - 02751808 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE2014-10-04 09:35 - 2014-12-11 19:57 - 00493672 _____ () C:\Program Files (x86)\Backblaze\bzbui.exe2014-10-04 09:35 - 2014-12-11 19:57 - 03111528 _____ () C:\Program Files (x86)\Backblaze\x64\bztransmit64.exe2012-08-27 20:33 - 2012-08-27 20:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2012-08-27 20:33 - 2012-08-27 20:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2012-11-03 20:21 - 2012-11-03 20:21 - 01055808 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE.dll2012-11-03 20:21 - 2012-11-03 20:21 - 01539136 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO.dll2012-11-03 20:21 - 2012-11-03 20:21 - 00183360 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_DynamicAny.dll2012-11-03 20:21 - 2012-11-03 20:21 - 00760896 _____ () C:\Program Files (x86)\Sophos\Remote Management System\LIBEAY32.dll2012-11-03 20:21 - 2012-11-03 20:21 - 00146496 _____ () C:\Program Files (x86)\Sophos\Remote Management System\SSLEAY32.dll2012-11-03 20:21 - 2012-11-03 20:21 - 00076864 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE_SSL.dll2012-11-03 20:21 - 2012-11-03 20:21 - 00535616 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_PortableServer.dll2012-11-03 20:21 - 2012-11-03 20:21 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.DLL2012-11-03 20:21 - 2012-11-03 20:21 - 00740416 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Security.dll2012-11-03 20:21 - 2012-11-03 20:21 - 00039488 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Valuetype.dll2012-11-03 20:21 - 2012-11-03 20:21 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.dll2014-10-19 02:40 - 2014-10-19 02:40 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll2012-09-06 22:17 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll2012-09-06 22:20 - 2012-01-21 06:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll2015-02-10 16:00 - 2015-02-10 16:00 - 00750080 _____ () C:\Users\Veronica\AppData\Roaming\Dropbox\bin\libGLESv2.dll2015-02-16 18:20 - 2015-02-16 18:20 - 00043008 _____ () c:\users\veronica\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppbzz8p.dll2015-02-10 16:00 - 2015-02-10 16:00 - 00047616 _____ () C:\Users\Veronica\AppData\Roaming\Dropbox\bin\libEGL.dll2015-02-10 16:00 - 2015-02-10 16:00 - 00865280 _____ () C:\Users\Veronica\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll2015-02-10 16:00 - 2015-02-10 16:00 - 00200704 _____ () C:\Users\Veronica\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll2015-02-16 18:19 - 2015-02-16 18:19 - 00098816 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\win32api.pyd2015-02-16 18:20 - 2015-02-16 18:20 - 00110080 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\pywintypes27.dll2015-02-16 18:19 - 2015-02-16 18:19 - 00364544 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\pythoncom27.dll2015-02-16 18:19 - 2015-02-16 18:19 - 00045568 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\_socket.pyd2015-02-16 18:20 - 2015-02-16 18:20 - 01160704 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\_ssl.pyd2015-02-16 18:19 - 2015-02-16 18:19 - 00320512 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\win32com.shell.shell.pyd2015-02-16 18:20 - 2015-02-16 18:20 - 00713216 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\_hashlib.pyd2015-02-16 18:19 - 2015-02-16 18:19 - 01175040 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\wx._core_.pyd2015-02-16 18:20 - 2015-02-16 18:20 - 00805888 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\wx._gdi_.pyd2015-02-16 18:20 - 2015-02-16 18:20 - 00811008 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\wx._windows_.pyd2015-02-16 18:20 - 2015-02-16 18:20 - 01062400 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\wx._controls_.pyd2015-02-16 18:19 - 2015-02-16 18:19 - 00735232 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\wx._misc_.pyd2015-02-16 18:19 - 2015-02-16 18:19 - 00557056 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\pysqlite2._sqlite.pyd2015-02-16 18:19 - 2015-02-16 18:19 - 00128512 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\_elementtree.pyd2015-02-16 18:20 - 2015-02-16 18:20 - 00127488 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\pyexpat.pyd2015-02-16 18:19 - 2015-02-16 18:19 - 00087552 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\_ctypes.pyd2015-02-16 18:19 - 2015-02-16 18:19 - 00119808 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\win32file.pyd2015-02-16 18:19 - 2015-02-16 18:19 - 00108544 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\win32security.pyd2015-02-16 18:20 - 2015-02-16 18:20 - 00007168 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\hashobjs_ext.pyd2015-02-16 18:19 - 2015-02-16 18:19 - 00167936 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\win32gui.pyd2015-02-16 18:20 - 2015-02-16 18:20 - 00018432 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\win32event.pyd2015-02-16 18:20 - 2015-02-16 18:20 - 00038912 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\win32inet.pyd2015-02-16 18:19 - 2015-02-16 18:19 - 00011264 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\win32crypt.pyd2015-02-16 18:19 - 2015-02-16 18:19 - 00070656 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\wx._html2.pyd2015-02-16 18:20 - 2015-02-16 18:20 - 00027136 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\_multiprocessing.pyd2015-02-16 18:19 - 2015-02-16 18:19 - 00035840 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\win32process.pyd2015-02-16 18:20 - 2015-02-16 18:20 - 00686080 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\unicodedata.pyd2015-02-16 18:19 - 2015-02-16 18:19 - 00122368 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\wx._wizard.pyd2015-02-16 18:20 - 2015-02-16 18:20 - 00024064 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\win32pipe.pyd2015-02-16 18:20 - 2015-02-16 18:20 - 00025600 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\win32pdh.pyd2015-02-16 18:19 - 2015-02-16 18:19 - 00525640 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\windows._lib_cacheinvalidation.pyd2015-02-16 18:20 - 2015-02-16 18:20 - 00010240 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\select.pyd2015-02-16 18:20 - 2015-02-16 18:20 - 00017408 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\win32profile.pyd2015-02-16 18:19 - 2015-02-16 18:19 - 00022528 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\win32ts.pyd2015-02-16 18:19 - 2015-02-16 18:19 - 00078336 _____ () C:\Users\Veronica\AppData\Local\Temp\_MEI48002\wx._animate.pyd2015-02-16 17:20 - 2015-02-04 04:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll2015-02-16 17:20 - 2015-02-04 04:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll2015-02-16 17:20 - 2015-02-04 04:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1377778939-2559714766-621400335-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpgDNS Servers: 64.71.255.204 - 64.71.255.198 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-1377778939-2559714766-621400335-500 - Administrator - Disabled)Guest (S-1-5-21-1377778939-2559714766-621400335-501 - Limited - Enabled)HomeGroupUser$ (S-1-5-21-1377778939-2559714766-621400335-1013 - Limited - Enabled)SophosSAUWOODARDFAM0 (S-1-5-21-1377778939-2559714766-621400335-1006 - Limited - Enabled)UpdatusUser (S-1-5-21-1377778939-2559714766-621400335-1000 - Limited - Enabled) => C:\Users\UpdatusUserVeronica (S-1-5-21-1377778939-2559714766-621400335-1001 - Administrator - Enabled) => C:\Users\Veronica ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (02/16/2015 06:21:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (02/16/2015 06:21:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (02/16/2015 06:15:14 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/16/2015 04:30:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (02/16/2015 04:30:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section. Error: (02/16/2015 04:24:38 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/16/2015 04:23:58 PM) (Source: Sophos Message Router) (EventID: 8006) (User: NT AUTHORITY)Description: The network identity (also known as the Interoperable Object Reference or IOR) of the local computer is invalid.%%3 Error: (02/07/2015 00:44:51 PM) (Source: CVHSVC) (EventID: 100) (User: )Description: Information only.(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: Error: (02/03/2015 07:12:59 PM) (Source: CVHSVC) (EventID: 100) (User: )Description: Information only.(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: Error: (02/03/2015 07:12:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 15756 System errors:=============Error: (02/16/2015 06:17:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error: (02/16/2015 06:17:51 PM) (Source: Service Control Manager) (EventID: 7038) (User: )Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (02/16/2015 05:25:22 PM) (Source: bowser) (EventID: 8003) (User: )Description: The master browser has received a server announcement from the computer VERONICA-LAPTOPthat believes that it is the master browser for the domain on transport NetBT_Tcpip_{24C62C9A-AE66-4704-993A-94B2C2A5B7A3}.The master browser is stopping or an election is being forced. Error: (02/16/2015 04:26:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error: (02/16/2015 04:26:39 PM) (Source: Service Control Manager) (EventID: 7038) (User: )Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (02/16/2015 04:23:13 PM) (Source: EventLog) (EventID: 6008) (User: )Description: The previous system shutdown at 11:20:35 AM on ‎16/‎02/‎2015 was unexpected. Error: (12/14/2014 04:55:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error: (12/14/2014 04:55:26 PM) (Source: Service Control Manager) (EventID: 7038) (User: )Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (12/14/2014 04:52:05 PM) (Source: EventLog) (EventID: 6008) (User: )Description: The previous system shutdown at 4:50:03 PM on ‎14/‎12/‎2014 was unexpected. Error: (12/14/2014 04:20:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Microsoft Office Sessions:========================= ==================== Memory info =========================== Processor: Intel® Core i7-3770 CPU @ 3.40GHzPercentage of memory in use: 26%Total physical RAM: 12251.27 MBAvailable physical RAM: 8987.52 MBTotal Pagefile: 24500.73 MBAvailable Pagefile: 20818.04 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:1836.73 GB) (Free:1408.03 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: DA355950)Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)Partition 2: (Active) - (Size=26.3 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=1836.7 GB) - (Type=07 NTFS) ==================== End Of Log ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.