Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

multiple iexplorer.exe's showing in task manager [Solved]


  • This topic is locked This topic is locked

#16
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hey! :)

Well an update on how the computer is running, it still seems to be doing ok. I feel it could possibly be better, but it's working well. Not sure if it's normal, but the loading curser appears sometimes as if it's trying to run something or something. One thing I forgot to mention, is I've had a few moments when I had Internet Explorer opened and it just closed on it's own. Another little problem it's been having, is the Internet Explorer page I'm on will sometimes become unresponsive and it will give me the option to close the program... it does that a lot on youtube.

Anyway, I'll post the logs in separate replies.
  • 0

Advertisements


#17
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-12-11 14:53:28
-----------------------------
14:53:28.495 OS Version: Windows x64 6.1.7601 Service Pack 1
14:53:28.495 Number of processors: 2 586 0x200
14:53:28.495 ComputerName: MULLINS4-HP UserName: mullins4
14:53:31.405 Initialize success
14:54:23.275 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000063
14:54:23.275 Disk 0 Vendor: Hitachi_ JE3O Size: 476940MB BusType: 11
14:54:23.535 Disk 0 MBR read successfully
14:54:23.535 Disk 0 MBR scan
14:54:23.545 Disk 0 Windows 7 default MBR code
14:54:23.595 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
14:54:23.655 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 458526 MB offset 409600
14:54:23.725 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 14150 MB offset 939470848
14:54:23.785 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 4063 MB offset 968450048
14:54:24.145 Disk 0 scanning C:\Windows\system32\drivers
14:54:35.105 Service scanning
14:55:03.654 Modules scanning
14:55:03.664 Disk 0 trace - called modules:
14:55:03.694 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys ACPI.sys storport.sys hal.dll amd_sata.sys
14:55:03.734 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004102060]
14:55:03.744 3 CLASSPNP.SYS[fffff8800194a43f] -> nt!IofCallDriver -> [0xfffffa8003b928c0]
14:55:03.764 5 amd_xata.sys[fffff880010f7b3f] -> nt!IofCallDriver -> [0xfffffa8003b907a0]
14:55:03.774 7 ACPI.sys[fffff88000f2a7a1] -> nt!IofCallDriver -> \Device\00000063[0xfffffa8003fc05a0]
14:55:03.784 Scan finished successfully
14:55:45.164 Disk 0 MBR has been saved successfully to "C:\Users\mullins4\Desktop\MBR.dat"
14:55:45.212 The log file has been saved successfully to "C:\Users\mullins4\Desktop\aswMBR.txt"
  • 0

#18
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-12-2013
Ran by mullins4 (administrator) on MULLINS4-HP on 11-12-2013 15:00:28
Running from C:\Users\mullins4\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE
() C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [42808 2011-06-27] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2013-05-15] (IDT, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-27] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKCU\...\Run: [Amazon Cloud Player] - C:\Users\mullins4\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [17418928 2012-07-13] (Skype Technologies S.A.)
HKCU\...\Run: [TLworks Update] - regsvr32.exe C:\Users\mullins4\AppData\Local\TLworks\remotedownload.dll
HKCU\...\Policies\system: [DisableCMD] 0
HKCU\...\Policies\system: [NoDispAppearancePage] 0
HKCU\...\Policies\system: [NoDispBackgroundPage] 0
HKCU\...\Policies\system: [NoDispSettingsPage] 0
HKCU\...\Policies\Explorer: [NoFolderOptions] 0
HKCU\...\Policies\Explorer: [NoViewOnDrive] 0
HKCU\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKCU\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKCU\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKCU\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKCU\...\Policies\Explorer: [NoViewContextMenu] 0
HKCU\...\Policies\Explorer: [NoShellSearchButton] 0
HKCU\...\Policies\Explorer: [NoFind] 0
HKCU\...\Policies\Explorer: [NoFile] 0
HKCU\...\Policies\Explorer: [HideClock] 0
HKCU\...\Policies\Explorer: [NoTrayContextMenu] 0
HKCU\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKCU\...\Policies\Explorer: [NoSetFolders] 0
HKCU\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKCU\...\Policies\Explorer: [NoSetTaskbar] 0
HKCU\...\Policies\Explorer: [NoDeletePrinter] 0
HKCU\...\Policies\Explorer: [NoDFSTab] 0
HKCU\...\Policies\Explorer: [NoChangeStartMenu] 0
HKCU\...\Policies\Explorer: [NoLogoff] 0
HKCU\...\Policies\Explorer: [NoWindowsUpdate] 0
HKCU\...\Policies\Explorer: [NoEncryptOnMove] 0
HKCU\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKCU\...\Policies\Explorer: [NoResolveSearch] 0
HKCU\...\Policies\Explorer: [NoSaveSettings] 0
HKCU\...\Policies\Explorer: [NoHardwareTab] 0
HKCU\...\Policies\Explorer: [NoStartMenuSubFolders] 0
MountPoints2: G - G:\LaunchU3.exe
MountPoints2: {addeee64-1043-11e3-914e-101f74c7470b} - G:\LaunchU3.exe
HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [168504 2011-06-27] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [F-Secure Hoster (42626)] - C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Manager] - C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-08-14] (F-Secure Corporation)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [ ] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.charter.net/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKLM - {F3EC8992-81D6-434E-A7CB-FD458A6D4858} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.nation...q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.nation...q={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 24.159.64.23 24.217.201.67 24.177.176.38

==================== Services (Whitelisted) =================

R2 fshoster; C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE [216000 2013-08-14] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe [60352 2013-11-09] (F-Secure Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2150208 2013-09-27] (IObit)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R3 F-Secure Gatekeeper; C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2013-12-10] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69296 2013-11-09] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-11-09] ()
R3 fsni; C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\fsni64.sys [80832 2013-04-25] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-08-14] ()
S3 L6UX2; C:\Windows\System32\Drivers\L6UX264.sys [772224 2012-08-21] (Line 6)
U0 SR;
U2 srservice;
U3 aswMBR; \??\C:\Users\mullins4\AppData\Local\Temp\aswMBR.sys [x]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdiox64.sys 6A2EEB0C4133B20773BB3DD0B7B377B4
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 7979BF4A66EFDADF3D00A052409609B1
C:\Windows\System32\DRIVERS\atikmpag.sys 7D5CDB0161E91951D3DD99E55CEA4D01
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\DRIVERS\amd_sata.sys BB4FE7889DB9CBBE61A308E99697F53C
C:\Windows\System32\DRIVERS\amd_xata.sys 5631CBA53F1CBEA3F9E88348E6723391
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW76.sys CBD14F698DEF12EE3557604B726CB8EB
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys 9E84A931DBEE0292E38ED672F6293A99
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\clwvd.sys 50F92C943F18B070F166D019DFAB3D9A
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys B8B9CC3EC2A09C0C0D298B529191764C
C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\HIPS\drivers\fshs.sys FAD1934991C0C3C79FEABABE9C16A75C
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fsbts.sys F59F2C574AA5D84477EB89F87C938F16
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\fsni64.sys 4C19B29A6C8736B011AEABB4CEF74862
C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys 695E2F0F1BA5DD81E112F8E07134CC8E
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidkmdf.sys 46BBE8EA221461A65F18A078528F4B2C
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\L6UX264.sys 07265E0B1A6D30453539F7DFB4942BF2
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvm62x64.sys A85B4F2EF3A7304A5399EF0526423040
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RtsPStor.sys 1F5E7AF59B390261A85F5BEDB1BB88B3
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys EA5532868BA76923D75BCB2A1448D810
C:\Windows\System32\DRIVERS\rtl8192Ce.sys 508D997A5E9F400FADE6C85251BF13DF
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\VSTAZL6.SYS 0C4540311E11664B245A263E1154CEF8
C:\Windows\System32\DRIVERS\VSTDPV6.SYS 02071D207A9858FBE3A48CBFD59C4A04
C:\Windows\System32\DRIVERS\VSTCNXT6.SYS 18E40C245DBFAF36FD0134A7EF2DF396
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys EBA98394A7D58F7552C52192BD8FA7E6
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys C447977ED2A4AE9346FE3A0579A34D7C
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys ACCEA6BC68D0C9A78EB97EE159028B4E
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 311C1DD1088E55BEAE15954D17F50646
C:\Windows\System32\DRIVERS\usbfilter.sys 76E2FFAD301490BA27B947C6507752FB
C:\Windows\System32\DRIVERS\usbhub.sys 280E90CBF4B2DDD169F0728CB44D726F
C:\Windows\System32\DRIVERS\usbohci.sys 9406D801042FAF859CF81B2C886413DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys A83D0EC9AE4C31704442099D40BA2471
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wachidrouter.sys FDA15A0510F84FA46452B74529147A15
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacomrouterfilter.sys EABFDBDC9BEDD325F260A3A9FEE5B3F9
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-11 15:00 - 2013-12-11 15:01 - 00029682 _____ C:\Users\mullins4\Desktop\FRST.txt
2013-12-11 14:59 - 2013-12-11 14:59 - 00000000 ____D C:\FRST
2013-12-11 14:57 - 2013-12-11 14:58 - 01926944 _____ (Farbar) C:\Users\mullins4\Desktop\FRST64.exe
2013-12-11 14:55 - 2013-12-11 14:55 - 00001896 _____ C:\Users\mullins4\Desktop\aswMBR.txt
2013-12-11 14:55 - 2013-12-11 14:55 - 00000512 _____ C:\Users\mullins4\Desktop\MBR.dat
2013-12-11 14:47 - 2013-12-11 14:52 - 04745728 _____ (AVAST Software) C:\Users\mullins4\Desktop\aswmbr.exe
2013-12-10 23:50 - 2013-12-10 23:50 - 00002697 _____ C:\Users\mullins4\Desktop\JRT.txt
2013-12-10 23:34 - 2013-12-10 23:34 - 00000000 ____D C:\Windows\ERUNT
2013-12-10 23:32 - 2013-12-10 23:32 - 01034531 _____ (Thisisu) C:\Users\mullins4\Desktop\JRT.exe
2013-12-10 23:20 - 2013-12-10 23:20 - 00002398 _____ C:\Users\mullins4\Desktop\AdwCleaner[S2].txt
2013-12-10 23:09 - 2013-12-10 23:09 - 01226802 _____ C:\Users\mullins4\Desktop\AdwCleaner.exe
2013-12-10 23:07 - 2013-12-10 23:07 - 00000207 _____ C:\Windows\tweaking.com-regbackup-MULLINS4-HP-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2013-12-10 23:05 - 2013-12-10 23:05 - 00000000 ____D C:\RegBackup
2013-12-10 23:04 - 2013-12-10 23:04 - 00002195 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2013-12-10 23:04 - 2013-12-10 23:04 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-12-10 23:03 - 2013-12-10 23:03 - 03927696 _____ C:\Users\mullins4\Desktop\tweaking.com_registry_backup_setup.exe
2013-12-07 22:03 - 2013-12-07 22:10 - 12701490 _____ C:\Users\mullins4\Desktop\Reason Limited test.wav
2013-12-07 12:26 - 2013-12-07 22:03 - 01048628 _____ C:\Users\mullins4\Documents\Reason Limited test.rltd
2013-12-05 07:25 - 2013-12-05 07:25 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2013-12-05 07:22 - 2013-12-05 07:23 - 32182752 _____ (IObit ) C:\Users\mullins4\Downloads\asc7setup{1}.exe
2013-12-03 17:31 - 2013-12-10 03:40 - 00000000 ____D C:\Users\mullins4\Documents\DB Mission album
2013-12-03 09:39 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-03 09:24 - 2013-12-03 09:24 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-03 09:24 - 2013-12-03 09:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-03 09:24 - 2013-12-03 09:24 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-03 09:24 - 2013-12-03 09:24 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-03 09:24 - 2013-12-03 09:24 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-03 09:24 - 2013-12-03 09:24 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-03 09:24 - 2013-12-03 09:24 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-03 09:24 - 2013-12-03 09:24 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-03 09:24 - 2013-12-03 09:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-03 09:24 - 2013-12-03 09:24 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-03 09:24 - 2013-12-03 09:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-03 09:22 - 2013-12-03 09:39 - 00008173 _____ C:\Windows\IE11_main.log
2013-12-02 18:19 - 2013-12-10 13:49 - 00013602 _____ C:\Windows\PFRO.log
2013-12-02 17:57 - 2013-11-29 20:14 - 00602112 _____ (OldTimer Tools) C:\Users\mullins4\Desktop\OTL.exe
2013-12-02 12:07 - 2013-12-11 00:04 - 00001456 _____ C:\Windows\setupact.log
2013-12-02 12:07 - 2013-12-02 12:07 - 00000000 _____ C:\Windows\setuperr.log
2013-12-02 12:06 - 2013-12-02 12:07 - 00350160 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-30 19:27 - 2013-12-10 23:15 - 00000000 ____D C:\AdwCleaner
2013-11-30 19:22 - 2013-12-02 09:06 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-11-30 19:22 - 2013-12-02 09:03 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip
2013-11-30 19:21 - 2013-12-02 09:05 - 00000000 ____D C:\Program Files (x86)\FileAssociationManager
2013-11-30 19:21 - 2013-11-30 19:21 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\FileAssociationManager
2013-11-30 18:42 - 2013-11-30 18:42 - 00000000 ____D C:\_OTL
2013-11-29 21:11 - 2013-12-02 18:14 - 00054544 _____ C:\Users\mullins4\Desktop\Extras.Txt
2013-11-29 21:08 - 2013-12-02 18:12 - 00128050 _____ C:\Users\mullins4\Desktop\OTL.Txt
2013-11-29 02:55 - 2013-11-29 03:00 - 133200385 _____ C:\Users\mullins4\Documents\Manga Studio Artwork.zip
2013-11-28 09:56 - 2013-11-28 09:56 - 00000000 ____D C:\Users\mullins4\SyncFolder
2013-11-27 13:09 - 2013-11-27 13:09 - 00098048 _____ C:\Users\mullins4\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-27 04:34 - 2013-12-02 12:41 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\AVG2014
2013-11-27 04:33 - 2013-11-27 04:33 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\TuneUp Software
2013-11-27 04:32 - 2013-12-02 14:33 - 00000000 ____D C:\ProgramData\AVG2014
2013-11-27 04:32 - 2013-11-27 04:32 - 00000000 ___HD C:\$AVG
2013-11-27 04:31 - 2013-12-02 12:37 - 00000000 ____D C:\Program Files (x86)\AVG
2013-11-27 04:28 - 2013-12-02 14:22 - 00000000 ____D C:\ProgramData\MFAData
2013-11-27 04:28 - 2013-11-27 04:37 - 00000000 ____D C:\Users\mullins4\AppData\Local\Avg2014
2013-11-27 04:28 - 2013-11-27 04:28 - 00000000 ____D C:\Users\mullins4\AppData\Local\MFAData
2013-11-27 03:58 - 2013-11-27 03:58 - 61210624 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2013-11-27 03:58 - 2013-11-27 03:58 - 00241664 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2013-11-27 03:58 - 2013-11-27 03:58 - 00061440 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2013-11-27 03:58 - 2013-11-27 03:58 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2013-11-27 03:48 - 2013-06-27 18:05 - 00027456 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-11-27 01:20 - 2013-11-27 01:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-11-27 01:20 - 2013-11-27 01:20 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-11-27 01:20 - 2013-11-27 01:20 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-11-27 01:17 - 2013-11-27 01:17 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-11-27 01:17 - 2013-11-27 01:17 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-11-27 00:56 - 2013-11-27 00:56 - 61210624 _____ C:\Windows\system32\config\SOFTWARE.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 43868160 _____ C:\Windows\system32\config\components.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00241664 _____ C:\Windows\system32\config\DEFAULT.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00061440 _____ C:\Windows\system32\config\SAM.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2013-11-27 00:48 - 2013-12-10 02:46 - 00000000 ____D C:\ProgramData\ProductData
2013-11-27 00:48 - 2013-12-02 14:38 - 00000000 ____D C:\ProgramData\IObit
2013-11-27 00:48 - 2013-12-02 14:23 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\IObit
2013-11-27 00:48 - 2013-11-27 00:48 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Apple Computer
2013-11-27 00:48 - 2013-11-27 00:48 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-27 00:46 - 2013-12-02 14:21 - 00000000 ____D C:\Program Files (x86)\IObit
2013-11-27 00:44 - 2013-11-27 00:45 - 32182752 _____ (IObit ) C:\Users\mullins4\Downloads\asc7setup.exe
2013-11-27 00:33 - 2013-11-27 00:33 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.3752.dll
2013-11-25 04:36 - 2013-12-06 09:48 - 00000000 ____D C:\Users\mullins4\Documents\Boys of GI cover photo 11-25-13
2013-11-25 02:59 - 2013-12-05 07:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-23 02:14 - 2013-11-25 03:29 - 00000000 ____D C:\Users\mullins4\Documents\Joel Jameson 11-23-13
2013-11-22 19:32 - 2013-12-02 12:12 - 00000000 ____D C:\Users\mullins4\AppData\Local\TLworks
2013-11-19 19:28 - 2013-11-25 03:51 - 00000000 ____D C:\Users\mullins4\Documents\Phil and Monica 11-19-13
2013-11-18 17:57 - 2013-11-21 00:51 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall profile pic 11-18-13
2013-11-18 14:54 - 2013-12-02 14:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 14:54 - 2013-11-18 14:54 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Malwarebytes
2013-11-14 00:15 - 2013-11-25 14:49 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall cover photo 11-14-13
2013-11-13 07:40 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 07:40 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 07:39 - 2013-10-03 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 07:39 - 2013-10-03 21:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 07:39 - 2013-10-03 21:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 07:39 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 07:39 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 07:39 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 07:39 - 2013-09-27 20:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 07:39 - 2013-09-24 21:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 07:39 - 2013-09-24 21:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 07:39 - 2013-09-24 21:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 07:39 - 2013-09-24 21:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 07:39 - 2013-09-24 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 07:39 - 2013-09-24 21:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 07:39 - 2013-09-24 21:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 07:39 - 2013-09-24 21:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 07:39 - 2013-09-24 20:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 07:39 - 2013-09-24 20:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 07:39 - 2013-09-24 20:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 07:39 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 07:39 - 2013-09-24 20:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 07:39 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 07:38 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 07:38 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 07:38 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 07:38 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 07:38 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 07:38 - 2013-10-02 21:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 07:38 - 2013-10-02 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

==================== One Month Modified Files and Folders =======

2013-12-11 15:01 - 2013-12-11 15:00 - 00029682 _____ C:\Users\mullins4\Desktop\FRST.txt
2013-12-11 15:00 - 2011-08-25 03:44 - 01237721 _____ C:\Windows\WindowsUpdate.log
2013-12-11 14:59 - 2013-12-11 14:59 - 00000000 ____D C:\FRST
2013-12-11 14:58 - 2013-12-11 14:57 - 01926944 _____ (Farbar) C:\Users\mullins4\Desktop\FRST64.exe
2013-12-11 14:55 - 2013-12-11 14:55 - 00001896 _____ C:\Users\mullins4\Desktop\aswMBR.txt
2013-12-11 14:55 - 2013-12-11 14:55 - 00000512 _____ C:\Users\mullins4\Desktop\MBR.dat
2013-12-11 14:52 - 2013-12-11 14:47 - 04745728 _____ (AVAST Software) C:\Users\mullins4\Desktop\aswmbr.exe
2013-12-11 14:44 - 2013-04-17 18:14 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 14:44 - 2013-04-17 18:14 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 14:44 - 2013-04-17 18:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-11 14:44 - 2013-04-09 12:52 - 00003950 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5F55642F-E79F-43B5-8AA5-9F511280A872}
2013-12-11 14:44 - 2011-07-23 16:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 00:08 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-11 00:08 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-11 00:04 - 2013-12-02 12:07 - 00001456 _____ C:\Windows\setupact.log
2013-12-11 00:01 - 2013-11-09 19:34 - 00003372 _____ C:\Windows\System32\Tasks\Scheduled scanning task
2013-12-11 00:01 - 2013-11-09 19:34 - 00000596 _____ C:\Windows\Tasks\Scheduled scanning task.job
2013-12-11 00:00 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-10 23:50 - 2013-12-10 23:50 - 00002697 _____ C:\Users\mullins4\Desktop\JRT.txt
2013-12-10 23:34 - 2013-12-10 23:34 - 00000000 ____D C:\Windows\ERUNT
2013-12-10 23:32 - 2013-12-10 23:32 - 01034531 _____ (Thisisu) C:\Users\mullins4\Desktop\JRT.exe
2013-12-10 23:20 - 2013-12-10 23:20 - 00002398 _____ C:\Users\mullins4\Desktop\AdwCleaner[S2].txt
2013-12-10 23:15 - 2013-11-30 19:27 - 00000000 ____D C:\AdwCleaner
2013-12-10 23:09 - 2013-12-10 23:09 - 01226802 _____ C:\Users\mullins4\Desktop\AdwCleaner.exe
2013-12-10 23:07 - 2013-12-10 23:07 - 00000207 _____ C:\Windows\tweaking.com-regbackup-MULLINS4-HP-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2013-12-10 23:05 - 2013-12-10 23:05 - 00000000 ____D C:\RegBackup
2013-12-10 23:04 - 2013-12-10 23:04 - 00002195 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2013-12-10 23:04 - 2013-12-10 23:04 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-12-10 23:03 - 2013-12-10 23:03 - 03927696 _____ C:\Users\mullins4\Desktop\tweaking.com_registry_backup_setup.exe
2013-12-10 21:29 - 2013-07-13 21:07 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Skype
2013-12-10 16:59 - 2013-04-25 12:13 - 00003204 _____ C:\Windows\System32\Tasks\HPCeeScheduleFormullins4
2013-12-10 16:59 - 2013-04-25 12:13 - 00000344 _____ C:\Windows\Tasks\HPCeeScheduleFormullins4.job
2013-12-10 16:16 - 2013-04-10 11:42 - 00000000 ____D C:\Users\mullins4\Documents\Youcam
2013-12-10 14:46 - 2013-04-10 07:34 - 00000000 ____D C:\Users\mullins4\AppData\Local\CrashDumps
2013-12-10 13:49 - 2013-12-02 18:19 - 00013602 _____ C:\Windows\PFRO.log
2013-12-10 13:31 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-12-10 03:40 - 2013-12-03 17:31 - 00000000 ____D C:\Users\mullins4\Documents\DB Mission album
2013-12-10 03:26 - 2013-07-10 16:36 - 00000000 ____D C:\Users\mullins4\Documents\Sandi Price 7-10-13
2013-12-10 03:20 - 2013-09-30 02:51 - 00000000 ____D C:\Users\mullins4\Documents\LGI book 1
2013-12-10 02:46 - 2013-11-27 00:48 - 00000000 ____D C:\ProgramData\ProductData
2013-12-07 22:10 - 2013-12-07 22:03 - 12701490 _____ C:\Users\mullins4\Desktop\Reason Limited test.wav
2013-12-07 22:03 - 2013-12-07 12:26 - 01048628 _____ C:\Users\mullins4\Documents\Reason Limited test.rltd
2013-12-06 16:59 - 2013-05-09 23:06 - 00003224 _____ C:\Windows\System32\Tasks\HPCeeScheduleForMULLINS4-HP$
2013-12-06 16:59 - 2013-05-09 23:06 - 00000348 _____ C:\Windows\Tasks\HPCeeScheduleForMULLINS4-HP$.job
2013-12-06 09:48 - 2013-11-25 04:36 - 00000000 ____D C:\Users\mullins4\Documents\Boys of GI cover photo 11-25-13
2013-12-05 07:25 - 2013-12-05 07:25 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2013-12-05 07:23 - 2013-12-05 07:22 - 32182752 _____ (IObit ) C:\Users\mullins4\Downloads\asc7setup{1}.exe
2013-12-05 07:18 - 2013-11-25 02:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-04 20:02 - 2013-05-01 18:21 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-12-04 20:02 - 2013-04-17 17:33 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-12-03 17:48 - 2013-10-05 18:01 - 00000000 ____D C:\Users\mullins4\Documents\ELC cover photo (10-5-13)
2013-12-03 17:39 - 2013-08-30 02:36 - 00000000 ____D C:\Users\mullins4\Documents\NeonBullet new cover photo 8-30-13
2013-12-03 17:37 - 2013-07-19 23:44 - 00000000 ____D C:\Users\mullins4\Documents\NeonBullet fb 4
2013-12-03 17:37 - 2013-05-21 05:55 - 00000000 ____D C:\Users\mullins4\Documents\Ben mullins Music facebook picture
2013-12-03 17:32 - 2013-07-17 04:45 - 00000000 ____D C:\Users\mullins4\Documents\GIPD picture 7-17-13
2013-12-03 17:31 - 2013-07-20 23:39 - 00000000 ____D C:\Users\mullins4\Documents\Doovie Bros logo 2
2013-12-03 17:02 - 2013-05-30 00:06 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall island project
2013-12-03 17:01 - 2013-08-27 03:05 - 00000000 ____D C:\Users\mullins4\Documents\Phil with Monica
2013-12-03 14:13 - 2013-07-04 17:57 - 00000000 ____D C:\Users\mullins4\AppData\Local\Amazon Cloud Player
2013-12-03 12:46 - 2013-08-09 02:22 - 00000000 ____D C:\Users\mullins4\Documents\Marlean cover photo 8-9-13
2013-12-03 09:58 - 2013-04-10 00:43 - 00001979 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-12-03 09:46 - 2013-04-09 12:52 - 00001413 _____ C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-03 09:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-03 09:39 - 2013-12-03 09:22 - 00008173 _____ C:\Windows\IE11_main.log
2013-12-03 09:35 - 2011-07-23 16:04 - 00000000 ____D C:\Program Files (x86)\HP Games
2013-12-03 09:27 - 2011-07-23 16:04 - 00000000 ____D C:\ProgramData\WildTangent
2013-12-03 09:24 - 2013-12-03 09:24 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-03 09:24 - 2013-12-03 09:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-03 09:24 - 2013-12-03 09:24 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-03 09:24 - 2013-12-03 09:24 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-03 09:24 - 2013-12-03 09:24 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-03 09:24 - 2013-12-03 09:24 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-03 09:24 - 2013-12-03 09:24 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-03 09:24 - 2013-12-03 09:24 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-03 09:24 - 2013-12-03 09:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-03 09:24 - 2013-12-03 09:24 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-03 09:24 - 2013-12-03 09:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-02 18:14 - 2013-11-29 21:11 - 00054544 _____ C:\Users\mullins4\Desktop\Extras.Txt
2013-12-02 18:12 - 2013-11-29 21:08 - 00128050 _____ C:\Users\mullins4\Desktop\OTL.Txt
2013-12-02 18:01 - 2009-07-14 00:13 - 00726320 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-02 15:01 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-12-02 15:01 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-12-02 14:40 - 2013-07-04 17:57 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2013-12-02 14:39 - 2013-04-09 20:38 - 00000000 ____D C:\Users\mullins4\AppData\Local\Adobe
2013-12-02 14:39 - 2013-04-09 13:01 - 00000000 ____D C:\Users\mullins4\AppData\Local\Hewlett-Packard
2013-12-02 14:38 - 2013-11-27 00:48 - 00000000 ____D C:\ProgramData\IObit
2013-12-02 14:38 - 2013-04-10 01:04 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-02 14:38 - 2011-07-23 16:11 - 00000000 ____D C:\ProgramData\RoxioNow
2013-12-02 14:37 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-12-02 14:35 - 2011-07-23 15:55 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-12-02 14:34 - 2013-11-05 16:06 - 00000000 ____D C:\Program Files (x86)\Charter Security Suite
2013-12-02 14:34 - 2013-04-10 01:04 - 00000000 ____D C:\Program Files (x86)\Bamboo Dock
2013-12-02 14:33 - 2013-11-27 04:32 - 00000000 ____D C:\ProgramData\AVG2014
2013-12-02 14:27 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2013-12-02 14:25 - 2011-08-25 03:44 - 00000000 ____D C:\Windows\system32\SRSLabs
2013-12-02 14:25 - 2011-07-23 16:25 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2013-12-02 14:25 - 2011-07-23 16:13 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-12-02 14:25 - 2011-07-23 16:02 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-12-02 14:25 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-12-02 14:25 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-12-02 14:25 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-12-02 14:25 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-12-02 14:25 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\system32\winrm
2013-12-02 14:25 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\system32\WCN
2013-12-02 14:25 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\system32\slmgr
2013-12-02 14:25 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-12-02 14:25 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\SysWOW64\WindowsPowerShell
2013-12-02 14:25 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\WindowsPowerShell
2013-12-02 14:25 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Web
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Vss
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\spp
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Speech
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\NetworkList
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Msdtc
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\InstallShield
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\IME
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\com
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\spp
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\spool
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Speech
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\SMI
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\oobe
2013-12-02 14:24 - 2013-04-17 18:13 - 00000000 ____D C:\Windows\system32\Macromed
2013-12-02 14:24 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\Performance
2013-12-02 14:24 - 2009-07-13 23:45 - 00000000 ____D C:\Windows\Setup
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 __RSD C:\Windows\Media
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NetworkList
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\MUI
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Msdtc
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\migwiz
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\IME
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Dism
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\com
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Speech
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\servicing
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\security
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\schemas
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Resources
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PLA
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\IME
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Help
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Globalization
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Branding
2013-12-02 14:23 - 2013-11-27 00:48 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\IObit
2013-12-02 14:23 - 2013-09-16 19:43 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Line 6
2013-12-02 14:23 - 2013-09-04 01:52 - 00000000 ____D C:\Users\mullins4\Documents\The DoovieTube Machine 9413
2013-12-02 14:23 - 2013-08-25 21:52 - 00000000 ____D C:\Users\mullins4\Documents\Bree kissing Benson picture
2013-12-02 14:23 - 2013-08-08 01:00 - 00000000 ____D C:\Users\mullins4\Documents\Robotic Romance 2013 picture
2013-12-02 14:23 - 2013-08-04 03:26 - 00000000 ____D C:\Users\mullins4\Documents\Phil Marshall fb cover photo 8-4-13
2013-12-02 14:23 - 2013-07-19 23:09 - 00000000 ____D C:\Users\mullins4\Documents\NeonBullet fb 3
2013-12-02 14:23 - 2013-07-19 08:28 - 00000000 ____D C:\Users\mullins4\Documents\NeonBullet fb 2
2013-12-02 14:23 - 2013-07-19 07:45 - 00000000 ____D C:\Users\mullins4\Documents\NeonBullet fb page
2013-12-02 14:23 - 2013-07-15 23:57 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall 7-16-13
2013-12-02 14:23 - 2013-07-12 21:47 - 00000000 ____D C:\Users\mullins4\Documents\Doovie Bros fb picture 7-12-13
2013-12-02 14:23 - 2013-06-19 12:47 - 00000000 ____D C:\Users\mullins4\Documents\Jake Jacobs 6-19-13
2013-12-02 14:23 - 2013-06-18 22:45 - 00000000 ____D C:\Users\mullins4\Documents\Boe Joe 6-18-13
2013-12-02 14:23 - 2013-06-06 12:31 - 00000000 ____D C:\Users\mullins4\Documents\Hurricane Jane Stormi Peterson picture
2013-12-02 14:23 - 2013-06-05 07:43 - 00000000 ____D C:\Users\mullins4\Documents\NeonBullet faces picture
2013-12-02 14:23 - 2013-06-05 03:03 - 00000000 ____D C:\Users\mullins4\Documents\Stormi Peterson 6-5-13
2013-12-02 14:23 - 2013-05-27 13:52 - 00000000 ____D C:\Users\mullins4\Documents\Jake Jacobs verse picture
2013-12-02 14:23 - 2013-05-27 00:08 - 00000000 ____D C:\Users\mullins4\Documents\Lady Nature fb cover photo
2013-12-02 14:23 - 2013-05-22 14:29 - 00000000 ____D C:\Users\mullins4\Documents\Martha Regolski verse picture
2013-12-02 14:23 - 2013-04-30 00:19 - 00000000 ____D C:\Users\mullins4\Documents\Mary Regolski age 2 prayer
2013-12-02 14:23 - 2013-04-15 02:07 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall facebook picture 4-15-13
2013-12-02 14:23 - 2013-04-12 08:10 - 00000000 ____D C:\Users\mullins4\Documents\Cakewalk
2013-12-02 14:23 - 2013-04-12 08:10 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Cakewalk
2013-12-02 14:23 - 2013-04-11 07:02 - 00000000 ____D C:\Users\mullins4\Documents\MAGIX
2013-12-02 14:23 - 2013-04-11 07:02 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\MAGIX
2013-12-02 14:23 - 2013-04-11 06:56 - 00000000 ____D C:\Users\Public\Documents\MAGIX_Music_Maker_MX
2013-12-02 14:23 - 2013-04-10 18:54 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Ambient Design
2013-12-02 14:23 - 2013-04-10 11:42 - 00000000 ____D C:\Users\Public\CyberLink
2013-12-02 14:23 - 2013-04-10 01:16 - 00000000 ____D C:\Users\mullins4\Documents\Smith Micro
2013-12-02 14:23 - 2013-04-09 12:53 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Macromedia
2013-12-02 14:23 - 2013-04-09 12:53 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Adobe
2013-12-02 14:23 - 2013-04-09 12:48 - 00000000 ___RD C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-02 14:23 - 2013-04-09 12:48 - 00000000 ____D C:\Users\mullins4\AppData\Local\VirtualStore
2013-12-02 14:23 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\AppCompat
2013-12-02 14:22 - 2013-11-27 04:28 - 00000000 ____D C:\ProgramData\MFAData
2013-12-02 14:22 - 2013-11-18 14:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-02 14:22 - 2013-11-05 16:04 - 00000000 ____D C:\ProgramData\F-Secure
2013-12-02 14:22 - 2013-09-16 19:43 - 00000000 ____D C:\ProgramData\Line 6
2013-12-02 14:22 - 2013-09-16 19:43 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2013-12-02 14:22 - 2013-09-16 19:39 - 00000000 ____D C:\Program Files\Propellerhead
2013-12-02 14:22 - 2013-07-17 02:59 - 00000000 ____D C:\Users\mullins4\AppData\Local\ezvid,_inc
2013-12-02 14:22 - 2013-07-13 21:06 - 00000000 ____D C:\ProgramData\Skype
2013-12-02 14:22 - 2013-07-04 16:12 - 00000000 ____D C:\ProgramData\Acoustica
2013-12-02 14:22 - 2013-05-15 22:02 - 00000000 ____D C:\Program Files\IDT
2013-12-02 14:22 - 2013-04-17 18:11 - 00000000 ____D C:\Program Files\ATI Technologies
2013-12-02 14:22 - 2013-04-13 06:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-02 14:22 - 2013-04-12 08:05 - 00000000 ____D C:\Program Files\Cakewalk
2013-12-02 14:22 - 2013-04-12 07:56 - 00000000 ____D C:\ProgramData\Cakewalk
2013-12-02 14:22 - 2013-04-11 06:55 - 00000000 ____D C:\ProgramData\MAGIX
2013-12-02 14:22 - 2013-04-10 11:42 - 00000000 ____D C:\Users\mullins4\AppData\Local\CyberLink
2013-12-02 14:22 - 2013-04-10 11:42 - 00000000 ____D C:\ProgramData\CyberLink
2013-12-02 14:22 - 2013-04-10 01:03 - 00000000 ____D C:\Program Files\Tablet
2013-12-02 14:22 - 2013-04-09 12:49 - 00000000 ____D C:\Users\mullins4\AppData\Local\Hewlett-Packard_Company
2013-12-02 14:22 - 2011-08-25 03:57 - 00000000 ____D C:\ProgramData\Norton
2013-12-02 14:22 - 2011-08-25 03:51 - 00000000 ___RD C:\Program Files\Online Services
2013-12-02 14:22 - 2011-08-25 03:43 - 00000000 ____D C:\Program Files\Synaptics
2013-12-02 14:22 - 2011-08-25 03:42 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-12-02 14:22 - 2011-08-25 03:40 - 00000000 ____D C:\Program Files\ATI
2013-12-02 14:22 - 2011-07-23 16:19 - 00000000 ____D C:\ProgramData\Adobe
2013-12-02 14:22 - 2011-07-23 16:15 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-12-02 14:22 - 2011-07-23 16:14 - 00000000 ____D C:\Program Files\Windows Live
2013-12-02 14:22 - 2011-07-23 16:13 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-12-02 14:22 - 2011-07-23 16:12 - 00000000 ____D C:\ProgramData\Uninstall
2013-12-02 14:22 - 2011-07-23 16:11 - 00000000 ____D C:\ProgramData\Macrovision
2013-12-02 14:22 - 2011-06-13 23:09 - 00000000 ____D C:\Program Files\Hewlett-Packard
2013-12-02 14:22 - 2011-02-10 14:23 - 00000000 ___HD C:\SYSTEM.SAV
2013-12-02 14:22 - 2011-02-10 14:23 - 00000000 ____D C:\SWSetup
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\MSBuild
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Microsoft Games
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\DVD Maker
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-12-02 14:22 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Default
2013-12-02 14:22 - 2009-07-13 22:20 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-02 14:22 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Windows NT
2013-12-02 14:22 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-02 14:22 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2013-12-02 14:22 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2013-12-02 14:21 - 2013-11-27 00:46 - 00000000 ____D C:\Program Files (x86)\IObit
2013-12-02 14:21 - 2013-09-16 20:17 - 00000000 ____D C:\Program Files (x86)\Line6
2013-12-02 14:21 - 2013-07-15 10:38 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-02 14:21 - 2013-07-04 16:12 - 00000000 ____D C:\Program Files (x86)\Acoustica Mixcraft 6
2013-12-02 14:21 - 2013-04-13 06:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-02 14:21 - 2013-04-12 08:03 - 00000000 ____D C:\Program Files (x86)\IK Multimedia
2013-12-02 14:21 - 2013-04-12 07:56 - 00000000 ____D C:\Program Files (x86)\Cakewalk
2013-12-02 14:21 - 2013-04-12 07:56 - 00000000 ____D C:\Cakewalk Projects
2013-12-02 14:21 - 2013-04-11 06:55 - 00000000 ____D C:\Program Files (x86)\MAGIX
2013-12-02 14:21 - 2013-04-10 18:54 - 00000000 ____D C:\Program Files (x86)\Ambient Design
2013-12-02 14:21 - 2013-04-10 18:52 - 00000000 ____D C:\Program Files (x86)\Autodesk
2013-12-02 14:21 - 2013-04-10 01:14 - 00000000 ____D C:\Program Files (x86)\Smith Micro
2013-12-02 14:21 - 2013-04-09 20:08 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-02 14:21 - 2011-08-25 03:54 - 00000000 ____D C:\Program Files (x86)\CyberLink
2013-12-02 14:21 - 2011-08-25 03:47 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-12-02 14:21 - 2011-08-25 03:43 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-12-02 14:21 - 2011-08-25 03:42 - 00000000 ____D C:\Program Files (x86)\AMD APP
2013-12-02 14:21 - 2011-08-25 03:40 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-12-02 14:21 - 2011-07-23 16:24 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-02 14:21 - 2011-07-23 16:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-12-02 14:21 - 2011-07-23 16:16 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-12-02 14:21 - 2011-07-23 16:11 - 00000000 ____D C:\Program Files (x86)\Roxio
2013-12-02 14:21 - 2011-07-23 16:11 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2013-12-02 14:21 - 2011-07-23 16:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-02 14:21 - 2011-07-23 16:03 - 00000000 ___RD C:\Program Files (x86)\Online Services
2013-12-02 14:21 - 2011-07-23 16:03 - 00000000 ____D C:\Program Files (x86)\Evernote
2013-12-02 14:21 - 2011-07-23 16:02 - 00000000 ____D C:\Program Files (x86)\K-NFB Reading Technology Inc
2013-12-02 14:21 - 2011-05-20 12:18 - 00000000 ___HD C:\HP
2013-12-02 14:21 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-02 14:21 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-02 12:41 - 2013-11-27 04:34 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\AVG2014
2013-12-02 12:37 - 2013-11-27 04:31 - 00000000 ____D C:\Program Files (x86)\AVG
2013-12-02 12:34 - 2013-04-09 12:52 - 00000000 ___RD C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-02 12:12 - 2013-11-22 19:32 - 00000000 ____D C:\Users\mullins4\AppData\Local\TLworks
2013-12-02 12:07 - 2013-12-02 12:07 - 00000000 _____ C:\Windows\setuperr.log
2013-12-02 12:07 - 2013-12-02 12:06 - 00350160 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-02 12:07 - 2013-04-09 12:48 - 00000000 ____D C:\Users\mullins4
2013-12-02 09:06 - 2013-11-30 19:22 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-12-02 09:05 - 2013-11-30 19:21 - 00000000 ____D C:\Program Files (x86)\FileAssociationManager
2013-12-02 09:03 - 2013-11-30 19:22 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip
2013-12-02 09:03 - 2013-05-30 18:21 - 00000000 ____D C:\Windows\Minidump
2013-11-30 19:21 - 2013-11-30 19:21 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\FileAssociationManager
2013-11-30 18:42 - 2013-11-30 18:42 - 00000000 ____D C:\_OTL
2013-11-29 20:14 - 2013-12-02 17:57 - 00602112 _____ (OldTimer Tools) C:\Users\mullins4\Desktop\OTL.exe
2013-11-29 03:00 - 2013-11-29 02:55 - 133200385 _____ C:\Users\mullins4\Documents\Manga Studio Artwork.zip
2013-11-28 09:56 - 2013-11-28 09:56 - 00000000 ____D C:\Users\mullins4\SyncFolder
2013-11-28 09:48 - 2007-01-01 20:25 - 00000000 ____D C:\Windows\Panther
2013-11-27 13:09 - 2013-11-27 13:09 - 00098048 _____ C:\Users\mullins4\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-27 04:37 - 2013-11-27 04:28 - 00000000 ____D C:\Users\mullins4\AppData\Local\Avg2014
2013-11-27 04:33 - 2013-11-27 04:33 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\TuneUp Software
2013-11-27 04:32 - 2013-11-27 04:32 - 00000000 ___HD C:\$AVG
2013-11-27 04:28 - 2013-11-27 04:28 - 00000000 ____D C:\Users\mullins4\AppData\Local\MFAData
2013-11-27 03:58 - 2013-11-27 03:58 - 61210624 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2013-11-27 03:58 - 2013-11-27 03:58 - 00241664 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2013-11-27 03:58 - 2013-11-27 03:58 - 00061440 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2013-11-27 03:58 - 2013-11-27 03:58 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2013-11-27 01:20 - 2013-11-27 01:20 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-11-27 01:20 - 2013-11-27 01:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-11-27 01:20 - 2013-11-27 01:20 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-11-27 01:20 - 2013-11-27 01:20 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-11-27 01:17 - 2013-11-27 01:17 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-11-27 01:17 - 2013-11-27 01:17 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-11-27 01:16 - 2013-07-04 16:14 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acoustica Mixcraft 6
2013-11-27 00:56 - 2013-11-27 00:56 - 61210624 _____ C:\Windows\system32\config\SOFTWARE.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 43868160 _____ C:\Windows\system32\config\components.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00241664 _____ C:\Windows\system32\config\DEFAULT.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00061440 _____ C:\Windows\system32\config\SAM.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2013-11-27 00:48 - 2013-11-27 00:48 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Apple Computer
2013-11-27 00:48 - 2013-11-27 00:48 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-27 00:45 - 2013-11-27 00:44 - 32182752 _____ (IObit ) C:\Users\mullins4\Downloads\asc7setup.exe
2013-11-27 00:33 - 2013-11-27 00:33 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.3752.dll
2013-11-25 16:27 - 2013-11-09 06:36 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall profile picture 11-7-13 full
2013-11-25 14:49 - 2013-11-14 00:15 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall cover photo 11-14-13
2013-11-25 03:58 - 2013-05-14 23:57 - 00000000 ____D C:\Users\mullins4\Documents\Doovie Bros Walk Into The Light cover
2013-11-25 03:57 - 2013-09-30 03:46 - 00000000 ____D C:\Users\mullins4\Documents\Toby Tyball solo album 2
2013-11-25 03:51 - 2013-11-19 19:28 - 00000000 ____D C:\Users\mullins4\Documents\Phil and Monica 11-19-13
2013-11-25 03:38 - 2013-06-22 15:11 - 00000000 ____D C:\Users\mullins4\Documents\Girl Island map full
2013-11-25 03:38 - 2013-05-23 23:34 - 00000000 ____D C:\Users\mullins4\Documents\Kathy Miller 5-23-13
2013-11-25 03:36 - 2013-07-20 13:38 - 00000000 ____D C:\Users\mullins4\Documents\ELC new logo 7-20-13
2013-11-25 03:34 - 2013-07-23 21:31 - 00000000 ____D C:\Users\mullins4\Documents\Mary Regolski (7-23-13)
2013-11-25 03:29 - 2013-11-23 02:14 - 00000000 ____D C:\Users\mullins4\Documents\Joel Jameson 11-23-13
2013-11-24 04:35 - 2013-06-03 17:20 - 00000000 ____D C:\Users\mullins4\Documents\Super-Christian 6-3-13
2013-11-23 01:31 - 2013-06-03 21:19 - 00000000 ____D C:\Users\mullins4\Documents\Joel Jameson 6-3-13
2013-11-22 19:32 - 2013-04-30 23:07 - 00000000 ____D C:\Users\mullins4\AppData\Local\{D9349FB2-6D1A-4DCF-AD35-935F48D618BC}
2013-11-21 16:55 - 2013-09-15 18:35 - 00000000 ____D C:\Users\mullins4\Documents\For A Reason picture
2013-11-21 00:59 - 2013-04-30 23:06 - 00000000 ____D C:\Users\mullins4\Documents\LGI comic 1 cover
2013-11-21 00:58 - 2013-07-18 06:23 - 00000000 ____D C:\Users\mullins4\Documents\Brian and Kathy traditional marriage
2013-11-21 00:55 - 2013-07-28 22:23 - 00000000 ____D C:\Users\mullins4\Documents\Michelle McDonald 7-28-13
2013-11-21 00:54 - 2013-04-10 07:11 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall keytar
2013-11-21 00:53 - 2013-09-12 11:33 - 00000000 ____D C:\Users\mullins4\Documents\Citrene B-day picture
2013-11-21 00:51 - 2013-11-18 17:57 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall profile pic 11-18-13
2013-11-18 17:17 - 2013-10-02 15:39 - 00000000 ____D C:\Users\mullins4\Documents\Toby Tyball solo album 3
2013-11-18 17:09 - 2013-11-10 03:46 - 00000000 ____D C:\Users\mullins4\Documents\Mary Brandi and Jess picture 11-10-13
2013-11-18 17:02 - 2013-05-15 01:39 - 00000000 ____D C:\Users\mullins4\Documents\Doovie Bros The Island Project cover
2013-11-18 14:54 - 2013-11-18 14:54 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Malwarebytes
2013-11-15 13:25 - 2013-08-02 01:45 - 00000000 ____D C:\Users\mullins4\Documents\Doovie Delights teaser cover photo
2013-11-14 09:54 - 2013-07-25 08:54 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 09:48 - 2013-05-12 19:47 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 00:30 - 2013-10-26 22:48 - 00000000 ____D C:\Users\mullins4\Documents\Phil Marshall plain cover photo
2013-11-11 05:50 - 2010-11-20 22:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3752.dll


Some content of TEMP:
====================
C:\Users\mullins4\AppData\Local\Temp\1371786419_Cloud_Backup_Setup.exe
C:\Users\mullins4\AppData\Local\Temp\1384266401_wedownload_manager_pro_1.exe
C:\Users\mullins4\AppData\Local\Temp\BackupSetup.exe
C:\Users\mullins4\AppData\Local\Temp\offer3.exe
C:\Users\mullins4\AppData\Local\Temp\oi_{64073A83-8302-4AA6-AB18-684D56AC87DE}.exe
C:\Users\mullins4\AppData\Local\Temp\oi_{8284E938-B5FE-4359-9AAA-E4E78E250D41}.exe
C:\Users\mullins4\AppData\Local\Temp\Quarantine.exe
C:\Users\mullins4\AppData\Local\Temp\safeguard.exe
C:\Users\mullins4\AppData\Local\Temp\sp_downloader.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-10 13:18

==================== End Of Log ============================
  • 0

#19
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
==================== Memory info ===========================

Percentage of memory in use: 53%
Total physical RAM: 3689.41 MB
Available physical RAM: 1730.66 MB
Total Pagefile: 7376.99 MB
Available Pagefile: 5029.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:447.78 GB) (Free:364.81 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:13.82 GB) (Free:1.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.1 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 533D6125)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

==================== End Of Log ============================
  • 0

#20
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

Well an update on how the computer is running, it still seems to be doing ok. I feel it could possibly be better, but it's working well. Not sure if it's normal, but the loading curser appears sometimes as if it's trying to run something or something. One thing I forgot to mention, is I've had a few moments when I had Internet Explorer opened and it just closed on it's own. Another little problem it's been having, is the Internet Explorer page I'm on will sometimes become unresponsive and it will give me the option to close the program... it does that a lot on youtube.

Acknowledged and there are certainly some things we can address in due course...

The Farbar Recovery Scan Tool Addition Log (Addition.txt) you posted is incomplete/not all of it. Please post the entire contents in your next reply(it should still be on your desktop) and we will then go from there, thank you.
  • 0

#21
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hmm, well that was all that was in that text document for some reason. I just rescanned it again with the Farbar Recovery Scan Tool, and the additional log is complete now... or I assume it's complete. It has more stuff in it anyway. :)





==================== Memory info ===========================

Percentage of memory in use: 53%
Total physical RAM: 3689.41 MB
Available physical RAM: 1730.66 MB
Total Pagefile: 7376.99 MB
Available Pagefile: 5029.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:447.78 GB) (Free:364.81 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:13.82 GB) (Free:1.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.1 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 533D6125)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

==================== End Of Log ============================
==================== Memory info ===========================

Percentage of memory in use: 70%
Total physical RAM: 3689.41 MB
Available physical RAM: 1080.04 MB
Total Pagefile: 7376.99 MB
Available Pagefile: 4741.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:447.78 GB) (Free:363.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:13.82 GB) (Free:1.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.1 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 533D6125)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

==================== End Of Log ============================
  • 0

#22
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

Hmm, well that was all that was in that text document for some reason. I just rescanned it again with the Farbar Recovery Scan Tool, and the additional log is complete now... or I assume it's complete. It has more stuff in it anyway. :)

Fair play and no it is still incomplete so I will need for you to carry out a another re-scan for myself as follows please...as the information in both logs is very important for myself to review; so I in turn am able to assist you fully etc...

Re-scan with Farbar Recovery Scan Tool:

Please delete your current version of FRST64.exe and all logs, then empty the Recycle Bin.

Then download and save the latest version of Farbar Recovery Scan Tool 64-Bit to your desktop.

  • Right-click on FRST.exe and select Run as Administrator to start FRST >> >> follow the prompt/click on Yes
  • Under Optional Scan ensure both Drivers MD5 and Addition.txt are selected.
  • Now click on the Scan button/radio tab >> at the Scan completed prompt click on OK
  • At the next prompt denoting Addition.txt is saved in the same location FRST tool is run >> click on OK
  • There will now be two logs on your desktop, Addition.txt and FRST.txt. Post the contents of both in your next reply.

  • 0

#23
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Ok! Just followed the instructions, then rescanned it. The additional log looks a lot larger, but I don't know if it's complete. Hopefully it worked this time. :)





Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-12-2013 03
Ran by mullins4 (administrator) on MULLINS4-HP on 12-12-2013 17:39:32
Running from C:\Users\mullins4\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSHDLL64.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
() C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [42808 2011-06-27] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2013-05-15] (IDT, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-10] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKCU\...\Run: [Amazon Cloud Player] - C:\Users\mullins4\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [17418928 2012-07-13] (Skype Technologies S.A.)
HKCU\...\Run: [TLworks Update] - regsvr32.exe C:\Users\mullins4\AppData\Local\TLworks\remotedownload.dll
HKCU\...\Policies\system: [DisableCMD] 0
HKCU\...\Policies\system: [NoDispAppearancePage] 0
HKCU\...\Policies\system: [NoDispBackgroundPage] 0
HKCU\...\Policies\system: [NoDispSettingsPage] 0
HKCU\...\Policies\Explorer: [NoFolderOptions] 0
HKCU\...\Policies\Explorer: [NoViewOnDrive] 0
HKCU\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKCU\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKCU\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKCU\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKCU\...\Policies\Explorer: [NoViewContextMenu] 0
HKCU\...\Policies\Explorer: [NoShellSearchButton] 0
HKCU\...\Policies\Explorer: [NoFind] 0
HKCU\...\Policies\Explorer: [NoFile] 0
HKCU\...\Policies\Explorer: [HideClock] 0
HKCU\...\Policies\Explorer: [NoTrayContextMenu] 0
HKCU\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKCU\...\Policies\Explorer: [NoSetFolders] 0
HKCU\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKCU\...\Policies\Explorer: [NoSetTaskbar] 0
HKCU\...\Policies\Explorer: [NoDeletePrinter] 0
HKCU\...\Policies\Explorer: [NoDFSTab] 0
HKCU\...\Policies\Explorer: [NoChangeStartMenu] 0
HKCU\...\Policies\Explorer: [NoLogoff] 0
HKCU\...\Policies\Explorer: [NoWindowsUpdate] 0
HKCU\...\Policies\Explorer: [NoEncryptOnMove] 0
HKCU\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKCU\...\Policies\Explorer: [NoResolveSearch] 0
HKCU\...\Policies\Explorer: [NoSaveSettings] 0
HKCU\...\Policies\Explorer: [NoHardwareTab] 0
HKCU\...\Policies\Explorer: [NoStartMenuSubFolders] 0
MountPoints2: G - G:\LaunchU3.exe
MountPoints2: {addeee64-1043-11e3-914e-101f74c7470b} - G:\LaunchU3.exe
HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [168504 2011-06-27] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [F-Secure Hoster (42626)] - C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Manager] - C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-08-14] (F-Secure Corporation)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [ ] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.charter.net/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKLM - {F3EC8992-81D6-434E-A7CB-FD458A6D4858} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.nation...q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.nation...q={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 24.159.64.23 24.217.201.67 24.177.176.38

==================== Services (Whitelisted) =================

R2 fshoster; C:\Program Files (x86)\Charter Security Suite\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Common\FSMA32.EXE [216000 2013-08-14] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Charter Security Suite\apps\CCF_Reputation\fsorsp.exe [60352 2013-11-09] (F-Secure Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2150208 2013-09-27] (IObit)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R3 F-Secure Gatekeeper; C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2013-12-10] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69296 2013-11-09] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-11-09] ()
R3 fsni; C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\fsni64.sys [80832 2013-04-25] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-08-14] ()
S3 L6UX2; C:\Windows\System32\Drivers\L6UX264.sys [772224 2012-08-21] (Line 6)
U0 SR;
U2 srservice;

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdiox64.sys 6A2EEB0C4133B20773BB3DD0B7B377B4
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 7979BF4A66EFDADF3D00A052409609B1
C:\Windows\System32\DRIVERS\atikmpag.sys 7D5CDB0161E91951D3DD99E55CEA4D01
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\DRIVERS\amd_sata.sys BB4FE7889DB9CBBE61A308E99697F53C
C:\Windows\System32\DRIVERS\amd_xata.sys 5631CBA53F1CBEA3F9E88348E6723391
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW76.sys CBD14F698DEF12EE3557604B726CB8EB
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys 9E84A931DBEE0292E38ED672F6293A99
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\clwvd.sys 50F92C943F18B070F166D019DFAB3D9A
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys B8B9CC3EC2A09C0C0D298B529191764C
C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\HIPS\drivers\fshs.sys FAD1934991C0C3C79FEABABE9C16A75C
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fsbts.sys F59F2C574AA5D84477EB89F87C938F16
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Program Files (x86)\Charter Security Suite\apps\CCF_Scanning\fsni64.sys 4C19B29A6C8736B011AEABB4CEF74862
C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys 695E2F0F1BA5DD81E112F8E07134CC8E
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidkmdf.sys 46BBE8EA221461A65F18A078528F4B2C
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\L6UX264.sys 07265E0B1A6D30453539F7DFB4942BF2
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvm62x64.sys A85B4F2EF3A7304A5399EF0526423040
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RtsPStor.sys 1F5E7AF59B390261A85F5BEDB1BB88B3
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys EA5532868BA76923D75BCB2A1448D810
C:\Windows\System32\DRIVERS\rtl8192Ce.sys 508D997A5E9F400FADE6C85251BF13DF
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\VSTAZL6.SYS 0C4540311E11664B245A263E1154CEF8
C:\Windows\System32\DRIVERS\VSTDPV6.SYS 02071D207A9858FBE3A48CBFD59C4A04
C:\Windows\System32\DRIVERS\VSTCNXT6.SYS 18E40C245DBFAF36FD0134A7EF2DF396
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys EBA98394A7D58F7552C52192BD8FA7E6
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys C447977ED2A4AE9346FE3A0579A34D7C
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys ACCEA6BC68D0C9A78EB97EE159028B4E
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 311C1DD1088E55BEAE15954D17F50646
C:\Windows\System32\DRIVERS\usbfilter.sys 76E2FFAD301490BA27B947C6507752FB
C:\Windows\System32\DRIVERS\usbhub.sys 280E90CBF4B2DDD169F0728CB44D726F
C:\Windows\System32\DRIVERS\usbohci.sys 9406D801042FAF859CF81B2C886413DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys A83D0EC9AE4C31704442099D40BA2471
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wachidrouter.sys FDA15A0510F84FA46452B74529147A15
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacomrouterfilter.sys EABFDBDC9BEDD325F260A3A9FEE5B3F9
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-12 17:39 - 2013-12-12 17:39 - 00029658 _____ C:\Users\mullins4\Desktop\FRST.txt
2013-12-12 17:34 - 2013-12-12 17:34 - 01927274 _____ (Farbar) C:\Users\mullins4\Desktop\FRST64.exe
2013-12-12 11:35 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 11:35 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 11:35 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 11:35 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 11:32 - 2013-11-26 06:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 11:32 - 2013-11-26 05:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 11:32 - 2013-11-26 05:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 11:32 - 2013-11-26 05:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 11:32 - 2013-11-26 04:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 11:32 - 2013-11-26 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 11:32 - 2013-11-26 04:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 11:32 - 2013-11-26 04:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 11:32 - 2013-11-26 04:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 11:32 - 2013-11-26 04:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 11:32 - 2013-11-26 04:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 11:32 - 2013-11-26 04:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 11:32 - 2013-11-26 04:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 11:32 - 2013-11-26 04:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 11:32 - 2013-11-26 03:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 11:32 - 2013-11-26 03:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 11:32 - 2013-11-26 03:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 11:32 - 2013-11-26 03:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 11:32 - 2013-11-26 03:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 11:32 - 2013-11-26 03:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 11:32 - 2013-11-26 03:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 11:32 - 2013-11-26 03:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 11:32 - 2013-11-26 02:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 11:32 - 2013-11-26 02:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 11:32 - 2013-11-26 02:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 11:32 - 2013-11-26 02:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 11:32 - 2013-11-26 01:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 11:32 - 2013-11-26 01:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 11:32 - 2013-11-26 01:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 11:32 - 2013-11-26 01:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 11:32 - 2013-11-26 01:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 02:49 - 2013-12-12 14:05 - 00000000 ____D C:\Users\mullins4\Documents\Mary with Bree's Mary drawing
2013-12-11 22:23 - 2013-12-11 22:23 - 40217751 _____ C:\Users\mullins4\Downloads\FreeCCMXMas2013.zip
2013-12-11 17:03 - 2013-12-11 17:03 - 00001734 _____ C:\Users\mullins4\Documents\Fireflies lyrics.txt
2013-12-11 15:12 - 2013-11-23 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 15:12 - 2013-11-23 12:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 15:12 - 2013-10-29 21:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 15:12 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 15:12 - 2013-10-29 20:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 15:12 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 15:12 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 15:07 - 2013-11-11 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 15:07 - 2013-11-11 21:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 15:07 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 15:07 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 15:06 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 15:06 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 15:06 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 15:06 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 15:06 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 15:06 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 15:06 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 15:06 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 14:59 - 2013-12-12 11:35 - 00000000 ____D C:\FRST
2013-12-11 14:55 - 2013-12-11 14:55 - 00001896 _____ C:\Users\mullins4\Desktop\aswMBR.txt
2013-12-11 14:55 - 2013-12-11 14:55 - 00000512 _____ C:\Users\mullins4\Desktop\MBR.dat
2013-12-11 14:47 - 2013-12-11 14:52 - 04745728 _____ (AVAST Software) C:\Users\mullins4\Desktop\aswmbr.exe
2013-12-10 23:50 - 2013-12-10 23:50 - 00002697 _____ C:\Users\mullins4\Desktop\JRT.txt
2013-12-10 23:34 - 2013-12-10 23:34 - 00000000 ____D C:\Windows\ERUNT
2013-12-10 23:32 - 2013-12-10 23:32 - 01034531 _____ (Thisisu) C:\Users\mullins4\Desktop\JRT.exe
2013-12-10 23:20 - 2013-12-10 23:20 - 00002398 _____ C:\Users\mullins4\Desktop\AdwCleaner[S2].txt
2013-12-10 23:09 - 2013-12-10 23:09 - 01226802 _____ C:\Users\mullins4\Desktop\AdwCleaner.exe
2013-12-10 23:07 - 2013-12-10 23:07 - 00000207 _____ C:\Windows\tweaking.com-regbackup-MULLINS4-HP-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2013-12-10 23:05 - 2013-12-10 23:05 - 00000000 ____D C:\RegBackup
2013-12-10 23:04 - 2013-12-10 23:04 - 00002195 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2013-12-10 23:04 - 2013-12-10 23:04 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-12-10 23:03 - 2013-12-10 23:03 - 03927696 _____ C:\Users\mullins4\Desktop\tweaking.com_registry_backup_setup.exe
2013-12-07 22:03 - 2013-12-07 22:10 - 12701490 _____ C:\Users\mullins4\Desktop\Reason Limited test.wav
2013-12-07 12:26 - 2013-12-07 22:03 - 01048628 _____ C:\Users\mullins4\Documents\Reason Limited test.rltd
2013-12-05 07:25 - 2013-12-05 07:25 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2013-12-05 07:22 - 2013-12-05 07:23 - 32182752 _____ (IObit ) C:\Users\mullins4\Downloads\asc7setup{1}.exe
2013-12-03 17:31 - 2013-12-10 03:40 - 00000000 ____D C:\Users\mullins4\Documents\DB Mission album
2013-12-03 09:39 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-03 09:24 - 2013-12-03 09:24 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-03 09:24 - 2013-12-03 09:24 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-03 09:24 - 2013-12-03 09:24 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-03 09:24 - 2013-12-03 09:24 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-03 09:24 - 2013-12-03 09:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-03 09:24 - 2013-12-03 09:24 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-03 09:24 - 2013-12-03 09:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-03 09:22 - 2013-12-03 09:39 - 00008173 _____ C:\Windows\IE11_main.log
2013-12-02 18:19 - 2013-12-10 13:49 - 00013602 _____ C:\Windows\PFRO.log
2013-12-02 17:57 - 2013-11-29 20:14 - 00602112 _____ (OldTimer Tools) C:\Users\mullins4\Desktop\OTL.exe
2013-12-02 12:07 - 2013-12-12 11:57 - 00001624 _____ C:\Windows\setupact.log
2013-12-02 12:07 - 2013-12-02 12:07 - 00000000 _____ C:\Windows\setuperr.log
2013-12-02 12:06 - 2013-12-12 11:57 - 00350160 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-30 19:27 - 2013-12-10 23:15 - 00000000 ____D C:\AdwCleaner
2013-11-30 19:22 - 2013-12-02 09:06 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-11-30 19:22 - 2013-12-02 09:03 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip
2013-11-30 19:21 - 2013-12-02 09:05 - 00000000 ____D C:\Program Files (x86)\FileAssociationManager
2013-11-30 19:21 - 2013-11-30 19:21 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\FileAssociationManager
2013-11-30 18:42 - 2013-11-30 18:42 - 00000000 ____D C:\_OTL
2013-11-29 21:11 - 2013-12-02 18:14 - 00054544 _____ C:\Users\mullins4\Desktop\Extras.Txt
2013-11-29 21:08 - 2013-12-02 18:12 - 00128050 _____ C:\Users\mullins4\Desktop\OTL.Txt
2013-11-29 02:55 - 2013-11-29 03:00 - 133200385 _____ C:\Users\mullins4\Documents\Manga Studio Artwork.zip
2013-11-28 09:56 - 2013-11-28 09:56 - 00000000 ____D C:\Users\mullins4\SyncFolder
2013-11-27 13:09 - 2013-11-27 13:09 - 00098048 _____ C:\Users\mullins4\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-27 04:34 - 2013-12-02 12:41 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\AVG2014
2013-11-27 04:33 - 2013-11-27 04:33 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\TuneUp Software
2013-11-27 04:32 - 2013-12-02 14:33 - 00000000 ____D C:\ProgramData\AVG2014
2013-11-27 04:32 - 2013-11-27 04:32 - 00000000 ___HD C:\$AVG
2013-11-27 04:31 - 2013-12-02 12:37 - 00000000 ____D C:\Program Files (x86)\AVG
2013-11-27 04:28 - 2013-12-02 14:22 - 00000000 ____D C:\ProgramData\MFAData
2013-11-27 04:28 - 2013-11-27 04:37 - 00000000 ____D C:\Users\mullins4\AppData\Local\Avg2014
2013-11-27 04:28 - 2013-11-27 04:28 - 00000000 ____D C:\Users\mullins4\AppData\Local\MFAData
2013-11-27 03:58 - 2013-11-27 03:58 - 61210624 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2013-11-27 03:58 - 2013-11-27 03:58 - 00241664 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2013-11-27 03:58 - 2013-11-27 03:58 - 00061440 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2013-11-27 03:58 - 2013-11-27 03:58 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2013-11-27 03:48 - 2013-06-27 18:05 - 00027456 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-11-27 01:20 - 2013-11-27 01:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-11-27 01:20 - 2013-11-27 01:20 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-11-27 01:20 - 2013-11-27 01:20 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-11-27 01:17 - 2013-11-27 01:17 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-11-27 01:17 - 2013-11-27 01:17 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-11-27 00:56 - 2013-11-27 00:56 - 61210624 _____ C:\Windows\system32\config\SOFTWARE.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 43868160 _____ C:\Windows\system32\config\components.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00241664 _____ C:\Windows\system32\config\DEFAULT.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00061440 _____ C:\Windows\system32\config\SAM.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2013-11-27 00:48 - 2013-12-10 02:46 - 00000000 ____D C:\ProgramData\ProductData
2013-11-27 00:48 - 2013-12-02 14:38 - 00000000 ____D C:\ProgramData\IObit
2013-11-27 00:48 - 2013-12-02 14:23 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\IObit
2013-11-27 00:48 - 2013-11-27 00:48 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Apple Computer
2013-11-27 00:48 - 2013-11-27 00:48 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-27 00:46 - 2013-12-02 14:21 - 00000000 ____D C:\Program Files (x86)\IObit
2013-11-27 00:44 - 2013-11-27 00:45 - 32182752 _____ (IObit ) C:\Users\mullins4\Downloads\asc7setup.exe
2013-11-27 00:33 - 2013-11-27 00:33 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.3752.dll
2013-11-25 04:36 - 2013-12-06 09:48 - 00000000 ____D C:\Users\mullins4\Documents\Boys of GI cover photo 11-25-13
2013-11-25 02:59 - 2013-12-05 07:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-23 02:14 - 2013-11-25 03:29 - 00000000 ____D C:\Users\mullins4\Documents\Joel Jameson 11-23-13
2013-11-22 19:32 - 2013-12-02 12:12 - 00000000 ____D C:\Users\mullins4\AppData\Local\TLworks
2013-11-19 19:28 - 2013-11-25 03:51 - 00000000 ____D C:\Users\mullins4\Documents\Phil and Monica 11-19-13
2013-11-18 17:57 - 2013-11-21 00:51 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall profile pic 11-18-13
2013-11-18 14:54 - 2013-12-02 14:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 14:54 - 2013-11-18 14:54 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Malwarebytes
2013-11-14 00:15 - 2013-11-25 14:49 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall cover photo 11-14-13
2013-11-13 07:40 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 07:40 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 07:39 - 2013-10-03 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 07:39 - 2013-10-03 21:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 07:39 - 2013-10-03 21:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 07:39 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 07:39 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 07:39 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 07:39 - 2013-09-27 20:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 07:39 - 2013-09-24 21:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 07:39 - 2013-09-24 21:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 07:39 - 2013-09-24 21:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 07:39 - 2013-09-24 21:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 07:39 - 2013-09-24 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 07:39 - 2013-09-24 21:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 07:39 - 2013-09-24 21:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 07:39 - 2013-09-24 21:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 07:39 - 2013-09-24 20:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 07:39 - 2013-09-24 20:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 07:39 - 2013-09-24 20:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 07:39 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 07:39 - 2013-09-24 20:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 07:39 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 07:38 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 07:38 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 07:38 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 07:38 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 07:38 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 07:38 - 2013-10-02 21:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 07:38 - 2013-10-02 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

==================== One Month Modified Files and Folders =======

2013-12-12 17:39 - 2013-12-12 17:39 - 00029658 _____ C:\Users\mullins4\Desktop\FRST.txt
2013-12-12 17:34 - 2013-12-12 17:34 - 01927274 _____ (Farbar) C:\Users\mullins4\Desktop\FRST64.exe
2013-12-12 17:29 - 2013-04-09 12:52 - 00003950 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5F55642F-E79F-43B5-8AA5-9F511280A872}
2013-12-12 17:29 - 2011-08-25 03:44 - 01421199 _____ C:\Windows\WindowsUpdate.log
2013-12-12 17:28 - 2013-04-17 18:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-12 14:05 - 2013-12-12 02:49 - 00000000 ____D C:\Users\mullins4\Documents\Mary with Bree's Mary drawing
2013-12-12 12:02 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-12 12:02 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-12 12:01 - 2009-07-14 00:13 - 00726320 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-12 11:58 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-12 11:57 - 2013-12-02 12:07 - 00001624 _____ C:\Windows\setupact.log
2013-12-12 11:57 - 2013-12-02 12:06 - 00350160 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 11:57 - 2013-11-09 19:34 - 00000596 _____ C:\Windows\Tasks\Scheduled scanning task.job
2013-12-12 11:57 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-12 11:35 - 2013-12-11 14:59 - 00000000 ____D C:\FRST
2013-12-12 00:02 - 2013-11-09 19:34 - 00003372 _____ C:\Windows\System32\Tasks\Scheduled scanning task
2013-12-11 22:23 - 2013-12-11 22:23 - 40217751 _____ C:\Users\mullins4\Downloads\FreeCCMXMas2013.zip
2013-12-11 21:35 - 2013-05-01 18:21 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-12-11 21:35 - 2013-04-17 17:33 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-12-11 17:03 - 2013-12-11 17:03 - 00001734 _____ C:\Users\mullins4\Documents\Fireflies lyrics.txt
2013-12-11 14:55 - 2013-12-11 14:55 - 00001896 _____ C:\Users\mullins4\Desktop\aswMBR.txt
2013-12-11 14:55 - 2013-12-11 14:55 - 00000512 _____ C:\Users\mullins4\Desktop\MBR.dat
2013-12-11 14:52 - 2013-12-11 14:47 - 04745728 _____ (AVAST Software) C:\Users\mullins4\Desktop\aswmbr.exe
2013-12-11 14:44 - 2013-04-17 18:14 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 14:44 - 2013-04-17 18:14 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 14:44 - 2011-07-23 16:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 23:50 - 2013-12-10 23:50 - 00002697 _____ C:\Users\mullins4\Desktop\JRT.txt
2013-12-10 23:34 - 2013-12-10 23:34 - 00000000 ____D C:\Windows\ERUNT
2013-12-10 23:32 - 2013-12-10 23:32 - 01034531 _____ (Thisisu) C:\Users\mullins4\Desktop\JRT.exe
2013-12-10 23:20 - 2013-12-10 23:20 - 00002398 _____ C:\Users\mullins4\Desktop\AdwCleaner[S2].txt
2013-12-10 23:15 - 2013-11-30 19:27 - 00000000 ____D C:\AdwCleaner
2013-12-10 23:09 - 2013-12-10 23:09 - 01226802 _____ C:\Users\mullins4\Desktop\AdwCleaner.exe
2013-12-10 23:07 - 2013-12-10 23:07 - 00000207 _____ C:\Windows\tweaking.com-regbackup-MULLINS4-HP-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2013-12-10 23:05 - 2013-12-10 23:05 - 00000000 ____D C:\RegBackup
2013-12-10 23:04 - 2013-12-10 23:04 - 00002195 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2013-12-10 23:04 - 2013-12-10 23:04 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-12-10 23:03 - 2013-12-10 23:03 - 03927696 _____ C:\Users\mullins4\Desktop\tweaking.com_registry_backup_setup.exe
2013-12-10 21:29 - 2013-07-13 21:07 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Skype
2013-12-10 16:59 - 2013-04-25 12:13 - 00003204 _____ C:\Windows\System32\Tasks\HPCeeScheduleFormullins4
2013-12-10 16:59 - 2013-04-25 12:13 - 00000344 _____ C:\Windows\Tasks\HPCeeScheduleFormullins4.job
2013-12-10 16:16 - 2013-04-10 11:42 - 00000000 ____D C:\Users\mullins4\Documents\Youcam
2013-12-10 14:46 - 2013-04-10 07:34 - 00000000 ____D C:\Users\mullins4\AppData\Local\CrashDumps
2013-12-10 13:49 - 2013-12-02 18:19 - 00013602 _____ C:\Windows\PFRO.log
2013-12-10 13:31 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-12-10 03:40 - 2013-12-03 17:31 - 00000000 ____D C:\Users\mullins4\Documents\DB Mission album
2013-12-10 03:26 - 2013-07-10 16:36 - 00000000 ____D C:\Users\mullins4\Documents\Sandi Price 7-10-13
2013-12-10 03:20 - 2013-09-30 02:51 - 00000000 ____D C:\Users\mullins4\Documents\LGI book 1
2013-12-10 02:46 - 2013-11-27 00:48 - 00000000 ____D C:\ProgramData\ProductData
2013-12-07 22:10 - 2013-12-07 22:03 - 12701490 _____ C:\Users\mullins4\Desktop\Reason Limited test.wav
2013-12-07 22:03 - 2013-12-07 12:26 - 01048628 _____ C:\Users\mullins4\Documents\Reason Limited test.rltd
2013-12-06 16:59 - 2013-05-09 23:06 - 00003224 _____ C:\Windows\System32\Tasks\HPCeeScheduleForMULLINS4-HP$
2013-12-06 16:59 - 2013-05-09 23:06 - 00000348 _____ C:\Windows\Tasks\HPCeeScheduleForMULLINS4-HP$.job
2013-12-06 09:48 - 2013-11-25 04:36 - 00000000 ____D C:\Users\mullins4\Documents\Boys of GI cover photo 11-25-13
2013-12-05 07:25 - 2013-12-05 07:25 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2013-12-05 07:23 - 2013-12-05 07:22 - 32182752 _____ (IObit ) C:\Users\mullins4\Downloads\asc7setup{1}.exe
2013-12-05 07:18 - 2013-11-25 02:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-03 17:48 - 2013-10-05 18:01 - 00000000 ____D C:\Users\mullins4\Documents\ELC cover photo (10-5-13)
2013-12-03 17:39 - 2013-08-30 02:36 - 00000000 ____D C:\Users\mullins4\Documents\NeonBullet new cover photo 8-30-13
2013-12-03 17:37 - 2013-07-19 23:44 - 00000000 ____D C:\Users\mullins4\Documents\NeonBullet fb 4
2013-12-03 17:37 - 2013-05-21 05:55 - 00000000 ____D C:\Users\mullins4\Documents\Ben mullins Music facebook picture
2013-12-03 17:32 - 2013-07-17 04:45 - 00000000 ____D C:\Users\mullins4\Documents\GIPD picture 7-17-13
2013-12-03 17:31 - 2013-07-20 23:39 - 00000000 ____D C:\Users\mullins4\Documents\Doovie Bros logo 2
2013-12-03 17:02 - 2013-05-30 00:06 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall island project
2013-12-03 17:01 - 2013-08-27 03:05 - 00000000 ____D C:\Users\mullins4\Documents\Phil with Monica
2013-12-03 14:13 - 2013-07-04 17:57 - 00000000 ____D C:\Users\mullins4\AppData\Local\Amazon Cloud Player
2013-12-03 12:46 - 2013-08-09 02:22 - 00000000 ____D C:\Users\mullins4\Documents\Marlean cover photo 8-9-13
2013-12-03 09:58 - 2013-04-10 00:43 - 00001979 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-12-03 09:46 - 2013-04-09 12:52 - 00001413 _____ C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-03 09:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-03 09:39 - 2013-12-03 09:22 - 00008173 _____ C:\Windows\IE11_main.log
2013-12-03 09:35 - 2011-07-23 16:04 - 00000000 ____D C:\Program Files (x86)\HP Games
2013-12-03 09:27 - 2011-07-23 16:04 - 00000000 ____D C:\ProgramData\WildTangent
2013-12-03 09:24 - 2013-12-03 09:24 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-03 09:24 - 2013-12-03 09:24 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-03 09:24 - 2013-12-03 09:24 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-03 09:24 - 2013-12-03 09:24 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-03 09:24 - 2013-12-03 09:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-03 09:24 - 2013-12-03 09:24 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-03 09:24 - 2013-12-03 09:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-03 09:24 - 2013-12-03 09:24 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-03 09:24 - 2013-12-03 09:24 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-02 18:14 - 2013-11-29 21:11 - 00054544 _____ C:\Users\mullins4\Desktop\Extras.Txt
2013-12-02 18:12 - 2013-11-29 21:08 - 00128050 _____ C:\Users\mullins4\Desktop\OTL.Txt
2013-12-02 15:01 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-12-02 15:01 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-12-02 14:40 - 2013-07-04 17:57 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2013-12-02 14:39 - 2013-04-09 20:38 - 00000000 ____D C:\Users\mullins4\AppData\Local\Adobe
2013-12-02 14:39 - 2013-04-09 13:01 - 00000000 ____D C:\Users\mullins4\AppData\Local\Hewlett-Packard
2013-12-02 14:38 - 2013-11-27 00:48 - 00000000 ____D C:\ProgramData\IObit
2013-12-02 14:38 - 2013-04-10 01:04 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-02 14:38 - 2011-07-23 16:11 - 00000000 ____D C:\ProgramData\RoxioNow
2013-12-02 14:37 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-12-02 14:35 - 2011-07-23 15:55 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-12-02 14:34 - 2013-11-05 16:06 - 00000000 ____D C:\Program Files (x86)\Charter Security Suite
2013-12-02 14:34 - 2013-04-10 01:04 - 00000000 ____D C:\Program Files (x86)\Bamboo Dock
2013-12-02 14:33 - 2013-11-27 04:32 - 00000000 ____D C:\ProgramData\AVG2014
2013-12-02 14:27 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2013-12-02 14:25 - 2011-08-25 03:44 - 00000000 ____D C:\Windows\system32\SRSLabs
2013-12-02 14:25 - 2011-07-23 16:25 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2013-12-02 14:25 - 2011-07-23 16:13 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-12-02 14:25 - 2011-07-23 16:02 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-12-02 14:25 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-12-02 14:25 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-12-02 14:25 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-12-02 14:25 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-12-02 14:25 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\system32\winrm
2013-12-02 14:25 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\system32\WCN
2013-12-02 14:25 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\system32\slmgr
2013-12-02 14:25 - 2010-11-21 02:06 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-12-02 14:25 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\SysWOW64\WindowsPowerShell
2013-12-02 14:25 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\WindowsPowerShell
2013-12-02 14:25 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Web
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Vss
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\spp
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Speech
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\NetworkList
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Msdtc
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\InstallShield
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\IME
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\com
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\spp
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\spool
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Speech
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\SMI
2013-12-02 14:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\oobe
2013-12-02 14:24 - 2013-04-17 18:13 - 00000000 ____D C:\Windows\system32\Macromed
2013-12-02 14:24 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\Performance
2013-12-02 14:24 - 2009-07-13 23:45 - 00000000 ____D C:\Windows\Setup
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 __RSD C:\Windows\Media
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NetworkList
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\MUI
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Msdtc
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\migwiz
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\IME
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Dism
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\com
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Speech
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\servicing
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\security
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\schemas
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Resources
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PLA
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\IME
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Help
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Globalization
2013-12-02 14:24 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Branding
2013-12-02 14:23 - 2013-11-27 00:48 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\IObit
2013-12-02 14:23 - 2013-09-16 19:43 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Line 6
2013-12-02 14:23 - 2013-09-04 01:52 - 00000000 ____D C:\Users\mullins4\Documents\The DoovieTube Machine 9413
2013-12-02 14:23 - 2013-08-25 21:52 - 00000000 ____D C:\Users\mullins4\Documents\Bree kissing Benson picture
2013-12-02 14:23 - 2013-08-08 01:00 - 00000000 ____D C:\Users\mullins4\Documents\Robotic Romance 2013 picture
2013-12-02 14:23 - 2013-08-04 03:26 - 00000000 ____D C:\Users\mullins4\Documents\Phil Marshall fb cover photo 8-4-13
2013-12-02 14:23 - 2013-07-19 23:09 - 00000000 ____D C:\Users\mullins4\Documents\NeonBullet fb 3
2013-12-02 14:23 - 2013-07-19 08:28 - 00000000 ____D C:\Users\mullins4\Documents\NeonBullet fb 2
2013-12-02 14:23 - 2013-07-19 07:45 - 00000000 ____D C:\Users\mullins4\Documents\NeonBullet fb page
2013-12-02 14:23 - 2013-07-15 23:57 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall 7-16-13
2013-12-02 14:23 - 2013-07-12 21:47 - 00000000 ____D C:\Users\mullins4\Documents\Doovie Bros fb picture 7-12-13
2013-12-02 14:23 - 2013-06-19 12:47 - 00000000 ____D C:\Users\mullins4\Documents\Jake Jacobs 6-19-13
2013-12-02 14:23 - 2013-06-18 22:45 - 00000000 ____D C:\Users\mullins4\Documents\Boe Joe 6-18-13
2013-12-02 14:23 - 2013-06-06 12:31 - 00000000 ____D C:\Users\mullins4\Documents\Hurricane Jane Stormi Peterson picture
2013-12-02 14:23 - 2013-06-05 07:43 - 00000000 ____D C:\Users\mullins4\Documents\NeonBullet faces picture
2013-12-02 14:23 - 2013-06-05 03:03 - 00000000 ____D C:\Users\mullins4\Documents\Stormi Peterson 6-5-13
2013-12-02 14:23 - 2013-05-27 13:52 - 00000000 ____D C:\Users\mullins4\Documents\Jake Jacobs verse picture
2013-12-02 14:23 - 2013-05-27 00:08 - 00000000 ____D C:\Users\mullins4\Documents\Lady Nature fb cover photo
2013-12-02 14:23 - 2013-05-22 14:29 - 00000000 ____D C:\Users\mullins4\Documents\Martha Regolski verse picture
2013-12-02 14:23 - 2013-04-30 00:19 - 00000000 ____D C:\Users\mullins4\Documents\Mary Regolski age 2 prayer
2013-12-02 14:23 - 2013-04-15 02:07 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall facebook picture 4-15-13
2013-12-02 14:23 - 2013-04-12 08:10 - 00000000 ____D C:\Users\mullins4\Documents\Cakewalk
2013-12-02 14:23 - 2013-04-12 08:10 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Cakewalk
2013-12-02 14:23 - 2013-04-11 07:02 - 00000000 ____D C:\Users\mullins4\Documents\MAGIX
2013-12-02 14:23 - 2013-04-11 07:02 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\MAGIX
2013-12-02 14:23 - 2013-04-11 06:56 - 00000000 ____D C:\Users\Public\Documents\MAGIX_Music_Maker_MX
2013-12-02 14:23 - 2013-04-10 18:54 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Ambient Design
2013-12-02 14:23 - 2013-04-10 11:42 - 00000000 ____D C:\Users\Public\CyberLink
2013-12-02 14:23 - 2013-04-10 01:16 - 00000000 ____D C:\Users\mullins4\Documents\Smith Micro
2013-12-02 14:23 - 2013-04-09 12:53 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Macromedia
2013-12-02 14:23 - 2013-04-09 12:53 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Adobe
2013-12-02 14:23 - 2013-04-09 12:48 - 00000000 ___RD C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-02 14:23 - 2013-04-09 12:48 - 00000000 ____D C:\Users\mullins4\AppData\Local\VirtualStore
2013-12-02 14:23 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\AppCompat
2013-12-02 14:22 - 2013-11-27 04:28 - 00000000 ____D C:\ProgramData\MFAData
2013-12-02 14:22 - 2013-11-18 14:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-02 14:22 - 2013-11-05 16:04 - 00000000 ____D C:\ProgramData\F-Secure
2013-12-02 14:22 - 2013-09-16 19:43 - 00000000 ____D C:\ProgramData\Line 6
2013-12-02 14:22 - 2013-09-16 19:43 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2013-12-02 14:22 - 2013-09-16 19:39 - 00000000 ____D C:\Program Files\Propellerhead
2013-12-02 14:22 - 2013-07-17 02:59 - 00000000 ____D C:\Users\mullins4\AppData\Local\ezvid,_inc
2013-12-02 14:22 - 2013-07-13 21:06 - 00000000 ____D C:\ProgramData\Skype
2013-12-02 14:22 - 2013-07-04 16:12 - 00000000 ____D C:\ProgramData\Acoustica
2013-12-02 14:22 - 2013-05-15 22:02 - 00000000 ____D C:\Program Files\IDT
2013-12-02 14:22 - 2013-04-17 18:11 - 00000000 ____D C:\Program Files\ATI Technologies
2013-12-02 14:22 - 2013-04-13 06:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-02 14:22 - 2013-04-12 08:05 - 00000000 ____D C:\Program Files\Cakewalk
2013-12-02 14:22 - 2013-04-12 07:56 - 00000000 ____D C:\ProgramData\Cakewalk
2013-12-02 14:22 - 2013-04-11 06:55 - 00000000 ____D C:\ProgramData\MAGIX
2013-12-02 14:22 - 2013-04-10 11:42 - 00000000 ____D C:\Users\mullins4\AppData\Local\CyberLink
2013-12-02 14:22 - 2013-04-10 11:42 - 00000000 ____D C:\ProgramData\CyberLink
2013-12-02 14:22 - 2013-04-10 01:03 - 00000000 ____D C:\Program Files\Tablet
2013-12-02 14:22 - 2013-04-09 12:49 - 00000000 ____D C:\Users\mullins4\AppData\Local\Hewlett-Packard_Company
2013-12-02 14:22 - 2011-08-25 03:57 - 00000000 ____D C:\ProgramData\Norton
2013-12-02 14:22 - 2011-08-25 03:51 - 00000000 ___RD C:\Program Files\Online Services
2013-12-02 14:22 - 2011-08-25 03:43 - 00000000 ____D C:\Program Files\Synaptics
2013-12-02 14:22 - 2011-08-25 03:42 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-12-02 14:22 - 2011-08-25 03:40 - 00000000 ____D C:\Program Files\ATI
2013-12-02 14:22 - 2011-07-23 16:19 - 00000000 ____D C:\ProgramData\Adobe
2013-12-02 14:22 - 2011-07-23 16:15 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-12-02 14:22 - 2011-07-23 16:14 - 00000000 ____D C:\Program Files\Windows Live
2013-12-02 14:22 - 2011-07-23 16:13 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-12-02 14:22 - 2011-07-23 16:12 - 00000000 ____D C:\ProgramData\Uninstall
2013-12-02 14:22 - 2011-07-23 16:11 - 00000000 ____D C:\ProgramData\Macrovision
2013-12-02 14:22 - 2011-06-13 23:09 - 00000000 ____D C:\Program Files\Hewlett-Packard
2013-12-02 14:22 - 2011-02-10 14:23 - 00000000 ___HD C:\SYSTEM.SAV
2013-12-02 14:22 - 2011-02-10 14:23 - 00000000 ____D C:\SWSetup
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\MSBuild
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Microsoft Games
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\DVD Maker
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-12-02 14:22 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-12-02 14:22 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Default
2013-12-02 14:22 - 2009-07-13 22:20 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-02 14:22 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Windows NT
2013-12-02 14:22 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-02 14:22 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2013-12-02 14:22 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2013-12-02 14:21 - 2013-11-27 00:46 - 00000000 ____D C:\Program Files (x86)\IObit
2013-12-02 14:21 - 2013-09-16 20:17 - 00000000 ____D C:\Program Files (x86)\Line6
2013-12-02 14:21 - 2013-07-15 10:38 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-02 14:21 - 2013-07-04 16:12 - 00000000 ____D C:\Program Files (x86)\Acoustica Mixcraft 6
2013-12-02 14:21 - 2013-04-13 06:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-02 14:21 - 2013-04-12 08:03 - 00000000 ____D C:\Program Files (x86)\IK Multimedia
2013-12-02 14:21 - 2013-04-12 07:56 - 00000000 ____D C:\Program Files (x86)\Cakewalk
2013-12-02 14:21 - 2013-04-12 07:56 - 00000000 ____D C:\Cakewalk Projects
2013-12-02 14:21 - 2013-04-11 06:55 - 00000000 ____D C:\Program Files (x86)\MAGIX
2013-12-02 14:21 - 2013-04-10 18:54 - 00000000 ____D C:\Program Files (x86)\Ambient Design
2013-12-02 14:21 - 2013-04-10 18:52 - 00000000 ____D C:\Program Files (x86)\Autodesk
2013-12-02 14:21 - 2013-04-10 01:14 - 00000000 ____D C:\Program Files (x86)\Smith Micro
2013-12-02 14:21 - 2013-04-09 20:08 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-02 14:21 - 2011-08-25 03:54 - 00000000 ____D C:\Program Files (x86)\CyberLink
2013-12-02 14:21 - 2011-08-25 03:47 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-12-02 14:21 - 2011-08-25 03:43 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-12-02 14:21 - 2011-08-25 03:42 - 00000000 ____D C:\Program Files (x86)\AMD APP
2013-12-02 14:21 - 2011-08-25 03:40 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-12-02 14:21 - 2011-07-23 16:24 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-02 14:21 - 2011-07-23 16:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-12-02 14:21 - 2011-07-23 16:16 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-12-02 14:21 - 2011-07-23 16:11 - 00000000 ____D C:\Program Files (x86)\Roxio
2013-12-02 14:21 - 2011-07-23 16:11 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2013-12-02 14:21 - 2011-07-23 16:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-02 14:21 - 2011-07-23 16:03 - 00000000 ___RD C:\Program Files (x86)\Online Services
2013-12-02 14:21 - 2011-07-23 16:03 - 00000000 ____D C:\Program Files (x86)\Evernote
2013-12-02 14:21 - 2011-07-23 16:02 - 00000000 ____D C:\Program Files (x86)\K-NFB Reading Technology Inc
2013-12-02 14:21 - 2011-05-20 12:18 - 00000000 ___HD C:\HP
2013-12-02 14:21 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-02 14:21 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-02 12:41 - 2013-11-27 04:34 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\AVG2014
2013-12-02 12:37 - 2013-11-27 04:31 - 00000000 ____D C:\Program Files (x86)\AVG
2013-12-02 12:34 - 2013-04-09 12:52 - 00000000 ___RD C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-02 12:12 - 2013-11-22 19:32 - 00000000 ____D C:\Users\mullins4\AppData\Local\TLworks
2013-12-02 12:07 - 2013-12-02 12:07 - 00000000 _____ C:\Windows\setuperr.log
2013-12-02 12:07 - 2013-04-09 12:48 - 00000000 ____D C:\Users\mullins4
2013-12-02 09:06 - 2013-11-30 19:22 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-12-02 09:05 - 2013-11-30 19:21 - 00000000 ____D C:\Program Files (x86)\FileAssociationManager
2013-12-02 09:03 - 2013-11-30 19:22 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip
2013-12-02 09:03 - 2013-05-30 18:21 - 00000000 ____D C:\Windows\Minidump
2013-11-30 19:21 - 2013-11-30 19:21 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\FileAssociationManager
2013-11-30 18:42 - 2013-11-30 18:42 - 00000000 ____D C:\_OTL
2013-11-29 20:14 - 2013-12-02 17:57 - 00602112 _____ (OldTimer Tools) C:\Users\mullins4\Desktop\OTL.exe
2013-11-29 03:00 - 2013-11-29 02:55 - 133200385 _____ C:\Users\mullins4\Documents\Manga Studio Artwork.zip
2013-11-28 09:56 - 2013-11-28 09:56 - 00000000 ____D C:\Users\mullins4\SyncFolder
2013-11-28 09:48 - 2007-01-01 20:25 - 00000000 ____D C:\Windows\Panther
2013-11-27 13:09 - 2013-11-27 13:09 - 00098048 _____ C:\Users\mullins4\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-27 04:37 - 2013-11-27 04:28 - 00000000 ____D C:\Users\mullins4\AppData\Local\Avg2014
2013-11-27 04:33 - 2013-11-27 04:33 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\TuneUp Software
2013-11-27 04:32 - 2013-11-27 04:32 - 00000000 ___HD C:\$AVG
2013-11-27 04:28 - 2013-11-27 04:28 - 00000000 ____D C:\Users\mullins4\AppData\Local\MFAData
2013-11-27 03:58 - 2013-11-27 03:58 - 61210624 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2013-11-27 03:58 - 2013-11-27 03:58 - 00241664 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2013-11-27 03:58 - 2013-11-27 03:58 - 00061440 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2013-11-27 03:58 - 2013-11-27 03:58 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2013-11-27 01:20 - 2013-11-27 01:20 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-11-27 01:20 - 2013-11-27 01:20 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-11-27 01:20 - 2013-11-27 01:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-11-27 01:20 - 2013-11-27 01:20 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-11-27 01:20 - 2013-11-27 01:20 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-11-27 01:20 - 2013-11-27 01:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-11-27 01:17 - 2013-11-27 01:17 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-11-27 01:17 - 2013-11-27 01:17 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-11-27 01:16 - 2013-07-04 16:14 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acoustica Mixcraft 6
2013-11-27 00:56 - 2013-11-27 00:56 - 61210624 _____ C:\Windows\system32\config\SOFTWARE.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 43868160 _____ C:\Windows\system32\config\components.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00241664 _____ C:\Windows\system32\config\DEFAULT.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00061440 _____ C:\Windows\system32\config\SAM.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2013-11-27 00:48 - 2013-11-27 00:48 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Apple Computer
2013-11-27 00:48 - 2013-11-27 00:48 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-27 00:45 - 2013-11-27 00:44 - 32182752 _____ (IObit ) C:\Users\mullins4\Downloads\asc7setup.exe
2013-11-27 00:33 - 2013-11-27 00:33 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.3752.dll
2013-11-26 06:54 - 2013-12-12 11:32 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 05:19 - 2013-12-12 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 05:18 - 2013-12-12 11:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 05:11 - 2013-12-12 11:32 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 04:48 - 2013-12-12 11:32 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 04:46 - 2013-12-12 11:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 04:41 - 2013-12-12 11:32 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 04:29 - 2013-12-12 11:32 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 04:27 - 2013-12-12 11:32 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 04:23 - 2013-12-12 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 04:21 - 2013-12-12 11:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 04:18 - 2013-12-12 11:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 04:18 - 2013-12-12 11:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 04:16 - 2013-12-12 11:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 03:57 - 2013-12-12 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 03:38 - 2013-12-12 11:32 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 03:38 - 2013-12-12 11:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 03:35 - 2013-12-12 11:32 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 03:32 - 2013-12-12 11:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 03:28 - 2013-12-12 11:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 03:16 - 2013-12-12 11:32 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 03:02 - 2013-12-12 11:32 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 02:48 - 2013-12-12 11:32 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 02:32 - 2013-12-12 11:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 02:26 - 2013-12-12 11:32 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 02:07 - 2013-12-12 11:32 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 01:40 - 2013-12-12 11:32 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 01:34 - 2013-12-12 11:32 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 01:34 - 2013-12-12 11:32 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 01:33 - 2013-12-12 11:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 01:27 - 2013-12-12 11:32 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-25 16:27 - 2013-11-09 06:36 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall profile picture 11-7-13 full
2013-11-25 14:49 - 2013-11-14 00:15 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall cover photo 11-14-13
2013-11-25 03:58 - 2013-05-14 23:57 - 00000000 ____D C:\Users\mullins4\Documents\Doovie Bros Walk Into The Light cover
2013-11-25 03:57 - 2013-09-30 03:46 - 00000000 ____D C:\Users\mullins4\Documents\Toby Tyball solo album 2
2013-11-25 03:51 - 2013-11-19 19:28 - 00000000 ____D C:\Users\mullins4\Documents\Phil and Monica 11-19-13
2013-11-25 03:38 - 2013-06-22 15:11 - 00000000 ____D C:\Users\mullins4\Documents\Girl Island map full
2013-11-25 03:38 - 2013-05-23 23:34 - 00000000 ____D C:\Users\mullins4\Documents\Kathy Miller 5-23-13
2013-11-25 03:36 - 2013-07-20 13:38 - 00000000 ____D C:\Users\mullins4\Documents\ELC new logo 7-20-13
2013-11-25 03:34 - 2013-07-23 21:31 - 00000000 ____D C:\Users\mullins4\Documents\Mary Regolski (7-23-13)
2013-11-25 03:29 - 2013-11-23 02:14 - 00000000 ____D C:\Users\mullins4\Documents\Joel Jameson 11-23-13
2013-11-24 04:35 - 2013-06-03 17:20 - 00000000 ____D C:\Users\mullins4\Documents\Super-Christian 6-3-13
2013-11-23 13:26 - 2013-12-11 15:12 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-23 12:47 - 2013-12-11 15:12 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-23 01:31 - 2013-06-03 21:19 - 00000000 ____D C:\Users\mullins4\Documents\Joel Jameson 6-3-13
2013-11-22 19:32 - 2013-04-30 23:07 - 00000000 ____D C:\Users\mullins4\AppData\Local\{D9349FB2-6D1A-4DCF-AD35-935F48D618BC}
2013-11-21 16:55 - 2013-09-15 18:35 - 00000000 ____D C:\Users\mullins4\Documents\For A Reason picture
2013-11-21 00:59 - 2013-04-30 23:06 - 00000000 ____D C:\Users\mullins4\Documents\LGI comic 1 cover
2013-11-21 00:58 - 2013-07-18 06:23 - 00000000 ____D C:\Users\mullins4\Documents\Brian and Kathy traditional marriage
2013-11-21 00:55 - 2013-07-28 22:23 - 00000000 ____D C:\Users\mullins4\Documents\Michelle McDonald 7-28-13
2013-11-21 00:54 - 2013-04-10 07:11 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall keytar
2013-11-21 00:53 - 2013-09-12 11:33 - 00000000 ____D C:\Users\mullins4\Documents\Citrene B-day picture
2013-11-21 00:51 - 2013-11-18 17:57 - 00000000 ____D C:\Users\mullins4\Documents\Mary Marshall profile pic 11-18-13
2013-11-18 17:17 - 2013-10-02 15:39 - 00000000 ____D C:\Users\mullins4\Documents\Toby Tyball solo album 3
2013-11-18 17:09 - 2013-11-10 03:46 - 00000000 ____D C:\Users\mullins4\Documents\Mary Brandi and Jess picture 11-10-13
2013-11-18 17:02 - 2013-05-15 01:39 - 00000000 ____D C:\Users\mullins4\Documents\Doovie Bros The Island Project cover
2013-11-18 14:54 - 2013-11-18 14:54 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\Malwarebytes
2013-11-15 13:25 - 2013-08-02 01:45 - 00000000 ____D C:\Users\mullins4\Documents\Doovie Delights teaser cover photo
2013-11-14 09:54 - 2013-07-25 08:54 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 09:48 - 2013-05-12 19:47 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 00:30 - 2013-10-26 22:48 - 00000000 ____D C:\Users\mullins4\Documents\Phil Marshall plain cover photo

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3752.dll


Some content of TEMP:
====================
C:\Users\mullins4\AppData\Local\Temp\1371786419_Cloud_Backup_Setup.exe
C:\Users\mullins4\AppData\Local\Temp\1384266401_wedownload_manager_pro_1.exe
C:\Users\mullins4\AppData\Local\Temp\BackupSetup.exe
C:\Users\mullins4\AppData\Local\Temp\offer3.exe
C:\Users\mullins4\AppData\Local\Temp\oi_{64073A83-8302-4AA6-AB18-684D56AC87DE}.exe
C:\Users\mullins4\AppData\Local\Temp\oi_{8284E938-B5FE-4359-9AAA-E4E78E250D41}.exe
C:\Users\mullins4\AppData\Local\Temp\Quarantine.exe
C:\Users\mullins4\AppData\Local\Temp\safeguard.exe
C:\Users\mullins4\AppData\Local\Temp\sp_downloader.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-10 13:18

==================== End Of Log ============================
  • 0

#24
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-12-2013 03
Ran by mullins4 at 2013-12-12 17:41:13
Running from C:\Users\mullins4\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Computer Security (Disabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Computer Security (Disabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acoustica Mixcraft 6 (x32 Version: b216)
Adobe AIR (x32 Version: 2.6.0.19140)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8)
Adobe Shockwave Player 11.5 (x32 Version: 11.5.9.620)
Amazon Cloud Player (HKCU Version: 1.5.0.341)
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Catalyst Install Manager (Version: 3.0.847.0)
AMD Fuel (Version: 2011.0928.607.9079)
AMD Media Foundation Decoders (Version: 1.0.60705.1113)
AmpliTube X-GEAR (x32 Version: 1.1.0)
ArtRage Studio (x32 Version: 3.5.4)
Audio Creator LE 1.5 (x32 Version: 1.5)
Autodesk SketchBook Express 2011 sp2 (x32 Version: 5.20.0000)
Bamboo Dock (x32 Version: 4.1)
Bamboo Dock (x32 Version: 4.1.0)
Blio (x32 Version: 2.2.6699)
Cakewalk Sound Center 1.0.0 (x32 Version: 1.0.0)
Cakewalk VST Adapter 4 (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center InstallProxy (x32 Version: 2011.0928.607.9079)
Charter Security Suite (x32 Version: 1.83.311.0)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Computer Security 12.83.104.0 (release) (x32 Version: 12.83.104.0)
CyberLink YouCam (x32 Version: 3.5.1.4119)
D3DX10 (x32 Version: 15.4.2368.0902)
DreamStation DXi2 (x32)
ESU for Microsoft Windows 7 SP1 (x32 Version: 2.1.1)
Evernote v. 4.2.3 (x32 Version: 4.2.3.22)
Ezvid (x32 Version: 0978)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.27.0)
F-Secure CCF Reputation (x32 Version: 1.0.25.1877)
F-Secure CCF Scanning 1.23.124.8831 (release) (x32 Version: 1.23.124.8831)
F-Secure Network CCF 1.02.128 (x32 Version: 1.02.128.1)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Documentation (x32 Version: 1.1.0.0)
HP Launch Box (Version: 1.0.11)
HP MovieStore (x32 Version: 1.0.057)
HP MovieStore (x32 Version: 2.0)
HP On Screen Display (x32 Version: 1.3.5)
HP Power Manager (x32 Version: 1.4.7)
HP Quick Launch (x32 Version: 2.7.2)
HP QuickWeb (x32 Version: 3.1.0.9760)
HP Setup (x32 Version: 8.7.4751.3798)
HP Setup Manager (x32 Version: 1.1.13476.3753)
HP Software Framework (x32 Version: 4.6.10.1)
HP Support Assistant (x32 Version: 7.0.39.15)
IDT Audio (x32 Version: 1.0.6341.0)
Java Auto Updater (x32 Version: 2.0.7.2)
Java™ 6 Update 38 (x32 Version: 6.0.380)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Line 6 Uninstaller (x32 Version: )
MAGIX Goya burnR (MSI) (x32 Version: 4.3.1.6)
MAGIX Music Maker MX (x32 Version: 18.0.0.42)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.1.27)
Manga Studio Debut 4.0 (x32)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Music Creator 5 (x32 Version: 17.0)
Online Safety 2.83.1329.952 (x32 Version: 2.83.1329.952)
PlayReady PC Runtime x86 (x32 Version: 1.3.0)
Realtek Ethernet Controller Driver (x32 Version: 7.40.126.2011)
Realtek PCIE Card Reader (x32 Version: 6.1.7601.83)
REALTEK Wireless LAN Driver (x32 Version: 1.00.11.0706)
Reason Limited 1.0.2 (Version: 1.0.2)
Recovery Manager (x32 Version: 2.0.0)
RoxioNow Player (x32 Version: 1.9.5.103)
Samplitude Music Studio MX (x32 Version: 18.0.0.42)
ScorpionSaver (x32 Version: 1.0.0.0) <==== ATTENTION
Skype™ 5.10 (x32 Version: 5.10.116)
Studio Instruments 1.0 (Version: 1.0)
Surfing Protection (x32 Version: 1.0)
Synaptics Pointing Device Driver (Version: 15.3.11.0)
Text-To-Speech-Runtime (x32 Version: 1.0.0.0)
Tweaking.com - Registry Backup (x32 Version: 1.6.8)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1)
Wacom (Version: 5.3.2-1)
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.2)
WebTablet FB Plugin 64 bit (Version: 2.1.0.2)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

==================== Restore Points =========================

27-11-2013 09:30:47 Installed AVG 2014
27-11-2013 09:31:57 Installed AVG 2014
27-11-2013 17:53:27 Driver Booster : AMD Radeon HD 6320 Graphics
28-11-2013 08:00:45 Windows Update
30-11-2013 01:45:04 OTL Restore Point - 11/29/2013 8:44:58 PM
02-12-2013 13:43:39 Restore Operation
02-12-2013 17:19:26 Windows Update
02-12-2013 18:06:18 Removed ScorpionSaver
03-12-2013 14:21:15 Windows Update
10-12-2013 18:27:16 Scheduled Checkpoint
11-12-2013 07:59:50 Windows Update
12-12-2013 16:30:54 Windows Update

==================== Hosts content: ==========================

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {170BC8C5-31C2-49C7-95B5-E2F38A5D9067} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {1B9B3DDB-98FA-47FE-BB29-BF0489722707} - System32\Tasks\HPCeeScheduleFormullins4 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {30FBDB05-230F-412C-A9CE-5E572DC5F37D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {41D02DD8-9892-4116-8D88-583E0170FAD7} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-06-15] (CyberLink)
Task: {493D889E-4B01-4464-8B47-E9A30A40ACC4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {B878C46B-8322-4330-BEA9-DA3F5B3CC9F6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-09-23] (Hewlett-Packard Company)
Task: {BF6873AD-7BEC-4CC8-98DD-0389D2F0F347} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {DBB816B2-CFCA-45AA-9EC2-379DEB3E728F} - System32\Tasks\Scheduled scanning task => C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fsav.exe [2013-08-14] (F-Secure Corporation)
Task: {E7F72CA4-3708-49A8-8686-ED72371452E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {FC83019C-6A90-4678-80B8-7B71B8813478} - System32\Tasks\HPCeeScheduleForMULLINS4-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMULLINS4-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleFormullins4.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Scheduled scanning task.job => C:\PROGRA~2\CHARTE~1\apps\COMPUT~1\ANTI-V~1\fsav.exe

==================== Loaded Modules (whitelisted) =============

2013-04-10 01:03 - 2012-12-11 12:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-11-09 18:42 - 2013-08-14 07:22 - 00045504 _____ () C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\FSAVHRES.ENG
2013-05-15 16:05 - 2013-05-15 16:05 - 00220096 _____ () C:\Program Files (x86)\Charter Security Suite\daas2.dll
2013-11-09 19:33 - 2013-11-09 19:33 - 00030888 _____ () C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2013-11-09 18:42 - 2013-12-10 21:38 - 00212008 _____ () C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Spam Control\fsas.dll
2013-11-09 18:42 - 2013-11-09 18:46 - 00949184 _____ () C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\Anti-Virus\fm4av.dll
2012-10-16 04:39 - 2012-10-16 04:39 - 00060504 _____ () C:\Program Files (x86)\Bamboo Dock\BambooWinTab.dll
2013-11-05 16:06 - 2013-11-05 16:06 - 00593464 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
2013-11-09 18:42 - 2013-08-14 07:22 - 00056256 _____ () C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\FSGUI\fsavures.ENG
2013-11-09 18:42 - 2013-08-14 07:22 - 00154560 _____ () C:\Program Files (x86)\Charter Security Suite\apps\ComputerSecurity\FSGUI\flyerres.ENG

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/12/2013 11:58:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2013 00:01:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/12/2013 11:59:25 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

Error: (12/12/2013 11:57:18 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (12/11/2013 07:38:36 PM) (Source: DCOM) (User: mullins4-HP)
Description: application-specificLocalActivation{204810B9-73B2-11D4-BF42-00B0D0118B56}{E495081B-BBA5-4B89-BA3C-3B86A686B87A}mullins4-HPmullins4S-1-5-21-2703072250-3418364838-736424028-1001LocalHost (Using LRPC)

Error: (12/11/2013 00:00:34 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126


Microsoft Office Sessions:
=========================
Error: (12/12/2013 11:58:00 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2013 00:01:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 40%
Total physical RAM: 3689.41 MB
Available physical RAM: 2181.66 MB
Total Pagefile: 7376.99 MB
Available Pagefile: 5591.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:447.78 GB) (Free:363.4 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:13.82 GB) (Free:1.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.1 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 533D6125)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

==================== End Of Log ============================
  • 0

#25
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

The additional log looks a lot larger, but I don't know if it's complete. Hopefully it worked this time. :)

Absoutely fine this time, thank you. Lets proceed as follows shall we...

Next:

Are you aware the Folder Options Policy's for your machine have been disabled ? If not and you wish to re-enable, how to do so can be read here.

Now some friendly advise concerning the software vendor IObit. Apart the fact they are deemed rogue for the reason outlined here all of their software is beyond dire and has the capacity to render a machine little more than a expensive door stop! So it would be prudent never to install anything from that vendor again, it appears none of the related software is no longer installed but a lot has been left behind which we will address as part of the custom FRST script below.

Are you aware your currently installed Charter/F-Secure security software appears to be disabled ? If not do re-enable after completing the below.

Java Advice:

There has been a recent severe exploitation of this software. Even though this exploit has been reportedly fixed there is still a vulnerability with the software, the below is currently all that it is installed Java related:-

Java™ 6 Update 38

So you need to uninstall the aforementioned(if still present via Uninstall a program or Programs and Features located in the Control Panel)...Your choice if you wish to go ahead and reinstall but I advise against it and for the present I do not even have anything Java related installed on my machines.

Please let myself know what you wish to do about this in your next reply please and if you opt to re-install I will provide both the appropriate instructions and safety advice.

Cusrtom FRST Script:

Please download the attached fixlist.txt(see below) and save to the desktop.



  • Now right-click on FRST.exe and select Run as Administrator to start FRST.
  • Then click on the Fix button/radio tab >> at the Fix completed prompt click on OK
  • A log will now open named Fixlog and it will also be on the desktop >> close FRST.
  • Reboot your machine(ensure you do this) and post the contents of the aforementioned Fixlog in your next reply.
Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.

Malwarebytes Anti-Malware:

Please download the installer for Malwarebytes' Anti-Malware to your desktop.

Note: The installer will be randomaly named, say for example something like 549od2jqai.exe

  • Right-click on the randomaly named exe file and select Run as Administrator, then follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
When the program loads, Decline the Malwarebytes' Anti-Malware Trial (You can activate this when we've finished, if you so wish)
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please post that log in your next reply.
The log can also be found here:

  • Launch Malwarebytes' Anti-Malware
  • Click on the Logs radio tab.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Next:

When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any further symptoms and or problems encountered ?
  • Your decision about a new Java installation.
  • Custom FRST Log.
  • Malwarebytes Anti-Malware Log.

  • 0

Advertisements


#26
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Well update on how the computer is running, it seems to be running ok still. One thing I notice, is every time I restart the computer, a window pops up once it's restarted and says something failed to load or something. It's done that for a little while now. I'll post a screen shot of the message in an attachment. :)

RegSvr32 problem.png

About the Java, I've decided to go ahead and uninstall it. I don't use it much... I don't think anyway. :)

Alright, I'll post the logs in separate replies.
  • 0

#27
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-12-2013 01
Ran by mullins4 at 2013-12-13 13:50:43 Run:1
Running from C:\Users\mullins4\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [ ] ()
C:\Program Files (x86)\SearchProtect
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.nation...q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.nation...q={searchTerms}
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2150208 2013-09-27] (IObit)
2013-11-27 04:34 - 2013-12-02 12:41 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\AVG2014
2013-11-27 04:33 - 2013-11-27 04:33 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\TuneUp Software
2013-11-27 04:32 - 2013-12-02 14:33 - 00000000 ____D C:\ProgramData\AVG2014
2013-11-27 04:32 - 2013-11-27 04:32 - 00000000 ___HD C:\$AVG
2013-11-27 04:31 - 2013-12-02 12:37 - 00000000 ____D C:\Program Files (x86)\AVG
2013-11-27 04:28 - 2013-11-27 04:37 - 00000000 ____D C:\Users\mullins4\AppData\Local\Avg2014
2013-11-27 03:48 - 2013-06-27 18:05 - 00027456 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2013-11-27 00:56 - 2013-11-27 00:56 - 61210624 _____ C:\Windows\system32\config\SOFTWARE.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 43868160 _____ C:\Windows\system32\config\components.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00241664 _____ C:\Windows\system32\config\DEFAULT.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00061440 _____ C:\Windows\system32\config\SAM.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2013-11-27 00:48 - 2013-12-10 02:46 - 00000000 ____D C:\ProgramData\ProductData
2013-11-27 00:48 - 2013-12-02 14:38 - 00000000 ____D C:\ProgramData\IObit
2013-11-27 00:48 - 2013-12-02 14:23 - 00000000 ____D C:\Users\mullins4\AppData\Roaming\IObit
2013-11-27 00:48 - 2013-11-27 00:48 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-11-27 00:46 - 2013-12-02 14:21 - 00000000 ____D C:\Program Files (x86)\IObit
2013-11-27 00:44 - 2013-11-27 00:45 - 32182752 _____ (IObit ) C:\Users\mullins4\Downloads\asc7setup.exe
2013-11-27 03:58 - 2013-11-27 03:58 - 61210624 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2013-11-27 03:58 - 2013-11-27 03:58 - 00241664 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2013-11-27 03:58 - 2013-11-27 03:58 - 00061440 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2013-11-27 03:58 - 2013-11-27 03:58 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2013-11-27 00:56 - 2013-11-27 00:56 - 61210624 _____ C:\Windows\system32\config\SOFTWARE.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 43868160 _____ C:\Windows\system32\config\components.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00241664 _____ C:\Windows\system32\config\DEFAULT.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00061440 _____ C:\Windows\system32\config\SAM.iobit
2013-11-27 00:56 - 2013-11-27 00:56 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
C:\Users\Public\AlexaNSISPlugin.3752.dll
C:\Users\mullins4\AppData\Local\Temp\1371786419_Cloud_Backup_Setup.exe
C:\Users\mullins4\AppData\Local\Temp\1384266401_wedownload_manager_pro_1.exe
C:\Users\mullins4\AppData\Local\Temp\BackupSetup.exe
C:\Users\mullins4\AppData\Local\Temp\offer3.exe
C:\Users\mullins4\AppData\Local\Temp\oi_{64073A83-8302-4AA6-AB18-684D56AC87DE}.exe
C:\Users\mullins4\AppData\Local\Temp\oi_{8284E938-B5FE-4359-9AAA-E4E78E250D41}.exe
C:\Users\mullins4\AppData\Local\Temp\Quarantine.exe
C:\Users\mullins4\AppData\Local\Temp\safeguard.exe
C:\Users\mullins4\AppData\Local\Temp\sp_downloader.exe
End
*****************

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
"C:\Program Files (x86)\SearchProtect" => File/Directory not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
LiveUpdateSvc => Service deleted successfully.
C:\Users\mullins4\AppData\Roaming\AVG2014 => Moved successfully.
C:\Users\mullins4\AppData\Roaming\TuneUp Software => Moved successfully.
C:\ProgramData\AVG2014 => Moved successfully.
C:\$AVG => Moved successfully.
C:\Program Files (x86)\AVG => Moved successfully.
C:\Users\mullins4\AppData\Local\Avg2014 => Moved successfully.
C:\Windows\system32\RegistryDefragBootTime.exe => Moved successfully.
C:\Windows\system32\config\SOFTWARE.iobit => Moved successfully.
C:\Windows\system32\config\components.iobit => Moved successfully.
C:\Windows\system32\config\DEFAULT.iobit => Moved successfully.
C:\Windows\system32\config\SAM.iobit => Moved successfully.
C:\Windows\system32\config\SECURITY.iobit => Moved successfully.
C:\ProgramData\ProductData => Moved successfully.
C:\ProgramData\IObit => Moved successfully.
C:\Users\mullins4\AppData\Roaming\IObit => Moved successfully.
C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} => Moved successfully.
C:\Program Files (x86)\IObit => Moved successfully.
C:\Users\mullins4\Downloads\asc7setup.exe => Moved successfully.
C:\Windows\system32\config\SOFTWARE.iodefrag.bak => Moved successfully.
C:\Windows\system32\config\DEFAULT.iodefrag.bak => Moved successfully.
C:\Windows\system32\config\SAM.iodefrag.bak => Moved successfully.
C:\Windows\system32\config\SECURITY.iodefrag.bak => Moved successfully.
"C:\Windows\system32\config\SOFTWARE.iobit" => File/Directory not found.
"C:\Windows\system32\config\components.iobit" => File/Directory not found.
"C:\Windows\system32\config\DEFAULT.iobit" => File/Directory not found.
"C:\Windows\system32\config\SAM.iobit" => File/Directory not found.
"C:\Windows\system32\config\SECURITY.iobit" => File/Directory not found.
C:\Users\Public\AlexaNSISPlugin.3752.dll => Moved successfully.
C:\Users\mullins4\AppData\Local\Temp\1371786419_Cloud_Backup_Setup.exe => Moved successfully.
C:\Users\mullins4\AppData\Local\Temp\1384266401_wedownload_manager_pro_1.exe => Moved successfully.
C:\Users\mullins4\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\mullins4\AppData\Local\Temp\offer3.exe => Moved successfully.
C:\Users\mullins4\AppData\Local\Temp\oi_{64073A83-8302-4AA6-AB18-684D56AC87DE}.exe => Moved successfully.
C:\Users\mullins4\AppData\Local\Temp\oi_{8284E938-B5FE-4359-9AAA-E4E78E250D41}.exe => Moved successfully.
C:\Users\mullins4\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\mullins4\AppData\Local\Temp\safeguard.exe => Moved successfully.
C:\Users\mullins4\AppData\Local\Temp\sp_downloader.exe => Moved successfully.


The system needs a manual reboot.

==== End of Fixlog ====
  • 0

#28
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.13.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
mullins4 :: MULLINS4-HP [administrator]

12/13/2013 2:05:03 PM
mbam-log-2013-12-13 (14-05-03).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214381
Time elapsed: 10 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 6
HKCR\CLSID\{13070af0-bc6c-4185-8baa-40a4cf05b323} (PUP.Optional.BizzyBolt) -> Quarantined and deleted successfully.
HKCR\TypeLib\{8cc59d63-7206-4488-8980-742c1f52e86e} (PUP.Optional.BizzyBolt) -> Quarantined and deleted successfully.
HKCR\Interface\{4BEF58BF-540C-4353-AC56-466B1D97000B} (PUP.Optional.BizzyBolt) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{13070AF0-BC6C-4185-8BAA-40A4CF05B323} (PUP.Optional.BizzyBolt) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{13070AF0-BC6C-4185-8BAA-40A4CF05B323} (PUP.Optional.BizzyBolt) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\ScorpionSaver (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 9
C:\temp\InstallServices64.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\temp\scorpionsaver.exe (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
C:\temp\ScorpionSaver.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Users\mullins4\Local Settings\Temporary Internet Files\Content.IE5\3KVBT4OM\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\mullins4\Local Settings\Temporary Internet Files\Content.IE5\OJOC1MTT\Advanced SystemCare.exe (PUP.Optional.Firseria) -> Quarantined and deleted successfully.
C:\Users\mullins4\Local Settings\Temporary Internet Files\Content.IE5\Q05P6I5N\Allyrics_1060-2061_v122[1].exe (PUP.Optional.Bundler) -> Quarantined and deleted successfully.
C:\Users\mullins4\Local Settings\Temporary Internet Files\Content.IE5\WUC2ZCIC\advanced systemcare setup.exe (PUP.Optional.Soft32.A) -> Quarantined and deleted successfully.
C:\Windows\Installer\197d50.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Windows\Temp\AdpeakProxyr.log (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.

(end)
  • 0

#29
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

One thing I notice, is every time I restart the computer, a window pops up once it's restarted and says something failed to load or something. It's done that for a little while now. I'll post a screen shot of the message in an attachment. :)

Probably relates to this:-

MOD - [2013/11/22 19:56:03 | 000,599,552 | ---- | M] () -- C:\Users\mullins4\AppData\Local\TLworks\remotedownload.dll

And the registry entry left behind after the adware weDownload Manager Pro was removed possibly. Though feasible it was associated with a Google Chrome app, have you ever had the aforementioned browser installed at all ?

TFC(Temp File Cleaner):

  • Please download TFC to the desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Right-click on TFC.exe and select Run as Administrator to run the program.
  • Click the Start button in the bottom left of the GUI(graphical user interface).
  • If prompted, click "Yes" to reboot.
Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.

I advise you keep TFC on the desktop after I give the all clear and run it say at least once per week as it is a very effective piece of software for cleaning out temp' files etc.

Scan with SystemLook:

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1
Download Mirror #2

  • Right-click on SystemLook.exe and select Run as Administrator to start it.
  • Copy the content of the following quote-box(do not copy the word quote) into the main textfield:

:filefind
*remotedownload*
*weDownload Manager Pro*

:folderfind
*remotedownload*
*weDownload Manager Pro*

:Regfind
remotedownload
weDownload Manager Pro

  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your desktop entitled SystemLook.txt

Because of the Registry searches, the scan may take 15 minutes or a bit more to run. Please be patient.
  • 0

#30
cartoonistmusician

cartoonistmusician

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts
Hey! :)

Ok! Yes, Google Chrome was installed on this laptop at one time.

Ok, I scanned with TFC (cleaned 607.00 mb) and SystemLook. Here's the SystemLook log...



SystemLook 30.07.11 by jpshortstuff
Log created at 19:38 on 13/12/2013 by mullins4
Administrator - Elevation successful

========== filefind ==========

Searching for "*remotedownload*"
C:\Users\mullins4\AppData\Local\TLworks\remotedownload.lck --a---- 1806 bytes [00:56 23/11/2013] [00:56 23/11/2013] C00E88158E5C97DB7A5B56136083DE77

Searching for "*weDownload Manager Pro*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bg.exe.vir --a---- 767488 bytes [05:47 27/11/2013] [05:47 27/11/2013] 2C1A48A619DC53A12030023A1E1DF5FD
C:\AdwCleaner\Quarantine\C\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho.dll.vir --a---- 636928 bytes [05:46 27/11/2013] [05:46 27/11/2013] 9B1FC533D71AF3C6D22687A7EA2D477C
C:\AdwCleaner\Quarantine\C\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho64.dll.vir --a---- 962048 bytes [05:47 27/11/2013] [05:47 27/11/2013] 96EE3053C5F49FDC6A33BB5A6AB8E412
C:\AdwCleaner\Quarantine\C\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-buttonutil.dll.vir --a---- 423936 bytes [05:46 27/11/2013] [05:46 27/11/2013] 2AFB1C55E436EBC748EC49AEF601A0D4
C:\AdwCleaner\Quarantine\C\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-buttonutil.exe.vir --a---- 327168 bytes [05:46 27/11/2013] [05:46 27/11/2013] F2C09065B850D1A4C919459631A16C2D
C:\AdwCleaner\Quarantine\C\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-buttonutil64.dll.vir --a---- 484864 bytes [05:46 27/11/2013] [05:46 27/11/2013] 91C63EABD27EA1DE5EF215B07DD5A0EC
C:\AdwCleaner\Quarantine\C\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-buttonutil64.exe.vir --a---- 423936 bytes [05:46 27/11/2013] [05:46 27/11/2013] 08FC5817F51DD5370F717C1F2D54D723
C:\AdwCleaner\Quarantine\C\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-chromeinstaller.exe.vir --a---- 497664 bytes [05:46 27/11/2013] [05:46 27/11/2013] 5D9F14B1CBA6955A551A29082B67F4CA
C:\AdwCleaner\Quarantine\C\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-codedownloader.exe.vir --a---- 514048 bytes [05:46 27/11/2013] [05:46 27/11/2013] F1EB2A74332E265B882F2EFDBDEDB648
C:\AdwCleaner\Quarantine\C\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-enabler.exe.vir --a---- 334336 bytes [05:47 27/11/2013] [05:47 27/11/2013] 36D3AF7710DCEB136144BDDA8F598201
C:\AdwCleaner\Quarantine\C\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-helper.exe.vir --a---- 331264 bytes [05:46 27/11/2013] [05:46 27/11/2013] FD9D667DC3A43C72A9367A67C7A6FD8D
C:\AdwCleaner\Quarantine\C\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-updater.exe.vir --a---- 346112 bytes [05:47 27/11/2013] [05:47 27/11/2013] 6D104001F56ADBB17849AAC065C05445
C:\AdwCleaner\Quarantine\C\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro.ico.vir --a---- 9662 bytes [13:58 12/11/2013] [13:58 12/11/2013] E37803A08A03EB25F6434CAB8AA7C617
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\weDownload Manager Pro-chromeinstaller.vir --a---- 5078 bytes [05:46 27/11/2013] [05:46 27/11/2013] F550C34B07A79B2F5E2423B4A9FF6873
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\weDownload Manager Pro-codedownloader.vir --a---- 4348 bytes [05:46 27/11/2013] [05:46 27/11/2013] C315F5371C8DD0AF6FA99BD6786F341D
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\weDownload Manager Pro-enabler.vir --a---- 4248 bytes [05:47 27/11/2013] [05:47 27/11/2013] 6B79D0FD3F5D72051EE682F012FC307C
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\weDownload Manager Pro-updater.vir --a---- 4446 bytes [05:47 27/11/2013] [05:47 27/11/2013] 66CA87EEFB994145DA6B3AF9DC17872F
C:\AdwCleaner\Quarantine\C\Windows\Tasks\weDownload Manager Pro-chromeinstaller.job.vir --a---- 2048 bytes [05:46 27/11/2013] [04:55 02/12/2013] CF2ECA45AA633608D1F843BC6E727154
C:\AdwCleaner\Quarantine\C\Windows\Tasks\weDownload Manager Pro-codedownloader.job.vir --a---- 1318 bytes [05:46 27/11/2013] [04:55 02/12/2013] 6B416BCF9A97D39B97309180FA28A063
C:\AdwCleaner\Quarantine\C\Windows\Tasks\weDownload Manager Pro-enabler.job.vir --a---- 1218 bytes [05:47 27/11/2013] [04:55 02/12/2013] 65ADDEFDBDC2C4BAF55A615CE12EB9D0
C:\AdwCleaner\Quarantine\C\Windows\Tasks\weDownload Manager Pro-updater.job.vir --a---- 1416 bytes [05:47 27/11/2013] [04:55 02/12/2013] E8D745F3BBD0024FE51AC9E4F0D91937
C:\Windows\Prefetch\WEDOWNLOAD MANAGER PRO-BG.EXE-24D8881F.pf --a---- 104358 bytes [15:00 28/11/2013] [18:05 02/12/2013] 3B8E74B2709269CB099EF91E532BC1F9
C:\Windows\Prefetch\WEDOWNLOAD MANAGER PRO-BUTTON-1371051E.pf --a---- 30740 bytes [15:00 28/11/2013] [18:04 02/12/2013] DD6C3CC79D7C82629CE94045DE114B7F
C:\Windows\Prefetch\WEDOWNLOAD MANAGER PRO-CHROME-45969D36.pf --a---- 25418 bytes [19:17 29/11/2013] [17:46 02/12/2013] 58C72AEF1D351696C6B0F3FB5ACFCA82
C:\Windows\Prefetch\WEDOWNLOAD MANAGER PRO-CODEDO-E3E1E7A4.pf --a---- 46346 bytes [14:51 28/11/2013] [17:46 02/12/2013] BC694F94D806605DDBC83C4C472F7FB7
C:\Windows\Prefetch\WEDOWNLOAD MANAGER PRO-ENABLE-92543077.pf --a---- 21960 bytes [01:02 30/11/2013] [17:47 02/12/2013] 08AE9D707768E00633C349877729B8D3
C:\Windows\Prefetch\WEDOWNLOAD MANAGER PRO-UPDATE-950ECCEB.pf --a---- 45176 bytes [14:51 28/11/2013] [17:47 02/12/2013] 7DA3BE82DE4686053C03B9D797E9DB77

========== folderfind ==========

Searching for "*remotedownload*"
No folders found.

Searching for "*weDownload Manager Pro*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\weDownload Manager Pro d------ [05:04 02/12/2013]
C:\AdwCleaner\Quarantine\C\Users\mullins4\AppData\LocalLow\weDownload Manager Pro d------ [05:05 02/12/2013]

========== Regfind ==========

Searching for "remotedownload"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TLworks Update"="regsvr32.exe C:\Users\mullins4\AppData\Local\TLworks\remotedownload.dll"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"TLworks Update"="regsvr32.exe C:\Users\mullins4\AppData\Local\TLworks\remotedownload.dll"

Searching for "weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CDEFDFA-4F43-4177-8153-34B33040FBE}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CDEFDFA-4F43-4177-8153-34B33040FBE}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29ADC43E-A48D-447C-AD11-BD82809594}]
"AppName"="weDownload Manager Pro-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29ADC43E-A48D-447C-AD11-BD82809594}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{323A2311-37FB-4CE5-97A9-6427C0B59C83}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{323A2311-37FB-4CE5-97A9-6427C0B59C83}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5646C3B2-1CCA-45BD-8546-1C08DDC936D}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5646C3B2-1CCA-45BD-8546-1C08DDC936D}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{641A82A5-EA55-4666-9DB0-CBA572D48539}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{641A82A5-EA55-4666-9DB0-CBA572D48539}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78A8B63B-3D62-4CDB-AE39-1FD9B24605C}]
"AppName"="weDownload Manager Pro-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78A8B63B-3D62-4CDB-AE39-1FD9B24605C}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8FB9A30-6E44-444E-A165-FED88ED3443}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8FB9A30-6E44-444E-A165-FED88ED3443}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91CD6797-1F08-4FB1-8764-589F64827ECC}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91CD6797-1F08-4FB1-8764-589F64827ECC}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9781AAD4-273F-4F9F-97F8-EFD736CFBB90}]
"AppName"="weDownload Manager Pro-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9781AAD4-273F-4F9F-97F8-EFD736CFBB90}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1812915-9F5A-417A-A970-ED9AEB812F50}]
"AppName"="weDownload Manager Pro-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1812915-9F5A-417A-A970-ED9AEB812F50}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA06345B-9654-4AA7-A729-D219E9CABE0}]
"AppName"="weDownload Manager Pro-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA06345B-9654-4AA7-A729-D219E9CABE0}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B46096F9-BD17-4C2A-856D-6E9A8792DD16}]
"AppName"="weDownload Manager Pro-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B46096F9-BD17-4C2A-856D-6E9A8792DD16}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD53F9AE-717E-4404-B95F-87C2C54D79DC}]
"AppName"="weDownload Manager Pro-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD53F9AE-717E-4404-B95F-87C2C54D79DC}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF630A11-C34F-41E6-BB34-9B1C15B9673}]
"AppName"="weDownload Manager Pro-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF630A11-C34F-41E6-BB34-9B1C15B9673}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF7C483F-19B0-4641-9A5B-24E3C4AB95BE}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF7C483F-19B0-4641-9A5B-24E3C4AB95BE}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2D56133-7C62-4C0C-84C3-71BEBF87967E}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2D56133-7C62-4C0C-84C3-71BEBF87967E}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBF85040-DD31-487A-9279-672529729FA0}]
"AppName"="weDownload Manager Pro-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBF85040-DD31-487A-9279-672529729FA0}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5FDB88-A0B9-48A1-BC4-483BA8B06D48}]
"AppName"="weDownload Manager Pro-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5FDB88-A0B9-48A1-BC4-483BA8B06D48}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E04C9430-EAD-4392-AB87-216EE99859}]
"AppName"="weDownload Manager Pro-enabler.exe-helper.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E04C9430-EAD-4392-AB87-216EE99859}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1B7D654-7D93-483D-A9D-17E0FED168A2}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1B7D654-7D93-483D-A9D-17E0FED168A2}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E96347AA-24E6-4EB7-8072-2AFA718F146F}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E96347AA-24E6-4EB7-8072-2AFA718F146F}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E9EF6DE3-FB3B-49D1-B930-BE8441C9CFE8}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E9EF6DE3-FB3B-49D1-B930-BE8441C9CFE8}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F028D835-DBA9-4D09-B98E-8A8C9DB08683}]
"AppName"="weDownload Manager Pro-enabler.exe-codedownloader.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F028D835-DBA9-4D09-B98E-8A8C9DB08683}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F833D482-62B6-46E7-8CCE-DECB3C2DB42}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil64.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F833D482-62B6-46E7-8CCE-DECB3C2DB42}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\weDownload Manager Pro]
[HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\weDownload Manager Pro]
[HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\weDownload Manager Pro]
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CDEFDFA-4F43-4177-8153-34B33040FBE}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CDEFDFA-4F43-4177-8153-34B33040FBE}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29ADC43E-A48D-447C-AD11-BD82809594}]
"AppName"="weDownload Manager Pro-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29ADC43E-A48D-447C-AD11-BD82809594}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{323A2311-37FB-4CE5-97A9-6427C0B59C83}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{323A2311-37FB-4CE5-97A9-6427C0B59C83}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5646C3B2-1CCA-45BD-8546-1C08DDC936D}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5646C3B2-1CCA-45BD-8546-1C08DDC936D}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{641A82A5-EA55-4666-9DB0-CBA572D48539}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{641A82A5-EA55-4666-9DB0-CBA572D48539}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78A8B63B-3D62-4CDB-AE39-1FD9B24605C}]
"AppName"="weDownload Manager Pro-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78A8B63B-3D62-4CDB-AE39-1FD9B24605C}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8FB9A30-6E44-444E-A165-FED88ED3443}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8FB9A30-6E44-444E-A165-FED88ED3443}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91CD6797-1F08-4FB1-8764-589F64827ECC}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91CD6797-1F08-4FB1-8764-589F64827ECC}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9781AAD4-273F-4F9F-97F8-EFD736CFBB90}]
"AppName"="weDownload Manager Pro-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9781AAD4-273F-4F9F-97F8-EFD736CFBB90}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1812915-9F5A-417A-A970-ED9AEB812F50}]
"AppName"="weDownload Manager Pro-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1812915-9F5A-417A-A970-ED9AEB812F50}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA06345B-9654-4AA7-A729-D219E9CABE0}]
"AppName"="weDownload Manager Pro-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA06345B-9654-4AA7-A729-D219E9CABE0}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B46096F9-BD17-4C2A-856D-6E9A8792DD16}]
"AppName"="weDownload Manager Pro-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B46096F9-BD17-4C2A-856D-6E9A8792DD16}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD53F9AE-717E-4404-B95F-87C2C54D79DC}]
"AppName"="weDownload Manager Pro-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD53F9AE-717E-4404-B95F-87C2C54D79DC}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF630A11-C34F-41E6-BB34-9B1C15B9673}]
"AppName"="weDownload Manager Pro-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF630A11-C34F-41E6-BB34-9B1C15B9673}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF7C483F-19B0-4641-9A5B-24E3C4AB95BE}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF7C483F-19B0-4641-9A5B-24E3C4AB95BE}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2D56133-7C62-4C0C-84C3-71BEBF87967E}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2D56133-7C62-4C0C-84C3-71BEBF87967E}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBF85040-DD31-487A-9279-672529729FA0}]
"AppName"="weDownload Manager Pro-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBF85040-DD31-487A-9279-672529729FA0}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5FDB88-A0B9-48A1-BC4-483BA8B06D48}]
"AppName"="weDownload Manager Pro-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5FDB88-A0B9-48A1-BC4-483BA8B06D48}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E04C9430-EAD-4392-AB87-216EE99859}]
"AppName"="weDownload Manager Pro-enabler.exe-helper.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E04C9430-EAD-4392-AB87-216EE99859}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1B7D654-7D93-483D-A9D-17E0FED168A2}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1B7D654-7D93-483D-A9D-17E0FED168A2}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E96347AA-24E6-4EB7-8072-2AFA718F146F}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E96347AA-24E6-4EB7-8072-2AFA718F146F}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E9EF6DE3-FB3B-49D1-B930-BE8441C9CFE8}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E9EF6DE3-FB3B-49D1-B930-BE8441C9CFE8}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F028D835-DBA9-4D09-B98E-8A8C9DB08683}]
"AppName"="weDownload Manager Pro-enabler.exe-codedownloader.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F028D835-DBA9-4D09-B98E-8A8C9DB08683}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F833D482-62B6-46E7-8CCE-DECB3C2DB42}]
"AppName"="weDownload Manager Pro-enabler.exe-buttonutil64.exe"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F833D482-62B6-46E7-8CCE-DECB3C2DB42}]
"AppPath"="C:\Program Files (x86)\weDownload Manager Pro"
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\weDownload Manager Pro]
[HKEY_USERS\S-1-5-21-2703072250-3418364838-736424028-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\weDownload Manager Pro]
[HKEY_USERS\S-1-5-18\Software\AppDataLow\Software\weDownload Manager Pro]
[HKEY_USERS\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\weDownload Manager Pro]

-= EOF =-
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP