Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

GetSavin Malware Removal [Closed]

Started by tlw72 , Feb 25 2014 07:25 PM

This topic is locked

#1
tlw72

Posted 25 February 2014 - 07:25 PM

New Member

Member
6 posts

I recently purchased a new Dell desktop computer. I thought it had Anti-Virus software installed - it did not. A few days ago, GetSavin began popping up every time I went to my home page on IE11. I have since installed Norton Antivirus and done at least 3 deep scans, but GetSavin seems to be hiding and Norton isn't detecting it. Any help on eliminating this Malware would be appreciated.

#2
gringo_pr

Posted 25 February 2014 - 09:31 PM

Trusted Helper

Malware Removal
7,268 posts

Hello tlw72

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

Please do not run any tools unless instructed to do so.
- We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
Please do not attach logs or use code boxes, just copy and paste the text.
- Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
Please read every post completely before doing anything.
- Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
Please provide feedback about your experience as we go.
- A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

I would like you to run this program for me.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Gringo

#3
gringo_pr

Posted 28 February 2014 - 06:06 AM

Trusted Helper

Malware Removal
7,268 posts

Hello

48 Hour bump

It has been more than 48 hours since my last post.

do you still need help with this?
do you need more time?
are you having problems following my instructions?
if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo

#4
tlw72

Posted 28 February 2014 - 08:44 AM

New Member

Topic Starter
Member
6 posts

Hi Gringo,

Thanks for checking back. Yes, I still have the malware issue, but I have not had the time yet to work through the instructions you sent. I hope to be able to get to it this weekend. I'll keep you posted on what happens.

TLW72

#5
gringo_pr

Posted 28 February 2014 - 09:21 AM

Trusted Helper

Malware Removal
7,268 posts

No problem and I will look for you then

gringo

#6
tlw72

Posted 02 March 2014 - 11:07 AM

New Member

Topic Starter
Member
6 posts

Ok. Gringo, here are the two .txt documents you requested to begin the process of removing the GetSavin Malware. Theis is the FRST.txt and the addition.txt information generated from downloading and running the Farber Recovery Scan Tool.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-03-2014
Ran by Tom (administrator) on TOMSWORKPC on 01-03-2014 12:09:39
Running from C:\Users\Tom\AppData\Local\Microsoft\Windows\INetCache\IE\CCQ04GWE
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (All) =========================

(Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
(Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
(Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
(Microsoft Corporation) C:\WINDOWS\System32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\System32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\System32\spoolsv.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
() C:\Program Files (x86)\CE\CovenantEyesCommService.exe
(CovenantEyes) C:\Program Files\CE\CovenantEyesProxy.exe
() C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(DELL INC.) C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel® Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\WINDOWS\System32\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(DELL INC.) C:\Program Files (x86)\DELL\DELLOSD\DELLOSD.exe
(Symantec) C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\svchost.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
() C:\WINDOWS\SysWOW64\authServer.exe
(Conduit) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
(Microsoft Corporation) C:\WINDOWS\Explorer.EXE
(Conduit) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Conduit) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\wmiprvse.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\wmiprvse.exe
(Microsoft Corporation) C:\WINDOWS\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Microsoft Corporation) C:\WINDOWS\system32\DllHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(BrowserSafeguard) C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\CE\CovenantEyes.exe
() C:\Program Files (x86)\CE\CovenantEyesHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnetwk.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
(Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
(Farbar) C:\Users\Tom\AppData\Local\Microsoft\Windows\INetCache\IE\CCQ04GWE\FRST64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548624 2012-07-01] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe [763520 2012-07-31] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [127616 2012-07-31] (Qualcomm Atheros Commnucations)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-20] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [BrowserSafeguard] - C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [417792 2014-02-04] (BrowserSafeguard)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Covenant Eyes] - C:\Program Files (x86)\CE\CovenantEyes.exe [7100920 2014-02-12] ()
HKLM-x32\...\Run: [SSDMonitor] - C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [106112 2014-03-01] (Symantec Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1351968 2014-02-12] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1047328 2014-02-12] (Conduit)
Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (All) ===========================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49218;https=127.0.0.1:49218
HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x84CA006F0B29CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft..../?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft..../?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
URLSearchHook: HKCU - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKCU - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9011336B-A50C-476E-8267-68CD66E73E37} URL = http://www.bing.com/...E10TR&pc=MDDCJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...ms}&FORM=IE8SRC
SearchScopes: HKLM - {9011336B-A50C-476E-8267-68CD66E73E37} URL = http://www.bing.com/...E10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - DefaultScope {9011336B-A50C-476E-8267-68CD66E73E37} URL = http://www.bing.com/...E10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...ms}&FORM=IE8SRC
SearchScopes: HKLM-x32 - {9011336B-A50C-476E-8267-68CD66E73E37} URL = http://www.bing.com/...E10TR&pc=MDDCJS
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...Box&FORM=IE11SR
SearchScopes: HKCU - {6B399279-41DA-43EE-B9E0-EFCAAF12D8B5} URL = http://search.yahoo....07,20028,0,31,0
SearchScopes: HKCU - {9011336B-A50C-476E-8267-68CD66E73E37} URL =
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.se...t=kwd&qsrc=2869
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Covenant Eyes for Internet Explorer - {927BD2E1-2287-49D2-AE71-95F492CE662E} - C:\Program Files (x86)\CE\extensions\ie\x64\ceie-0.7.2.dll (Covenant Eyes)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-x32: IEOptimizer - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\SavingsBull\IEOptimizer.dll ()
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Covenant Eyes for Internet Explorer - {927BD2E1-2287-49D2-AE71-95F492CE662E} - C:\Program Files (x86)\CE\extensions\ie\x86\ceie-0.7.2.dll (Covenant Eyes)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - No File
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
Winsock: Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Winsock: Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Winsock: Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Winsock: Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Winsock: Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Winsock: Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Winsock: Catalog5-x64 01 %SystemRoot%\system32\napinsp.dll [67584] (Microsoft Corporation)
Winsock: Catalog5-x64 02 %SystemRoot%\system32\pnrpnsp.dll [87040] (Microsoft Corporation)
Winsock: Catalog5-x64 03 %SystemRoot%\system32\pnrpnsp.dll [87040] (Microsoft Corporation)
Winsock: Catalog5-x64 04 %SystemRoot%\system32\NLAapi.dll [84480] (Microsoft Corporation)
Winsock: Catalog5-x64 05 %SystemRoot%\System32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog5-x64 06 %SystemRoot%\System32\winrnr.dll [30208] (Microsoft Corporation)
Winsock: Catalog5-x64 07 %SystemRoot%\system32\wshbth.dll [63488] (Microsoft Corporation)
Winsock: Catalog9-x64 01 %SystemRoot%\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 02 %SystemRoot%\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 03 %SystemRoot%\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 04 %SystemRoot%\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 05 %SystemRoot%\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 06 %SystemRoot%\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 07 %SystemRoot%\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 08 %SystemRoot%\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 09 %SystemRoot%\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 10 %SystemRoot%\system32\mswsock.dll [338432] (Microsoft Corporation)
Winsock: Catalog9-x64 11 %SystemRoot%\system32\mswsock.dll [338432] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

==================== Services (All) ========================

R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [207360 2013-08-22] (Microsoft Corporation)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [98208 2009-11-17] (Andrea Electronics Corporation)
S3 ALG; C:\Windows\System32\alg.exe [92672 2013-08-22] (Microsoft Corporation)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [37888 2013-08-22] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [109568 2013-08-22] (Microsoft Corporation)
S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [533504 2013-11-14] (Microsoft Corporation)
S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1302528 2014-02-09] (Microsoft Corporation)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [207488 2012-07-31] (Qualcomm Atheros Commnucations)
R2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [198656 2013-08-22] (Microsoft Corporation)
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [834048 2013-11-15] (Microsoft Corporation)
R2 Auth Service; C:\WINDOWS\SysWOW64\authServer.exe [4451320 2014-02-12] ()
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [109568 2013-11-14] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [336896 2013-08-22] (Microsoft Corporation)
R2 BFE; C:\Windows\System32\bfe.dll [828416 2013-11-14] (Microsoft Corporation)
R2 BITS; C:\Windows\System32\qmgr.dll [1017856 2013-08-22] (Microsoft Corporation)
R2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [263168 2013-11-27] (Microsoft Corporation)
R3 Browser; C:\Windows\System32\browser.dll [134144 2013-08-22] (Microsoft Corporation)
R3 bthserv; C:\Windows\system32\bthserv.dll [92160 2013-08-22] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [155136 2013-08-22] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2362656 2014-02-12] (Conduit)
S3 COMSysApp; C:\Windows\system32\dllhost.exe [19296 2013-08-22] (Microsoft Corporation)
S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [17760 2013-08-22] (Microsoft Corporation)
R2 CovenantEyesCommService; C:\Program Files (x86)\CE\CovenantEyesCommService.exe [4584440 2014-02-12] ()
R2 CovenantEyesProxy; C:\Program Files\CE\CovenantEyesProxy.exe [5346296 2014-02-12] (CovenantEyes)
S3 cphs; C:\Windows\SysWow64\IntelCpHeciSvc.exe [279000 2014-01-29] (Intel Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [129536 2013-08-22] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [761344 2013-08-22] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [449536 2013-08-22] (Microsoft Corporation)
R2 Dell WMI Service; C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe [73728 2012-08-01] ()
R2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [198664 2014-01-13] (Dell Products, LP.)
R2 DeviceAssociationService; C:\Windows\system32\das.dll [398848 2013-08-22] (Microsoft Corporation)
S3 DeviceInstall; C:\Windows\system32\umpnpmgr.dll [124928 2013-08-22] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [353792 2013-11-14] (Microsoft Corporation)
S3 DiskDoctorService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1147424 2012-09-29] (Symantec Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [255488 2013-11-14] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [258560 2013-08-22] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [170496 2013-08-22] (Microsoft Corporation)
S3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [201728 2013-08-22] (Microsoft Corporation)
S3 Eaphost; C:\Windows\System32\eapsvc.dll [107008 2013-08-22] (Microsoft Corporation)
S3 EFS; C:\Windows\system32\efssvc.dll [40448 2013-08-22] (Microsoft Corporation)
R2 EventLog; C:\Windows\System32\wevtsvc.dll [1669632 2013-08-22] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [468992 2013-08-22] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [655360 2013-08-22] (Microsoft Corporation)
R3 fdPHost; C:\Windows\system32\fdPHost.dll [21504 2013-08-22] (Microsoft Corporation)
R3 FDResPub; C:\Windows\system32\fdrespub.dll [33280 2013-08-22] (Microsoft Corporation)
S3 fhsvc; C:\Windows\system32\fhsvc.dll [118272 2013-08-22] (Microsoft Corporation)
R2 FontCache; C:\Windows\system32\FntCache.dll [1348608 2013-08-22] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [43696 2013-08-02] (Microsoft Corporation)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [1311744 2013-08-22] (Microsoft Corporation)
S3 gusvc; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [136120 2014-01-06] (Google)
R3 hidserv; C:\Windows\system32\hidserv.dll [32256 2013-08-22] (Microsoft Corporation)
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [97792 2013-08-22] (Microsoft Corporation)
R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [261632 2013-08-22] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [405504 2013-08-22] (Microsoft Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [254824 2011-09-20] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [138600 2011-04-29] (Hewlett-Packard Co.)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2014-02-06] (Microsoft Corporation)
R2 IKEEXT; C:\Windows\System32\ikeext.dll [1104384 2013-11-14] (Microsoft Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [634632 2012-06-19] (Intel® Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [903168 2013-11-14] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-07-20] (Intel Corporation)
R3 KeyIso; C:\Windows\system32\keyiso.dll [59392 2013-08-22] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [357888 2013-08-22] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [324608 2013-08-22] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [284160 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [491520 2013-11-14] (Microsoft Corporation)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [269824 2013-08-22] (Microsoft Corporation)
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [24576 2013-08-22] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [277824 2012-07-20] (Intel Corporation)
R2 LSM; C:\Windows\System32\lsm.dll [716288 2013-08-22] (Microsoft Corporation)
R2 MMCSS; C:\Windows\system32\mmcss.dll [70656 2013-08-22] (Microsoft Corporation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [878080 2013-08-22] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [142848 2013-08-22] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [150528 2013-08-22] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [62464 2013-08-22] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [55808 2013-08-21] (Microsoft Corporation)
S3 napagent; C:\Windows\system32\qagentRT.dll [435200 2013-08-22] (Microsoft Corporation)
S3 NcaSvc; C:\Windows\System32\ncasvc.dll [164352 2013-08-22] (Microsoft Corporation)
R3 NcbService; C:\Windows\System32\ncbservice.dll [151040 2013-08-22] (Microsoft Corporation)
R3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [73728 2013-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard)
S3 Netlogon; C:\Windows\system32\netlogon.dll [832512 2013-08-22] (Microsoft Corporation)
S3 Netman; C:\Windows\System32\netman.dll [254976 2013-08-22] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofmsvc.dll [525312 2013-08-22] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-08-09] (Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [387584 2013-08-22] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [29184 2013-08-22] (Microsoft Corporation)
R2 NU16StartManagerSvc; C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [792608 2012-09-29] (Symantec)
S3 odserv; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [419328 2013-08-22] (Microsoft Corporation)
R3 p2psvc; C:\Windows\system32\p2psvc.dll [433664 2013-08-22] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [471552 2013-11-14] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2013-08-21] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1443840 2013-08-22] (Microsoft Corporation)
R3 PlugPlay; C:\Windows\system32\umpnpmgr.dll [124928 2013-08-22] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard)
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25600 2013-08-22] (Microsoft Corporation)
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [419328 2013-08-22] (Microsoft Corporation)
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [403456 2013-08-22] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [79360 2013-08-22] (Microsoft Corporation)
S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [2899968 2013-08-22] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [221184 2013-11-14] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [297472 2013-08-22] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [101376 2013-08-22] (Microsoft Corporation)
S3 RasMan; C:\Windows\System32\rasmans.dll [534016 2013-08-22] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [223744 2013-08-22] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [177664 2013-08-21] (Microsoft Corporation)
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [164864 2013-08-22] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [79872 2013-08-22] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2013-08-22] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [761344 2013-08-22] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [45008 2013-08-22] (Microsoft Corporation)
S4 SCardSvr; C:\Windows\System32\SCardSvr.dll [188416 2013-08-22] (Microsoft Corporation)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [130560 2013-08-22] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [1212416 2013-08-22] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [155136 2013-08-22] (Microsoft Corporation)
S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2013-08-22] (Microsoft Corporation)
R2 SENS; C:\Windows\System32\sens.dll [71680 2013-08-22] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [220672 2013-11-14] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [326656 2013-11-14] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [280576 2013-11-14] (Microsoft Corporation)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1914728 2012-09-12] (SoftThinks SAS)
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [433664 2013-11-14] (Microsoft Corporation)
R3 ShellHWDetection; C:\Windows\System32\shsvcs.dll [629760 2013-08-22] (Microsoft Corporation)
R3 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [564736 2013-08-21] (Microsoft Corporation)
S3 smphost; C:\Windows\System32\smphost.dll [13312 2013-08-22] (Microsoft Corporation)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14848 2013-08-22] (Microsoft Corporation)
S3 SpeedDiskService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1160224 2012-09-29] (Symantec Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [798208 2013-08-22] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [6353952 2013-11-14] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [239616 2013-08-22] (Microsoft Corporation)
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [144384 2013-08-22] (Microsoft Corporation)
R2 stisvc; C:\Windows\System32\wiaservc.dll [634368 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\system32\storsvc.dll [19968 2013-08-22] (Microsoft Corporation)
S3 svsvc; C:\Windows\system32\svsvc.dll [13312 2013-08-22] (Microsoft Corporation)
S3 swprv; C:\Windows\System32\swprv.dll [716288 2013-08-22] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [1245696 2013-11-14] (Microsoft Corporation)
R2 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [282112 2013-11-22] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [147456 2013-08-22] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [306688 2013-08-22] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [248320 2013-08-21] (Microsoft Corporation)
R3 TermService; C:\Windows\System32\termsrv.dll [1032704 2013-08-22] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [50688 2013-08-22] (Microsoft Corporation)
S3 THREADORDER; C:\Windows\system32\mmcss.dll [70656 2013-08-22] (Microsoft Corporation)
R3 TimeBroker; C:\Windows\System32\TimeBrokerServer.dll [245760 2013-08-22] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [122368 2013-08-22] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [98816 2013-08-22] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2013-08-22] (Microsoft Corporation)
S3 UmRdpService; C:\Windows\System32\umrdp.dll [289280 2013-11-14] (Microsoft Corporation)
R2 UNS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [365376 2012-07-20] (Intel Corporation)
R3 upnphost; C:\Windows\System32\upnphost.dll [436224 2013-08-22] (Microsoft Corporation)
S3 VaultSvc; C:\Windows\System32\vaultsvc.dll [248832 2013-08-22] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [1283584 2013-08-22] (Microsoft Corporation)
S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 vmicheartbeat; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 vmickvpexchange; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 vmicshutdown; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 vmictimesync; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 VSS; C:\Windows\system32\vssvc.exe [1436160 2013-08-22] (Microsoft Corporation)
S3 W32Time; C:\Windows\system32\w32time.dll [404480 2013-08-22] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1542144 2013-08-22] (Microsoft Corporation)
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [453632 2013-11-14] (Microsoft Corporation)
R2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [365568 2013-11-14] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [459776 2013-11-14] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [41984 2013-08-22] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [91136 2013-08-22] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [91136 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [226816 2013-08-22] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [215040 2013-08-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [24576 2013-08-22] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [81408 2013-08-22] (Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [100864 2013-08-22] (Microsoft Corporation)
S3 WiaRpc; C:\Windows\System32\wiarpc.dll [66048 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [786432 2013-08-22] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [220672 2013-08-22] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2479616 2013-08-22] (Microsoft Corporation)
R2 WlanSvc; C:\Windows\System32\wlansvc.dll [1503232 2013-11-27] (Microsoft Corporation)
S3 wlidsvc; C:\Windows\system32\wlidsvc.dll [1555456 2013-11-14] (Microsoft Corporation)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [195072 2013-08-22] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1402368 2013-08-22] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1584128 2013-11-14] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2013-08-22] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [84480 2013-08-22] (Microsoft Corporation)
R2 wscsvc; C:\Windows\System32\wscsvc.dll [133632 2013-08-22] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [844800 2013-08-22] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [657920 2013-08-21] (Microsoft Corporation)
S3 WSService; C:\Windows\System32\WSService.dll [3395920 2014-02-09] (Microsoft Corporation)
S3 wuauserv; C:\Windows\system32\wuaueng.dll [3532288 2013-11-14] (Microsoft Corporation)
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [100352 2013-08-22] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [510464 2013-08-22] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-07-22] (Atheros)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2014-02-14] (Symantec Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-07-31] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R2 cewfp; C:\WINDOWS\system32\Drivers\cewfp64.sys [39928 2014-02-12] (CovenantEyes)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows ® Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-02-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-02-21] (Symantec Corporation)
R3 FintekCIR; C:\Windows\system32\DRIVERS\FintekCIR.sys [33128 2012-06-07] (Fintek)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20140224.001\IDSvia64.sys [521944 2014-02-21] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-02-09] (Microsoft Corporation)
S3 lehidmini; C:\Windows\System32\drivers\leath_hid.sys [39704 2012-07-31] (Atheros)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-06-22] (McAfee, Inc.)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140225.002\ENG64.SYS [126040 2014-02-21] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20140225.002\EX64.SYS [2099288 2014-02-21] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 qca_shb; C:\Windows\System32\drivers\qca_shb.sys [99328 2012-07-31] (Qualcomm Atheros Communications Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-02-09] (Microsoft Corporation)
R1 SRTSP; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-07-30] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1501000.012\SymELAM.sys [23568 2013-07-31] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-07-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S1 cewd64f; \??\C:\WINDOWS\system32\Drivers\cewd64f.sys [X]
S1 qknfd; system32\drivers\qknfd.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-01 12:08 - 2014-03-01 12:09 - 00000000 ____D () C:\FRST
2014-03-01 12:01 - 2014-03-01 12:01 - 00000000 ___RD () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-03-01 10:55 - 2014-03-01 10:55 - 00000000 ____D () C:\Users\Tom\Documents\New folder
2014-03-01 10:12 - 2014-03-01 10:22 - 00000348 _____ () C:\WINDOWS\Tasks\SpeedDiskSchedule.job
2014-03-01 10:12 - 2014-03-01 10:12 - 00002866 _____ () C:\WINDOWS\System32\Tasks\SpeedDiskSchedule
2014-03-01 09:37 - 2014-03-01 09:37 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Norton Utilities 16
2014-03-01 09:23 - 2014-03-01 12:01 - 00000306 _____ () C:\WINDOWS\Tasks\NUAutoUpdate.job
2014-03-01 09:23 - 2014-03-01 09:30 - 00000298 _____ () C:\WINDOWS\Tasks\NUSchedule.job
2014-03-01 09:23 - 2014-03-01 09:23 - 00002850 _____ () C:\WINDOWS\System32\Tasks\NUSchedule
2014-03-01 09:23 - 2014-03-01 09:23 - 00002522 _____ () C:\WINDOWS\System32\Tasks\NUAutoUpdate
2014-03-01 09:23 - 2014-03-01 09:23 - 00000000 ____D () C:\Users\Tom\Documents\Norton Utilities 16
2014-03-01 09:21 - 2014-03-01 09:21 - 00001241 _____ () C:\Users\Public\Desktop\Norton Utilities 16.lnk
2014-03-01 09:21 - 2014-03-01 09:21 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Product_NU16
2014-03-01 09:21 - 2014-03-01 09:21 - 00000000 ____D () C:\ProgramData\Symantec
2014-03-01 09:21 - 2014-03-01 09:21 - 00000000 ____D () C:\Program Files (x86)\Symantec
2014-03-01 09:21 - 2012-09-29 22:50 - 00512544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml.dll
2014-03-01 09:21 - 2012-09-29 22:49 - 00040992 _____ () C:\WINDOWS\system32\CleanMFT64.exe
2014-03-01 09:21 - 2011-07-26 16:15 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4a.dll
2014-03-01 09:21 - 2008-09-17 21:17 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2014-03-01 09:21 - 2008-04-02 15:54 - 01101824 _____ (Woodbury Associates Limited) C:\WINDOWS\SysWOW64\UniBox210.ocx
2014-03-01 09:21 - 2008-04-02 15:53 - 00880640 _____ (Woodbury Associates Limited) C:\WINDOWS\SysWOW64\UniBox10.ocx
2014-03-01 09:21 - 2008-04-02 15:53 - 00212992 _____ (Woodbury Associates Limited) C:\WINDOWS\SysWOW64\UniBoxVB12.ocx
2014-02-28 10:28 - 2014-02-28 10:31 - 00000000 ____D () C:\Users\Tom\Documents\Tom's Personal
2014-02-27 14:03 - 2014-03-01 09:22 - 00015536 _____ () C:\WINDOWS\system32\CovenantEyesProxy.ini
2014-02-27 14:03 - 2014-03-01 09:22 - 00004720 _____ () C:\WINDOWS\SysWOW64\CovenantEyesProxyOff.ini
2014-02-27 14:03 - 2014-03-01 09:22 - 00004720 _____ () C:\WINDOWS\system32\CovenantEyesProxyOff.ini
2014-02-27 14:03 - 2014-02-27 14:04 - 00000000 ____D () C:\Program Files (x86)\CE
2014-02-27 14:03 - 2014-02-27 14:03 - 00000932 _____ () C:\ceInstall.log
2014-02-27 14:03 - 2014-02-27 14:03 - 00000000 ____D () C:\ProgramData\CovenantEyes
2014-02-27 14:03 - 2014-02-27 14:03 - 00000000 ____D () C:\Program Files\CE
2014-02-27 14:03 - 2014-02-12 10:37 - 04451320 _____ () C:\WINDOWS\SysWOW64\authServer.exe
2014-02-27 14:03 - 2014-02-12 10:36 - 00039928 _____ (CovenantEyes) C:\WINDOWS\system32\Drivers\cewfp64.sys
2014-02-27 13:57 - 2014-02-27 14:02 - 48563136 _____ (Covenant Eyes, Inc.) C:\Users\Tom\CovenantEyes504_Build_319-beta.exe
2014-02-27 13:57 - 2014-02-27 13:57 - 00000000 ____D () C:\Program Files\Covenanteyes
2014-02-26 19:08 - 2014-02-26 19:08 - 00284312 _____ () C:\WINDOWS\Minidump\022614-28765-01.dmp
2014-02-26 19:04 - 2014-02-26 19:04 - 00284312 _____ () C:\WINDOWS\Minidump\022614-35484-01.dmp
2014-02-26 19:00 - 2014-02-26 19:08 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-26 19:00 - 2014-02-26 19:07 - 561941727 _____ () C:\WINDOWS\MEMORY.DMP
2014-02-26 19:00 - 2014-02-26 19:00 - 00284312 _____ () C:\WINDOWS\Minidump\022614-43531-01.dmp
2014-02-25 20:35 - 2014-02-25 20:35 - 00000000 ____D () C:\MININT
2014-02-25 20:32 - 2014-02-25 20:32 - 00000000 ____D () C:\Users\Tom\AppData\Local\SearchProtect
2014-02-25 20:32 - 2014-02-25 20:32 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-02-25 17:14 - 2014-02-25 17:22 - 00000000 ____D () C:\Users\Tom\Documents\My Scans
2014-02-25 17:09 - 2014-02-25 17:09 - 00000000 ____D () C:\ProgramData\WEBREG
2014-02-25 17:06 - 2014-02-25 17:11 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\HP
2014-02-25 17:06 - 2014-02-25 17:06 - 00000000 ____D () C:\Users\Tom\AppData\Local\HP
2014-02-25 17:05 - 2014-02-25 17:05 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-25 17:04 - 2014-02-25 17:05 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-02-25 17:04 - 2014-02-25 17:04 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\HpUpdate
2014-02-25 17:03 - 2014-02-25 17:03 - 00001337 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-02-25 17:03 - 2014-02-25 17:03 - 00000000 ____D () C:\WINDOWS\SysWOW64\spool
2014-02-25 17:03 - 2014-02-25 17:03 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-02-25 17:01 - 2014-02-25 17:04 - 00000000 ____D () C:\Program Files (x86)\HP
2014-02-25 17:01 - 2006-12-30 17:15 - 00134144 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpzll4v2.dll
2014-02-25 16:57 - 2014-02-25 17:09 - 00183186 _____ () C:\WINDOWS\hpwins16.dat
2014-02-25 16:57 - 2014-02-25 17:09 - 00000820 _____ () C:\ProgramData\hpzinstall.log
2014-02-25 16:57 - 2012-10-19 07:37 - 00000598 ____N () C:\WINDOWS\hpwmdl16.dat
2014-02-25 16:53 - 2014-02-25 17:06 - 00000000 ____D () C:\ProgramData\HP
2014-02-25 16:53 - 2012-09-25 02:52 - 03867040 _____ () C:\WINDOWS\system32\PortChanger.exe
2014-02-25 16:53 - 2012-09-25 02:52 - 00151968 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\Dot4.sys
2014-02-25 16:53 - 2012-09-25 02:52 - 00049056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dot4usb.sys
2014-02-25 16:53 - 2012-09-25 02:52 - 00027040 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\Dot4Prt.sys
2014-02-25 16:53 - 2010-02-10 01:59 - 00859136 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpowiax4.dll
2014-02-25 16:53 - 2010-02-10 01:59 - 00729088 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpotscl4.dll
2014-02-25 16:53 - 2010-02-10 01:59 - 00540672 _____ (Hewlett-Packard) C:\WINDOWS\system32\hppldcoi.dll
2014-02-25 16:53 - 2010-02-10 01:59 - 00488960 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpovst11.dll
2014-02-25 16:53 - 2010-02-10 01:59 - 00338944 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzids40.dll
2014-02-25 13:03 - 2014-02-25 13:44 - 290781424 _____ () C:\Users\Tom\Downloads\OJ_AIO_J3600_Full_Win_WW_140_408.exe
2014-02-23 21:54 - 2014-02-23 21:55 - 00000000 ____D () C:\Users\Tom\AppData\Local\NPE
2014-02-21 21:47 - 2014-02-21 21:47 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-02-21 21:47 - 2014-02-21 21:47 - 00000000 ____D () C:\Users\Tom\Documents\Symantec
2014-02-21 21:46 - 2014-02-21 21:46 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-02-21 21:46 - 2014-02-21 21:46 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-02-21 21:46 - 2014-02-21 21:46 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-02-21 21:46 - 2014-02-21 21:46 - 00002599 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-02-21 21:46 - 2014-02-21 21:46 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-02-21 21:45 - 2014-02-21 21:46 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-02-21 21:45 - 2014-02-21 21:45 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-02-21 19:00 - 2014-02-23 21:54 - 00000000 ____D () C:\ProgramData\Norton
2014-02-21 10:20 - 2014-02-21 15:34 - 00000000 ____D () C:\Program Files (x86)\SavingsBull
2014-02-20 20:36 - 2014-02-27 16:20 - 00000000 ____D () C:\Users\Tom\Documents\Mountain View Dental
2014-02-20 14:20 - 2014-02-28 14:03 - 00000000 ____D () C:\Users\Tom\Documents\On Line Payments
2014-02-20 14:18 - 2014-02-20 14:18 - 00086600 _____ () C:\Users\Tom\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-20 13:14 - 2014-02-27 14:03 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-02-20 13:04 - 2014-02-20 13:04 - 00000000 ____D () C:\Users\Tom\AppData\Local\Downloaded Installations
2014-02-20 13:03 - 2014-02-20 12:59 - 01554440 _____ (Flexera Software LLC) C:\Program Files (x86)\CovenantEyesInstall.exe
2014-02-20 12:15 - 2014-02-20 12:15 - 00042036 _____ () C:\Users\Tom\Downloads\SVECPowerOutageMagnetArt.jpeg
2014-02-20 12:15 - 2014-02-20 12:15 - 00013312 ___SH () C:\Users\Tom\Downloads\Thumbs.db
2014-02-19 13:22 - 2014-02-19 13:22 - 01038840 _____ () C:\Users\Tom\Downloads\Grace_Sign.zip
2014-02-19 13:08 - 2014-02-24 15:18 - 00000157 _____ () C:\WINDOWS\SysWOW64\SystemPreferences.xml
2014-02-19 11:21 - 2014-02-19 15:07 - 00000541 _____ () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Verizon My Verizon Verizon Message Center.website
2014-02-17 14:00 - 2014-02-17 14:00 - 00431696 _____ () C:\Users\Tom\Downloads\DellSystemDetect.exe
2014-02-15 18:00 - 2014-02-28 09:56 - 00000000 ____D () C:\Users\Tom\Documents\Mudy Feet-Garrison Press Jobs
2014-02-15 17:59 - 2014-02-15 17:59 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-02-14 22:43 - 2013-12-08 19:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-14 22:43 - 2013-12-08 19:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-14 22:43 - 2013-11-27 10:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-14 22:43 - 2013-11-27 10:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-14 22:43 - 2013-11-27 09:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-14 22:43 - 2013-11-27 08:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-14 22:43 - 2013-11-27 07:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-14 22:43 - 2013-11-27 05:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-14 22:43 - 2013-11-27 05:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-14 22:43 - 2013-11-27 05:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-14 22:43 - 2013-11-27 04:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-14 22:43 - 2013-11-27 04:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-14 22:43 - 2013-11-27 04:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-14 22:43 - 2013-11-27 04:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-14 22:43 - 2013-11-27 03:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-14 22:43 - 2013-11-27 03:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-14 22:43 - 2013-11-26 23:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-14 22:43 - 2013-11-26 08:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-14 22:43 - 2013-11-26 08:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-14 22:43 - 2013-11-26 08:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-14 22:43 - 2013-11-26 08:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-14 22:43 - 2013-11-26 06:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-14 22:43 - 2013-11-26 06:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-14 22:43 - 2013-11-26 06:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-14 22:43 - 2013-11-26 05:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-14 22:43 - 2013-11-26 04:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-14 22:43 - 2013-11-26 03:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-14 22:43 - 2013-11-24 20:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-14 22:43 - 2013-11-24 20:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-14 22:43 - 2013-11-24 18:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-14 22:43 - 2013-11-24 18:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-14 22:43 - 2013-11-23 07:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-14 22:43 - 2013-11-23 06:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-14 22:43 - 2013-11-23 03:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-14 22:43 - 2013-11-23 02:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-14 22:43 - 2013-11-23 02:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-14 22:43 - 2013-11-23 02:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-14 22:43 - 2013-11-22 23:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-14 22:43 - 2013-11-22 22:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-14 22:43 - 2013-11-22 22:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-14 22:43 - 2013-11-22 22:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-14 22:43 - 2013-11-22 22:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-14 22:43 - 2013-11-22 22:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-14 22:43 - 2013-11-22 22:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-14 22:43 - 2013-11-21 01:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-14 22:43 - 2013-11-21 01:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-14 22:43 - 2013-11-16 00:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-14 22:43 - 2013-11-15 13:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-14 22:43 - 2013-11-15 09:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-14 22:43 - 2013-11-15 09:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-14 22:43 - 2013-11-15 09:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-14 22:43 - 2013-11-15 08:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-14 22:43 - 2013-11-05 15:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-14 22:43 - 2013-10-30 19:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-14 22:43 - 2013-10-30 18:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-14 12:22 - 2014-02-14 12:22 - 00000000 ____D () C:\Users\Tom\AppData\Local\Citrix
2014-02-14 11:12 - 2014-02-28 20:16 - 00166912 ___SH () C:\Users\Tom\Desktop\Thumbs.db
2014-02-13 19:18 - 2014-02-13 19:18 - 00001128 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-02-13 19:18 - 2014-02-13 19:18 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-02-13 18:36 - 2014-02-13 19:49 - 00000000 ____D () C:\Users\Tom\AppData\Local\Google
2014-02-13 18:36 - 2014-02-13 18:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-13 18:33 - 2014-02-13 18:35 - 17660184 _____ (Google Inc.) C:\Users\Tom\Downloads\picasa39-setup.exe
2014-02-13 18:30 - 2014-02-13 18:30 - 00552744 _____ (Premium Installer ) C:\Users\Tom\Downloads\Picasa_Setup.exe
2014-02-13 18:19 - 2014-02-28 20:17 - 00000000 ____D () C:\Users\Tom\AppData\Local\Paint.NET
2014-02-13 18:19 - 2014-02-13 18:19 - 00001190 _____ () C:\Users\Public\Desktop\Paint.NET.lnk
2014-02-13 18:00 - 2014-02-13 18:19 - 00000000 ____D () C:\Program Files\Paint.net
2014-02-13 17:55 - 2014-02-13 17:56 - 03739157 _____ () C:\Users\Tom\Downloads\Paint.NET.3.5.11.Install.zip
2014-02-13 17:51 - 2014-02-13 17:51 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-02-13 16:28 - 2014-03-01 09:28 - 00000092 _____ () C:\Users\Tom\AppData\Roaming\WB.CFG
2014-02-13 16:27 - 2014-03-01 11:28 - 00000306 _____ () C:\WINDOWS\Tasks\Digital Sites.job
2014-02-13 16:27 - 2014-02-14 10:28 - 00002644 _____ () C:\WINDOWS\System32\Tasks\Digital Sites
2014-02-13 16:27 - 2014-02-13 16:27 - 00001132 _____ () C:\Users\Public\Desktop\Open It!.lnk
2014-02-13 16:27 - 2014-02-13 16:27 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\DigitalSites
2014-02-13 16:27 - 2014-02-13 16:27 - 00000000 ____D () C:\Program Files (x86)\OpenIt
2014-02-13 16:15 - 2014-02-13 16:15 - 00003860 _____ () C:\WINDOWS\System32\Tasks\BrowserSafeguard Update Task
2014-02-13 16:15 - 2014-02-13 16:15 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-02-13 16:15 - 2014-02-13 16:15 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-02-13 16:14 - 2014-02-22 15:14 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-02-13 16:13 - 2014-02-13 16:20 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-02-13 16:13 - 2014-02-13 16:13 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Mozilla
2014-02-13 16:12 - 2014-02-13 16:13 - 00911896 _____ (SafeInstall, LLC) C:\Users\Tom\Downloads\7zip_14371_stn2.exe
2014-02-13 16:06 - 2014-02-13 16:06 - 00664992 _____ () C:\Users\Tom\Downloads\ZipOpenerSetup.exe
2014-02-12 06:30 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-12 06:30 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-12 06:30 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-12 06:30 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-12 06:30 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-12 06:30 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-12 06:30 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-12 06:30 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-12 06:30 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-12 06:30 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-12 06:30 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-12 06:30 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-12 06:30 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-12 06:30 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-12 06:30 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-12 06:30 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-12 06:30 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-12 06:30 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-12 06:30 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-12 06:30 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-12 06:30 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-12 06:30 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-12 06:30 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-12 06:30 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-12 06:30 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-12 06:30 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-12 06:30 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-12 06:30 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-12 06:30 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-12 06:30 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-12 06:30 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-12 06:30 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-12 06:30 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-12 06:30 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-12 06:30 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-12 06:30 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-12 06:30 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-12 06:30 - 2013-12-08 19:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-12 06:30 - 2013-12-08 18:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-12 06:29 - 2014-01-07 00:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-12 06:29 - 2014-01-06 23:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-12 06:29 - 2013-12-08 19:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-12 06:29 - 2013-12-08 18:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-12 06:29 - 2013-11-21 01:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-12 06:29 - 2013-11-21 00:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-12 06:24 - 2014-01-04 15:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-12 06:24 - 2014-01-04 14:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-12 06:24 - 2014-01-04 09:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-12 06:24 - 2014-01-04 09:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-12 06:24 - 2014-01-04 08:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-12 06:24 - 2014-01-04 08:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-12 06:24 - 2014-01-04 08:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-12 06:24 - 2014-01-04 08:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-12 06:24 - 2013-12-20 21:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-12 06:24 - 2013-12-20 21:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-12 06:23 - 2014-01-07 02:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-12 06:23 - 2014-01-07 00:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-12 06:23 - 2013-12-20 05:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-12 06:23 - 2013-12-20 01:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-12 06:23 - 2013-12-08 21:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-12 06:23 - 2013-12-08 20:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-12 06:21 - 2014-01-09 03:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-12 06:21 - 2014-01-09 02:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-12 06:21 - 2014-01-09 02:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-12 06:21 - 2014-01-09 02:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-12 06:21 - 2014-01-09 02:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-12 06:21 - 2014-01-09 02:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-12 06:21 - 2014-01-09 02:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-12 06:21 - 2014-01-09 02:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-12 06:21 - 2014-01-09 02:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-12 06:21 - 2014-01-09 02:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-12 03:58 - 2014-02-12 03:58 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-02-12 03:58 - 2014-02-12 03:58 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-02-11 09:35 - 2014-01-19 02:38 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-02-09 19:39 - 2014-02-09 19:39 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\WebApp
2014-02-09 19:15 - 2014-02-09 19:15 - 00000000 ____D () C:\Users\Public\CyberLink
2014-02-09 19:14 - 2014-02-09 19:38 - 00000000 ____D () C:\Users\Tom\Documents\CyberLink
2014-02-09 19:14 - 2014-02-09 19:38 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\CyberLink
2014-02-09 19:14 - 2014-02-09 19:14 - 00000000 ____D () C:\Users\Tom\AppData\Local\Cyberlink
2014-02-09 18:26 - 2014-02-09 18:26 - 00000000 ____D () C:\Users\Tom\Documents\OneNote Notebooks
2014-02-09 15:27 - 2014-02-12 03:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-02-09 15:27 - 2014-02-09 15:27 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-02-09 15:24 - 2014-02-20 09:12 - 00000000 ____D () C:\Users\Tom\AppData\Local\Microsoft Help
2014-02-09 15:24 - 2014-02-13 03:48 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-09 15:24 - 2014-02-09 15:24 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-02-09 15:23 - 2014-02-09 15:23 - 00000000 __RHD () C:\MSOCache
2014-02-09 14:02 - 2014-02-09 14:02 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\PCDr
2014-02-09 09:18 - 2014-03-01 10:41 - 00000000 __RDO () C:\Users\Tom\SkyDrive
2014-02-09 09:16 - 2014-02-09 09:16 - 00001448 _____ () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-09 09:16 - 2014-02-09 09:16 - 00000020 ___SH () C:\Users\Tom\ntuser.ini
2014-02-09 06:52 - 2014-02-09 09:16 - 00000000 ___DC () C:\WINDOWS\Panther
2014-02-09 06:52 - 2014-02-09 06:52 - 00000000 __SHD () C:\Recovery
2014-02-09 06:51 - 2014-02-09 06:51 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-02-09 06:51 - 2014-02-09 06:51 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-02-09 06:51 - 2014-02-09 06:51 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-02-09 06:50 - 2014-02-09 06:50 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-02-09 06:50 - 2014-02-09 06:50 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-02-09 06:50 - 2014-02-09 06:50 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-02-09 06:50 - 2014-02-09 06:50 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-02-09 06:50 - 2014-02-09 06:50 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-02-09 06:50 - 2014-02-09 06:50 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-02-09 06:50 - 2014-02-09 06:50 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-02-09 06:50 - 2014-02-09 06:50 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-02-09 06:50 - 2014-02-09 06:50 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-02-09 06:50 - 2014-02-09 06:50 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-02-09 06:50 - 2014-02-09 06:50 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-02-09 06:50 - 2014-02-09 06:50 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-02-09 06:50 - 2014-02-09 06:50 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-02-09 06:50 - 2014-02-09 06:50 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-02-09 06:49 - 2014-02-09 06:49 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-02-09 06:46 - 2014-02-09 06:46 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-02-09 06:46 - 2014-02-09 06:46 - 00000000 ____D () C:\Program Files\MSBuild
2014-02-09 06:46 - 2014-02-09 06:46 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-02-09 06:46 - 2014-02-09 06:46 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-02-09 06:46 - 2013-08-02 23:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-02-09 06:46 - 2013-08-02 23:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-02-09 06:46 - 2013-08-02 23:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-02-09 06:46 - 2013-08-02 23:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-02-09 06:46 - 2013-08-02 23:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-02-09 06:46 - 2013-08-02 23:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-02-09 04:05 - 2014-03-01 10:21 - 01106850 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-09 04:04 - 2014-02-09 04:04 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-02-09 03:58 - 2014-03-01 10:22 - 00000000 ____D () C:\Users\Tom
2014-02-09 03:58 - 2014-02-09 03:58 - 00000000 ___RD () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-02-09 03:58 - 2014-02-09 03:58 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-02-09 03:58 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-09 03:58 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-02-09 03:58 - 2013-08-22 10:36 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-09 03:57 - 2014-03-01 11:13 - 00000000 ____D () C:\Users\Barbara
2014-02-09 03:57 - 2014-02-09 04:04 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2014-02-09 03:57 - 2014-02-09 04:04 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2014-02-09 03:57 - 2014-02-09 03:58 - 00000000 ___RD () C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-02-09 03:57 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-09 03:57 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-02-09 03:57 - 2013-08-22 10:36 - 00000000 ____D () C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-09 03:54 - 2014-02-09 03:59 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-02-09 03:54 - 2014-02-09 03:54 - 00080824 _____ () C:\WINDOWS\system32\Drivers\RTWAVES30.dat
2014-02-09 03:54 - 2014-02-09 03:54 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-02-09 03:54 - 2014-02-09 03:54 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-02-09 03:54 - 2014-02-09 03:54 - 00000000 ____D () C:\Program Files\Realtek
2014-02-09 03:20 - 2014-02-09 04:04 - 00006521 _____ () C:\WINDOWS\comsetup.log
2014-02-08 22:01 - 2014-02-28 14:13 - 00000000 ____D () C:\Users\Tom\AppData\Local\CrashDumps
2014-02-08 18:45 - 2014-02-28 16:36 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-02-08 18:41 - 2014-02-08 18:41 - 00004032 _____ () C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-02-08 18:41 - 2014-02-08 18:41 - 00003488 _____ () C:\WINDOWS\System32\Tasks\PCDEventLauncher
2014-02-08 18:41 - 2014-02-08 18:41 - 00003220 _____ () C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2014-02-08 18:41 - 2014-02-08 18:41 - 00000000 ____D () C:\Users\Tom\AppData\Local\softthinks
2014-02-08 17:56 - 2014-02-15 04:51 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-08 17:56 - 2014-02-15 04:50 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-08 17:31 - 2013-05-03 23:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2014-02-08 17:31 - 2013-05-03 23:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2014-02-08 15:53 - 2014-03-01 09:42 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3017447311-3867221884-2038309817-1001
2014-02-08 15:48 - 2014-02-08 15:48 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Intel Corporation
2014-02-08 15:47 - 2014-02-08 15:47 - 00000000 ____D () C:\Users\Tom\Documents\Bluetooth Folder
2014-02-08 15:47 - 2014-02-08 15:47 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Atheros
2014-02-08 15:47 - 2014-02-08 15:47 - 00000000 ____D () C:\Users\Tom\AppData\Local\Power2Go8
2014-02-08 15:47 - 2014-02-08 15:47 - 00000000 ____D () C:\Users\Tom\AppData\Local\BMExplorer
2014-02-08 15:47 - 2014-02-08 15:47 - 00000000 ____D () C:\ProgramData\Atheros
2014-02-08 15:46 - 2014-02-16 19:24 - 00000000 ___RD () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-08 15:46 - 2014-02-16 19:24 - 00000000 ___RD () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-08 15:46 - 2014-02-09 09:17 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-02-08 15:45 - 2014-02-13 17:57 - 00000000 ____D () C:\Users\Tom\AppData\Local\VirtualStore
2014-02-08 15:45 - 2014-02-09 09:18 - 00000000 ____D () C:\Users\Tom\AppData\Local\Packages
2014-02-08 15:45 - 2014-02-09 03:59 - 00000000 ____D () C:\ProgramData\PRICache
2014-02-08 15:45 - 2014-02-09 03:41 - 01217896 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-02-08 15:45 - 2014-02-08 15:45 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Macromedia
2014-02-08 15:45 - 2014-02-08 15:45 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Leadertech
2014-02-08 15:45 - 2014-02-08 15:45 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Adobe
2014-02-08 15:29 - 2014-02-08 15:29 - 00000117 _____ () C:\WINDOWS\system32\netcfg-399296.txt
2014-02-08 15:29 - 2014-02-08 15:18 - 00000117 _____ () C:\WINDOWS\system32\netcfg-399328.txt
2014-02-08 15:28 - 2014-02-08 15:28 - 00000117 _____ () C:\WINDOWS\system32\netcfg-397562.txt
2014-02-08 15:28 - 2014-02-08 15:28 - 00000117 _____ () C:\WINDOWS\system32\netcfg-367859.txt
2014-02-08 15:18 - 2014-02-08 15:18 - 00000117 _____ () C:\WINDOWS\system32\netcfg-402828.txt

==================== One Month Modified Files and Folders =======

2014-03-01 12:09 - 2014-03-01 12:08 - 00000000 ____D () C:\FRST
2014-03-01 12:07 - 2012-12-17 13:29 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-03-01 12:01 - 2014-03-01 12:01 - 00000000 ___RD () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-03-01 12:01 - 2014-03-01 09:23 - 00000306 _____ () C:\WINDOWS\Tasks\NUAutoUpdate.job
2014-03-01 12:00 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-01 11:59 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-01 11:28 - 2014-02-13 16:27 - 00000306 _____ () C:\WINDOWS\Tasks\Digital Sites.job
2014-03-01 11:13 - 2014-02-09 03:57 - 00000000 ____D () C:\Users\Barbara
2014-03-01 11:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-01 10:55 - 2014-03-01 10:55 - 00000000 ____D () C:\Users\Tom\Documents\New folder
2014-03-01 10:55 - 2013-11-14 02:28 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-01 10:41 - 2014-02-09 09:18 - 00000000 __RDO () C:\Users\Tom\SkyDrive
2014-03-01 10:22 - 2014-03-01 10:12 - 00000348 _____ () C:\WINDOWS\Tasks\SpeedDiskSchedule.job
2014-03-01 10:22 - 2014-02-09 03:58 - 00000000 ____D () C:\Users\Tom
2014-03-01 10:22 - 2013-08-22 08:25 - 59768832 _____ () C:\WINDOWS\system32\config\software.rmbak
2014-03-01 10:22 - 2013-08-22 08:25 - 00786432 _____ () C:\WINDOWS\system32\config\default.rmbak
2014-03-01 10:21 - 2014-02-09 04:05 - 01106850 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-01 10:12 - 2014-03-01 10:12 - 00002866 _____ () C:\WINDOWS\System32\Tasks\SpeedDiskSchedule
2014-03-01 09:42 - 2014-02-08 15:53 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3017447311-3867221884-2038309817-1001
2014-03-01 09:37 - 2014-03-01 09:37 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Norton Utilities 16
2014-03-01 09:32 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-03-01 09:30 - 2014-03-01 09:23 - 00000298 _____ () C:\WINDOWS\Tasks\NUSchedule.job
2014-03-01 09:28 - 2014-02-13 16:28 - 00000092 _____ () C:\Users\Tom\AppData\Roaming\WB.CFG
2014-03-01 09:23 - 2014-03-01 09:23 - 00002850 _____ () C:\WINDOWS\System32\Tasks\NUSchedule
2014-03-01 09:23 - 2014-03-01 09:23 - 00002522 _____ () C:\WINDOWS\System32\Tasks\NUAutoUpdate
2014-03-01 09:23 - 2014-03-01 09:23 - 00000000 ____D () C:\Users\Tom\Documents\Norton Utilities 16
2014-03-01 09:22 - 2014-02-27 14:03 - 00015536 _____ () C:\WINDOWS\system32\CovenantEyesProxy.ini
2014-03-01 09:22 - 2014-02-27 14:03 - 00004720 _____ () C:\WINDOWS\SysWOW64\CovenantEyesProxyOff.ini
2014-03-01 09:22 - 2014-02-27 14:03 - 00004720 _____ () C:\WINDOWS\system32\CovenantEyesProxyOff.ini
2014-03-01 09:21 - 2014-03-01 09:21 - 00001241 _____ () C:\Users\Public\Desktop\Norton Utilities 16.lnk
2014-03-01 09:21 - 2014-03-01 09:21 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Product_NU16
2014-03-01 09:21 - 2014-03-01 09:21 - 00000000 ____D () C:\ProgramData\Symantec
2014-03-01 09:21 - 2014-03-01 09:21 - 00000000 ____D () C:\Program Files (x86)\Symantec
2014-02-28 20:17 - 2014-02-13 18:19 - 00000000 ____D () C:\Users\Tom\AppData\Local\Paint.NET
2014-02-28 20:16 - 2014-02-14 11:12 - 00166912 ___SH () C:\Users\Tom\Desktop\Thumbs.db
2014-02-28 16:36 - 2014-02-08 18:45 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-02-28 16:36 - 2012-12-17 13:20 - 00000000 ____D () C:\Program Files (x86)\Dell Wireless
2014-02-28 14:13 - 2014-02-08 22:01 - 00000000 ____D () C:\Users\Tom\AppData\Local\CrashDumps
2014-02-28 14:03 - 2014-02-20 14:20 - 00000000 ____D () C:\Users\Tom\Documents\On Line Payments
2014-02-28 10:31 - 2014-02-28 10:28 - 00000000 ____D () C:\Users\Tom\Documents\Tom's Personal
2014-02-28 09:56 - 2014-02-15 18:00 - 00000000 ____D () C:\Users\Tom\Documents\Mudy Feet-Garrison Press Jobs
2014-02-27 16:20 - 2014-02-20 20:36 - 00000000 ____D () C:\Users\Tom\Documents\Mountain View Dental
2014-02-27 14:04 - 2014-02-27 14:03 - 00000000 ____D () C:\Program Files (x86)\CE
2014-02-27 14:04 - 2013-11-14 02:20 - 00029058 _____ () C:\WINDOWS\PFRO.log
2014-02-27 14:03 - 2014-02-27 14:03 - 00000932 _____ () C:\ceInstall.log
2014-02-27 14:03 - 2014-02-27 14:03 - 00000000 ____D () C:\ProgramData\CovenantEyes
2014-02-27 14:03 - 2014-02-27 14:03 - 00000000 ____D () C:\Program Files\CE
2014-02-27 14:03 - 2014-02-20 13:14 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-02-27 14:03 - 2012-12-17 13:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-27 14:02 - 2014-02-27 13:57 - 48563136 _____ (Covenant Eyes, Inc.) C:\Users\Tom\CovenantEyes504_Build_319-beta.exe
2014-02-27 13:57 - 2014-02-27 13:57 - 00000000 ____D () C:\Program Files\Covenanteyes
2014-02-26 19:08 - 2014-02-26 19:08 - 00284312 _____ () C:\WINDOWS\Minidump\022614-28765-01.dmp
2014-02-26 19:08 - 2014-02-26 19:00 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-26 19:07 - 2014-02-26 19:00 - 561941727 _____ () C:\WINDOWS\MEMORY.DMP
2014-02-26 19:04 - 2014-02-26 19:04 - 00284312 _____ () C:\WINDOWS\Minidump\022614-35484-01.dmp
2014-02-26 19:01 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-02-26 19:00 - 2014-02-26 19:00 - 00284312 _____ () C:\WINDOWS\Minidump\022614-43531-01.dmp
2014-02-26 19:00 - 2013-08-22 09:44 - 00385576 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-26 18:59 - 2013-08-22 10:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-02-25 20:35 - 2014-02-25 20:35 - 00000000 ____D () C:\MININT
2014-02-25 20:35 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-02-25 20:32 - 2014-02-25 20:32 - 00000000 ____D () C:\Users\Tom\AppData\Local\SearchProtect
2014-02-25 20:32 - 2014-02-25 20:32 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-02-25 17:22 - 2014-02-25 17:14 - 00000000 ____D () C:\Users\Tom\Documents\My Scans
2014-02-25 17:11 - 2014-02-25 17:06 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\HP
2014-02-25 17:09 - 2014-02-25 17:09 - 00000000 ____D () C:\ProgramData\WEBREG
2014-02-25 17:09 - 2014-02-25 16:57 - 00183186 _____ () C:\WINDOWS\hpwins16.dat
2014-02-25 17:09 - 2014-02-25 16:57 - 00000820 _____ () C:\ProgramData\hpzinstall.log
2014-02-25 17:06 - 2014-02-25 17:06 - 00000000 ____D () C:\Users\Tom\AppData\Local\HP
2014-02-25 17:06 - 2014-02-25 16:53 - 00000000 ____D () C:\ProgramData\HP
2014-02-25 17:06 - 2012-07-26 00:26 - 00000159 _____ () C:\WINDOWS\win.ini
2014-02-25 17:05 - 2014-02-25 17:05 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-25 17:05 - 2014-02-25 17:04 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-02-25 17:04 - 2014-02-25 17:04 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\HpUpdate
2014-02-25 17:04 - 2014-02-25 17:01 - 00000000 ____D () C:\Program Files (x86)\HP
2014-02-25 17:03 - 2014-02-25 17:03 - 00001337 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-02-25 17:03 - 2014-02-25 17:03 - 00000000 ____D () C:\WINDOWS\SysWOW64\spool
2014-02-25 17:03 - 2014-02-25 17:03 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-02-25 13:44 - 2014-02-25 13:03 - 290781424 _____ () C:\Users\Tom\Downloads\OJ_AIO_J3600_Full_Win_WW_140_408.exe
2014-02-24 15:18 - 2014-02-19 13:08 - 00000157 _____ () C:\WINDOWS\SysWOW64\SystemPreferences.xml
2014-02-23 21:55 - 2014-02-23 21:54 - 00000000 ____D () C:\Users\Tom\AppData\Local\NPE
2014-02-23 21:54 - 2014-02-21 19:00 - 00000000 ____D () C:\ProgramData\Norton
2014-02-22 15:14 - 2014-02-13 16:14 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-02-21 21:47 - 2014-02-21 21:47 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-02-21 21:47 - 2014-02-21 21:47 - 00000000 ____D () C:\Users\Tom\Documents\Symantec
2014-02-21 21:46 - 2014-02-21 21:46 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-02-21 21:46 - 2014-02-21 21:46 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-02-21 21:46 - 2014-02-21 21:46 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-02-21 21:46 - 2014-02-21 21:46 - 00002599 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-02-21 21:46 - 2014-02-21 21:46 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-02-21 21:46 - 2014-02-21 21:45 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-02-21 21:45 - 2014-02-21 21:45 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-02-21 15:34 - 2014-02-21 10:20 - 00000000 ____D () C:\Program Files (x86)\SavingsBull
2014-02-20 21:26 - 2012-12-17 13:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-02-20 14:18 - 2014-02-20 14:18 - 00086600 _____ () C:\Users\Tom\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-20 13:14 - 2013-08-22 10:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-02-20 13:14 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-02-20 13:04 - 2014-02-20 13:04 - 00000000 ____D () C:\Users\Tom\AppData\Local\Downloaded Installations
2014-02-20 12:59 - 2014-02-20 13:03 - 01554440 _____ (Flexera Software LLC) C:\Program Files (x86)\CovenantEyesInstall.exe
2014-02-20 12:15 - 2014-02-20 12:15 - 00042036 _____ () C:\Users\Tom\Downloads\SVECPowerOutageMagnetArt.jpeg
2014-02-20 12:15 - 2014-02-20 12:15 - 00013312 ___SH () C:\Users\Tom\Downloads\Thumbs.db
2014-02-20 09:12 - 2014-02-09 15:24 - 00000000 ____D () C:\Users\Tom\AppData\Local\Microsoft Help
2014-02-19 18:33 - 2013-08-22 09:46 - 00327221 _____ () C:\WINDOWS\setupact.log
2014-02-19 15:07 - 2014-02-19 11:21 - 00000541 _____ () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Verizon My Verizon Verizon Message Center.website
2014-02-19 13:22 - 2014-02-19 13:22 - 01038840 _____ () C:\Users\Tom\Downloads\Grace_Sign.zip
2014-02-17 16:00 - 2013-08-22 10:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-17 16:00 - 2013-08-22 10:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 14:00 - 2014-02-17 14:00 - 00431696 _____ () C:\Users\Tom\Downloads\DellSystemDetect.exe
2014-02-16 21:40 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-16 19:24 - 2014-02-08 15:46 - 00000000 ___RD () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-16 19:24 - 2014-02-08 15:46 - 00000000 ___RD () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-16 19:23 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-16 19:23 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-16 19:23 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-15 17:59 - 2014-02-15 17:59 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-02-15 04:51 - 2014-02-08 17:56 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-15 04:50 - 2014-02-08 17:56 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-14 12:22 - 2014-02-14 12:22 - 00000000 ____D () C:\Users\Tom\AppData\Local\Citrix
2014-02-14 10:28 - 2014-02-13 16:27 - 00002644 _____ () C:\WINDOWS\System32\Tasks\Digital Sites
2014-02-13 19:49 - 2014-02-13 18:36 - 00000000 ____D () C:\Users\Tom\AppData\Local\Google
2014-02-13 19:18 - 2014-02-13 19:18 - 00001128 _____ () C:\Users\Public\Desktop\Picasa 3.lnk
2014-02-13 19:18 - 2014-02-13 19:18 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-02-13 18:36 - 2014-02-13 18:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-13 18:35 - 2014-02-13 18:33 - 17660184 _____ (Google Inc.) C:\Users\Tom\Downloads\picasa39-setup.exe
2014-02-13 18:30 - 2014-02-13 18:30 - 00552744 _____ (Premium Installer ) C:\Users\Tom\Downloads\Picasa_Setup.exe
2014-02-13 18:19 - 2014-02-13 18:19 - 00001190 _____ () C:\Users\Public\Desktop\Paint.NET.lnk
2014-02-13 18:19 - 2014-02-13 18:00 - 00000000 ____D () C:\Program Files\Paint.net
2014-02-13 17:57 - 2014-02-08 15:45 - 00000000 ____D () C:\Users\Tom\AppData\Local\VirtualStore
2014-02-13 17:56 - 2014-02-13 17:55 - 03739157 _____ () C:\Users\Tom\Downloads\Paint.NET.3.5.11.Install.zip
2014-02-13 17:51 - 2014-02-13 17:51 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-02-13 16:27 - 2014-02-13 16:27 - 00001132 _____ () C:\Users\Public\Desktop\Open It!.lnk
2014-02-13 16:27 - 2014-02-13 16:27 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\DigitalSites
2014-02-13 16:27 - 2014-02-13 16:27 - 00000000 ____D () C:\Program Files (x86)\OpenIt
2014-02-13 16:22 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-13 16:22 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-13 16:22 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-13 16:20 - 2014-02-13 16:13 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-02-13 16:15 - 2014-02-13 16:15 - 00003860 _____ () C:\WINDOWS\System32\Tasks\BrowserSafeguard Update Task
2014-02-13 16:15 - 2014-02-13 16:15 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-02-13 16:15 - 2014-02-13 16:15 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-02-13 16:13 - 2014-02-13 16:13 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Mozilla
2014-02-13 16:13 - 2014-02-13 16:12 - 00911896 _____ (SafeInstall, LLC) C:\Users\Tom\Downloads\7zip_14371_stn2.exe
2014-02-13 16:06 - 2014-02-13 16:06 - 00664992 _____ () C:\Users\Tom\Downloads\ZipOpenerSetup.exe
2014-02-13 03:48 - 2014-02-09 15:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-12 10:37 - 2014-02-27 14:03 - 04451320 _____ () C:\WINDOWS\SysWOW64\authServer.exe
2014-02-12 10:36 - 2014-02-27 14:03 - 00039928 _____ (CovenantEyes) C:\WINDOWS\system32\Drivers\cewfp64.sys
2014-02-12 03:58 - 2014-02-12 03:58 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-02-12 03:58 - 2014-02-12 03:58 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-02-12 03:57 - 2014-02-09 15:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-02-09 19:39 - 2014-02-09 19:39 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\WebApp
2014-02-09 19:39 - 2012-12-17 13:23 - 00000000 ____D () C:\ProgramData\CyberLink
2014-02-09 19:38 - 2014-02-09 19:14 - 00000000 ____D () C:\Users\Tom\Documents\CyberLink
2014-02-09 19:38 - 2014-02-09 19:14 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\CyberLink
2014-02-09 19:15 - 2014-02-09 19:15 - 00000000 ____D () C:\Users\Public\CyberLink
2014-02-09 19:14 - 2014-02-09 19:14 - 00000000 ____D () C:\Users\Tom\AppData\Local\Cyberlink
2014-02-09 18:49 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-09 18:26 - 2014-02-09 18:26 - 00000000 ____D () C:\Users\Tom\Documents\OneNote Notebooks
2014-02-09 15:27 - 2014-02-09 15:27 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-02-09 15:27 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-09 15:24 - 2014-02-09 15:24 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-02-09 15:24 - 2013-11-14 02:17 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-02-09 15:23 - 2014-02-09 15:23 - 00000000 __RHD () C:\MSOCache
2014-02-09 15:23 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-02-09 14:02 - 2014-02-09 14:02 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\PCDr
2014-02-09 09:18 - 2014-02-08 15:45 - 00000000 ____D () C:\Users\Tom\AppData\Local\Packages
2014-02-09 09:17 - 2014-02-08 15:46 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-02-09 09:16 - 2014-02-09 09:16 - 00001448 _____ () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-09 09:16 - 2014-02-09 09:16 - 00000020 ___SH () C:\Users\Tom\ntuser.ini
2014-02-09 09:16 - 2014-02-09 06:52 - 00000000 ___DC () C:\WINDOWS\Panther
2014-02-09 09:16 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-02-09 06:52 - 2014-02-09 06:52 - 00000000 __SHD () C:\Recovery
2014-02-09 06:51 - 2014-02-09 06:51 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-02-09 06:51 - 2014-02-09 06:51 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-02-09 06:51 - 2014-02-09 06:51 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-02-09 06:51 - 2014-02-09 06:51 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-02-09 06:51 - 2013-08-22 10:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-02-09 06:51 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-02-09 06:50 - 2014-02-09 06:50 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-02-09 06:50 - 2014-02-09 06:50 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-02-09 06:50 - 2014-02-09 06:50 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-02-09 06:50 - 2014-02-09 06:50 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-02-09 06:50 - 2014-02-09 06:50 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-02-09 06:50 - 2014-02-09 06:50 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-02-09 06:50 - 2014-02-09 06:50 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-02-09 06:50 - 2014-02-09 06:50 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-02-09 06:50 - 2014-02-09 06:50 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-02-09 06:50 - 2014-02-09 06:50 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-02-09 06:50 - 2014-02-09 06:50 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-02-09 06:50 - 2014-02-09 06:50 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-02-09 06:50 - 2014-02-09 06:50 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-02-09 06:50 - 2014-02-09 06:50 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-02-09 06:50 - 2014-02-09 06:50 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-02-09 06:50 - 2014-02-09 06:50 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-02-09 06:49 - 2014-02-09 06:49 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-02-09 06:46 - 2014-02-09 06:46 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-02-09 06:46 - 2014-02-09 06:46 - 00000000 ____D () C:\Program Files\MSBuild
2014-02-09 06:46 - 2014-02-09 06:46 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-02-09 06:46 - 2014-02-09 06:46 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-02-09 04:04 - 2014-02-09 04:04 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-02-09 04:04 - 2014-02-09 03:57 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2014-02-09 04:04 - 2014-02-09 03:57 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2014-02-09 04:04 - 2014-02-09 03:20 - 00006521 _____ () C:\WINDOWS\comsetup.log
2014-02-09 04:02 - 2013-08-22 10:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-02-09 04:02 - 2013-08-22 10:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-09 04:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-02-09 04:00 - 2012-12-17 13:31 - 00000000 ____D () C:\WINDOWS\en
2014-02-09 03:59 - 2014-02-09 03:54 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-02-09 03:59 - 2014-02-08 15:45 - 00000000 ____D () C:\ProgramData\PRICache
2014-02-09 03:59 - 2013-11-14 02:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-02-09 03:59 - 2013-11-14 02:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-02-09 03:59 - 2013-11-14 02:14 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-02-09 03:59 - 2013-08-22 10:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-02-09 03:59 - 2013-08-22 10:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-02-09 03:59 - 2013-08-22 10:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-02-09 03:59 - 2013-08-22 10:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-02-09 03:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-02-09 03:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-02-09 03:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-02-09 03:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-02-09 03:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-02-09 03:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-02-09 03:59 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Help
2014-02-09 03:59 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-02-09 03:59 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-02-09 03:59 - 2012-12-17 13:26 - 00000000 ____D () C:\ProgramData\McAfee
2014-02-09 03:59 - 2012-07-26 00:37 - 00000000 ____D () C:\Users\Default.migrated
2014-02-09 03:58 - 2014-02-09 03:58 - 00000000 ___RD () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-02-09 03:58 - 2014-02-09 03:58 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-02-09 03:58 - 2014-02-09 03:57 - 00000000 ___RD () C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-02-09 03:58 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-02-09 03:54 - 2014-02-09 03:54 - 00080824 _____ () C:\WINDOWS\system32\Drivers\RTWAVES30.dat
2014-02-09 03:54 - 2014-02-09 03:54 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-02-09 03:54 - 2014-02-09 03:54 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-02-09 03:54 - 2014-02-09 03:54 - 00000000 ____D () C:\Program Files\Realtek
2014-02-09 03:54 - 2013-08-22 09:46 - 00000084 _____ () C:\WINDOWS\setuperr.log
2014-02-09 03:52 - 2013-08-22 08:36 - 00000000 __RHD () C:\Users\Default
2014-02-09 03:41 - 2014-02-08 15:45 - 01217896 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-02-09 02:41 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-02-08 18:45 - 2012-05-08 06:37 - 00000000 ____D () C:\DELL
2014-02-08 18:41 - 2014-02-08 18:41 - 00004032 _____ () C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-02-08 18:41 - 2014-02-08 18:41 - 00003488 _____ () C:\WINDOWS\System32\Tasks\PCDEventLauncher
2014-02-08 18:41 - 2014-02-08 18:41 - 00003220 _____ () C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2014-02-08 18:41 - 2014-02-08 18:41 - 00000000 ____D () C:\Users\Tom\AppData\Local\softthinks
2014-02-08 18:41 - 2012-12-17 13:23 - 00000000 ____D () C:\ProgramData\PCDr
2014-02-08 16:07 - 2012-12-17 13:30 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Dell
2014-02-08 15:48 - 2014-02-08 15:48 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Intel Corporation
2014-02-08 15:47 - 2014-02-08 15:47 - 00000000 ____D () C:\Users\Tom\Documents\Bluetooth Folder
2014-02-08 15:47 - 2014-02-08 15:47 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Atheros
2014-02-08 15:47 - 2014-02-08 15:47 - 00000000 ____D () C:\Users\Tom\AppData\Local\Power2Go8
2014-02-08 15:47 - 2014-02-08 15:47 - 00000000 ____D () C:\Users\Tom\AppData\Local\BMExplorer
2014-02-08 15:47 - 2014-02-08 15:47 - 00000000 ____D () C:\ProgramData\Atheros
2014-02-08 15:47 - 2012-12-17 13:19 - 00000000 ____D () C:\ProgramData\Intel
2014-02-08 15:45 - 2014-02-08 15:45 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Macromedia
2014-02-08 15:45 - 2014-02-08 15:45 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Leadertech
2014-02-08 15:45 - 2014-02-08 15:45 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Adobe
2014-02-08 15:29 - 2014-02-08 15:29 - 00000117 _____ () C:\WINDOWS\system32\netcfg-399296.txt
2014-02-08 15:28 - 2014-02-08 15:28 - 00000117 _____ () C:\WINDOWS\system32\netcfg-397562.txt
2014-02-08 15:28 - 2014-02-08 15:28 - 00000117 _____ () C:\WINDOWS\system32\netcfg-367859.txt
2014-02-08 15:18 - 2014-02-08 15:29 - 00000117 _____ () C:\WINDOWS\system32\netcfg-399328.txt
2014-02-08 15:18 - 2014-02-08 15:18 - 00000117 _____ () C:\WINDOWS\system32\netcfg-402828.txt
2014-02-06 07:16 - 2014-02-12 06:30 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 06:30 - 2014-02-12 06:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 06:30 - 2014-02-12 06:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 06:12 - 2014-02-12 06:30 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 06:07 - 2014-02-12 06:30 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 06:06 - 2014-02-12 06:30 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 05:57 - 2014-02-12 06:30 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 05:56 - 2014-02-12 06:30 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 05:49 - 2014-02-12 06:30 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 05:48 - 2014-02-12 06:30 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 05:48 - 2014-02-12 06:30 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 05:38 - 2014-02-12 06:30 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 05:32 - 2014-02-12 06:30 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 05:20 - 2014-02-12 06:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 05:17 - 2014-02-12 06:30 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 05:11 - 2014-02-12 06:30 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 05:01 - 2014-02-12 06:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 05:00 - 2014-02-12 06:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 04:57 - 2014-02-12 06:30 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 04:57 - 2014-02-12 06:30 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 04:52 - 2014-02-12 06:30 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 04:52 - 2014-02-12 06:30 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 04:50 - 2014-02-12 06:30 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 04:47 - 2014-02-12 06:30 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 04:46 - 2014-02-12 06:30 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 04:25 - 2014-02-12 06:30 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 04:25 - 2014-02-12 06:30 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 04:24 - 2014-02-12 06:30 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 04:22 - 2014-02-12 06:30 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 04:13 - 2014-02-12 06:30 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 04:09 - 2014-02-12 06:30 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 04:03 - 2014-02-12 06:30 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 03:55 - 2014-02-12 06:30 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 03:41 - 2014-02-12 06:30 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 03:40 - 2014-02-12 06:30 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 03:36 - 2014-02-12 06:30 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 03:34 - 2014-02-12 06:30 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

Files to move or delete:
====================
C:\Users\Tom\CovenantEyes504_Build_319-beta.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-02-26 10:51

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-03-2014
Ran by Tom at 2014-03-01 12:10:11
Running from C:\Users\Tom\AppData\Local\Microsoft\Windows\INetCache\IE\CCQ04GWE
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

3600_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip 9.20) (Version: - )
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon)
BPD_Scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BrowserSafeguard (HKLM-x32\...\Browsersafeguard) (Version: - Browsersafeguard) <==== ATTENTION
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Covenant Eyes (HKLM-x32\...\{5AC5ED2E-2936-4B54-A429-703F9034938E}) (Version: 5.0.4.319 - Covenant Eyes, Inc.)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.2 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{03A9F528-A754-460F-B2C1-AC125A147114}) (Version: 2.8.5000.0 - Dell Products, LP)
Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.39 - PC-Doctor, Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DELLOSD (HKLM-x32\...\{B0F29C6D-C7A9-40AC-9658-921961818E2B}) (Version: 1.0.0.15 - DELL)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
DSC/AA Factory Installer (Version: 3.2.6032.39 - PC-Doctor, Inc.) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP OfficeJet J3600 14.0 Rel. 6 (HKLM\...\{044B74E4-1C91-4BA9-BD3C-C9213559BBC0}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
J3600 (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.1.0.18 - Symantec Corporation)
Norton Utilities 16 (HKLM-x32\...\Norton Utilities 16_is1) (Version: 16.0 - Symantec Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Open It! (HKLM-x32\...\OpenIt Open It!) (Version: 1.1.1 - OpenIt)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
ProductContext (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.204 - Qualcomm Atheros Communications)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6673 - Realtek Semiconductor Corp.)
SavingsBull (x32 Version: 1.0.0.0 - SavingsBull) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.10.30.15 - Conduit) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Update for Zip Opener (HKCU\...\Digital Sites) (Version: - Update for Zip Opener) <==== ATTENTION
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

==================== Restore Points =========================

13-02-2014 08:43:01 Windows Update
20-02-2014 18:13:19 Installed Covenant Eyes
27-02-2014 18:52:08 Removed Covenant Eyes
01-03-2014 15:20:54 Created by Norton Utilities

==================== Hosts content: ==========================

2013-08-22 08:25 - 2014-02-27 14:03 - 00014181 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 d3oxij66pru1i3.cloudfront.net
216.239.32.20 www.google.ac # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.ad # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.ae # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.al # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.am # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.as # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.at # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.az # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.ba # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.be # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.bf # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.bg # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.bi # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.bj # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.bs # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.bt # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.by # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.ca # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.cat # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.cc # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.cd # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.cf # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.cg # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.ch # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.ci # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.cl # *DO NOT MODIFY/DELETE THIS ENTRY*
216.239.32.20 www.google.cm # *DO NOT MODIFY/DELETE THIS ENTRY*

There are 172 more lines.

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1AC47305-E86D-4A5B-A8FC-E48A560B7DD5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-15] (Microsoft Corporation)
Task: {1BC0A11F-1ECA-4951-BB5F-10298EE949ED} - System32\Tasks\NUSchedule => C:\Program Files (x86)\Symantec\Norton Utilities 16\nu.exe [2014-03-01] (Symantec)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5326E3CE-51AE-47D3-AEE2-42D5B019B701} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {56E608E8-BCCE-48F5-AD38-BF91BCBD204D} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe [2014-02-13] () <==== ATTENTION
Task: {611378F8-FD31-4939-B5F9-344A3FA9E641} - System32\Tasks\SpeedDiskSchedule => C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\ScheduledDefrag.exe [2012-09-29] ()
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6F2AFA4C-3FFD-4020-8566-AFF7654166FB} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9D30B3AC-634A-4717-AF28-C28DF25295B7} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A3391A92-C6B1-4E84-A5D5-8A562F522EED} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2012-07-17] (PC-Doctor, Inc.)
Task: {AB4C065A-BE11-49D1-8BE4-6E47FC096698} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {C14331C6-E517-4242-A9A2-AF0F8418ED23} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-07-17] (PC-Doctor, Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DC04A373-22B1-49E4-93D8-A42423E4CDD0} - System32\Tasks\NUAutoUpdate => C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe [2014-03-01] (Symantec)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EDC1A272-607E-40D0-8B85-E8D00DC5CD15} - System32\Tasks\Digital Sites => C:\Users\Tom\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: C:\WINDOWS\Tasks\Digital Sites.job => C:\Users\Tom\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\NUAutoUpdate.job => C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe
Task: C:\WINDOWS\Tasks\NUSchedule.job => C:\Program Files (x86)\Symantec\Norton Utilities 16\nu.exe
Task: C:\WINDOWS\Tasks\SpeedDiskSchedule.job => C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\ScheduledDefrag.exe

==================== Loaded Modules (whitelisted) =============

2014-02-27 14:03 - 2014-02-12 10:36 - 04584440 _____ () C:\Program Files (x86)\CE\CovenantEyesCommService.exe
2012-12-17 13:19 - 2012-08-01 13:03 - 00073728 _____ () C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe
2012-12-17 13:25 - 2012-04-24 21:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-02-27 14:03 - 2014-02-12 10:37 - 04451320 _____ () C:\WINDOWS\SysWOW64\authServer.exe
2014-02-27 14:03 - 2014-02-12 10:37 - 02946552 _____ () C:\Program Files\CE\nmsvc64.dll
2014-02-27 14:03 - 2014-02-12 10:36 - 00087544 _____ () C:\Program Files\CE\nmsvTree64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-31 20:10 - 2012-07-31 20:10 - 00384128 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ContactsApi.dll
2014-02-27 14:03 - 2014-02-12 10:36 - 07100920 _____ () C:\Program Files (x86)\CE\CovenantEyes.exe
2014-02-27 14:03 - 2014-02-12 10:36 - 05697016 _____ () C:\Program Files (x86)\CE\CovenantEyesHelper.exe
2014-02-13 16:48 - 2014-02-13 16:48 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\3363e49b745a5ddf1aaf80b18c175191\Windows.UI.ni.dll
2012-12-17 13:24 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-02-27 14:03 - 2014-02-12 10:37 - 02301432 _____ () C:\Program Files (x86)\CE\nmsvc.dll
2014-02-27 14:03 - 2014-02-12 10:36 - 00076280 _____ () C:\Program Files (x86)\CE\nmsvTree.dll
2014-02-18 10:17 - 2014-02-18 10:17 - 00086800 _____ () C:\Program Files (x86)\SavingsBull\IEOptimizer.dll
2014-01-13 23:03 - 2014-01-13 23:03 - 00110088 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2014-02-13 16:45 - 2014-02-13 16:45 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\1df9802ff26ff010ffa8c9346f4974df\PSIClient.ni.dll
2012-12-17 13:29 - 2012-09-12 22:18 - 02003304 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2012-12-17 13:29 - 2012-08-06 11:59 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2012-12-17 13:29 - 2012-08-06 11:59 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2012-12-17 13:19 - 2012-07-19 05:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:792D4CF1
AlternateDataStreams: C:\Users\Tom\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cewd64f.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Auth Service => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\cewd64f.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\cewfp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CovenantEyesCommService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CovenantEyesProxy => ""="service"

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/01/2014 09:16:29 AM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16518, time stamp: 0x52f347b2
Faulting module name: IEOptimizer.dll, version: 0.0.0.0, time stamp: 0x53037983
Exception code: 0xc0000005
Fault offset: 0x000014fa
Faulting process id: 0x4974
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (03/01/2014 09:12:41 AM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16518, time stamp: 0x52f347b2
Faulting module name: IEOptimizer.dll, version: 0.0.0.0, time stamp: 0x53037983
Exception code: 0xc0000005
Fault offset: 0x000014fa
Faulting process id: 0x26a0
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (02/28/2014 09:06:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: authServer.exe, version: 0.0.0.0, time stamp: 0x52fb94ce
Faulting module name: authServer.exe, version: 0.0.0.0, time stamp: 0x52fb94ce
Exception code: 0xc0000005
Fault offset: 0x000000000001c223
Faulting process id: 0x19a8
Faulting application start time: 0xauthServer.exe0
Faulting application path: authServer.exe1
Faulting module path: authServer.exe2
Report Id: authServer.exe3
Faulting package full name: authServer.exe4
Faulting package-relative application ID: authServer.exe5

Error: (02/28/2014 08:20:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16518, time stamp: 0x52f347b2
Faulting module name: IEOptimizer.dll, version: 0.0.0.0, time stamp: 0x53037983
Exception code: 0xc0000005
Fault offset: 0x000014fa
Faulting process id: 0x5310
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (02/28/2014 02:07:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: pcdrsysinfocsmi.p5x, version: 6.0.6032.39, time stamp: 0x4ffe56d2
Faulting module name: MSVCR90.dll, version: 9.0.30729.8387, time stamp: 0x51ea1bbd
Exception code: 0x40000015
Fault offset: 0x000000000004267f
Faulting process id: 0x1498
Faulting application start time: 0xpcdrsysinfocsmi.p5x0
Faulting application path: pcdrsysinfocsmi.p5x1
Faulting module path: pcdrsysinfocsmi.p5x2
Report Id: pcdrsysinfocsmi.p5x3
Faulting package full name: pcdrsysinfocsmi.p5x4
Faulting package-relative application ID: pcdrsysinfocsmi.p5x5

Error: (02/27/2014 11:39:11 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16518, time stamp: 0x52f347b2
Faulting module name: IEOptimizer.dll, version: 0.0.0.0, time stamp: 0x53037983
Exception code: 0xc0000005
Fault offset: 0x000014fa
Faulting process id: 0xb3c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (02/27/2014 10:51:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: authServer.exe, version: 0.0.0.0, time stamp: 0x52fb94ce
Faulting module name: authServer.exe, version: 0.0.0.0, time stamp: 0x52fb94ce
Exception code: 0xc0000005
Fault offset: 0x000000000001c223
Faulting process id: 0x12e4
Faulting application start time: 0xauthServer.exe0
Faulting application path: authServer.exe1
Faulting module path: authServer.exe2
Report Id: authServer.exe3
Faulting package full name: authServer.exe4
Faulting package-relative application ID: authServer.exe5

Error: (02/27/2014 01:43:01 PM) (Source: Application Error) (User: )
Description: Faulting application name: CovenantEyes.exe, version: 0.0.0.0, time stamp: 0x5303ab0d
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16496, time stamp: 0x52b3e015
Exception code: 0xc000041d
Fault offset: 0x00012eec
Faulting process id: 0x16a0
Faulting application start time: 0xCovenantEyes.exe0
Faulting application path: CovenantEyes.exe1
Faulting module path: CovenantEyes.exe2
Report Id: CovenantEyes.exe3
Faulting package full name: CovenantEyes.exe4
Faulting package-relative application ID: CovenantEyes.exe5

Error: (02/27/2014 01:42:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: CovenantEyes.exe, version: 0.0.0.0, time stamp: 0x5303ab0d
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16496, time stamp: 0x52b3e015
Exception code: 0xe06d7363
Fault offset: 0x00012eec
Faulting process id: 0x16a0
Faulting application start time: 0xCovenantEyes.exe0
Faulting application path: CovenantEyes.exe1
Faulting module path: CovenantEyes.exe2
Report Id: CovenantEyes.exe3
Faulting package full name: CovenantEyes.exe4
Faulting package-relative application ID: CovenantEyes.exe5

Error: (02/27/2014 01:41:47 PM) (Source: Application Error) (User: )
Description: Faulting application name: authServer.exe, version: 0.0.0.0, time stamp: 0x5303ab3c
Faulting module name: authServer.exe, version: 0.0.0.0, time stamp: 0x5303ab3c
Exception code: 0x40000015
Fault offset: 0x00000000001fcff1
Faulting process id: 0x1104
Faulting application start time: 0xauthServer.exe0
Faulting application path: authServer.exe1
Faulting module path: authServer.exe2
Report Id: authServer.exe3
Faulting package full name: authServer.exe4
Faulting package-relative application ID: authServer.exe5

System errors:
=============
Error: (03/01/2014 10:35:42 AM) (Source: Application Popup) (User: )
Description: DATABASE OPEN FAILED

Error: (03/01/2014 10:32:05 AM) (Source: Microsoft-Windows-Ntfs) (User: NT AUTHORITY)
Description: C:\Device\HarddiskVolume53

Error: (03/01/2014 10:00:01 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (03/01/2014 09:20:09 AM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (02/28/2014 09:06:11 PM) (Source: Service Control Manager) (User: )
Description: The Auth Service service terminated unexpectedly. It has done this 3 time(s).

Error: (02/28/2014 02:21:28 PM) (Source: DCOM) (User: TOMSWORKPC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}TomsWorkPCTomS-1-5-21-3017447311-3867221884-2038309817-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/28/2014 02:18:03 PM) (Source: DCOM) (User: TOMSWORKPC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}TomsWorkPCTomS-1-5-21-3017447311-3867221884-2038309817-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/28/2014 01:14:07 PM) (Source: DCOM) (User: TOMSWORKPC)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}TomsWorkPCTomS-1-5-21-3017447311-3867221884-2038309817-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/28/2014 10:00:00 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/27/2014 10:52:20 PM) (Source: Service Control Manager) (User: )
Description: The Auth Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 34%
Total physical RAM: 6012.62 MB
Available physical RAM: 3962.72 MB
Total Pagefile: 12156.62 MB
Available Pagefile: 10076.17 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:922.95 GB) (Free:878.69 GB) NTFS
Drive x: (PBR Image) (Fixed) (Total:7.07 GB) (Free:0.25 GB) NTFS
Drive y: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: F3B83BCF)

Partition: GPT Partition Type.

==================== End Of Log ============================

#7
gringo_pr

Posted 02 March 2014 - 02:21 PM

Trusted Helper

Malware Removal
7,268 posts

Hello tlw72

I need you to download this script I have made for you -->

fixlist.txt 67bytes 150 downloads

It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

Run FRST again but this time press the Fix button just once and wait.

When finished, it will make a log (fixlog.txt) next to FRST. Please copy and paste the content of this file to your reply.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Gringo

#8
tlw72

Posted 03 March 2014 - 01:17 PM

New Member

Topic Starter
Member
6 posts

I am not sue what you mean by "It needs to be saved next to FRST. fie. I have both files in my download box right beside each other. Is that what you are asking? The file you sent over looks like it's simply a text file, so I am confused as to how it will affect the funning of the FRST file again.

#9
gringo_pr

Posted 04 March 2014 - 07:37 AM

Trusted Helper

Malware Removal
7,268 posts

Hello

When it is saved next to frst (like you have it) and you run FRST and click on fix it will look for that file as long as it is saved with the name of fixlist.txt

Gringo

#10
tlw72

Posted 06 March 2014 - 03:28 PM

New Member

Topic Starter
Member
6 posts

Hi Gringo,

The issue I was facing with that GetSavin malware may be fixed. I was also consistently getting a message screen that IE had stopped working, while I was on the internet. My computer made a log of hat was happening when that occurred. I submitted that log to the Microsoft community and the person who responded confirmed that there was a program running that was called IEoptimizer that was causing the problem. I opened IE, went to the tools drop down box, fond the "manage add-ons" tab and then found IEoptimizer. It came from a publisher called SavingsBull. I disabled it and since then have had no more annoying issues with GetSavin.

#11
gringo_pr

Posted 08 March 2014 - 01:18 PM

Trusted Helper

Malware Removal
7,268 posts

Hello tlw72

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Scan.
After the scan is complete click on "Clean"
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

When they are complete let me have the two reports and let me know how things are running.

Gringo

#12
gringo_pr

Posted 11 March 2014 - 06:49 AM

Trusted Helper

Malware Removal
7,268 posts

Greetings

I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools

Gringo

#13
tlw72

Posted 11 March 2014 - 07:03 AM

New Member

Topic Starter
Member
6 posts

Gringo,

Thanks for checking. I have been sick the past week and have not gotten to this yet. It will probably be a few more days before I will have time to deal with it.

TLW72