Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware blocks outgoing IP [Closed]


  • This topic is locked This topic is locked

#1
th1nker

th1nker

    Member

  • Member
  • PipPip
  • 38 posts
I recently installed malwarebytes and ran a scan. Malwarebytes found a few infections but quarantined them and got rid of them. I haven't seen them since, however malware bytes blocks several malicious outgoing attempts to contact IPs. This has me worried that I might have a deeper infection. There are no other symptoms, but I'm afraid that I might have some malware that is sending information from my computer to some unknown source. You guys have helped me tremendously before with another virus, so thank you for that, and thanks in advance for looking at this post. Without further ado:



OTL Log

OTL logfile created on: 11/13/2013 1:24:19 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Downloads
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16384)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.92 Gb Total Physical Memory | 5.68 Gb Available Physical Memory | 71.69% Memory free
15.92 Gb Paging File | 13.32 Gb Available in Paging File | 83.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.79 Gb Total Space | 80.71 Gb Free Space | 72.20% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 678.73 Gb Free Space | 97.15% Space Free | Partition Type: NTFS
Drive E: | 4.02 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: POLEMOS | User Name: George Ciesinski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/13 01:23:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe
PRC - [2013/11/12 23:02:25 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\Users\George Ciesinski\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013/11/12 22:23:41 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
PRC - [2013/11/06 03:26:09 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/10/30 14:25:56 | 000,566,696 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013/10/30 14:25:54 | 001,820,584 | ---- | M] (Valve Corporation) -- D:\Program Files\Steam\Steam.exe
PRC - [2013/07/23 18:33:04 | 004,815,872 | ---- | M] () -- C:\Program Files (x86)\Hotkey\Hotkey.exe
PRC - [2013/07/09 17:42:42 | 000,046,080 | ---- | M] () -- C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/22 11:38:32 | 000,286,704 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/03/22 11:38:32 | 000,015,344 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/02/23 02:56:58 | 000,364,856 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/02/23 02:56:36 | 000,167,736 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2013/02/14 21:44:10 | 001,260,320 | R--- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/08/24 06:38:46 | 004,069,224 | ---- | M] () -- C:\Program Files\AuthenTec TrueSuite\x86\IEWebSiteLogon.exe
PRC - [2012/08/24 06:38:30 | 000,215,400 | ---- | M] (AuthenTec Inc.) -- C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/06 03:26:07 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\ppgooglenaclpluginchrome.dll
MOD - [2013/11/06 03:26:06 | 013,582,800 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\PepperFlash\pepflashplayer.dll
MOD - [2013/11/06 03:26:05 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\pdf.dll
MOD - [2013/11/06 03:25:13 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\libglesv2.dll
MOD - [2013/11/06 03:25:12 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\libegl.dll
MOD - [2013/11/06 03:25:10 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\ffmpegsumo.dll
MOD - [2013/10/30 14:25:56 | 001,123,240 | ---- | M] () -- D:\Program Files\Steam\bin\chromehtml.dll
MOD - [2013/10/30 14:25:56 | 000,121,256 | ---- | M] () -- D:\Program Files\Steam\bin\audio.dll
MOD - [2013/10/24 12:45:32 | 000,691,200 | ---- | M] () -- D:\Program Files\Steam\SDL2.dll
MOD - [2013/10/23 15:07:26 | 020,625,832 | ---- | M] () -- D:\Program Files\Steam\bin\libcef.dll
MOD - [2013/07/23 18:33:04 | 004,815,872 | ---- | M] () -- C:\Program Files (x86)\Hotkey\Hotkey.exe
MOD - [2013/06/14 18:49:16 | 000,153,088 | ---- | M] () -- D:\Program Files\Steam\bin\mssvoice.asi
MOD - [2013/06/14 18:49:16 | 000,071,680 | ---- | M] () -- D:\Program Files\Steam\bin\mssmp3.asi
MOD - [2013/06/14 18:49:12 | 001,100,800 | ---- | M] () -- D:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2013/06/14 18:49:12 | 000,192,000 | ---- | M] () -- D:\Program Files\Steam\bin\avformat-53.dll
MOD - [2013/06/14 18:49:12 | 000,124,416 | ---- | M] () -- D:\Program Files\Steam\bin\avutil-51.dll
MOD - [2013/02/14 21:44:10 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2012/08/24 06:38:46 | 004,069,224 | ---- | M] () -- C:\Program Files\AuthenTec TrueSuite\x86\IEWebSiteLogon.exe
MOD - [2012/08/24 06:38:34 | 000,905,064 | ---- | M] () -- C:\Program Files\AuthenTec TrueSuite\x86\DataManager.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/08/22 14:11:18 | 000,183,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2013/08/22 14:11:17 | 000,090,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2013/08/22 07:39:24 | 003,395,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/08/22 07:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/08/22 07:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/22 07:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 06:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 06:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 06:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 06:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 06:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 06:03:23 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/08/22 05:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 05:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 05:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 05:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 04:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 04:58:42 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/08/22 04:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 04:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 04:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 04:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 04:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 04:41:28 | 000,365,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/08/22 04:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 04:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 04:40:00 | 000,265,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/08/22 04:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 04:38:22 | 001,563,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/08/22 04:36:35 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/08/22 04:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 04:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/08/22 04:04:58 | 000,528,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/08/22 03:58:59 | 001,291,264 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013/08/22 03:47:59 | 001,534,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/03/22 11:38:32 | 000,015,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2012/12/10 17:31:44 | 000,803,872 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2012/12/10 17:31:28 | 000,732,160 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012/08/29 15:22:36 | 000,208,384 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Windows\SysNative\AdminService.exe -- (AtherosSvc)
SRV:64bit: - [2012/08/24 06:38:12 | 002,125,160 | ---- | M] (AuthenTec, Inc) [Auto | Running] -- C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe -- (FPLService)
SRV:64bit: - [2012/07/23 19:36:44 | 000,490,496 | ---- | M] () [Auto | Running] -- C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe -- (Qualcomm Atheros Killer Service)
SRV:64bit: - [2012/07/16 09:59:12 | 000,401,256 | ---- | M] (AuthenTec, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\AuthenTec\TrueService.exe -- (TrueService)
SRV - [2013/10/30 14:25:56 | 000,566,696 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/10/03 23:43:02 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/08/22 07:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 22:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 21:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/21 21:35:39 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/07/09 17:42:42 | 000,046,080 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotkey\PowerBiosServer.exe -- (PowerBiosServer)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/02/23 02:56:58 | 000,364,856 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/02/23 02:56:36 | 000,167,736 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2013/02/14 21:44:10 | 001,260,320 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/11/17 01:49:48 | 002,468,496 | R--- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/10/03 23:42:44 | 004,185,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/09/26 04:08:22 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/09/26 04:08:22 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/08/22 14:11:19 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2013/08/22 14:11:18 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/08/22 14:11:12 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2013/08/22 14:11:12 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2013/08/22 14:11:12 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2013/08/22 14:11:12 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2013/08/22 14:11:12 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 08:25:40 | 000,175,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/08/22 08:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 08:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 07:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 07:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 07:49:33 | 000,234,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/08/22 07:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 07:49:29 | 000,039,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/08/22 07:45:37 | 000,135,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/08/22 07:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 07:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 07:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 07:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 07:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 07:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 07:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 07:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 07:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 07:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 07:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 07:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 07:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 07:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 07:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 07:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 07:43:34 | 000,466,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/08/22 07:43:34 | 000,325,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/08/22 07:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 07:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 07:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 07:43:32 | 000,370,528 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/08/22 07:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 07:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 07:43:31 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/08/22 07:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 07:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 07:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 07:43:31 | 000,056,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/08/22 07:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 07:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 07:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 07:39:15 | 000,086,880 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/08/22 07:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 07:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 07:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 07:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/08/22 07:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/08/22 07:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/08/22 06:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 06:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 06:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 06:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 06:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 06:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 06:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 06:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 06:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 06:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 06:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 06:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 06:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 06:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 06:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 06:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 06:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 06:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 06:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 06:36:37 | 000,224,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/08/22 06:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 06:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 06:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 06:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 03:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 18:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 19:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 13:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 14:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 09:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013/04/28 21:16:04 | 000,442,368 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/22 11:38:18 | 000,678,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/02/14 21:44:10 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/01/11 22:02:34 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/12/26 01:29:02 | 000,308,960 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:64bit: - [2012/11/30 19:05:40 | 000,464,184 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/11/30 19:05:38 | 000,031,032 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/08/29 15:22:38 | 000,565,760 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012/07/23 19:37:50 | 000,073,072 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\bwcW8x64.sys -- (BfLwf)
DRV:64bit: - [2012/07/23 19:37:42 | 003,203,440 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\akw8x64.sys -- (akw8x64)
DRV:64bit: - [2009/11/18 09:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1C 08 8E AD 1F E0 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@authentec.com/ffwloplugin: C:\Program Files\AuthenTec TrueSuite\x86\npffwloplugin.dll (AuthenTec, Inc)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Google Docs = C:\Users\George Ciesinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\George Ciesinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\George Ciesinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\George Ciesinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\George Ciesinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Website Logon = C:\Users\George Ciesinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelloajafbopojkjmieelljfkcmdpdhf\6.0_0\
CHR - Extension: Gmail = C:\Users\George Ciesinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/08/22 08:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TrueSuite Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\AuthenTec TrueSuite\IEBHO.dll (AuthenTec Inc.)
O2 - BHO: (TrueSuite Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll (AuthenTec Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [KeepSafe] C:\Program Files\AuthenTec TrueSuite\KeepSafe\fvsvr.exe (Authentec)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [Steam] D:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Users\George Ciesinski\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{55120D6C-738E-4EC6-9A91-3D835B8D90C2}: DhcpNameServer = 192.168.1.1
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/07/03 12:00:36 | 000,000,000 | ---D | M] - E:\AutoPlay -- [ CDFS ]
O32 - AutoRun File - [2013/09/11 11:52:13 | 000,018,524 | R--- | M] () - E:\autoins.ini -- [ CDFS ]
O32 - AutoRun File - [2012/11/03 09:02:44 | 002,844,608 | R--- | M] () - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2012/11/03 08:59:32 | 000,000,029 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{58d5ef86-4c0e-11e3-be65-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{58d5ef86-4c0e-11e3-be65-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2012/11/03 09:02:44 | 002,844,608 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/13 03:44:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2013/11/13 03:43:56 | 000,000,000 | ---D | C] -- C:\Windows.old
[2013/11/13 03:43:21 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/11/13 03:43:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2013/11/13 03:43:21 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/11/13 03:43:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2013/11/13 01:09:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\NV
[2013/11/13 01:09:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\NV
[2013/11/13 01:03:51 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\AppData\Local\zachtronics industries
[2013/11/13 00:54:02 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\SkyDrive
[2013/11/13 00:53:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2013/11/13 00:49:53 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\AppData\Roaming\Identities
[2013/11/13 00:46:06 | 000,000,000 | --SD | C] -- C:\Users\George Ciesinski\AppData\Roaming\Microsoft
[2013/11/13 00:46:06 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/11/13 00:46:06 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\Favorites
[2013/11/13 00:46:06 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\Documents
[2013/11/13 00:46:06 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\Desktop
[2013/11/13 00:46:06 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/11/13 00:46:06 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/11/13 00:46:06 | 000,000,000 | -HSD | C] -- C:\Users\George Ciesinski\AppData\Local\Temporary Internet Files
[2013/11/13 00:46:06 | 000,000,000 | -HSD | C] -- C:\Users\George Ciesinski\Templates
[2013/11/13 00:46:06 | 000,000,000 | -HSD | C] -- C:\Users\George Ciesinski\Start Menu
[2013/11/13 00:46:06 | 000,000,000 | -HSD | C] -- C:\Users\George Ciesinski\SendTo
[2013/11/13 00:46:06 | 000,000,000 | -HSD | C] -- C:\Users\George Ciesinski\Recent
[2013/11/13 00:46:06 | 000,000,000 | -HSD | C] -- C:\Users\George Ciesinski\PrintHood
[2013/11/13 00:46:06 | 000,000,000 | -HSD | C] -- C:\Users\George Ciesinski\NetHood
[2013/11/13 00:46:06 | 000,000,000 | -HSD | C] -- C:\Users\George Ciesinski\Documents\My Videos
[2013/11/13 00:46:06 | 000,000,000 | -HSD | C] -- C:\Users\George Ciesinski\Documents\My Pictures
[2013/11/13 00:46:06 | 000,000,000 | -HSD | C] -- C:\Users\George Ciesinski\Documents\My Music
[2013/11/13 00:46:06 | 000,000,000 | -HSD | C] -- C:\Users\George Ciesinski\My Documents
[2013/11/13 00:46:06 | 000,000,000 | -HSD | C] -- C:\Users\George Ciesinski\Local Settings
[2013/11/13 00:46:06 | 000,000,000 | -HSD | C] -- C:\Users\George Ciesinski\AppData\Local\History
[2013/11/13 00:46:06 | 000,000,000 | -HSD | C] -- C:\Users\George Ciesinski\Cookies
[2013/11/13 00:46:06 | 000,000,000 | -HSD | C] -- C:\Users\George Ciesinski\Application Data
[2013/11/13 00:46:06 | 000,000,000 | -HSD | C] -- C:\Users\George Ciesinski\AppData\Local\Application Data
[2013/11/13 00:46:06 | 000,000,000 | -H-D | C] -- C:\Users\George Ciesinski\AppData
[2013/11/13 00:46:06 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\AppData\Local\Temp
[2013/11/13 00:46:06 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\AppData\Local\Microsoft
[2013/11/13 00:46:06 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/11/13 00:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\AuthenTec
[2013/11/13 00:44:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2013/11/13 00:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/11/13 00:44:42 | 000,064,000 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.DLL
[2013/11/13 00:44:42 | 000,060,416 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.DLL
[2013/11/13 00:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013/11/13 00:44:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/11/13 00:33:45 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~BT
[2013/11/13 00:21:51 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\Documents\EA Games
[2013/11/12 23:23:46 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\AppData\Roaming\Malwarebytes
[2013/11/12 23:23:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/12 23:23:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/11/12 23:23:35 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2013/11/12 23:23:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/11/12 23:23:20 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\AppData\Local\Programs
[2013/11/12 23:21:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/11/12 23:21:19 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/11/12 23:17:23 | 000,106,496 | ---- | C] (windowsforum.kr) -- C:\WINDOWS\SysNative\SLCHook.dll
[2013/11/12 23:03:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013/11/12 23:03:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013/11/12 23:01:16 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\AppData\Roaming\uTorrent
[2013/11/12 22:57:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2013/11/12 22:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative Labs
[2013/11/12 22:55:56 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\AppData\Roaming\Macromedia
[2013/11/12 22:55:40 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\AppData\Local\Creative
[2013/11/12 22:55:35 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\AppData\Roaming\KeepSafe
[2013/11/12 22:48:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2013/11/12 22:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2013/11/12 22:47:06 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\AppData\Roaming\Intel Corporation
[2013/11/12 22:46:50 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\Intel
[2013/11/12 22:45:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\upeksce
[2013/11/12 22:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AuthenTec TrueSuite
[2013/11/12 22:45:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AuthenTec
[2013/11/12 22:45:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AuthenTec
[2013/11/12 22:45:22 | 000,000,000 | ---D | C] -- C:\Program Files\AuthenTec TrueSuite
[2013/11/12 22:45:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013/11/12 22:44:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FingerPrinter
[2013/11/12 22:39:05 | 002,102,040 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\WavesGUILib64.dll
[2013/11/12 22:39:04 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSX64.dll
[2013/11/12 22:39:04 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSWOW64.dll
[2013/11/12 22:39:03 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSH64.dll
[2013/11/12 22:39:03 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSHP64.dll
[2013/11/12 22:38:57 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEP64A.dll
[2013/11/12 22:38:56 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DHT64.dll
[2013/11/12 22:38:56 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DAA64.dll
[2013/11/12 22:38:56 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEED64A.dll
[2013/11/12 22:38:56 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEL64A.dll
[2013/11/12 22:38:56 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEG64A.dll
[2013/11/12 22:38:45 | 002,032,408 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioEQ64.dll
[2013/11/12 22:38:44 | 000,910,104 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPOShell64.dll
[2013/11/12 22:38:44 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO20.dll
[2013/11/12 22:38:38 | 002,734,624 | ---- | C] (Fortemedia Corporation) -- C:\WINDOWS\SysNative\FMAPO64.dll
[2013/11/12 22:38:35 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\WINDOWS\SysNative\CONEQMSAPOGUILibrary.dll
[2013/11/12 22:38:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2013/11/12 22:38:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013/11/12 22:37:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2013/11/12 22:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013/11/12 22:37:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2013/11/12 22:36:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotkey
[2013/11/12 22:35:34 | 001,035,064 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynCOM.dll
[2013/11/12 22:35:34 | 000,531,768 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynCOM.dll
[2013/11/12 22:35:34 | 000,464,184 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys
[2013/11/12 22:35:34 | 000,229,176 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPAPI.dll
[2013/11/12 22:35:34 | 000,179,512 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo15.dll
[2013/11/12 22:35:34 | 000,113,976 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynTPCOM.dll
[2013/11/12 22:35:08 | 000,031,032 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\Smb_driver_Intel.sys
[2013/11/12 22:34:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\sda
[2013/11/12 22:34:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013/11/12 22:33:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013/11/12 22:33:51 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013/11/12 22:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013/11/12 22:33:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/11/12 22:32:04 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/11/12 22:31:18 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2013/11/12 22:30:30 | 000,064,000 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\Intel_OpenCL_ICD64.dll
[2013/11/12 22:30:30 | 000,060,416 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\Intel_OpenCL_ICD32.dll
[2013/11/12 22:26:41 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\SysWow64\CSVer.dll
[2013/11/12 22:26:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013/11/12 22:26:06 | 000,000,000 | ---D | C] -- C:\Intel
[2013/11/12 22:25:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/11/12 22:23:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/11/12 22:23:39 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\AppData\Local\Google
[2013/11/12 22:22:14 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/11/12 22:22:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros
[2013/11/12 22:22:06 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros
[2013/11/12 22:22:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Bigfoot Networks
[2013/11/12 21:52:34 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/11/12 21:52:34 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\Searches
[2013/11/12 21:52:34 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\Contacts
[2013/11/12 21:52:34 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/11/12 21:52:34 | 000,000,000 | -H-D | C] -- C:\Users\George Ciesinski\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/11/12 21:52:33 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\AppData\Roaming\Adobe
[2013/11/12 21:52:22 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\AppData\Local\VirtualStore
[2013/11/12 21:52:20 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache
[2013/11/12 21:52:20 | 000,000,000 | ---D | C] -- C:\Users\George Ciesinski\AppData\Local\Packages
[2013/11/12 21:52:18 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\Videos
[2013/11/12 21:52:18 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\Saved Games
[2013/11/12 21:52:18 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\Pictures
[2013/11/12 21:52:18 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\Music
[2013/11/12 21:52:18 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\Links
[2013/11/12 21:52:18 | 000,000,000 | R--D | C] -- C:\Users\George Ciesinski\Downloads
[2013/11/12 21:52:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2013/11/12 21:52:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/11/12 21:51:27 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013/11/12 21:50:28 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/11/12 21:49:37 | 000,000,000 | -HSD | C] -- C:\Boot
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/13 01:16:51 | 000,865,408 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013/11/13 01:16:51 | 000,732,688 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013/11/13 01:16:51 | 000,136,262 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013/11/13 01:12:36 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/11/13 01:12:33 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/13 01:10:49 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/13 01:10:32 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/11/13 01:10:31 | 2509,967,359 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/13 00:48:02 | 000,028,578 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2013/11/13 00:48:02 | 000,028,578 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2013/11/13 00:47:57 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013/11/13 00:47:10 | 000,335,784 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013/11/13 00:44:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_tcwbf_01_09_00.Wdf
[2013/11/13 00:44:54 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2013/11/13 00:44:48 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job
[2013/11/13 00:44:48 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013/11/13 00:44:40 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
[2013/11/13 00:40:02 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013/11/13 00:28:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/12 23:23:42 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/12 23:21:20 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/11/12 23:03:45 | 000,000,680 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2013/11/12 23:02:25 | 000,000,824 | ---- | M] () -- C:\Users\George Ciesinski\Desktop\µTorrent.lnk
[2013/11/12 23:02:25 | 000,000,804 | ---- | M] () -- C:\Users\George Ciesinski\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/11/12 22:57:15 | 000,000,078 | RH-- | M] () -- C:\WINDOWS\ctfile.rfc
[2013/11/12 22:55:20 | 000,019,096 | ---- | M] () -- C:\WINDOWS\SysNative\results.xml
[2013/11/12 22:47:05 | 000,821,592 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/11/12 22:36:51 | 000,000,865 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk
[2013/11/12 22:31:18 | 000,000,716 | ---- | M] () -- C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
[2013/11/12 22:30:40 | 000,002,279 | ---- | M] () -- C:\Users\George Ciesinski\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/11/12 22:23:09 | 000,001,424 | ---- | M] () -- C:\Users\George Ciesinski\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/12 22:23:09 | 000,000,223 | -HS- | M] () -- C:\Users\George Ciesinski\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2013/11/12 22:22:11 | 000,002,268 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk
[2013/11/12 22:22:11 | 000,002,238 | ---- | M] () -- C:\Users\Public\Desktop\Qualcomm Atheros Killer Network Manager.lnk
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/13 00:56:06 | 000,865,408 | ---- | C] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013/11/13 00:49:54 | 000,001,442 | ---- | C] () -- C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/11/13 00:47:57 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013/11/13 00:46:43 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/11/13 00:46:08 | 000,028,578 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2013/11/13 00:46:08 | 000,028,578 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2013/11/13 00:46:06 | 000,000,352 | ---- | C] () -- C:\Users\George Ciesinski\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/11/13 00:46:06 | 000,000,334 | ---- | C] () -- C:\Users\George Ciesinski\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/11/13 00:44:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_tcwbf_01_09_00.Wdf
[2013/11/13 00:44:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2013/11/13 00:44:48 | 000,000,264 | ---- | C] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job
[2013/11/13 00:44:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013/11/13 00:44:40 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
[2013/11/12 23:23:42 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/12 23:21:20 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/11/12 23:03:45 | 000,000,680 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013/11/12 23:02:25 | 000,000,824 | ---- | C] () -- C:\Users\George Ciesinski\Desktop\µTorrent.lnk
[2013/11/12 23:02:25 | 000,000,804 | ---- | C] () -- C:\Users\George Ciesinski\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/11/12 22:55:20 | 000,019,096 | ---- | C] () -- C:\WINDOWS\SysNative\results.xml
[2013/11/12 22:52:42 | 000,057,585 | ---- | C] () -- C:\WINDOWS\MBSpkrEQ.cfg
[2013/11/12 22:49:35 | 000,000,078 | RH-- | C] () -- C:\WINDOWS\ctfile.rfc
[2013/11/12 22:47:05 | 000,821,592 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/11/12 22:38:56 | 000,445,929 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2013/11/12 22:36:51 | 000,000,865 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk
[2013/11/12 22:35:34 | 001,048,576 | ---- | C] () -- C:\WINDOWS\SysNative\syndata.bin
[2013/11/12 22:33:46 | 003,035,306 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2013/11/12 22:31:18 | 000,000,716 | ---- | C] () -- C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
[2013/11/12 22:30:32 | 000,043,816 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxc64_dev.vp
[2013/11/12 22:30:32 | 000,043,298 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxg64_dev.vp
[2013/11/12 22:30:32 | 000,042,079 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxo64_dev.vp
[2013/11/12 22:30:32 | 000,000,935 | ---- | C] () -- C:\WINDOWS\SysNative\DPTopologyApp.exe.config
[2013/11/12 22:30:32 | 000,000,935 | ---- | C] () -- C:\WINDOWS\SysNative\CustomModeApp.exe.config
[2013/11/12 22:30:31 | 000,001,806 | ---- | C] () -- C:\WINDOWS\SysNative\GfxUIEx.exe.config
[2013/11/12 22:30:30 | 002,813,952 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxa64.cpa
[2013/11/12 22:30:30 | 000,094,208 | ---- | C] () -- C:\WINDOWS\SysNative\IccLibDll_x64.dll
[2013/11/12 22:30:30 | 000,000,264 | ---- | C] () -- C:\WINDOWS\SysNative\GfxUIHotKeyMenu.exe.config
[2013/11/12 22:30:29 | 000,044,025 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxo64.vp
[2013/11/12 22:30:29 | 000,043,494 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxc64.vp
[2013/11/12 22:30:29 | 000,043,256 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxg64.vp
[2013/11/12 22:30:29 | 000,001,125 | ---- | C] () -- C:\WINDOWS\SysNative\iglhxa64.vp
[2013/11/12 22:25:02 | 000,002,279 | ---- | C] () -- C:\Users\George Ciesinski\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/11/12 22:25:02 | 000,002,203 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/11/12 22:23:43 | 000,000,934 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/12 22:23:43 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/12 22:23:09 | 000,001,424 | ---- | C] () -- C:\Users\George Ciesinski\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/12 22:22:11 | 000,002,268 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk
[2013/11/12 22:22:11 | 000,002,238 | ---- | C] () -- C:\Users\Public\Desktop\Qualcomm Atheros Killer Network Manager.lnk
[2013/11/12 21:52:18 | 000,000,223 | -HS- | C] () -- C:\Users\George Ciesinski\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2013/11/12 21:51:19 | 2509,967,359 | -HS- | C] () -- C:\hiberfil.sys
[2013/11/12 21:50:29 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2013/11/12 21:49:38 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2013/10/03 23:42:46 | 000,343,040 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/10/03 23:42:40 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/10/03 23:42:38 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/22 10:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 10:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 09:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 02:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 22:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 22:17:46 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/08/21 18:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 18:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/02/08 17:17:38 | 002,567,680 | ---- | C] () -- C:\WINDOWS\SysWow64\DeviceControl.exe
[2012/12/10 17:12:50 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
[2012/11/08 17:34:40 | 000,029,696 | ---- | C] () -- C:\WINDOWS\SysWow64\GetDeviceInfoDll.dll

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/08/22 07:40:00 | 021,192,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/08/22 00:25:39 | 018,634,248 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 04:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 21:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 04:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/12 22:55:35 | 000,000,000 | ---D | M] -- C:\Users\George Ciesinski\AppData\Roaming\KeepSafe
[2013/11/13 01:26:01 | 000,000,000 | ---D | M] -- C:\Users\George Ciesinski\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 199 bytes -> C:\Users\George Ciesinski\SkyDrive:ms-properties

< End of report >



Extras

OTL Extras logfile created on: 11/13/2013 1:24:19 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Downloads
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16384)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.92 Gb Total Physical Memory | 5.68 Gb Available Physical Memory | 71.69% Memory free
15.92 Gb Paging File | 13.32 Gb Available in Paging File | 83.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.79 Gb Total Space | 80.71 Gb Free Space | 72.20% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 678.73 Gb Free Space | 97.15% Space Free | Partition Type: NTFS
Drive E: | 4.02 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: POLEMOS | User Name: George Ciesinski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{011DF56C-3794-4195-AB14-5FA69739C502}" = dir=out | [email protected]{microsoft.bingfinance_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{0933848D-4E6B-4A87-B3C1-8A8939224B7F}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\limbo\limbo.exe |
"{0E37CC4E-F6AB-4342-A5FC-0B82FAC9702F}" = protocol=17 | dir=in | app=d:\program files\steam\steam.exe |
"{1221A26D-4F2B-429B-A248-5880F4066450}" = dir=out | [email protected]{microsoft.bingtravel_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{149621B8-970B-408C-B38B-7BFDCEE647F2}" = dir=out | [email protected]{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{17A43590-03A7-4467-AB37-71AC25ADCA0B}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\mirrors edge\support\ea help\electronic_arts_technical_support.htm |
"{17B8C462-4460-4347-A362-88B5C0FCB282}" = dir=out | [email protected]{microsoft.zunevideo_2.2.41.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{2ED62B90-6FC5-4F46-91AB-895EEFFB302D}" = dir=out | [email protected]{microsoft.binghealthandfitness_3.0.1.176_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{2F73DD8F-155A-4717-AD04-C6F04F0DD8D3}" = dir=in | [email protected]{microsoft.windowsreadinglist_6.3.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{317E9DD5-B9D3-45AA-9088-C6EECF2CF856}" = dir=in | [email protected]{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{33D9B585-0F8D-4F7F-923A-EFD5D17932F3}" = protocol=6 | dir=in | app=d:\program files\steam\steam.exe |
"{3CC4C804-6845-46F2-A05E-6AE58314592A}" = dir=out | [email protected]{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{3ECFFF88-3D91-46A9-B60C-E7006EC6A39D}" = protocol=17 | dir=in | app=c:\users\george ciesinski\appdata\roaming\utorrent\utorrent.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{4568DDB5-D2D4-45FA-A8C9-C4DA01476FF6}" = dir=out | [email protected]{microsoft.bingmaps_2.0.2009.2356_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{45D5F0CD-237B-4B29-895C-81FFC45863AB}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\limbo\limbo.exe |
"{489690A6-0E52-4ABF-B237-44F1F9BA1438}" = dir=out | name=sonicwall mobile connect |
"{53C3CC90-509E-4237-85F0-4C94003F4D14}" = dir=out | [email protected]{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{57037925-C92E-4F69-9083-E99F1576AF26}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\mirrors edge\binaries\mirrorsedge.exe |
"{59AB5A17-FC60-4596-A3FE-02162CB90EDB}" = dir=in | name=f5 vpn |
"{5B023C6C-0E34-4D2A-B1C5-A110415F9A2C}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\surgeon simulator 2013\ss2013.exe |
"{5E52FB6C-E6F2-473C-9D81-7B77857955BB}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\mirrors edge\binaries\mirrorsedge.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{66E8AECC-0029-4416-91E2-269A4DDEB9C2}" = dir=out | name=f5 vpn |
"{69D39863-0F3F-4757-B36D-651B34902300}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\spacechem\spacechem.exe |
"{756BA45A-EEEA-49E5-BBF5-3E52CE0228D7}" = dir=out | [email protected]{microsoft.bingweather_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{77E49B89-4300-4C1B-B8BB-03F041D1BFFC}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\mirrors edge\support\ea help\electronic_arts_technical_support.htm |
"{78CD49B4-88CF-4DBC-89D8-877658930CE7}" = dir=out | name=juniper networks junos pulse |
"{7A15AFCA-823F-4253-8CCD-32A1902FA963}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\spacechem\spacechem.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{84724102-BECA-427D-8A3C-8E4BBCF0A41E}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{86578301-896B-44F4-9E5D-96FCD2CFE068}" = dir=out | [email protected]{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{8878461E-65CE-45BF-9EEF-54654D75476D}" = dir=out | [email protected]{microsoft.windowsreadinglist_6.3.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{91F2705E-3D19-4FA0-B33E-F40458AC06C2}" = dir=in | name=check point vpn |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A5E1F093-7EA7-495F-AA21-4F699C0FC00F}" = dir=out | [email protected]{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{A8E8424B-DEF2-42D5-81CC-D8BAED121579}" = dir=out | [email protected]{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{B1CF1B50-DE26-4FCD-AACF-9EFC7601A3DC}" = protocol=6 | dir=in | app=c:\users\george ciesinski\appdata\roaming\utorrent\utorrent.exe |
"{B7CBE62B-8BAB-46E0-8585-B80EBEAED146}" = dir=out | name=skype |
"{B891DB66-AC82-4AC4-B382-35CA7D03F59C}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{BC1BEFBF-4F32-4D2A-8866-472F4731AAFC}" = dir=out | name=check point vpn |
"{BDCFA2CE-EC1B-4AC8-8A98-67177641D1D0}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{BFA176FD-50F5-4ACA-AEEA-E2759B4B473E}" = dir=out | [email protected]{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{C1719C28-FFF3-4D87-A3BE-D8064F5A5C4C}" = dir=out | [email protected]{microsoft.zunemusic_2.2.41.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{CF52C85D-F741-4874-B49E-B8567F4E8E03}" = dir=out | [email protected]{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{CF9DE9DC-5C75-4E71-8EF9-D5327340F381}" = dir=out | [email protected]{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{CFDB0D93-EA8F-4BCA-87CE-34C88AA1F666}" = dir=out | [email protected]{microsoft.bingnews_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{E0727839-F96B-4938-8A30-520089EE5C01}" = dir=out | [email protected]{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{E6EBBD45-9498-45D9-8EC4-FBB0911934DB}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\surgeon simulator 2013\ss2013.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E938A158-175E-47FB-B03D-F42050D2635C}" = dir=out | [email protected]{microsoft.xboxlivegames_2.0.20.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{EA0CB568-8F06-488B-8129-7097EF0E3D9C}" = dir=in | name=juniper networks junos pulse |
"{EBBFC5CA-B3FE-4300-AE5A-A6BFC6196534}" = dir=in | name=skype |
"{EC5721E7-663D-4CFF-860B-788EDCF0A351}" = dir=out | name=windows_ie_ac_001 |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{ECFE58D2-B896-4AAF-9CFF-2831C30E4C8E}" = dir=in | name=sonicwall mobile connect |
"{EF044C03-9DE8-400F-A259-35AF716B4E4A}" = dir=out | [email protected]{microsoft.bingfoodanddrink_3.0.1.177_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{F3189D00-1054-47BC-A5D8-DAD77469978B}" = dir=out | [email protected]{microsoft.bingsports_3.0.1.174_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{F4BE7265-D948-43BE-B423-169E3540CA37}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel® Rapid Storage Technology
"{5EB368A4-562A-41B6-A5B3-06054A27F5A6}" = Intel® Rapid Storage Technology
"{9A4D399F-F790-4326-A9E4-64DF25E0EBE1}" = AuthenTec TrueSuite
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 311.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 311.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CEA5CD5B-DD10-46BF-82CE-CD578E3409BA}" = AuthenTec Fingerprint Driver
"{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"{FA00A3CC-7440-4938-A271-F186F50DD40D}" = Intel® Trusted Connect Service Client
"CCleaner" = CCleaner
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}" = Realtek PCIE Card Reader
"{164714B6-46BC-4649-9A30-A6ED32F03B5A}" = Hotkey 8.0129
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{793C03D1-884D-4C11-A7F6-07F3FDF10066}" = Finger Printer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"Google Chrome" = Google Chrome
"InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}" = Hotkey 8.0129
"InstallShield_{793C03D1-884D-4C11-A7F6-07F3FDF10066}" = Finger Printer
"InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Steam App 17410" = Mirror's Edge
"Steam App 202170" = Sleeping Dogs™
"Steam App 233720" = Surgeon Simulator 2013
"Steam App 48000" = LIMBO
"Steam App 92800" = SpaceChem

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/13/2013 2:01:24 AM | Computer Name = Polemos | Source = Application Error | ID = 1000
Description = Faulting application name: delegate_execute.exe, version: 31.0.1650.48,
time stamp: 0x5279e215 Faulting module name: delegate_execute.exe, version: 31.0.1650.48,
time stamp: 0x5279e215 Exception code: 0xc0000005 Fault offset: 0x0002a80a Faulting
process id: 0xc20 Faulting application start time: 0x01cee035c4fa1758 Faulting application
path: C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\delegate_execute.exe
Faulting
module path: C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.48\delegate_execute.exe
Report
Id: 0624b80f-4c29-11e3-be6d-3c77e66852b4 Faulting package full name: Faulting package-relative
application ID:

Error - 11/13/2013 2:05:40 AM | Computer Name = Polemos | Source = Software Protection Platform Service | ID = 8208
Description = Acquisition of genuine ticket failed (hr=0xC004C4A2) for template
Id {99d92734-d682-4d71-983e-d6ec3f16059f}

Error - 11/13/2013 2:09:49 AM | Computer Name = Polemos | Source = Application Error | ID = 1000
Description = Faulting application name: Winsat.exe, version: 6.3.9600.16384, time
stamp: 0x5215e5b3 Faulting module name: ntdll.dll, version: 6.3.9600.16384, time
stamp: 0x5215f938 Exception code: 0xc0000005 Fault offset: 0x0000000000032e02 Faulting
process id: 0xeb4 Faulting application start time: 0x01cee036eca746d5 Faulting application
path: C:\WINDOWS\system32\Winsat.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report
Id: 333601b4-4c2a-11e3-be6e-3c77e66852b4 Faulting package full name: Faulting package-relative
application ID:

Error - 11/13/2013 2:09:59 AM | Computer Name = Polemos | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app WinStore_cw5n1h2txyewy!Windows.Store failed with
error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional
information.

Error - 11/13/2013 2:11:30 AM | Computer Name = Polemos | Source = Software Protection Platform Service | ID = 8208
Description = Acquisition of genuine ticket failed (hr=0xC004C4A2) for template
Id {99d92734-d682-4d71-983e-d6ec3f16059f}

Error - 11/13/2013 2:11:39 AM | Computer Name = Polemos | Source = Software Protection Platform Service | ID = 8208
Description = Acquisition of genuine ticket failed (hr=0xC004C4A2) for template
Id {99d92734-d682-4d71-983e-d6ec3f16059f}

Error - 11/13/2013 2:11:40 AM | Computer Name = Polemos | Source = Software Protection Platform Service | ID = 8208
Description = Acquisition of genuine ticket failed (hr=0xC004C4A2) for template
Id {99d92734-d682-4d71-983e-d6ec3f16059f}

Error - 11/13/2013 2:11:46 AM | Computer Name = Polemos | Source = Software Protection Platform Service | ID = 8208
Description = Acquisition of genuine ticket failed (hr=0xC004C4A2) for template
Id {99d92734-d682-4d71-983e-d6ec3f16059f}

Error - 11/13/2013 2:11:46 AM | Computer Name = Polemos | Source = Software Protection Platform Service | ID = 8208
Description = Acquisition of genuine ticket failed (hr=0xC004C4A2) for template
Id {99d92734-d682-4d71-983e-d6ec3f16059f}

Error - 11/13/2013 2:12:03 AM | Computer Name = Polemos | Source = Software Protection Platform Service | ID = 8208
Description = Acquisition of genuine ticket failed (hr=0xC004C4A2) for template
Id {99d92734-d682-4d71-983e-d6ec3f16059f}

[ System Events ]
Error - 11/12/2013 11:47:53 PM | Computer Name = Polemos | Source = Service Control Manager | ID = 7034
Description = The Intel® Rapid Storage Technology service terminated unexpectedly.
It has done this 1 time(s).

Error - 11/13/2013 12:08:18 AM | Computer Name = Polemos | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.

Error - 11/13/2013 12:08:18 AM | Computer Name = Polemos | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053

Error - 11/13/2013 12:35:59 AM | Computer Name = Polemos | Source = Service Control Manager | ID = 7043
Description = The Windows Update service did not shut down properly after receiving
a preshutdown control.

Error - 11/13/2013 1:44:39 AM | Computer Name = Polemos | Source = Service Control Manager | ID = 7023
Description = The IP Helper service terminated with the following error: %%1058

Error - 11/13/2013 1:46:39 AM | Computer Name = Polemos | Source = Service Control Manager | ID = 7023
Description = The Network List Service service terminated with the following error:
%%21

Error - 11/13/2013 1:46:39 AM | Computer Name = Polemos | Source = Service Control Manager | ID = 7030
Description = The Printer Extensions and Notifications service is marked as an interactive
service. However, the system is configured to not allow interactive services.
This service may not function properly.

Error - 11/13/2013 1:48:16 AM | Computer Name = Polemos | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as a member
of a domain. The Netlogon service does not need to run in this configuration.

Error - 11/13/2013 1:48:21 AM | Computer Name = Polemos | Source = Service Control Manager | ID = 7024
Description = The BranchCache service terminated with the following service-specific
error: %%1260

Error - 11/13/2013 2:09:05 AM | Computer Name = Polemos | Source = Service Control Manager | ID = 7000
Description = The UAC File Virtualization service failed to start due to the following
error: %%1275


< End of report >
  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello th1nker

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

When they are complete let me have the two reports and let me know how things are running.

Gringo
  • 0

#3
th1nker

th1nker

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
I am very sorry for the late reply. I must not have seen the email informing me that I've gotten a reply. I am running the steps you outlined, and will respond once I do. Please don't close this topic yet.
  • 0

#4
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
no problem and I will be looking for you


Gringo
  • 0

#5
th1nker

th1nker

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Alright, I finally got the chance to run the programs. I also noticed that the message was popping up because I have the malware bytes trial, which has extended features. It tended to go off every time Utorrent was running. Regardless, here are the results from the scans:

AdwCleaner

# AdwCleaner v3.012 - Report created 20/11/2013 at 14:08:20
# Updated 11/11/2013 by Xplode
# Operating System : Windows 8.1 Pro (64 bits)
# Username : borreLore - POLEMOS
# Running from : C:\Users\George Ciesinski\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9

-4AF5-BADD-CCE547F953E5}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384


-\\ Google Chrome v31.0.1650.57

[ File : C:\Users\George Ciesinski\AppData\Local\Google\Chrome\User

Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

[ File : C:\Users\George Ciesinski\AppData\Local\Google\Chrome\User

Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [239 octets] - [20/11/2013 13:48:58]
AdwCleaner[R1].txt - [1231 octets] - [20/11/2013 14:04:37]
AdwCleaner[S0].txt - [972 octets] - [20/11/2013 14:08:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1031 octets]

##########


JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8.1 Pro x64
Ran by borreLore on Wed 11/20/2013 at 15:01:44.62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/20/2013 at 15:07:47.26
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#6
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello th1nker

Because of the way peer2peer works you will always get those blocks from Malwarebytes when using Utorrent - it connects to many ip addresses and many are bad ones

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#7
th1nker

th1nker

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
Hi, so I downloaded ComboFix from the link you sent me, and I put it on my desktop. When I double click it and tell it to run, it gives me the following message:

"ComboFix is not meant to run in 'Compatibility Mode'. The program shall now exit."

I checked the properties and the program was not set to run in compatibility mode, at least not that I could see. Any idea how to resolve this?

FYI, I'm running 64bit Windows 8.1, not sure if that makes a difference.
  • 0

#8
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello th1nker



Please download Farbar Recovery Scan Tool and save it to your desktop.


Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.


Gringo
  • 0

#9
th1nker

th1nker

    Member

  • Topic Starter
  • Member
  • PipPip
  • 38 posts
I have attached the logs below. I have an additional issue which may or may not be related: My computer gets BSOD when I log in while my wireless mouse is plugged in to the USB port. It gets into a boot loop when I try to start my computer with the mouse in. When I finally start it and log in, it gets a BSOD 95% of the time I plug the mouse in. The second time it boots, I have to plug it in after I log in again, and it does not BSOD. The mouse works functionally after that. This is a custom laptop that came with a bunch of driver CDs, but I installed them carefully after verifying that they were supplemental to components my laptop has in it.

FRST log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-11-2013 01
Ran by borreLore (administrator) on POLEMOS on 25-11-2013 16:51:36
Running from C:\Users\George Ciesinski\Desktop
Windows 8.1 Pro (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AuthenTec, Inc) C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(AuthenTec Inc.) C:\Program Files\AuthenTec TrueSuite\TouchControl.exe
(AuthenTec Inc.) C:\Program Files\AuthenTec TrueSuite\BioMonitor.exe
() C:\Program Files\AuthenTec TrueSuite\x86\IEWebSiteLogon.exe
(Authentec) C:\Program Files\AuthenTec TrueSuite\KeepSafe\fvsvr.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Valve Corporation) D:\Program Files\Steam\Steam.exe
() C:\Program Files (x86)\Hotkey\Hotkey.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(Dassault Systčmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
(Dropbox, Inc.) C:\Users\George Ciesinski\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\mmc.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13449288 2013-03-26] (Realtek Semiconductor)
HKLM\...\Run: [KeepSafe] - C:\Program Files\AuthenTec TrueSuite\KeepSafe\fvsvr.exe [38728 2011-10-21] (Authentec)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3008824 2012-11-30] (Synaptics Incorporated)
HKLM\...\Run: [HotKeysCmds] - "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [MBCfg64] - C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\MBCfg64.dll,RunDLLEntry MBCfg64
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Steam] - D:\Program Files\Steam\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKLM-x32\...\Run: [Sound Blaster X-Fi MB 3] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe [2109440 2013-04-23] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\Updreg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
Startup: C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\George Ciesinski\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x71E9A2109DE1CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\AuthenTec TrueSuite\IEBHO.dll (AuthenTec Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll (AuthenTec Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 16 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\GEORGE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\GEORGE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\GEORGE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Cast) - C:\Users\GEORGE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\13.1008.0.4_0
CHR Extension: (Google Search) - C:\Users\GEORGE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (AdBlock) - C:\Users\GEORGE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0
CHR Extension: (Reddit Enhancement Suite) - C:\Users\GEORGE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.3.1.2_0
CHR Extension: (Google Wallet) - C:\Users\GEORGE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1
CHR Extension: (Website Logon) - C:\Users\GEORGE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelloajafbopojkjmieelljfkcmdpdhf\6.0_1
CHR Extension: (Gmail) - C:\Users\GEORGE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [oelloajafbopojkjmieelljfkcmdpdhf] - C:\Program Files\AuthenTec TrueSuite\x86\tschrome.crx

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations)
R2 FPLService; C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe [2125160 2012-08-24] (AuthenTec, Inc)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [167736 2013-02-23] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-08] (NVIDIA Corporation)
R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [46080 2013-07-09] ()
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [490496 2012-07-23] ()
R2 RemoteSolverDispatcher; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [218248 2013-02-22] (Mentor Graphics Corporation)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 akw8x64; C:\Windows\system32\DRIVERS\akw8x64.sys [3203440 2012-07-23] (Qualcomm Atheros, Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
S1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [73072 2012-07-23] (Qualcomm Atheros, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-10-08] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-08-22] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NMgamingmsFltr; C:\Windows\system32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-09-27] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31032 2012-11-30] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-25 16:51 - 2013-11-25 16:52 - 00014442 _____ C:\Users\George Ciesinski\Desktop\FRST.txt
2013-11-25 16:51 - 2013-11-25 16:51 - 00000000 ____D C:\FRST
2013-11-25 16:49 - 2013-11-25 16:50 - 01958474 _____ (Farbar) C:\Users\George Ciesinski\Desktop\FRST64.exe
2013-11-25 16:45 - 2013-11-25 16:45 - 00296408 _____ C:\WINDOWS\Minidump\112513-4593-01.dmp
2013-11-25 15:12 - 2013-11-25 15:12 - 00214528 _____ C:\Users\George Ciesinski\Downloads\MeasurInstrum1A (1).ppt
2013-11-25 15:12 - 2013-11-25 15:12 - 00116736 _____ C:\Users\George Ciesinski\Downloads\CloseLoopStabilityA (1).ppt
2013-11-25 14:45 - 2013-11-25 14:45 - 00217088 _____ C:\Users\George Ciesinski\Downloads\MeasurInstrum1A.ppt
2013-11-25 14:45 - 2013-11-25 14:45 - 00114176 _____ C:\Users\George Ciesinski\Downloads\CloseLoopStabilityA.ppt
2013-11-24 19:58 - 2013-11-24 19:58 - 00001062 _____ C:\Users\George Ciesinski\Desktop\Dropbox.lnk
2013-11-24 19:51 - 2013-11-25 16:47 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Dropbox
2013-11-24 19:51 - 2013-11-24 19:51 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-24 19:48 - 2013-11-24 19:50 - 35334016 _____ (Dropbox, Inc.) C:\Users\George Ciesinski\Downloads\Dropbox 2.4.7.exe
2013-11-24 19:37 - 2013-11-24 19:37 - 00293376 _____ C:\WINDOWS\Minidump\112413-4593-01.dmp
2013-11-24 14:17 - 2013-11-24 14:17 - 00000000 ____D C:\Users\George Ciesinski\Documents\Arduino
2013-11-24 14:17 - 2013-11-24 14:17 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Arduino
2013-11-24 13:14 - 2013-11-24 13:14 - 00291936 _____ C:\WINDOWS\Minidump\112413-4968-01.dmp
2013-11-24 10:24 - 2013-11-24 15:57 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2013-11-24 10:24 - 2013-11-24 15:57 - 00000000 ____D C:\WINDOWS\system32\NV
2013-11-24 10:24 - 2013-11-24 10:24 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-11-24 10:23 - 2013-11-24 10:23 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-11-24 10:22 - 2013-11-14 06:58 - 30361888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 22951200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 18293608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 18208624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 15862272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 15218504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 12613408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2013-11-24 10:22 - 2013-11-14 06:58 - 11600432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 11514624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 09691888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 09619872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 03132704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 03125024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 02947872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 02747680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433182.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433182.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 00707360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 00657184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 00609568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 00562464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 00357152 _____ C:\WINDOWS\system32\NvIFROpenGL.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 00314656 _____ C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2013-11-24 10:22 - 2013-11-14 06:58 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2013-11-24 00:06 - 2013-11-24 00:06 - 00819176 _____ (Google Inc.) C:\Users\George Ciesinski\Downloads\ChromeSetup.exe
2013-11-23 23:05 - 2013-11-23 23:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-23 23:05 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-11-23 23:04 - 2013-11-23 23:04 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\George Ciesinski\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-23 22:00 - 2013-11-23 22:00 - 00292224 _____ C:\WINDOWS\Minidump\112313-5078-01.dmp
2013-11-22 16:22 - 2013-11-22 16:22 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\AliensVsPredator
2013-11-22 14:04 - 2013-11-22 14:04 - 00289632 _____ C:\WINDOWS\Minidump\112213-5703-01.dmp
2013-11-21 23:27 - 2013-11-21 23:27 - 00288096 _____ C:\WINDOWS\Minidump\112113-4984-01.dmp
2013-11-21 21:09 - 2013-11-21 21:09 - 00289768 _____ C:\WINDOWS\Minidump\112113-6109-01.dmp
2013-11-21 19:08 - 2013-11-21 19:08 - 00296736 _____ C:\WINDOWS\Minidump\112113-6015-01.dmp
2013-11-20 22:39 - 2013-11-20 22:39 - 00000565 _____ C:\WINDOWS\wmsetup.log
2013-11-20 22:38 - 2013-11-20 23:01 - 355583330 _____ C:\Users\George Ciesinski\Downloads\ctr_-_crash_team_racing.zip
2013-11-20 22:15 - 2013-11-20 22:15 - 00175318 _____ C:\Users\George Ciesinski\Downloads\gpupeteogl209.zip
2013-11-20 22:13 - 2013-11-20 22:13 - 00524288 _____ C:\Users\George Ciesinski\Downloads\SCPH1001.BIN
2013-11-20 22:12 - 2013-11-20 22:36 - 00000000 ____D C:\Users\George Ciesinski\Desktop\ePSXe
2013-11-20 22:12 - 2013-11-20 22:12 - 00638836 _____ C:\Users\George Ciesinski\Downloads\ePSXe190.zip
2013-11-20 22:09 - 2013-11-20 22:09 - 00296376 _____ C:\WINDOWS\Minidump\112013-4921-01.dmp
2013-11-20 19:40 - 2013-11-20 19:40 - 00000000 ____D C:\Users\George Ciesinski\Documents\MATLAB
2013-11-20 19:40 - 2013-11-20 19:40 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Subversion
2013-11-20 19:40 - 2013-11-20 19:40 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\MathWorks
2013-11-20 19:35 - 2013-11-25 16:45 - 00000570 _____ C:\WINDOWS\Tasks\MATLAB R2013b Startup Accelerator.job
2013-11-20 19:35 - 2013-11-20 19:35 - 00003738 _____ C:\WINDOWS\System32\Tasks\MATLAB R2013b Startup Accelerator
2013-11-20 19:04 - 2013-11-20 19:37 - 00000000 ____D C:\Program Files\MATLAB
2013-11-20 15:29 - 2013-11-20 15:29 - 00000039 _____ C:\Users\George Ciesinski\Desktop\Torrents In Prog.txt
2013-11-20 14:54 - 2013-11-20 14:54 - 00000000 ____D C:\WINDOWS\ERUNT
2013-11-20 13:47 - 2013-11-20 14:08 - 00000000 ____D C:\AdwCleaner
2013-11-19 17:53 - 2013-11-19 17:53 - 00293280 _____ C:\WINDOWS\Minidump\111913-5125-01.dmp
2013-11-18 14:41 - 2013-11-18 14:41 - 00296736 _____ C:\WINDOWS\Minidump\111813-5968-01.dmp
2013-11-18 13:47 - 2013-11-25 14:25 - 00000166 _____ C:\Users\George Ciesinski\Desktop\2013.11.18 Car Maintenance.txt
2013-11-18 12:29 - 2013-11-18 12:29 - 00000035 _____ C:\Users\George Ciesinski\Desktop\MIT App Designer.txt
2013-11-16 19:45 - 2013-10-23 06:29 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2013-11-16 19:45 - 2013-10-23 06:13 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2013-11-16 19:45 - 2013-10-23 00:27 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-16 19:45 - 2013-10-23 00:09 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-11-16 19:45 - 2013-10-23 00:04 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-16 19:45 - 2013-10-22 23:55 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-11-16 19:45 - 2013-10-22 23:46 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-11-16 19:45 - 2013-10-22 03:18 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2013-11-16 19:45 - 2013-10-22 03:18 - 00096088 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedapplauncher.exe
2013-11-16 19:45 - 2013-10-22 02:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-11-16 19:45 - 2013-10-22 01:03 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2013-11-16 19:45 - 2013-10-22 00:15 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2013-11-16 19:45 - 2013-10-21 23:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2013-11-16 19:45 - 2013-10-21 23:02 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2013-11-16 19:45 - 2013-10-21 22:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2013-11-16 19:45 - 2013-10-21 22:44 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2013-11-16 19:45 - 2013-10-21 21:38 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2013-11-16 19:45 - 2013-10-21 21:22 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-11-16 19:45 - 2013-10-21 21:13 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-11-16 19:45 - 2013-10-21 21:07 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-11-16 19:45 - 2013-10-21 20:53 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2013-11-16 19:45 - 2013-10-21 20:47 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-11-16 19:45 - 2013-10-19 04:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-11-16 19:45 - 2013-10-19 03:51 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2013-11-16 19:45 - 2013-10-19 02:12 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2013-11-16 19:45 - 2013-10-19 01:24 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-11-16 19:45 - 2013-10-18 23:48 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2013-11-16 19:45 - 2013-10-18 23:03 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2013-11-16 19:45 - 2013-10-18 22:57 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-11-16 19:45 - 2013-10-18 22:28 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-11-16 19:45 - 2013-10-18 22:26 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2013-11-16 19:45 - 2013-10-18 22:14 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2013-11-16 19:45 - 2013-10-17 10:42 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2013-11-16 19:45 - 2013-10-17 10:42 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2013-11-16 19:45 - 2013-10-17 09:04 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2013-11-16 19:45 - 2013-10-16 04:34 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2013-11-16 19:45 - 2013-10-16 04:33 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2013-11-16 19:45 - 2013-10-12 22:06 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2013-11-16 19:45 - 2013-10-12 21:43 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2013-11-16 19:45 - 2013-10-11 10:11 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-11-16 19:45 - 2013-10-11 09:22 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-11-16 19:45 - 2013-10-11 08:24 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-11-16 19:45 - 2013-10-11 08:04 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-11-16 19:45 - 2013-10-11 08:03 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-11-16 19:45 - 2013-10-10 11:44 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2013-11-16 19:45 - 2013-10-10 11:26 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-11-16 19:45 - 2013-10-10 11:26 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2013-11-16 19:45 - 2013-10-10 11:23 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2013-11-16 19:45 - 2013-10-10 09:53 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-11-16 19:45 - 2013-10-10 09:53 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2013-11-16 19:45 - 2013-10-10 06:53 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2013-11-16 19:45 - 2013-10-10 06:38 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2013-11-16 19:45 - 2013-10-10 06:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2013-11-16 19:45 - 2013-10-10 05:40 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-11-16 19:45 - 2013-10-10 05:19 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-11-16 19:45 - 2013-10-09 00:40 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-11-16 19:45 - 2013-10-08 06:07 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-11-16 19:45 - 2013-10-08 05:28 - 00523096 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2013-11-16 19:45 - 2013-10-08 05:13 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-11-16 19:45 - 2013-10-08 01:46 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2013-11-16 19:45 - 2013-10-08 00:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2013-11-16 19:45 - 2013-10-08 00:50 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2013-11-16 19:45 - 2013-10-08 00:48 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2013-11-16 19:45 - 2013-10-08 00:15 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2013-11-16 19:45 - 2013-10-08 00:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2013-11-16 19:45 - 2013-10-07 23:50 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2013-11-16 19:45 - 2013-10-07 23:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2013-11-16 19:45 - 2013-10-07 02:21 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-11-16 19:45 - 2013-10-07 02:21 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-11-16 19:45 - 2013-10-06 21:13 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-11-16 19:45 - 2013-10-05 10:25 - 00371032 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-11-16 19:45 - 2013-10-05 10:25 - 00057176 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2013-11-16 19:45 - 2013-10-05 09:21 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2013-11-16 19:45 - 2013-10-05 07:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2013-11-16 19:45 - 2013-10-05 06:01 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2013-11-16 19:45 - 2013-10-05 06:01 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2013-11-16 19:45 - 2013-10-05 06:00 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2013-11-16 19:45 - 2013-10-05 04:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2013-11-16 19:45 - 2013-10-05 04:18 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2013-11-16 19:45 - 2013-10-05 04:07 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-11-16 19:45 - 2013-10-05 03:56 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2013-11-16 19:45 - 2013-10-05 03:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2013-11-16 19:45 - 2013-10-05 03:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2013-11-16 19:45 - 2013-10-05 03:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2013-11-16 19:45 - 2013-10-05 03:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2013-11-16 19:45 - 2013-10-05 03:15 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2013-11-16 19:45 - 2013-10-05 02:43 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2013-11-16 19:45 - 2013-10-05 02:39 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2013-11-16 19:45 - 2013-10-05 02:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-11-16 19:45 - 2013-10-05 02:32 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2013-11-16 19:45 - 2013-10-04 03:10 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2013-11-16 19:45 - 2013-09-26 02:03 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-11-16 19:45 - 2013-09-26 01:52 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-11-16 19:45 - 2013-09-26 01:51 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2013-11-16 19:45 - 2013-09-26 01:34 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2013-11-16 19:45 - 2013-09-26 01:34 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2013-11-16 19:45 - 2013-09-26 01:32 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-11-16 19:45 - 2013-09-26 01:30 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-11-16 19:45 - 2013-09-26 01:25 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-11-16 19:45 - 2013-09-19 02:19 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersRes.dll
2013-11-16 19:45 - 2013-09-19 01:27 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2013-11-16 19:45 - 2013-09-19 01:23 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WorkFoldersRes.dll
2013-11-16 19:45 - 2013-09-19 00:04 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2013-11-16 19:45 - 2013-09-18 23:49 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-11-16 19:45 - 2013-09-18 23:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-11-16 19:45 - 2013-09-17 04:06 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-11-16 19:45 - 2013-09-17 04:06 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2013-11-16 19:45 - 2013-09-17 01:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-11-16 19:45 - 2013-09-17 01:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2013-11-16 19:45 - 2013-09-16 23:37 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2013-11-16 19:45 - 2013-09-14 09:07 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2013-11-16 19:45 - 2013-09-14 09:00 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2013-11-16 19:45 - 2013-09-14 07:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2013-11-16 19:45 - 2013-09-14 07:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2013-11-16 19:45 - 2013-09-14 05:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2013-11-16 19:45 - 2013-09-14 04:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2013-11-16 19:45 - 2013-09-13 03:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2013-11-16 19:45 - 2013-09-13 02:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe
2013-11-16 19:45 - 2013-09-12 03:45 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2013-11-16 19:45 - 2013-09-12 03:08 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2013-11-16 19:45 - 2013-09-12 03:08 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2013-11-16 19:45 - 2013-09-12 03:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2013-11-16 19:45 - 2013-09-12 02:44 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2013-11-16 19:45 - 2013-09-12 02:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2013-11-16 19:45 - 2013-09-12 02:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2013-11-16 19:45 - 2013-09-12 02:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2013-11-16 19:45 - 2013-09-12 02:16 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2013-11-16 19:45 - 2013-09-12 02:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2013-11-16 19:45 - 2013-09-11 07:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-11-16 19:45 - 2013-09-10 00:26 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2013-11-16 19:45 - 2013-09-09 23:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2013-11-16 19:45 - 2013-09-09 23:34 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2013-11-16 19:43 - 2013-11-05 15:21 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-11-16 19:43 - 2013-11-05 13:51 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-11-16 19:43 - 2013-11-05 11:20 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-11-16 19:43 - 2013-11-05 11:11 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-11-16 19:43 - 2013-11-05 09:30 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-11-16 19:43 - 2013-11-05 09:29 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-11-16 19:43 - 2013-10-10 06:26 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2013-11-16 19:43 - 2013-10-10 06:05 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2013-11-16 19:43 - 2013-10-10 05:34 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2013-11-16 19:43 - 2013-10-10 05:27 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2013-11-16 19:43 - 2013-09-20 23:48 - 07544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2013-11-16 19:42 - 2013-09-26 04:20 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2013-11-16 19:42 - 2013-09-26 02:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2013-11-16 19:42 - 2013-09-26 02:14 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2013-11-16 19:42 - 2013-09-25 05:25 - 00783504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2013-11-16 19:42 - 2013-09-25 03:58 - 00648648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2013-11-16 19:42 - 2013-09-25 02:32 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2013-11-16 19:42 - 2013-09-25 00:40 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2013-11-16 19:42 - 2013-09-24 01:55 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2013-11-16 19:42 - 2013-09-24 00:59 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2013-11-16 19:42 - 2013-09-24 00:54 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2013-11-16 19:42 - 2013-09-24 00:10 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2013-11-16 19:42 - 2013-09-24 00:05 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2013-11-16 19:42 - 2013-09-23 22:56 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2013-11-16 19:42 - 2013-09-21 07:10 - 00579416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2013-11-16 19:42 - 2013-09-21 07:10 - 00236376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2013-11-16 19:42 - 2013-09-21 07:10 - 00151384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2013-11-16 19:42 - 2013-09-21 06:50 - 00528048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2013-11-16 19:42 - 2013-09-21 06:48 - 00534048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2013-11-16 19:42 - 2013-09-21 06:48 - 00358384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-11-16 19:42 - 2013-09-21 06:48 - 00123480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2013-11-16 19:42 - 2013-09-21 06:18 - 01109936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2013-11-16 19:42 - 2013-09-21 06:04 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2013-11-16 19:42 - 2013-09-21 06:04 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-11-16 19:42 - 2013-09-21 05:56 - 01119576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2013-11-16 19:42 - 2013-09-21 05:56 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2013-11-16 19:42 - 2013-09-21 05:53 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2013-11-16 19:42 - 2013-09-21 05:53 - 01928656 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2013-11-16 19:42 - 2013-09-21 05:53 - 01534504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2013-11-16 19:42 - 2013-09-21 05:53 - 00996320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2013-11-16 19:42 - 2013-09-21 05:53 - 00934856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2013-11-16 19:42 - 2013-09-21 05:53 - 00366688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2013-11-16 19:42 - 2013-09-21 05:53 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2013-11-16 19:42 - 2013-09-21 05:51 - 01720552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2013-11-16 19:42 - 2013-09-21 05:45 - 00171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2013-11-16 19:42 - 2013-09-21 04:23 - 00427096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2013-11-16 19:42 - 2013-09-21 04:23 - 00098104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2013-11-16 19:42 - 2013-09-21 04:12 - 01370800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2013-11-16 19:42 - 2013-09-21 04:12 - 01092896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2013-11-16 19:42 - 2013-09-21 04:09 - 02142424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2013-11-16 19:42 - 2013-09-21 04:09 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2013-11-16 19:42 - 2013-09-21 04:09 - 00796928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2013-11-16 19:42 - 2013-09-21 04:09 - 00312936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2013-11-16 19:42 - 2013-09-21 02:58 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2013-11-16 19:42 - 2013-09-21 02:57 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2013-11-16 19:42 - 2013-09-21 02:56 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2013-11-16 19:42 - 2013-09-21 02:55 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2013-11-16 19:42 - 2013-09-21 02:50 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2013-11-16 19:42 - 2013-09-21 02:17 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2013-11-16 19:42 - 2013-09-21 02:05 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2013-11-16 19:42 - 2013-09-21 01:55 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2013-11-16 19:42 - 2013-09-21 01:33 - 11366912 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2013-11-16 19:42 - 2013-09-21 01:27 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2013-11-16 19:42 - 2013-09-21 01:06 - 01415168 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2013-11-16 19:42 - 2013-09-21 01:01 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2013-11-16 19:42 - 2013-09-21 01:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2013-11-16 19:42 - 2013-09-21 00:59 - 00940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2013-11-16 19:42 - 2013-09-21 00:57 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\livessp.dll
2013-11-16 19:42 - 2013-09-21 00:56 - 08712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2013-11-16 19:42 - 2013-09-21 00:50 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2013-11-16 19:42 - 2013-09-21 00:43 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2013-11-16 19:42 - 2013-09-21 00:38 - 00365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2013-11-16 19:42 - 2013-09-21 00:37 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2013-11-16 19:42 - 2013-09-21 00:36 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2013-11-16 19:42 - 2013-09-21 00:34 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2013-11-16 19:42 - 2013-09-21 00:31 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2013-11-16 19:42 - 2013-09-21 00:26 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2013-11-16 19:42 - 2013-09-21 00:25 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-11-16 19:42 - 2013-09-21 00:20 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2013-11-16 19:42 - 2013-09-21 00:16 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2013-11-16 19:42 - 2013-09-21 00:13 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2013-11-16 19:42 - 2013-09-21 00:10 - 12028416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2013-11-16 19:42 - 2013-09-21 00:09 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2013-11-16 19:42 - 2013-09-21 00:08 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2013-11-16 19:42 - 2013-09-21 00:05 - 08875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2013-11-16 19:42 - 2013-09-21 00:02 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2013-11-16 19:42 - 2013-09-20 23:58 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2013-11-16 19:42 - 2013-09-20 23:54 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2013-11-16 19:42 - 2013-09-20 23:49 - 04975104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2013-11-16 19:42 - 2013-09-20 23:45 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2013-11-16 19:42 - 2013-09-20 23:44 - 01662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2013-11-16 19:42 - 2013-09-20 23:42 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2013-11-16 19:42 - 2013-09-20 23:39 - 01455616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2013-11-16 19:42 - 2013-09-20 23:38 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2013-11-16 19:42 - 2013-09-20 23:38 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2013-11-16 19:42 - 2013-09-20 23:37 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2013-11-16 19:42 - 2013-09-20 23:36 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2013-11-16 19:42 - 2013-09-19 01:39 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.dll
2013-11-16 19:42 - 2013-09-19 01:17 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2013-11-16 19:42 - 2013-09-19 00:47 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.dll
2013-11-16 19:42 - 2013-09-19 00:29 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2013-11-16 19:42 - 2013-09-19 00:08 - 01150976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2013-11-16 19:42 - 2013-09-19 00:01 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2013-11-16 19:42 - 2013-09-18 23:37 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2013-11-16 19:42 - 2013-09-18 23:32 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2013-11-16 19:42 - 2013-09-18 23:27 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2013-11-16 19:42 - 2013-09-18 23:27 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2013-11-16 19:42 - 2013-09-18 23:25 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2013-11-16 19:42 - 2013-09-18 23:11 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2013-11-16 19:42 - 2013-09-18 23:10 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2013-11-16 19:42 - 2013-09-18 22:59 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2013-11-16 19:42 - 2013-09-18 22:55 - 00552448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2013-11-16 19:42 - 2013-09-18 22:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2013-11-16 19:42 - 2013-09-18 22:32 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2013-11-16 19:42 - 2013-09-17 04:18 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2013-11-16 19:42 - 2013-09-17 01:58 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2013-11-16 19:42 - 2013-09-17 00:26 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2013-11-16 19:42 - 2013-09-17 00:15 - 01225728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2013-11-16 19:42 - 2013-09-17 00:00 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2013-11-16 19:42 - 2013-09-16 23:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2013-11-16 19:42 - 2013-09-16 23:08 - 00738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2013-11-16 19:42 - 2013-09-16 22:28 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2013-11-16 19:42 - 2013-09-14 09:06 - 00175960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VerifierExt.sys
2013-11-16 19:42 - 2013-09-14 09:06 - 00066904 _____ (Microsoft Corporation) C:\WINDOWS\system32\PSHED.DLL
2013-11-16 19:42 - 2013-09-14 06:39 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2013-11-16 19:42 - 2013-09-14 06:38 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2013-11-16 19:42 - 2013-09-13 04:52 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsClassExtension.dll
2013-11-16 19:42 - 2013-09-13 03:54 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2013-11-16 19:42 - 2013-09-13 03:10 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2013-11-16 19:42 - 2013-09-13 02:55 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2013-11-16 19:42 - 2013-09-13 02:30 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2013-11-16 19:42 - 2013-09-12 07:33 - 06353952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2013-11-16 19:42 - 2013-09-12 02:37 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2013-11-16 19:42 - 2013-09-11 04:32 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2013-11-16 19:42 - 2013-09-11 04:31 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2013-11-16 19:42 - 2013-09-11 04:31 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2013-11-16 19:42 - 2013-09-11 02:41 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2013-11-16 19:42 - 2013-09-11 02:09 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2013-11-16 19:42 - 2013-09-07 11:12 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2013-11-16 19:42 - 2013-09-07 11:12 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2013-11-16 19:42 - 2013-09-07 09:45 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2013-11-16 19:42 - 2013-09-07 09:45 - 00368736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2013-11-16 19:42 - 2013-09-07 07:44 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdprint.dll
2013-11-16 19:42 - 2013-09-07 07:29 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2013-11-16 19:42 - 2013-09-07 07:00 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdprint.dll
2013-11-16 19:42 - 2013-09-07 06:50 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceCenter.dll
2013-11-16 19:42 - 2013-09-07 06:45 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2013-11-16 19:42 - 2013-09-07 06:30 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2013-11-16 19:42 - 2013-09-07 06:22 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2013-11-16 19:42 - 2013-09-07 06:13 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2013-11-16 19:42 - 2013-09-07 06:07 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2013-11-16 19:42 - 2013-09-07 05:51 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2013-11-16 19:42 - 2013-09-07 05:51 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2013-11-16 19:42 - 2013-09-05 02:39 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2013-11-16 19:42 - 2013-09-05 01:42 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
2013-11-16 19:42 - 2013-09-05 00:40 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2013-11-16 19:42 - 2013-09-04 23:58 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-11-16 19:42 - 2013-09-04 23:39 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-11-16 19:42 - 2013-09-04 02:01 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2013-11-16 19:42 - 2013-09-04 01:16 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2013-11-16 19:42 - 2013-09-04 00:47 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2013-11-16 19:42 - 2013-09-04 00:12 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCoreConfProv.dll
2013-11-16 19:42 - 2013-09-03 23:57 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2013-11-16 19:42 - 2013-09-03 23:48 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2013-11-16 19:42 - 2013-09-03 23:35 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2013-11-16 19:42 - 2013-08-31 09:18 - 00205024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2013-11-16 19:42 - 2013-08-31 07:15 - 00180232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2013-11-16 19:42 - 2013-08-31 07:04 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\riched20.dll
2013-11-16 19:42 - 2013-08-31 05:46 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\riched20.dll
2013-11-16 19:42 - 2013-08-31 05:00 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2013-11-16 19:42 - 2013-08-31 04:25 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2013-11-16 19:42 - 2013-08-30 02:31 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2013-11-16 19:42 - 2013-08-28 03:03 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2013-11-16 19:42 - 2013-08-28 02:55 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2013-11-16 19:42 - 2013-08-28 02:49 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2013-11-16 19:42 - 2013-08-28 02:09 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2013-11-16 19:42 - 2013-08-28 02:04 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2013-11-16 19:42 - 2013-08-27 02:44 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2013-11-16 19:42 - 2013-08-27 01:09 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2013-11-16 19:42 - 2013-08-27 00:42 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-11-16 19:42 - 2013-08-27 00:24 - 00813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2013-11-16 19:42 - 2013-08-27 00:10 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-11-16 19:37 - 2013-09-29 04:22 - 01641496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-11-16 19:37 - 2013-09-29 04:22 - 01506168 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-11-16 19:37 - 2013-09-29 04:22 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-11-16 19:37 - 2013-09-29 04:22 - 01344984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-11-15 14:03 - 2013-11-15 14:03 - 00292032 _____ C:\WINDOWS\Minidump\111513-5515-01.dmp
2013-11-15 09:35 - 2013-11-15 09:35 - 00292224 _____ C:\WINDOWS\Minidump\111513-5593-01.dmp
2013-11-15 09:28 - 2013-11-20 13:58 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\Arma 3
2013-11-15 09:28 - 2013-11-15 14:07 - 00000000 ____D C:\Users\George Ciesinski\Documents\Arma 3
2013-11-15 09:28 - 2013-11-15 09:28 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-11-15 08:55 - 2013-11-19 05:30 - 00267936 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-11-14 23:28 - 2013-11-14 23:28 - 00466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2013-11-14 23:28 - 2013-11-14 23:28 - 00445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2013-11-14 23:28 - 2013-11-14 23:28 - 00123480 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2013-11-14 23:28 - 2013-11-14 23:28 - 00109144 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2013-11-14 23:28 - 2013-03-27 11:59 - 01903104 ____N (Creative) C:\WINDOWS\system32\Sens_oal.dll
2013-11-14 23:28 - 2013-03-27 11:56 - 02906589 ____N (Creative) C:\WINDOWS\SysWOW64\Sens_oal.dll
2013-11-14 23:28 - 2013-03-26 10:43 - 00004914 ____N C:\WINDOWS\MBCfg_SP_APOIM.ini
2013-11-14 23:28 - 2013-03-26 10:43 - 00004862 ____N C:\WINDOWS\MBCfg_APOIM.ini
2013-11-14 23:28 - 2013-03-26 10:43 - 00004821 ____N C:\WINDOWS\MBCfg_HP_APOIM.ini
2013-11-14 23:28 - 2013-03-26 10:43 - 00001165 ____N C:\WINDOWS\MBCfg_Capture_APOIM.ini
2013-11-14 23:28 - 2013-03-26 10:42 - 00013194 ____N C:\WINDOWS\SysWOW64\MBCfg32.ini
2013-11-14 23:28 - 2013-03-26 10:42 - 00013194 ____N C:\WINDOWS\system32\MBCfg64.ini
2013-11-14 23:28 - 2013-03-05 16:26 - 00057585 _____ C:\WINDOWS\MBSpkrEQ.cfg
2013-11-14 23:28 - 2013-01-25 11:08 - 00089600 _____ C:\WINDOWS\system32\CmdRtr64.DLL
2013-11-14 23:28 - 2013-01-25 11:07 - 00074240 _____ C:\WINDOWS\SysWOW64\CmdRtr.DLL
2013-11-14 23:28 - 2013-01-25 11:06 - 00328704 _____ C:\WINDOWS\system32\APOMgr64.DLL
2013-11-14 23:28 - 2013-01-25 11:04 - 00248320 _____ C:\WINDOWS\SysWOW64\APOMngr.DLL
2013-11-14 23:28 - 2013-01-25 09:55 - 00029696 ____N (Creative Technology Ltd.) C:\WINDOWS\system32\MBCfg64.dll
2013-11-14 23:28 - 2013-01-25 09:55 - 00027136 ____N (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBCfg32.dll
2013-11-14 23:28 - 2013-01-08 10:13 - 00006968 ____N C:\WINDOWS\system32\MBCfgUninstall64.ini
2013-11-14 23:28 - 2013-01-08 10:12 - 00006968 ____N C:\WINDOWS\SysWOW64\MBCfgUninstall32.ini
2013-11-14 23:28 - 2012-12-20 11:40 - 00008704 ____N (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\ResDefA.exe
2013-11-14 23:28 - 2011-09-07 15:53 - 00326144 ____N (Creative Technology Ltd.) C:\WINDOWS\system32\ChezSC64.DLL
2013-11-14 23:28 - 2011-09-07 15:52 - 00282112 ____N (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\ChezSC32.DLL
2013-11-14 23:28 - 2009-12-23 21:49 - 00809560 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmpE4B2.tmp
2013-11-14 23:28 - 2009-12-23 21:49 - 00809560 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmpE4B1.tmp
2013-11-14 23:28 - 2009-10-01 16:42 - 00141312 ____N (Creative Technology Ltd.) C:\WINDOWS\system32\MBCfg64.exe
2013-11-14 23:28 - 2009-10-01 16:41 - 00132096 ____N (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBCfg32.exe
2013-11-14 23:28 - 2000-05-11 01:00 - 00090112 ____N (Creative Technology Ltd.) C:\WINDOWS\Updreg.EXE
2013-11-14 23:27 - 2013-11-14 23:27 - 00000000 ____D C:\Program Files\Creative
2013-11-14 20:23 - 2013-11-14 20:23 - 00286264 _____ C:\WINDOWS\Minidump\111413-4703-01.dmp
2013-11-14 20:19 - 2013-11-14 20:19 - 00294760 _____ C:\WINDOWS\Minidump\111413-8296-01.dmp
2013-11-14 19:53 - 2013-11-15 10:02 - 00003966 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4D336936-046B-40DB-83FB-F9ED315F121D}
2013-11-14 17:11 - 2013-11-14 17:11 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-11-14 17:11 - 2013-11-14 17:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-11-14 17:10 - 2013-11-14 17:10 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-11-14 17:10 - 2013-11-14 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-11-14 16:52 - 2013-11-14 16:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-14 16:52 - 2013-11-07 16:00 - 82896128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-14 16:44 - 2013-11-14 16:44 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-11-14 16:44 - 2013-11-14 16:44 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-11-14 16:43 - 2013-11-14 16:43 - 00000000 ____D C:\Program Files\Microsoft Sync Framework
2013-11-14 16:43 - 2013-11-14 16:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-11-14 16:42 - 2013-11-14 16:42 - 00000000 __RHD C:\MSOCache
2013-11-14 16:42 - 2013-11-14 16:42 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-11-14 16:42 - 2013-11-14 16:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-11-14 15:45 - 2013-11-14 15:45 - 00000000 ____D C:\Users\George Ciesinski\Downloads\English_Office_Professional_Plus_2010_W64_X17-75371
2013-11-14 15:29 - 2013-11-14 15:29 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\e-academy Inc
2013-11-14 15:29 - 2013-11-14 15:29 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\e-academy Inc
2013-11-14 15:17 - 2013-11-14 15:17 - 00293320 _____ C:\WINDOWS\Minidump\111413-5265-01.dmp
2013-11-14 14:36 - 2013-10-23 06:01 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-11-14 14:36 - 2013-10-23 03:59 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-11-14 14:36 - 2013-10-19 03:08 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-14 14:36 - 2013-10-19 01:37 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-14 14:36 - 2013-10-19 01:02 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-14 14:36 - 2013-10-19 00:37 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2013-11-14 14:36 - 2013-10-19 00:19 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-11-14 14:36 - 2013-10-19 00:10 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-11-14 14:36 - 2013-10-18 23:52 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-14 14:36 - 2013-10-18 23:44 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-11-14 14:36 - 2013-10-18 23:37 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-14 14:36 - 2013-10-18 23:31 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-11-14 14:36 - 2013-10-18 22:56 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-14 14:36 - 2013-10-18 22:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-11-14 14:36 - 2013-10-18 22:53 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-11-14 14:36 - 2013-10-18 22:23 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-11-14 14:36 - 2013-10-18 22:09 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-11-14 14:36 - 2013-10-18 22:02 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-11-14 14:36 - 2013-10-12 21:48 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2013-11-14 14:36 - 2013-10-12 16:48 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2013-11-14 14:36 - 2013-10-12 16:34 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2013-11-14 14:36 - 2013-10-05 09:21 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2013-11-14 14:36 - 2013-10-05 03:39 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2013-11-14 14:36 - 2013-10-03 09:07 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-11-14 14:36 - 2013-10-03 09:05 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-11-14 14:36 - 2013-10-03 09:05 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-11-14 14:36 - 2013-10-03 07:53 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-11-14 14:36 - 2013-10-03 07:53 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-11-14 14:36 - 2013-10-03 04:16 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2013-11-14 14:36 - 2013-10-03 04:02 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2013-11-14 14:36 - 2013-10-02 06:00 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-11-14 14:36 - 2013-10-02 04:47 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-11-14 14:36 - 2013-09-30 22:42 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2013-11-14 14:36 - 2013-09-30 22:36 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2013-11-14 14:35 - 2013-10-16 10:58 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-11-14 14:35 - 2013-10-16 08:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-11-14 13:08 - 2013-11-14 20:18 - 00006614 _____ C:\WINDOWS\PFRO.log
2013-11-14 13:08 - 2013-11-14 13:08 - 00296672 _____ C:\WINDOWS\Minidump\111413-7109-01.dmp
2013-11-13 17:46 - 2013-11-17 15:29 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-13 17:46 - 2013-11-14 16:43 - 00000000 ____D C:\Program Files\Microsoft Office
2013-11-13 17:46 - 2013-11-13 17:46 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\Microsoft Help
2013-11-13 14:11 - 2013-11-25 16:45 - 508788374 _____ C:\WINDOWS\MEMORY.DMP
2013-11-13 14:11 - 2013-11-25 16:45 - 00000000 ____D C:\WINDOWS\Minidump
2013-11-13 14:11 - 2013-11-13 14:11 - 00290728 _____ C:\WINDOWS\Minidump\111313-5046-01.dmp
2013-11-13 11:10 - 2013-11-13 11:10 - 00000000 ____D C:\Users\George Ciesinski\Documents\4A Games
2013-11-13 11:06 - 2013-11-13 11:06 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\4A Games
2013-11-13 11:02 - 2013-11-14 02:08 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\TempSWBackupDirectory
2013-11-13 11:01 - 2013-11-13 11:05 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\NVIDIA
2013-11-13 11:01 - 2013-11-13 11:01 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\SolidWorks
2013-11-13 10:55 - 2013-11-13 10:55 - 00000000 ____D C:\ProgramData\Simpoe
2013-11-13 10:54 - 2013-11-13 10:54 - 00000000 ____D C:\ProgramData\SolidWorks Flow Simulation
2013-11-13 10:54 - 2013-11-13 10:54 - 00000000 ____D C:\ProgramData\COSMOS Applications
2013-11-13 10:53 - 2013-11-13 10:53 - 00000000 ____D C:\Program Files (x86)\SolidWorks Corp
2013-11-13 10:52 - 2013-11-13 10:52 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\help_images_otherUI
2013-11-13 10:52 - 2013-11-13 10:52 - 00000000 _____ C:\WINDOWS\eDrawingOfficeAutomator.INI
2013-11-13 10:47 - 2013-11-13 10:47 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\DassaultSystemes
2013-11-13 10:47 - 2013-11-13 10:47 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\DassaultSystemes
2013-11-13 10:47 - 2013-11-13 10:47 - 00000000 ____D C:\ProgramData\DassaultSystemes
2013-11-13 10:36 - 2013-11-13 10:55 - 00000000 ____D C:\Program Files\SolidWorks Corp
2013-11-13 10:36 - 2013-11-13 10:54 - 00000000 ____D C:\Program Files\Common Files\SolidWorks Shared
2013-11-13 10:36 - 2013-11-13 10:36 - 00000000 ____D C:\ProgramData\SolidWorks
2013-11-13 10:36 - 2013-11-13 10:36 - 00000000 ____D C:\ProgramData\Apple
2013-11-13 10:36 - 2013-11-13 10:36 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2013-11-13 10:36 - 2013-11-13 10:36 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2013-11-13 10:36 - 2013-11-13 10:36 - 00000000 ____D C:\Program Files\Bonjour
2013-11-13 10:36 - 2013-11-13 10:36 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-11-13 10:35 - 2013-11-14 16:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-11-13 10:35 - 2013-11-13 10:35 - 00000000 ____D C:\ProgramData\FLEXnet
2013-11-13 10:35 - 2013-11-13 10:35 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-11-13 10:34 - 2013-11-13 10:46 - 00000000 ____D C:\SolidWorks Data
2013-11-13 10:32 - 2013-11-20 17:58 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\SolidWorks
2013-11-13 10:32 - 2013-11-13 10:34 - 00000000 ____D C:\WINDOWS\SolidWorks
2013-11-13 10:25 - 2013-11-13 10:25 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\WinRAR
2013-11-13 10:25 - 2013-11-13 10:25 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-11-13 10:25 - 2013-11-13 10:25 - 00000000 ____D C:\Program Files\WinRAR
2013-11-13 09:56 - 2013-11-13 09:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-11-13 09:32 - 2013-11-13 09:32 - 00000000 ____D C:\WINDOWS\system32\RsFx
2013-11-13 09:31 - 2013-11-13 09:31 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2013-11-13 09:31 - 2013-11-13 09:31 - 00000000 ____D C:\WINDOWS\system32\1033
2013-11-13 09:31 - 2013-11-13 09:31 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2013-11-13 09:31 - 2013-11-13 09:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2013-11-13 09:30 - 2013-11-14 15:38 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-11-13 09:29 - 2013-11-14 15:38 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-11-13 09:28 - 2013-11-24 13:47 - 00000000 ____D C:\Users\George Ciesinski\Documents\Visual Studio 2010
2013-11-13 09:28 - 2013-11-13 09:28 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2013-11-13 09:28 - 2013-11-13 09:28 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-11-13 09:28 - 2013-11-13 09:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-11-13 09:28 - 2013-11-13 09:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-11-13 09:27 - 2013-11-13 09:27 - 00000000 ____D C:\WINDOWS\symbols
2013-11-13 09:27 - 2013-11-13 09:27 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2013-11-13 09:27 - 2013-11-13 09:27 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2013-11-13 09:27 - 2013-11-13 09:27 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-11-13 09:26 - 2013-11-13 09:26 - 00000000 ____D C:\WINDOWS\PCHEALTH
2013-11-13 09:22 - 2013-11-13 09:22 - 00004264 _____ C:\WINDOWS\DPINST.LOG
2013-11-13 09:20 - 2013-11-20 19:43 - 00000000 ___RD C:\Users\George Ciesinski\Desktop\Engineering Software
2013-11-13 09:14 - 2013-11-25 00:22 - 00000000 ___RD C:\Users\George Ciesinski\Desktop\Security & Maintenance
2013-11-13 03:44 - 2013-11-14 00:00 - 00000000 ___DC C:\WINDOWS\Panther
2013-11-13 03:43 - 2013-11-14 16:43 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-13 03:43 - 2013-11-13 03:43 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-11-13 03:43 - 2013-11-13 03:43 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-11-13 03:43 - 2013-11-13 03:43 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-11-13 03:43 - 2013-11-13 03:43 - 00000000 ____D C:\Program Files\MSBuild
2013-11-13 03:43 - 2013-11-13 03:43 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-11-13 03:43 - 2013-08-22 14:28 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2013-11-13 03:43 - 2013-08-22 14:28 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2013-11-13 03:43 - 2013-08-22 14:28 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-13 03:43 - 2013-08-22 14:28 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-11-13 03:43 - 2013-08-22 14:28 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2013-11-13 03:43 - 2013-08-22 14:28 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2013-11-13 02:18 - 2013-11-13 02:18 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\NVIDIA Corporation
2013-11-13 02:18 - 2013-11-13 02:18 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\NVIDIA
2013-11-13 02:17 - 2013-11-13 02:17 - 00001363 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-11-13 02:17 - 2013-11-08 15:47 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2013-11-13 02:17 - 2013-11-08 15:47 - 00955168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2013-11-13 02:15 - 2013-11-14 06:58 - 02697248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2013-11-13 02:15 - 2013-10-23 05:30 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433165.dll
2013-11-13 02:15 - 2013-10-23 05:30 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433165.dll
2013-11-13 02:15 - 2013-09-27 18:01 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2013-11-13 02:15 - 2013-09-27 18:01 - 00029984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2013-11-13 02:15 - 2013-09-27 18:01 - 00028960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2013-11-13 02:14 - 2013-11-13 02:14 - 00000000 ____D C:\NVIDIA
2013-11-13 01:56 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2013-11-13 01:56 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2013-11-13 01:56 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2013-11-13 01:56 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2013-11-13 01:56 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2013-11-13 01:56 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2013-11-13 01:56 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2013-11-13 01:56 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2013-11-13 01:56 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2013-11-13 01:56 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2013-11-13 01:56 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2013-11-13 01:56 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2013-11-13 01:56 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2013-11-13 01:56 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2013-11-13 01:56 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2013-11-13 01:56 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2013-11-13 01:56 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2013-11-13 01:56 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2013-11-13 01:56 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2013-11-13 01:56 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2013-11-13 01:56 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2013-11-13 01:56 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2013-11-13 01:56 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2013-11-13 01:56 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2013-11-13 01:56 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2013-11-13 01:56 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2013-11-13 01:56 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2013-11-13 01:56 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2013-11-13 01:56 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2013-11-13 01:56 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2013-11-13 01:56 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2013-11-13 01:56 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2013-11-13 01:56 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2013-11-13 01:56 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2013-11-13 01:56 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2013-11-13 01:56 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2013-11-13 01:56 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2013-11-13 01:56 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2013-11-13 01:56 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2013-11-13 01:56 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2013-11-13 01:56 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2013-11-13 01:56 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2013-11-13 01:56 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2013-11-13 01:56 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2013-11-13 01:56 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2013-11-13 01:56 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2013-11-13 01:56 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2013-11-13 01:56 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2013-11-13 01:56 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2013-11-13 01:56 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2013-11-13 01:56 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2013-11-13 01:56 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2013-11-13 01:56 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2013-11-13 01:56 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2013-11-13 01:56 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2013-11-13 01:56 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2013-11-13 01:56 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2013-11-13 01:56 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2013-11-13 01:56 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2013-11-13 01:56 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2013-11-13 01:56 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2013-11-13 01:56 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2013-11-13 01:56 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2013-11-13 01:56 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2013-11-13 01:56 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2013-11-13 01:56 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2013-11-13 01:56 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2013-11-13 01:56 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2013-11-13 01:56 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2013-11-13 01:56 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2013-11-13 01:56 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2013-11-13 01:56 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2013-11-13 01:56 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2013-11-13 01:56 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2013-11-13 01:56 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2013-11-13 01:56 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2013-11-13 01:56 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2013-11-13 01:56 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2013-11-13 01:56 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2013-11-13 01:56 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2013-11-13 01:56 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2013-11-13 01:56 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2013-11-13 01:56 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2013-11-13 01:56 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2013-11-13 01:56 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2013-11-13 01:56 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2013-11-13 01:56 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2013-11-13 01:56 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2013-11-13 01:56 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2013-11-13 01:56 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2013-11-13 01:56 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2013-11-13 01:56 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2013-11-13 01:56 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2013-11-13 01:56 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2013-11-13 01:56 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2013-11-13 01:56 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2013-11-13 01:56 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2013-11-13 01:56 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2013-11-13 01:56 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2013-11-13 01:56 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2013-11-13 01:56 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2013-11-13 01:56 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2013-11-13 01:56 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2013-11-13 01:56 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2013-11-13 01:56 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2013-11-13 01:56 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2013-11-13 01:56 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2013-11-13 01:56 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2013-11-13 01:56 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2013-11-13 01:56 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2013-11-13 01:56 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2013-11-13 01:56 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2013-11-13 01:56 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2013-11-13 01:56 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2013-11-13 01:55 - 2013-11-22 16:21 - 00069240 _____ C:\WINDOWS\DirectX.log
2013-11-13 01:07 - 2013-11-14 06:58 - 01242400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2013-11-13 01:07 - 2013-11-14 06:58 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2013-11-13 01:07 - 2013-02-14 21:44 - 01814304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco64.dll
2013-11-13 01:07 - 2013-02-14 21:44 - 01510176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco64.dll
2013-11-13 01:03 - 2013-11-13 01:03 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\zachtronics industries
2013-11-13 01:01 - 2013-11-14 09:50 - 00003103 _____ C:\WINDOWS\setupact.log
2013-11-13 01:01 - 2013-11-13 01:01 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-13 00:56 - 2013-11-25 16:50 - 00865408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-13 00:54 - 2013-11-15 09:39 - 00000000 __RDO C:\Users\George Ciesinski\SkyDrive
2013-11-13 00:49 - 2013-11-13 00:49 - 00001442 _____ C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-13 00:49 - 2013-11-13 00:49 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-11-13 00:49 - 2013-11-13 00:49 - 00000020 ___SH C:\Users\George Ciesinski\ntuser.ini
2013-11-13 00:48 - 2013-11-25 16:44 - 01681246 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-13 00:47 - 2013-11-13 00:47 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-11-13 00:46 - 2013-11-24 15:57 - 00000000 ____D C:\Users\George Ciesinski
2013-11-13 00:46 - 2013-11-13 00:48 - 00028578 _____ C:\WINDOWS\diagwrn.xml
2013-11-13 00:46 - 2013-11-13 00:48 - 00028578 _____ C:\WINDOWS\diagerr.xml
2013-11-13 00:46 - 2013-11-13 00:46 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-13 00:46 - 2013-11-13 00:46 - 00000000 ___RD C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-13 00:46 - 2013-11-13 00:46 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-13 00:46 - 2013-08-22 00:17 - 02407936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2013-11-13 00:44 - 2013-11-13 00:46 - 00000000 ____D C:\Program Files\AuthenTec
2013-11-13 00:44 - 2013-11-13 00:44 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2013-11-13 00:44 - 2013-11-13 00:44 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_tcwbf_01_09_00.Wdf
2013-11-13 00:44 - 2013-11-13 00:44 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2013-11-13 00:44 - 2013-11-13 00:44 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2013-11-13 00:44 - 2013-11-13 00:44 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2013-11-13 00:44 - 2013-11-13 00:44 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-11-13 00:44 - 2013-11-13 00:44 - 00000000 ____D C:\Program Files\Synaptics
2013-11-13 00:44 - 2013-11-13 00:44 - 00000000 ____D C:\Program Files\Realtek
2013-11-13 00:44 - 2013-04-28 21:16 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2013-11-13 00:44 - 2013-04-28 21:16 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2013-11-13 00:40 - 2013-11-13 00:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-3865703.txt
2013-11-13 00:21 - 2013-11-13 00:21 - 00000000 ____D C:\Users\George Ciesinski\Documents\EA Games
2013-11-13 00:18 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2013-11-13 00:18 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2013-11-13 00:18 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2013-11-13 00:18 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2013-11-13 00:18 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2013-11-13 00:18 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2013-11-13 00:18 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2013-11-13 00:18 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2013-11-13 00:18 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2013-11-13 00:18 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2013-11-13 00:18 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2013-11-13 00:18 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2013-11-13 00:18 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2013-11-13 00:18 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2013-11-13 00:18 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2013-11-13 00:18 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2013-11-13 00:18 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2013-11-13 00:18 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2013-11-13 00:18 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2013-11-13 00:18 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2013-11-13 00:18 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2013-11-13 00:18 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2013-11-13 00:18 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2013-11-13 00:18 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2013-11-13 00:18 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2013-11-13 00:18 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2013-11-13 00:18 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2013-11-13 00:18 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2013-11-13 00:18 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2013-11-13 00:18 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2013-11-13 00:18 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2013-11-13 00:18 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2013-11-13 00:18 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2013-11-13 00:18 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2013-11-13 00:18 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2013-11-13 00:18 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2013-11-13 00:18 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2013-11-13 00:18 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2013-11-13 00:18 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2013-11-13 00:18 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2013-11-13 00:18 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2013-11-13 00:18 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2013-11-13 00:18 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2013-11-13 00:18 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2013-11-13 00:18 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2013-11-13 00:18 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2013-11-13 00:18 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2013-11-13 00:18 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2013-11-13 00:18 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2013-11-13 00:18 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2013-11-13 00:18 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2013-11-13 00:18 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2013-11-13 00:18 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2013-11-13 00:18 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2013-11-13 00:18 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2013-11-13 00:18 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2013-11-13 00:18 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2013-11-13 00:18 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2013-11-13 00:18 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2013-11-13 00:18 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2013-11-13 00:18 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2013-11-13 00:18 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2013-11-13 00:18 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2013-11-13 00:18 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2013-11-13 00:18 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2013-11-13 00:18 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2013-11-13 00:18 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2013-11-13 00:18 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2013-11-12 23:36 - 2013-11-12 23:36 - 00000117 _____ C:\WINDOWS\system32\netcfg-479687.txt
2013-11-12 23:36 - 2013-11-12 23:36 - 00000117 _____ C:\WINDOWS\system32\netcfg-16531.txt
2013-11-12 23:28 - 2013-11-12 23:28 - 00000117 _____ C:\WINDOWS\system32\netcfg-16640.txt
2013-11-12 23:27 - 2013-11-12 23:27 - 00000117 _____ C:\WINDOWS\system32\netcfg-595078.txt
2013-11-12 23:23 - 2013-11-12 23:23 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Malwarebytes
2013-11-12 23:23 - 2013-11-12 23:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-12 23:21 - 2013-11-12 23:21 - 00002794 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2013-11-12 23:21 - 2013-11-12 23:21 - 00000000 ____D C:\Program Files\CCleaner
2013-11-12 23:18 - 2013-11-12 23:18 - 00000117 _____ C:\WINDOWS\system32\netcfg-17656.txt
2013-11-12 23:17 - 2013-11-12 23:17 - 00000117 _____ C:\WINDOWS\system32\netcfg-1170500.txt
2013-11-12 23:17 - 2012-10-18 09:57 - 00106496 _____ (windowsforum.kr) C:\WINDOWS\system32\SLCHook.dll
2013-11-12 23:03 - 2013-11-12 23:03 - 00000680 _____ C:\Users\Public\Desktop\Steam.lnk
2013-11-12 23:02 - 2013-11-12 23:02 - 00000824 _____ C:\Users\George Ciesinski\Desktop\µTorrent.lnk
2013-11-12 23:02 - 2013-11-12 23:02 - 00000804 _____ C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-11-12 23:01 - 2013-11-20 18:34 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\uTorrent
2013-11-12 22:58 - 2013-11-12 22:58 - 00000117 _____ C:\WINDOWS\system32\netcfg-16734.txt
2013-11-12 22:57 - 2013-11-14 23:29 - 00000000 ____D C:\ProgramData\Creative
2013-11-12 22:57 - 2013-11-12 22:57 - 00000117 _____ C:\WINDOWS\system32\netcfg-188468.txt
2013-11-12 22:56 - 2013-11-12 22:56 - 00000000 ____D C:\ProgramData\Creative Labs
2013-11-12 22:55 - 2013-11-12 22:55 - 00019096 _____ C:\WINDOWS\system32\results.xml
2013-11-12 22:55 - 2013-11-12 22:55 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Macromedia
2013-11-12 22:55 - 2013-11-12 22:55 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\KeepSafe
2013-11-12 22:55 - 2013-11-12 22:55 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\Creative
2013-11-12 22:54 - 2013-11-12 22:54 - 00000117 _____ C:\WINDOWS\system32\netcfg-2227031.txt
2013-11-12 22:54 - 2013-11-12 22:54 - 00000117 _____ C:\WINDOWS\system32\netcfg-16156.txt
2013-11-12 22:53 - 2013-11-12 22:53 - 00000336 _____ C:\WINDOWS\system32\netcfg-2190125.txt
2013-11-12 22:49 - 2013-11-14 23:28 - 00000219 ___RH C:\WINDOWS\ctfile.rfc
2013-11-12 22:49 - 2009-12-23 21:49 - 00809560 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmp9F60.tmp
2013-11-12 22:49 - 2009-12-23 21:49 - 00809560 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmp9F50.tmp
2013-11-12 22:48 - 2013-11-14 23:28 - 00000000 ____D C:\Program Files (x86)\Creative
2013-11-12 22:47 - 2013-11-12 22:47 - 00821592 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2013-11-12 22:47 - 2013-11-12 22:47 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Intel Corporation
2013-11-12 22:46 - 2013-11-12 22:46 - 00000000 ____D C:\Users\George Ciesinski\Intel
2013-11-12 22:45 - 2013-11-13 00:46 - 00000000 ____D C:\WINDOWS\system32\upeksce
2013-11-12 22:45 - 2013-11-12 22:45 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-11-12 22:45 - 2013-11-12 22:45 - 00000000 ____D C:\Program Files\Common Files\AuthenTec
2013-11-12 22:45 - 2013-11-12 22:45 - 00000000 ____D C:\Program Files\AuthenTec TrueSuite
2013-11-12 22:44 - 2013-11-12 22:44 - 00000000 ____D C:\Program Files (x86)\FingerPrinter
2013-11-12 22:39 - 2013-03-26 19:06 - 02797128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2013-11-12 22:39 - 2013-03-26 17:40 - 03693128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2013-11-12 22:39 - 2013-03-20 15:16 - 02102040 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2013-11-12 22:39 - 2013-02-19 20:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2013-11-12 22:39 - 2011-12-20 17:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2013-11-12 22:39 - 2011-11-22 18:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2013-11-12 22:39 - 2010-11-03 20:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2013-11-12 22:39 - 2009-11-24 11:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2013-11-12 22:39 - 2009-11-24 11:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2013-11-12 22:39 - 2009-11-24 11:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2013-11-12 22:39 - 2009-11-24 11:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2013-11-12 22:39 - 2009-11-18 09:12 - 00032344 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\MBfilt64.sys
2013-11-12 22:38 - 2013-03-26 22:54 - 03376200 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2013-11-12 22:38 - 2013-03-26 21:34 - 00135240 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2013-11-12 22:38 - 2013-03-26 20:27 - 01102104 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBAPO264.dll
2013-11-12 22:38 - 2013-03-26 20:27 - 00918296 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO232.dll
2013-11-12 22:38 - 2013-03-26 19:04 - 02734624 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2013-11-12 22:38 - 2013-03-26 18:05 - 00445929 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2013-11-12 22:38 - 2013-03-26 16:38 - 01659464 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2013-11-12 22:38 - 2013-03-20 15:16 - 00910104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2013-11-12 22:38 - 2013-03-13 09:32 - 00208072 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2013-11-12 22:38 - 2013-02-28 15:10 - 02032408 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2013-11-12 22:38 - 2013-02-20 20:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2013-11-12 22:38 - 2013-01-16 18:02 - 02079816 ____R (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2013-11-12 22:38 - 2012-06-20 19:26 - 00110592 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2013-11-12 22:38 - 2012-06-08 18:23 - 00083072 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBWrp64.dll
2013-11-12 22:38 - 2012-03-08 13:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2013-11-12 22:38 - 2010-11-08 09:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2013-11-12 22:38 - 2010-11-08 09:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2013-11-12 22:38 - 2010-11-08 09:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2013-11-12 22:38 - 2010-11-08 09:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2013-11-12 22:38 - 2010-11-08 09:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2013-11-12 22:38 - 2010-11-08 09:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2013-11-12 22:38 - 2010-09-27 11:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2013-11-12 22:37 - 2013-11-13 00:53 - 00000000 ____D C:\Program Files\Intel
2013-11-12 22:37 - 2013-11-12 22:47 - 00000000 ____D C:\ProgramData\Intel
2013-11-12 22:37 - 2013-02-16 10:17 - 00016344 ____R (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelMEFWVer.dll
2013-11-12 22:36 - 2013-11-12 22:36 - 00000000 ____D C:\Program Files (x86)\Hotkey
2013-11-12 22:35 - 2013-11-12 22:35 - 00002982 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2013-11-12 22:35 - 2012-11-30 19:05 - 01035064 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2013-11-12 22:35 - 2012-11-30 19:05 - 00531768 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCOM.dll
2013-11-12 22:35 - 2012-11-30 19:05 - 00464184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2013-11-12 22:35 - 2012-11-30 19:05 - 00229176 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2013-11-12 22:35 - 2012-11-30 19:05 - 00179512 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo15.dll
2013-11-12 22:35 - 2012-11-30 19:05 - 00113976 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynTPCOM.dll
2013-11-12 22:35 - 2012-11-30 19:05 - 00031032 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2013-11-12 22:35 - 2011-09-15 13:11 - 01048576 _____ C:\WINDOWS\system32\syndata.bin
2013-11-12 22:35 - 2009-08-08 03:49 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2013-11-12 22:34 - 2013-11-13 00:46 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2013-11-12 22:34 - 2013-11-12 22:53 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-11-12 22:34 - 2012-12-26 01:29 - 09889504 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtsBaStorIcon.dll
2013-11-12 22:34 - 2012-12-26 01:29 - 00308960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsBaStor.sys
2013-11-12 22:33 - 2013-11-24 10:24 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-12 22:33 - 2013-11-13 02:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-11-12 22:33 - 2013-11-13 02:17 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-12 22:33 - 2013-11-11 10:02 - 06674208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2013-11-12 22:33 - 2013-11-11 10:02 - 03490080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2013-11-12 22:33 - 2013-11-11 10:01 - 03467927 _____ C:\WINDOWS\system32\nvcoproc.bin
2013-11-12 22:33 - 2013-11-11 10:01 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2013-11-12 22:33 - 2013-11-11 10:01 - 01065248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2013-11-12 22:33 - 2013-11-11 10:01 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2013-11-12 22:33 - 2013-11-11 10:01 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2013-11-12 22:33 - 2013-11-11 10:01 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2013-11-12 22:33 - 2013-11-11 10:01 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2013-11-12 22:32 - 2013-11-13 02:17 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-12 22:31 - 2013-11-12 22:31 - 00000716 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2013-11-12 22:30 - 2013-10-03 23:43 - 00066560 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.dll
2013-11-12 22:30 - 2013-10-03 23:42 - 13871616 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2013-11-12 22:30 - 2013-10-03 23:42 - 09081856 _____ (Intel Corporation) C:\WINDOWS\system32\igfxress.dll
2013-11-12 22:30 - 2013-10-03 23:42 - 04434432 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2013-11-12 22:30 - 2013-10-03 23:42 - 00623616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll
2013-11-12 22:30 - 2013-10-03 23:42 - 00223744 _____ (Intel Corporation) C:\WINDOWS\system32\hccutils.dll
2013-11-12 22:30 - 2013-04-28 21:16 - 02813952 _____ C:\WINDOWS\system32\iglhxa64.cpa
2013-11-12 22:30 - 2013-04-28 21:16 - 00442368 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2013-11-12 22:30 - 2013-04-28 21:16 - 00109056 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3131.dll
2013-11-12 22:30 - 2013-04-28 21:16 - 00094208 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2013-11-12 22:30 - 2013-04-28 21:16 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2013-11-12 22:30 - 2013-04-28 21:16 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2013-11-12 22:30 - 2013-04-28 21:16 - 00044025 _____ C:\WINDOWS\system32\iglhxo64.vp
2013-11-12 22:30 - 2013-04-28 21:16 - 00043816 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2013-11-12 22:30 - 2013-04-28 21:16 - 00043494 _____ C:\WINDOWS\system32\iglhxc64.vp
2013-11-12 22:30 - 2013-04-28 21:16 - 00043298 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2013-11-12 22:30 - 2013-04-28 21:16 - 00043256 _____ C:\WINDOWS\system32\iglhxg64.vp
2013-11-12 22:30 - 2013-04-28 21:16 - 00042079 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2013-11-12 22:30 - 2013-04-28 21:16 - 00015360 _____ (Intel® Corporation) C:\WINDOWS\system32\IntcDAuC.dll
2013-11-12 22:30 - 2013-04-28 21:16 - 00001125 _____ C:\WINDOWS\system32\iglhxa64.vp
2013-11-12 22:27 - 2013-11-12 22:27 - 00000117 _____ C:\WINDOWS\system32\netcfg-594125.txt
2013-11-12 22:26 - 2013-11-12 22:37 - 00000000 ____D C:\Program Files (x86)\Intel
2013-11-12 22:26 - 2013-11-12 22:28 - 00000000 ____D C:\Intel
2013-11-12 22:26 - 2013-11-12 22:26 - 00000117 _____ C:\WINDOWS\system32\netcfg-581593.txt
2013-11-12 22:26 - 2013-02-28 09:37 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll
2013-11-12 22:25 - 2013-11-25 16:47 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-12 22:23 - 2013-11-25 16:45 - 00000930 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-12 22:23 - 2013-11-25 15:28 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-12 22:23 - 2013-11-12 22:25 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\Google
2013-11-12 22:23 - 2013-11-12 22:24 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-12 22:23 - 2013-11-12 22:23 - 00003906 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-12 22:23 - 2013-11-12 22:23 - 00003670 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-12 22:23 - 2013-11-12 22:23 - 00000117 _____ C:\WINDOWS\system32\netcfg-353890.txt
2013-11-12 22:22 - 2013-11-25 16:45 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2013-11-12 22:22 - 2013-11-12 22:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-12 22:22 - 2013-11-12 22:22 - 00002238 _____ C:\Users\Public\Desktop\Qualcomm Atheros Killer Network Manager.lnk
2013-11-12 22:22 - 2013-11-12 22:22 - 00001259 _____ C:\WINDOWS\system32\netcfg-302375.txt
2013-11-12 22:22 - 2013-11-12 22:22 - 00001137 _____ C:\WINDOWS\system32\netcfg-303953.txt
2013-11-12 22:22 - 2013-11-12 22:22 - 00000320 _____ C:\WINDOWS\system32\netcfg-302828.txt
2013-11-12 22:22 - 2013-11-12 22:22 - 00000258 _____ C:\WINDOWS\system32\netcfg-303750.txt
2013-11-12 22:22 - 2013-11-12 22:22 - 00000117 _____ C:\WINDOWS\system32\netcfg-348296.txt
2013-11-12 22:22 - 2013-11-12 22:22 - 00000000 ____D C:\Program Files\Qualcomm Atheros
2013-11-12 21:58 - 2013-11-25 16:50 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-466112097-302593579-1822995480-1001
2013-11-12 21:52 - 2013-11-24 19:52 - 00000000 ___RD C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-12 21:52 - 2013-11-17 19:51 - 00000000 ___RD C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-12 21:52 - 2013-11-14 10:20 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\Packages
2013-11-12 21:52 - 2013-11-13 00:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2013-11-12 21:52 - 2013-11-13 00:46 - 00000000 ____D C:\ProgramData\PRICache
2013-11-12 21:52 - 2013-11-12 21:52 - 00000000 ____D C:\WINDOWS\CSC
2013-11-12 21:52 - 2013-11-12 21:52 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Adobe
2013-11-12 21:52 - 2013-11-12 21:52 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\VirtualStore
2013-11-12 21:51 - 2013-11-13 00:45 - 00000000 __SHD C:\Recovery
2013-11-12 21:50 - 2013-11-12 21:50 - 00001136 _____ C:\WINDOWS\system32\netcfg-16937.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00001102 _____ C:\WINDOWS\system32\netcfg-22281.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000185 _____ C:\WINDOWS\system32\netcfg-16484.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000164 _____ C:\WINDOWS\system32\netcfg-14796.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000163 _____ C:\WINDOWS\system32\netcfg-22046.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000161 _____ C:\WINDOWS\system32\netcfg-15343.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000160 _____ C:\WINDOWS\system32\netcfg-15218.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000160 _____ C:\WINDOWS\system32\netcfg-15078.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000160 _____ C:\WINDOWS\system32\netcfg-13890.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000159 _____ C:\WINDOWS\system32\netcfg-14000.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000157 _____ C:\WINDOWS\system32\netcfg-14921.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000157 _____ C:\WINDOWS\system32\netcfg-14671.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000150 _____ C:\WINDOWS\system32\netcfg-13765.txt
2013-11-12 21:49 - 2013-11-13 00:40 - 00008192 __RSH C:\BOOTSECT.BAK

==================== One Month Modified Files and Folders =======

2013-11-25 16:52 - 2013-11-25 16:51 - 00014442 _____ C:\Users\George Ciesinski\Desktop\FRST.txt
2013-11-25 16:51 - 2013-11-25 16:51 - 00000000 ____D C:\FRST
2013-11-25 16:50 - 2013-11-25 16:49 - 01958474 _____ (Farbar) C:\Users\George Ciesinski\Desktop\FRST64.exe
2013-11-25 16:50 - 2013-11-13 00:56 - 00865408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-25 16:50 - 2013-11-12 21:58 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-466112097-302593579-1822995480-1001
2013-11-25 16:47 - 2013-11-24 19:51 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Dropbox
2013-11-25 16:47 - 2013-11-12 22:25 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-25 16:45 - 2013-11-25 16:45 - 00296408 _____ C:\WINDOWS\Minidump\112513-4593-01.dmp
2013-11-25 16:45 - 2013-11-20 19:35 - 00000570 _____ C:\WINDOWS\Tasks\MATLAB R2013b Startup Accelerator.job
2013-11-25 16:45 - 2013-11-13 14:11 - 508788374 _____ C:\WINDOWS\MEMORY.DMP
2013-11-25 16:45 - 2013-11-13 14:11 - 00000000 ____D C:\WINDOWS\Minidump
2013-11-25 16:45 - 2013-11-12 22:23 - 00000930 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-25 16:45 - 2013-11-12 22:22 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2013-11-25 16:45 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-25 16:44 - 2013-11-13 00:48 - 01681246 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-25 16:00 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-11-25 15:28 - 2013-11-12 22:23 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-25 15:12 - 2013-11-25 15:12 - 00214528 _____ C:\Users\George Ciesinski\Downloads\MeasurInstrum1A (1).ppt
2013-11-25 15:12 - 2013-11-25 15:12 - 00116736 _____ C:\Users\George Ciesinski\Downloads\CloseLoopStabilityA (1).ppt
2013-11-25 14:45 - 2013-11-25 14:45 - 00217088 _____ C:\Users\George Ciesinski\Downloads\MeasurInstrum1A.ppt
2013-11-25 14:45 - 2013-11-25 14:45 - 00114176 _____ C:\Users\George Ciesinski\Downloads\CloseLoopStabilityA.ppt
2013-11-25 14:25 - 2013-11-18 13:47 - 00000166 _____ C:\Users\George Ciesinski\Desktop\2013.11.18 Car Maintenance.txt
2013-11-25 00:22 - 2013-11-13 09:14 - 00000000 ___RD C:\Users\George Ciesinski\Desktop\Security & Maintenance
2013-11-24 19:58 - 2013-11-24 19:58 - 00001062 _____ C:\Users\George Ciesinski\Desktop\Dropbox.lnk
2013-11-24 19:52 - 2013-11-12 21:52 - 00000000 ___RD C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-24 19:51 - 2013-11-24 19:51 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-24 19:50 - 2013-11-24 19:48 - 35334016 _____ (Dropbox, Inc.) C:\Users\George Ciesinski\Downloads\Dropbox 2.4.7.exe
2013-11-24 19:37 - 2013-11-24 19:37 - 00293376 _____ C:\WINDOWS\Minidump\112413-4593-01.dmp
2013-11-24 15:57 - 2013-11-24 10:24 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2013-11-24 15:57 - 2013-11-24 10:24 - 00000000 ____D C:\WINDOWS\system32\NV
2013-11-24 15:57 - 2013-11-13 00:46 - 00000000 ____D C:\Users\George Ciesinski
2013-11-24 14:17 - 2013-11-24 14:17 - 00000000 ____D C:\Users\George Ciesinski\Documents\Arduino
2013-11-24 14:17 - 2013-11-24 14:17 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Arduino
2013-11-24 13:47 - 2013-11-13 09:28 - 00000000 ____D C:\Users\George Ciesinski\Documents\Visual Studio 2010
2013-11-24 13:14 - 2013-11-24 13:14 - 00291936 _____ C:\WINDOWS\Minidump\112413-4968-01.dmp
2013-11-24 10:24 - 2013-11-24 10:24 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-11-24 10:24 - 2013-11-12 22:33 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-24 10:23 - 2013-11-24 10:23 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-11-24 00:06 - 2013-11-24 00:06 - 00819176 _____ (Google Inc.) C:\Users\George Ciesinski\Downloads\ChromeSetup.exe
2013-11-23 23:50 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-11-23 23:05 - 2013-11-23 23:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-23 23:04 - 2013-11-23 23:04 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\George Ciesinski\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-23 22:00 - 2013-11-23 22:00 - 00292224 _____ C:\WINDOWS\Minidump\112313-5078-01.dmp
2013-11-22 16:22 - 2013-11-22 16:22 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\AliensVsPredator
2013-11-22 16:21 - 2013-11-13 01:55 - 00069240 _____ C:\WINDOWS\DirectX.log
2013-11-22 14:04 - 2013-11-22 14:04 - 00289632 _____ C:\WINDOWS\Minidump\112213-5703-01.dmp
2013-11-21 23:27 - 2013-11-21 23:27 - 00288096 _____ C:\WINDOWS\Minidump\112113-4984-01.dmp
2013-11-21 21:09 - 2013-11-21 21:09 - 00289768 _____ C:\WINDOWS\Minidump\112113-6109-01.dmp
2013-11-21 19:08 - 2013-11-21 19:08 - 00296736 _____ C:\WINDOWS\Minidump\112113-6015-01.dmp
2013-11-21 01:17 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\rescache
2013-11-20 23:01 - 2013-11-20 22:38 - 355583330 _____ C:\Users\George Ciesinski\Downloads\ctr_-_crash_team_racing.zip
2013-11-20 22:39 - 2013-11-20 22:39 - 00000565 _____ C:\WINDOWS\wmsetup.log
2013-11-20 22:36 - 2013-11-20 22:12 - 00000000 ____D C:\Users\George Ciesinski\Desktop\ePSXe
2013-11-20 22:15 - 2013-11-20 22:15 - 00175318 _____ C:\Users\George Ciesinski\Downloads\gpupeteogl209.zip
2013-11-20 22:13 - 2013-11-20 22:13 - 00524288 _____ C:\Users\George Ciesinski\Downloads\SCPH1001.BIN
2013-11-20 22:12 - 2013-11-20 22:12 - 00638836 _____ C:\Users\George Ciesinski\Downloads\ePSXe190.zip
2013-11-20 22:09 - 2013-11-20 22:09 - 00296376 _____ C:\WINDOWS\Minidump\112013-4921-01.dmp
2013-11-20 19:43 - 2013-11-13 09:20 - 00000000 ___RD C:\Users\George Ciesinski\Desktop\Engineering Software
2013-11-20 19:40 - 2013-11-20 19:40 - 00000000 ____D C:\Users\George Ciesinski\Documents\MATLAB
2013-11-20 19:40 - 2013-11-20 19:40 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Subversion
2013-11-20 19:40 - 2013-11-20 19:40 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\MathWorks
2013-11-20 19:37 - 2013-11-20 19:04 - 00000000 ____D C:\Program Files\MATLAB
2013-11-20 19:35 - 2013-11-20 19:35 - 00003738 _____ C:\WINDOWS\System32\Tasks\MATLAB R2013b Startup Accelerator
2013-11-20 18:34 - 2013-11-12 23:01 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\uTorrent
2013-11-20 17:58 - 2013-11-13 10:32 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\SolidWorks
2013-11-20 15:29 - 2013-11-20 15:29 - 00000039 _____ C:\Users\George Ciesinski\Desktop\Torrents In Prog.txt
2013-11-20 14:59 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-11-20 14:54 - 2013-11-20 14:54 - 00000000 ____D C:\WINDOWS\ERUNT
2013-11-20 14:12 - 2013-08-22 10:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2013-11-20 14:12 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-11-20 14:12 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-11-20 14:12 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Camera
2013-11-20 14:12 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Windows Defender
2013-11-20 14:12 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-11-20 14:12 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2013-11-20 14:12 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-11-20 14:12 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\Dism
2013-11-20 14:08 - 2013-11-20 13:47 - 00000000 ____D C:\AdwCleaner
2013-11-20 13:58 - 2013-11-15 09:28 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\Arma 3
2013-11-19 17:53 - 2013-11-19 17:53 - 00293280 _____ C:\WINDOWS\Minidump\111913-5125-01.dmp
2013-11-19 05:30 - 2013-11-15 08:55 - 00267936 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-11-18 14:41 - 2013-11-18 14:41 - 00296736 _____ C:\WINDOWS\Minidump\111813-5968-01.dmp
2013-11-18 12:29 - 2013-11-18 12:29 - 00000035 _____ C:\Users\George Ciesinski\Desktop\MIT App Designer.txt
2013-11-17 19:51 - 2013-11-12 21:52 - 00000000 ___RD C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-17 19:50 - 2013-08-22 10:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-11-17 19:49 - 2013-08-22 09:44 - 00498272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-11-17 19:48 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-11-17 19:48 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2013-11-17 19:48 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-11-17 15:29 - 2013-11-13 17:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-17 15:29 - 2013-08-22 08:25 - 00000167 _____ C:\WINDOWS\win.ini
2013-11-15 14:07 - 2013-11-15 09:28 - 00000000 ____D C:\Users\George Ciesinski\Documents\Arma 3
2013-11-15 14:03 - 2013-11-15 14:03 - 00292032 _____ C:\WINDOWS\Minidump\111513-5515-01.dmp
2013-11-15 10:02 - 2013-11-14 19:53 - 00003966 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4D336936-046B-40DB-83FB-F9ED315F121D}
2013-11-15 09:39 - 2013-11-13 00:54 - 00000000 __RDO C:\Users\George Ciesinski\SkyDrive
2013-11-15 09:35 - 2013-11-15 09:35 - 00292224 _____ C:\WINDOWS\Minidump\111513-5593-01.dmp
2013-11-15 09:28 - 2013-11-15 09:28 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-11-14 23:29 - 2013-11-12 22:57 - 00000000 ____D C:\ProgramData\Creative
2013-11-14 23:28 - 2013-11-14 23:28 - 00466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2013-11-14 23:28 - 2013-11-14 23:28 - 00445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2013-11-14 23:28 - 2013-11-14 23:28 - 00123480 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2013-11-14 23:28 - 2013-11-14 23:28 - 00109144 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2013-11-14 23:28 - 2013-11-12 22:49 - 00000219 ___RH C:\WINDOWS\ctfile.rfc
2013-11-14 23:28 - 2013-11-12 22:48 - 00000000 ____D C:\Program Files (x86)\Creative
2013-11-14 23:27 - 2013-11-14 23:27 - 00000000 ____D C:\Program Files\Creative
2013-11-14 20:47 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2013-11-14 20:23 - 2013-11-14 20:23 - 00286264 _____ C:\WINDOWS\Minidump\111413-4703-01.dmp
2013-11-14 20:19 - 2013-11-14 20:19 - 00294760 _____ C:\WINDOWS\Minidump\111413-8296-01.dmp
2013-11-14 20:18 - 2013-11-14 13:08 - 00006614 _____ C:\WINDOWS\PFRO.log
2013-11-14 17:11 - 2013-11-14 17:11 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-11-14 17:11 - 2013-11-14 17:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-11-14 17:10 - 2013-11-14 17:10 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-11-14 17:10 - 2013-11-14 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-11-14 17:08 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Common Files\System
2013-11-14 16:55 - 2013-11-14 16:52 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-14 16:44 - 2013-11-14 16:44 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-11-14 16:44 - 2013-11-14 16:44 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-11-14 16:44 - 2013-08-22 14:11 - 00000000 ____D C:\WINDOWS\ShellNew
2013-11-14 16:44 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-11-14 16:43 - 2013-11-14 16:43 - 00000000 ____D C:\Program Files\Microsoft Sync Framework
2013-11-14 16:43 - 2013-11-14 16:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-11-14 16:43 - 2013-11-13 17:46 - 00000000 ____D C:\Program Files\Microsoft Office
2013-11-14 16:43 - 2013-11-13 03:43 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-14 16:42 - 2013-11-14 16:42 - 00000000 __RHD C:\MSOCache
2013-11-14 16:42 - 2013-11-14 16:42 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-11-14 16:42 - 2013-11-14 16:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-11-14 16:42 - 2013-11-13 10:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-11-14 15:45 - 2013-11-14 15:45 - 00000000 ____D C:\Users\George Ciesinski\Downloads\English_Office_Professional_Plus_2010_W64_X17-75371
2013-11-14 15:38 - 2013-11-13 09:30 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-11-14 15:38 - 2013-11-13 09:29 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-11-14 15:29 - 2013-11-14 15:29 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\e-academy Inc
2013-11-14 15:29 - 2013-11-14 15:29 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\e-academy Inc
2013-11-14 15:17 - 2013-11-14 15:17 - 00293320 _____ C:\WINDOWS\Minidump\111413-5265-01.dmp
2013-11-14 13:08 - 2013-11-14 13:08 - 00296672 _____ C:\WINDOWS\Minidump\111413-7109-01.dmp
2013-11-14 10:20 - 2013-11-12 21:52 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\Packages
2013-11-14 09:50 - 2013-11-13 01:01 - 00003103 _____ C:\WINDOWS\setupact.log
2013-11-14 06:58 - 2013-11-24 10:22 - 30361888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 22951200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 18293608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 18208624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 15862272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 15218504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 12613408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2013-11-14 06:58 - 2013-11-24 10:22 - 11600432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 11514624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 09691888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 09619872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 03132704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 03125024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 02947872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 02747680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433182.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433182.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 00707360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 00657184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 00609568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 00562464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 00357152 _____ C:\WINDOWS\system32\NvIFROpenGL.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 00314656 _____ C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2013-11-14 06:58 - 2013-11-24 10:22 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2013-11-14 06:58 - 2013-11-13 02:15 - 02697248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2013-11-14 06:58 - 2013-11-13 01:07 - 01242400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2013-11-14 06:58 - 2013-11-13 01:07 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2013-11-14 06:58 - 2013-09-05 02:37 - 01436528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2013-11-14 06:58 - 2013-09-05 02:36 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2013-11-14 06:58 - 2013-09-05 02:36 - 00023754 _____ C:\WINDOWS\system32\nvinfo.pb
2013-11-14 06:58 - 2013-09-05 02:35 - 03069608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2013-11-14 02:08 - 2013-11-13 11:02 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\TempSWBackupDirectory
2013-11-14 00:00 - 2013-11-13 03:44 - 00000000 ___DC C:\WINDOWS\Panther
2013-11-13 17:46 - 2013-11-13 17:46 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\Microsoft Help
2013-11-13 14:11 - 2013-11-13 14:11 - 00290728 _____ C:\WINDOWS\Minidump\111313-5046-01.dmp
2013-11-13 11:10 - 2013-11-13 11:10 - 00000000 ____D C:\Users\George Ciesinski\Documents\4A Games
2013-11-13 11:06 - 2013-11-13 11:06 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\4A Games
2013-11-13 11:05 - 2013-11-13 11:01 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\NVIDIA
2013-11-13 11:01 - 2013-11-13 11:01 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\SolidWorks
2013-11-13 10:55 - 2013-11-13 10:55 - 00000000 ____D C:\ProgramData\Simpoe
2013-11-13 10:55 - 2013-11-13 10:36 - 00000000 ____D C:\Program Files\SolidWorks Corp
2013-11-13 10:54 - 2013-11-13 10:54 - 00000000 ____D C:\ProgramData\SolidWorks Flow Simulation
2013-11-13 10:54 - 2013-11-13 10:54 - 00000000 ____D C:\ProgramData\COSMOS Applications
2013-11-13 10:54 - 2013-11-13 10:36 - 00000000 ____D C:\Program Files\Common Files\SolidWorks Shared
2013-11-13 10:53 - 2013-11-13 10:53 - 00000000 ____D C:\Program Files (x86)\SolidWorks Corp
2013-11-13 10:52 - 2013-11-13 10:52 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\help_images_otherUI
2013-11-13 10:52 - 2013-11-13 10:52 - 00000000 _____ C:\WINDOWS\eDrawingOfficeAutomator.INI
2013-11-13 10:47 - 2013-11-13 10:47 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\DassaultSystemes
2013-11-13 10:47 - 2013-11-13 10:47 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\DassaultSystemes
2013-11-13 10:47 - 2013-11-13 10:47 - 00000000 ____D C:\ProgramData\DassaultSystemes
2013-11-13 10:46 - 2013-11-13 10:34 - 00000000 ____D C:\SolidWorks Data
2013-11-13 10:36 - 2013-11-13 10:36 - 00000000 ____D C:\ProgramData\SolidWorks
2013-11-13 10:36 - 2013-11-13 10:36 - 00000000 ____D C:\ProgramData\Apple
2013-11-13 10:36 - 2013-11-13 10:36 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2013-11-13 10:36 - 2013-11-13 10:36 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2013-11-13 10:36 - 2013-11-13 10:36 - 00000000 ____D C:\Program Files\Bonjour
2013-11-13 10:36 - 2013-11-13 10:36 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-11-13 10:35 - 2013-11-13 10:35 - 00000000 ____D C:\ProgramData\FLEXnet
2013-11-13 10:35 - 2013-11-13 10:35 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-11-13 10:34 - 2013-11-13 10:32 - 00000000 ____D C:\WINDOWS\SolidWorks
2013-11-13 10:25 - 2013-11-13 10:25 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\WinRAR
2013-11-13 10:25 - 2013-11-13 10:25 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-11-13 10:25 - 2013-11-13 10:25 - 00000000 ____D C:\Program Files\WinRAR
2013-11-13 09:56 - 2013-11-13 09:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-11-13 09:32 - 2013-11-13 09:32 - 00000000 ____D C:\WINDOWS\system32\RsFx
2013-11-13 09:31 - 2013-11-13 09:31 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2013-11-13 09:31 - 2013-11-13 09:31 - 00000000 ____D C:\WINDOWS\system32\1033
2013-11-13 09:31 - 2013-11-13 09:31 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2013-11-13 09:31 - 2013-11-13 09:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2013-11-13 09:28 - 2013-11-13 09:28 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2013-11-13 09:28 - 2013-11-13 09:28 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-11-13 09:28 - 2013-11-13 09:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-11-13 09:28 - 2013-11-13 09:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-11-13 09:27 - 2013-11-13 09:27 - 00000000 ____D C:\WINDOWS\symbols
2013-11-13 09:27 - 2013-11-13 09:27 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2013-11-13 09:27 - 2013-11-13 09:27 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2013-11-13 09:27 - 2013-11-13 09:27 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-11-13 09:26 - 2013-11-13 09:26 - 00000000 ____D C:\WINDOWS\PCHEALTH
2013-11-13 09:22 - 2013-11-13 09:22 - 00004264 _____ C:\WINDOWS\DPINST.LOG
2013-11-13 03:43 - 2013-11-13 03:43 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-11-13 03:43 - 2013-11-13 03:43 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-11-13 03:43 - 2013-11-13 03:43 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-11-13 03:43 - 2013-11-13 03:43 - 00000000 ____D C:\Program Files\MSBuild
2013-11-13 03:43 - 2013-11-13 03:43 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-11-13 03:43 - 2013-08-22 10:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-11-13 02:18 - 2013-11-13 02:18 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\NVIDIA Corporation
2013-11-13 02:18 - 2013-11-13 02:18 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\NVIDIA
2013-11-13 02:17 - 2013-11-13 02:17 - 00001363 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-11-13 02:17 - 2013-11-12 22:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-11-13 02:17 - 2013-11-12 22:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-13 02:17 - 2013-11-12 22:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-13 02:14 - 2013-11-13 02:14 - 00000000 ____D C:\NVIDIA
2013-11-13 01:03 - 2013-11-13 01:03 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\zachtronics industries
2013-11-13 01:01 - 2013-11-13 01:01 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-13 00:53 - 2013-11-12 22:37 - 00000000 ____D C:\Program Files\Intel
2013-11-13 00:50 - 2013-11-12 21:52 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2013-11-13 00:49 - 2013-11-13 00:49 - 00001442 _____ C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-13 00:49 - 2013-11-13 00:49 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-11-13 00:49 - 2013-11-13 00:49 - 00000020 ___SH C:\Users\George Ciesinski\ntuser.ini
2013-11-13 00:49 - 2012-07-26 00:37 - 00000000 ____D C:\Users\Default.migrated
2013-11-13 00:48 - 2013-11-13 00:46 - 00028578 _____ C:\WINDOWS\diagwrn.xml
2013-11-13 00:48 - 2013-11-13 00:46 - 00028578 _____ C:\WINDOWS\diagerr.xml
2013-11-13 00:48 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\restore
2013-11-13 00:48 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Registration
2013-11-13 00:47 - 2013-11-13 00:47 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-11-13 00:47 - 2013-08-22 10:36 - 00000000 __RSD C:\WINDOWS\Media
2013-11-13 00:47 - 2013-08-22 10:36 - 00000000 __RHD C:\Users\Public\Libraries
2013-11-13 00:46 - 2013-11-13 00:46 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-13 00:46 - 2013-11-13 00:46 - 00000000 ___RD C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-13 00:46 - 2013-11-13 00:46 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-11-13 00:46 - 2013-11-13 00:44 - 00000000 ____D C:\Program Files\AuthenTec
2013-11-13 00:46 - 2013-11-12 22:45 - 00000000 ____D C:\WINDOWS\system32\upeksce
2013-11-13 00:46 - 2013-11-12 22:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2013-11-13 00:46 - 2013-11-12 21:52 - 00000000 ____D C:\ProgramData\PRICache
2013-11-13 00:46 - 2013-08-22 14:09 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2013-11-13 00:46 - 2013-08-22 14:09 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2013-11-13 00:46 - 2013-08-22 14:09 - 00000000 ____D C:\WINDOWS\system32\WCN
2013-11-13 00:46 - 2013-08-22 10:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\spool
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\IME
2013-11-13 00:46 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Help
2013-11-13 00:46 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2013-11-13 00:46 - 2013-08-22 08:25 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2013-11-13 00:45 - 2013-11-12 21:51 - 00000000 __SHD C:\Recovery
2013-11-13 00:45 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-11-13 00:44 - 2013-11-13 00:44 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2013-11-13 00:44 - 2013-11-13 00:44 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_tcwbf_01_09_00.Wdf
2013-11-13 00:44 - 2013-11-13 00:44 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2013-11-13 00:44 - 2013-11-13 00:44 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2013-11-13 00:44 - 2013-11-13 00:44 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2013-11-13 00:44 - 2013-11-13 00:44 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-11-13 00:44 - 2013-11-13 00:44 - 00000000 ____D C:\Program Files\Synaptics
2013-11-13 00:44 - 2013-11-13 00:44 - 00000000 ____D C:\Program Files\Realtek
2013-11-13 00:44 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2013-11-13 00:40 - 2013-11-13 00:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-3865703.txt
2013-11-13 00:40 - 2013-11-12 21:49 - 00008192 __RSH C:\BOOTSECT.BAK
2013-11-13 00:29 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-11-13 00:21 - 2013-11-13 00:21 - 00000000 ____D C:\Users\George Ciesinski\Documents\EA Games
2013-11-12 23:36 - 2013-11-12 23:36 - 00000117 _____ C:\WINDOWS\system32\netcfg-479687.txt
2013-11-12 23:36 - 2013-11-12 23:36 - 00000117 _____ C:\WINDOWS\system32\netcfg-16531.txt
2013-11-12 23:28 - 2013-11-12 23:28 - 00000117 _____ C:\WINDOWS\system32\netcfg-16640.txt
2013-11-12 23:27 - 2013-11-12 23:27 - 00000117 _____ C:\WINDOWS\system32\netcfg-595078.txt
2013-11-12 23:23 - 2013-11-12 23:23 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Malwarebytes
2013-11-12 23:23 - 2013-11-12 23:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-12 23:21 - 2013-11-12 23:21 - 00002794 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2013-11-12 23:21 - 2013-11-12 23:21 - 00000000 ____D C:\Program Files\CCleaner
2013-11-12 23:18 - 2013-11-12 23:18 - 00000117 _____ C:\WINDOWS\system32\netcfg-17656.txt
2013-11-12 23:17 - 2013-11-12 23:17 - 00000117 _____ C:\WINDOWS\system32\netcfg-1170500.txt
2013-11-12 23:03 - 2013-11-12 23:03 - 00000680 _____ C:\Users\Public\Desktop\Steam.lnk
2013-11-12 23:02 - 2013-11-12 23:02 - 00000824 _____ C:\Users\George Ciesinski\Desktop\µTorrent.lnk
2013-11-12 23:02 - 2013-11-12 23:02 - 00000804 _____ C:\Users\George Ciesinski\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-11-12 22:58 - 2013-11-12 22:58 - 00000117 _____ C:\WINDOWS\system32\netcfg-16734.txt
2013-11-12 22:57 - 2013-11-12 22:57 - 00000117 _____ C:\WINDOWS\system32\netcfg-188468.txt
2013-11-12 22:56 - 2013-11-12 22:56 - 00000000 ____D C:\ProgramData\Creative Labs
2013-11-12 22:55 - 2013-11-12 22:55 - 00019096 _____ C:\WINDOWS\system32\results.xml
2013-11-12 22:55 - 2013-11-12 22:55 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Macromedia
2013-11-12 22:55 - 2013-11-12 22:55 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\KeepSafe
2013-11-12 22:55 - 2013-11-12 22:55 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\Creative
2013-11-12 22:54 - 2013-11-12 22:54 - 00000117 _____ C:\WINDOWS\system32\netcfg-2227031.txt
2013-11-12 22:54 - 2013-11-12 22:54 - 00000117 _____ C:\WINDOWS\system32\netcfg-16156.txt
2013-11-12 22:53 - 2013-11-12 22:53 - 00000336 _____ C:\WINDOWS\system32\netcfg-2190125.txt
2013-11-12 22:53 - 2013-11-12 22:34 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-11-12 22:53 - 2013-11-12 22:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-12 22:47 - 2013-11-12 22:47 - 00821592 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2013-11-12 22:47 - 2013-11-12 22:47 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Intel Corporation
2013-11-12 22:47 - 2013-11-12 22:37 - 00000000 ____D C:\ProgramData\Intel
2013-11-12 22:46 - 2013-11-12 22:46 - 00000000 ____D C:\Users\George Ciesinski\Intel
2013-11-12 22:45 - 2013-11-12 22:45 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-11-12 22:45 - 2013-11-12 22:45 - 00000000 ____D C:\Program Files\Common Files\AuthenTec
2013-11-12 22:45 - 2013-11-12 22:45 - 00000000 ____D C:\Program Files\AuthenTec TrueSuite
2013-11-12 22:44 - 2013-11-12 22:44 - 00000000 ____D C:\Program Files (x86)\FingerPrinter
2013-11-12 22:37 - 2013-11-12 22:26 - 00000000 ____D C:\Program Files (x86)\Intel
2013-11-12 22:36 - 2013-11-12 22:36 - 00000000 ____D C:\Program Files (x86)\Hotkey
2013-11-12 22:35 - 2013-11-12 22:35 - 00002982 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2013-11-12 22:31 - 2013-11-12 22:31 - 00000716 _____ C:\Users\Public\Desktop\Intel® HD Graphics Control Panel.lnk
2013-11-12 22:28 - 2013-11-12 22:26 - 00000000 ____D C:\Intel
2013-11-12 22:27 - 2013-11-12 22:27 - 00000117 _____ C:\WINDOWS\system32\netcfg-594125.txt
2013-11-12 22:26 - 2013-11-12 22:26 - 00000117 _____ C:\WINDOWS\system32\netcfg-581593.txt
2013-11-12 22:25 - 2013-11-12 22:23 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\Google
2013-11-12 22:24 - 2013-11-12 22:23 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-12 22:23 - 2013-11-12 22:23 - 00003906 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-12 22:23 - 2013-11-12 22:23 - 00003670 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-12 22:23 - 2013-11-12 22:23 - 00000117 _____ C:\WINDOWS\system32\netcfg-353890.txt
2013-11-12 22:22 - 2013-11-12 22:22 - 00002238 _____ C:\Users\Public\Desktop\Qualcomm Atheros Killer Network Manager.lnk
2013-11-12 22:22 - 2013-11-12 22:22 - 00001259 _____ C:\WINDOWS\system32\netcfg-302375.txt
2013-11-12 22:22 - 2013-11-12 22:22 - 00001137 _____ C:\WINDOWS\system32\netcfg-303953.txt
2013-11-12 22:22 - 2013-11-12 22:22 - 00000320 _____ C:\WINDOWS\system32\netcfg-302828.txt
2013-11-12 22:22 - 2013-11-12 22:22 - 00000258 _____ C:\WINDOWS\system32\netcfg-303750.txt
2013-11-12 22:22 - 2013-11-12 22:22 - 00000117 _____ C:\WINDOWS\system32\netcfg-348296.txt
2013-11-12 22:22 - 2013-11-12 22:22 - 00000000 ____D C:\Program Files\Qualcomm Atheros
2013-11-12 21:52 - 2013-11-12 21:52 - 00000000 ____D C:\WINDOWS\CSC
2013-11-12 21:52 - 2013-11-12 21:52 - 00000000 ____D C:\Users\George Ciesinski\AppData\Roaming\Adobe
2013-11-12 21:52 - 2013-11-12 21:52 - 00000000 ____D C:\Users\George Ciesinski\AppData\Local\VirtualStore
2013-11-12 21:50 - 2013-11-12 21:50 - 00001136 _____ C:\WINDOWS\system32\netcfg-16937.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00001102 _____ C:\WINDOWS\system32\netcfg-22281.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000185 _____ C:\WINDOWS\system32\netcfg-16484.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000164 _____ C:\WINDOWS\system32\netcfg-14796.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000163 _____ C:\WINDOWS\system32\netcfg-22046.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000161 _____ C:\WINDOWS\system32\netcfg-15343.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000160 _____ C:\WINDOWS\system32\netcfg-15218.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000160 _____ C:\WINDOWS\system32\netcfg-15078.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000160 _____ C:\WINDOWS\system32\netcfg-13890.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000159 _____ C:\WINDOWS\system32\netcfg-14000.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000157 _____ C:\WINDOWS\system32\netcfg-14921.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000157 _____ C:\WINDOWS\system32\netcfg-14671.txt
2013-11-12 21:50 - 2013-11-12 21:50 - 00000150 _____ C:\WINDOWS\system32\netcfg-13765.txt
2013-11-11 10:02 - 2013-11-12 22:33 - 06674208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2013-11-11 10:02 - 2013-11-12 22:33 - 03490080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2013-11-11 10:01 - 2013-11-12 22:33 - 03467927 _____ C:\WINDOWS\system32\nvcoproc.bin
2013-11-11 10:01 - 2013-11-12 22:33 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2013-11-11 10:01 - 2013-11-12 22:33 - 01065248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2013-11-11 10:01 - 2013-11-12 22:33 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2013-11-11 10:01 - 2013-11-12 22:33 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2013-11-11 10:01 - 2013-11-12 22:33 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2013-11-11 10:01 - 2013-11-12 22:33 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2013-11-08 15:47 - 2013-11-13 02:17 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2013-11-08 15:47 - 2013-11-13 02:17 - 00955168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2013-11-07 16:00 - 2013-11-14 16:52 - 82896128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-05 18:31 - 2013-08-22 10:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-11-05 18:31 - 2013-08-22 10:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-05 15:21 - 2013-11-16 19:43 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-11-05 13:51 - 2013-11-16 19:43 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-11-05 11:20 - 2013-11-16 19:43 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-11-05 11:11 - 2013-11-16 19:43 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-11-05 09:30 - 2013-11-16 19:43 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-11-05 09:29 - 2013-11-16 19:43 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

Some content of TEMP:
====================
C:\Users\George Ciesinski\AppData\Local\Temp\ose00000.exe
C:\Users\George Ciesinski\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2013-11-16 19:45] - [2013-10-22 02:55] - 2328872 ____A (Microsoft Corporation) 63DC38C3E4564B2405D562855643ABA2

C:\Windows\SysWOW64\explorer.exe
[2013-11-16 19:45] - [2013-10-22 01:03] - 2065448 ____A (Microsoft Corporation) 1A0BC9598E4A58FC84570FFF5A108E58

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll
[2013-11-16 19:45] - [2013-10-21 21:38] - 1362944 ____A (Microsoft Corporation) C72456BFFE941714CF05B0AA0BEE5B45

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-22 14:15

==================== End Of Log ============================



Addition log is attached.

Attached Files


  • 0

#10
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here CCleaner

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. default settings are fine
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

I see that you have MBAM installed - That is great!! and at this time I would like you to update it and run me a quick scan

  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidentally close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.



Download HijackThis

  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic


"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

  • 0

#11
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
  • 0

#12
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP