Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Freezing & Restarts - Malware Issue?

Started by Katehsparrow , Mar 25 2014 02:45 PM

  • This topic is locked This topic is locked

#1
Katehsparrow
Posted 25 March 2014 - 02:45 PM

Katehsparrow

    Member

  • Member
  • PipPip
  • 57 posts

Hi there folks,

 

I've been working with phillpower2 over on the Hardware forums and after a bunch of troubleshooting he (unfortunately) sent me over here to look for help.

 

About 2 weeks ago, I built this computer for gaming. Since then, I have been having issues with freezing and then reboots. The reboots at first seemed random, but then it appeared that they happened more often when I was streaming videos, but now it seems like they have become more random again. For example, occasionally when I am browsing these forums, my screen will freeze up and I'll hear my fans accelerate and then the computer will restart itself.

 

These restarts also happen nearly every time I start to startup my computer. Sometimes it will take 3 or more attempts to get Windows to start up.

 

I don't have an Anti-Virus program currently installed-- it fell to the backburner when all of these problems started happening. So its entirely possible that it is malware. :(

 

ETA: I also wanted to mention that this is my 3rd install of Windows. Is it possible for malware to persist after a clean install of Windows?

 

Here is a link to my topic in the Hardware forum to give you some more details and a sense of the steps already taken:http://www.geekstogo...during-startup/

 

Phill also had me run PitStop OverDrive. I don't know if this is useful or not, but I figured I would provide the link: http://www.pcpitstop...?conid=25579126

 

I also ran OTL and my log is below.

 

Thanks a bunch for your time. I'm hoping that I will eventually be able to enjoy my new computer.

 

OTL logfile created on: 3/25/2014 4:30:22 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Katie\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.97 Gb Total Physical Memory | 2.92 Gb Available Physical Memory | 73.65% Memory free
7.93 Gb Paging File | 6.69 Gb Available in Paging File | 84.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 899.08 Gb Free Space | 96.53% Space Free | Partition Type: NTFS
 
Computer Name: KATIE-PC | User Name: Katie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/03/25 16:30:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Katie\Downloads\OTL.exe
PRC - [2012/09/11 17:27:44 | 000,062,128 | ---- | M] () -- C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
PRC - [2012/06/11 12:46:30 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2012/01/17 11:24:10 | 000,055,296 | ---- | M] () -- C:\Windows\SysWOW64\ASGT.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2072/03/25 15:04:50 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/12/06 16:52:10 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/12/06 16:06:06 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/08/03 01:27:50 | 000,027,792 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2014/03/19 20:03:50 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/25 17:57:46 | 000,568,512 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/09/11 17:27:44 | 000,062,128 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe -- (Asus Product Register Service)
SRV - [2012/01/17 11:24:10 | 000,055,296 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ASGT.exe -- (ASGT)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/12/06 17:52:14 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/12/06 16:21:44 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/09/24 10:53:50 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/09/19 23:05:02 | 000,059,648 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2.0)
DRV:64bit: - [2013/01/02 21:31:20 | 000,301,256 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xhcdrv.sys -- (xhcdrv)
DRV:64bit: - [2013/01/02 21:31:18 | 000,231,112 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ViaHub3.sys -- (VUSB3HUB)
DRV:64bit: - [2012/10/25 09:01:20 | 000,022,680 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2012/08/28 08:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/08/03 01:27:44 | 002,206,352 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/23 09:57:24 | 000,565,352 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/02/23 07:46:36 | 000,023,680 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | Disabled | Running] -- C:\Windows\SysNative\drivers\IOMap64.sys -- (IOMap)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...r=1473269370=
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.mysearc...r=1473269370=
IE:64bit: - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...r=1473269370=
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...U218DHP&pc=U218
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6C 08 18 BF 98 4F 10 02  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://www.google.co...1I7NDKB_enUS580
IE - HKCU\..\SearchScopes\7F07360132754225968BE84034F36A23: "URL" = http://www.google.co...1I7NDKB_enUS580
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Mysearchdial (Enabled)
CHR - default_search_provider: search_url = http://start.mysearc...r=1473269370=
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Katie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/pcpitstop.cab (PCPitstop Utility)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab (mhLabel Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2302E3B5-C66F-4D36-855A-AD59BC3C15C3}: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5f51ee6b-b1d8-11e3-a32c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5f51ee6b-b1d8-11e3-a32c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
O33 - MountPoints2\{880837de-afd7-11e3-986e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{880837de-afd7-11e3-986e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2072/03/24 21:48:51 | 000,000,000 | ---D | C] -- C:\Users\Katie\Documents\Banished
[2072/03/24 21:14:35 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Roaming\.minecraft
[2072/03/24 21:14:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2072/03/24 21:14:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2072/03/24 20:56:17 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2072/03/24 20:56:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2072/03/24 20:44:32 | 000,023,680 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\IOMap64.sys
[2072/03/24 20:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[2072/03/24 20:42:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2072/03/24 20:42:54 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS
[2072/03/24 20:37:17 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2072/03/24 20:37:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2014/03/24 09:54:51 | 000,000,000 | ---D | C] -- C:\Users\Katie\Documents\Optimizer Pro
[2014/03/24 09:54:50 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/03/24 09:50:37 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Roaming\UpdaterEX
[2014/03/24 09:41:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014/03/24 09:41:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2014/03/23 17:55:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2014/03/21 16:58:47 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014/03/21 16:56:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2014/03/21 16:56:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2014/03/21 16:55:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2014/03/21 16:54:39 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2014/03/21 16:54:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2014/03/21 16:52:44 | 000,000,000 | ---D | C] -- C:\AMD
[2014/03/19 23:29:17 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/03/19 22:51:00 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/03/19 22:30:25 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/03/19 22:30:01 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/03/19 22:21:51 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/03/19 21:41:55 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Local\Programs
[2014/03/19 21:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2014/03/19 21:33:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2014/03/19 21:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2014/03/19 21:15:24 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Local\ElevatedDiagnostics
[2014/03/19 21:04:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2014/03/19 21:04:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014/03/19 21:02:54 | 000,070,800 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\VtSrdAPO.dll
[2014/03/19 21:02:49 | 000,086,016 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2014/03/19 21:02:49 | 000,083,968 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2014/03/19 21:02:49 | 000,055,440 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\PropPageExt.dll
[2014/03/19 21:02:48 | 000,248,976 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\Dts2APO.dll
[2014/03/19 20:53:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2014/03/19 20:53:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014/03/19 20:53:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2014/03/19 20:50:33 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Local\AMD
[2014/03/19 20:50:30 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Roaming\ATI
[2014/03/19 20:50:30 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Local\ATI
[2014/03/19 20:48:00 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/03/19 20:38:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014/03/19 20:18:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014/03/19 20:18:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2014/03/19 20:18:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2014/03/19 20:17:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014/03/19 20:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014/03/19 20:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2014/03/19 20:04:19 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Roaming\Macromedia
[2014/03/19 20:04:17 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Roaming\Google
[2014/03/19 20:04:17 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Roaming\Adobe
[2014/03/19 20:04:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/03/19 20:04:00 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2014/03/19 20:03:57 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/03/19 20:03:52 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Local\Google
[2014/03/19 20:03:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/03/19 20:03:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014/03/19 20:03:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014/03/19 20:03:17 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Local\Adobe
[2014/03/19 20:00:26 | 000,565,352 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2014/03/19 20:00:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2014/03/19 20:00:06 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/03/19 19:51:35 | 000,000,000 | R--D | C] -- C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/03/19 19:51:35 | 000,000,000 | R--D | C] -- C:\Users\Katie\Searches
[2014/03/19 19:51:35 | 000,000,000 | R--D | C] -- C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/03/19 19:51:35 | 000,000,000 | -H-D | C] -- C:\Users\Katie\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/03/19 19:51:28 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Roaming\Identities
[2014/03/19 19:51:27 | 000,000,000 | R--D | C] -- C:\Users\Katie\Contacts
[2014/03/19 19:51:25 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Local\VirtualStore
[2014/03/19 19:51:21 | 000,000,000 | --SD | C] -- C:\Users\Katie\AppData\Roaming\Microsoft
[2014/03/19 19:51:21 | 000,000,000 | R--D | C] -- C:\Users\Katie\Videos
[2014/03/19 19:51:21 | 000,000,000 | R--D | C] -- C:\Users\Katie\Saved Games
[2014/03/19 19:51:21 | 000,000,000 | R--D | C] -- C:\Users\Katie\Pictures
[2014/03/19 19:51:21 | 000,000,000 | R--D | C] -- C:\Users\Katie\Music
[2014/03/19 19:51:21 | 000,000,000 | R--D | C] -- C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/03/19 19:51:21 | 000,000,000 | R--D | C] -- C:\Users\Katie\Links
[2014/03/19 19:51:21 | 000,000,000 | R--D | C] -- C:\Users\Katie\Favorites
[2014/03/19 19:51:21 | 000,000,000 | R--D | C] -- C:\Users\Katie\Downloads
[2014/03/19 19:51:21 | 000,000,000 | R--D | C] -- C:\Users\Katie\Documents
[2014/03/19 19:51:21 | 000,000,000 | R--D | C] -- C:\Users\Katie\Desktop
[2014/03/19 19:51:21 | 000,000,000 | R--D | C] -- C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/03/19 19:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Katie\AppData\Local\Temporary Internet Files
[2014/03/19 19:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Katie\Templates
[2014/03/19 19:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Katie\Start Menu
[2014/03/19 19:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Katie\SendTo
[2014/03/19 19:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Katie\Recent
[2014/03/19 19:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Katie\PrintHood
[2014/03/19 19:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Katie\NetHood
[2014/03/19 19:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Katie\Documents\My Videos
[2014/03/19 19:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Katie\Documents\My Pictures
[2014/03/19 19:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Katie\Documents\My Music
[2014/03/19 19:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Katie\My Documents
[2014/03/19 19:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Katie\Local Settings
[2014/03/19 19:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Katie\AppData\Local\History
[2014/03/19 19:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Katie\Cookies
[2014/03/19 19:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Katie\Application Data
[2014/03/19 19:51:21 | 000,000,000 | -HSD | C] -- C:\Users\Katie\AppData\Local\Application Data
[2014/03/19 19:51:21 | 000,000,000 | -H-D | C] -- C:\Users\Katie\AppData
[2014/03/19 19:51:21 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Local\Temp
[2014/03/19 19:51:21 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Local\Microsoft
[2014/03/19 19:51:21 | 000,000,000 | ---D | C] -- C:\Users\Katie\AppData\Roaming\Media Center Programs
[2014/03/19 19:51:18 | 000,000,000 | -HSD | C] -- C:\Recovery
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2072/03/25 15:04:50 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2072/03/25 15:04:50 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2072/03/24 20:57:52 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2072/03/24 20:56:45 | 000,001,134 | ---- | M] () -- C:\Windows\unins000.dat
[2072/03/24 20:56:05 | 001,186,161 | ---- | M] () -- C:\Windows\unins000.exe
[2072/03/24 20:46:15 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ViaHub3_01011.Wdf
[2072/03/24 20:46:14 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xhcdrv_01011.Wdf
[2072/03/24 20:42:59 | 000,001,043 | ---- | M] () -- C:\Users\Public\Desktop\ASUS GPU Tweak.lnk
[2014/03/25 16:16:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/25 16:14:14 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/25 16:06:31 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/25 16:06:31 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/25 16:03:31 | 000,797,934 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/03/25 16:03:31 | 000,674,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/03/25 16:03:31 | 000,125,740 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/03/25 15:59:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/25 15:59:11 | 3193,446,400 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/25 15:55:10 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\UpdaterEX.job
[2014/03/25 15:51:01 | 000,000,089 | ---- | M] () -- C:\Users\Katie\AppData\Roaming\WB.CFG
[2014/03/25 15:39:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/24 09:43:41 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/03/23 23:21:44 | 000,790,104 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/03/23 23:02:59 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2014/03/23 17:55:13 | 000,001,011 | ---- | M] () -- C:\Users\Katie\Desktop\SpeedFan.lnk
[2014/03/23 17:55:12 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2014/03/23 17:55:11 | 000,000,000 | ---- | M] () -- C:\Users\Katie\Desktop\initdebug.nfo
[2014/03/22 11:50:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/03/21 16:58:31 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2014/03/19 22:32:34 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/03/19 22:32:34 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014/03/19 21:04:44 | 000,001,206 | ---- | M] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2014/03/19 20:55:49 | 000,000,222 | ---- | M] () -- C:\Users\Katie\Desktop\Banished.url
[2014/03/19 20:53:33 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/03/19 20:20:10 | 000,002,283 | ---- | M] () -- C:\Users\Katie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/19 20:18:15 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/19 20:02:00 | 000,001,441 | ---- | M] () -- C:\Users\Katie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2072/03/25 15:04:50 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2072/03/25 15:04:50 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2072/03/24 20:56:45 | 001,186,161 | ---- | C] () -- C:\Windows\unins000.exe
[2072/03/24 20:56:45 | 000,001,134 | ---- | C] () -- C:\Windows\unins000.dat
[2072/03/24 20:56:17 | 000,031,272 | ---- | C] () -- C:\Windows\SysNative\AppleChargerSrv.exe
[2072/03/24 20:56:17 | 000,022,680 | ---- | C] () -- C:\Windows\SysNative\drivers\AppleCharger.sys
[2072/03/24 20:46:15 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ViaHub3_01011.Wdf
[2072/03/24 20:46:14 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xhcdrv_01011.Wdf
[2072/03/24 20:42:59 | 000,001,043 | ---- | C] () -- C:\Users\Public\Desktop\ASUS GPU Tweak.lnk
[2014/03/24 09:50:37 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\UpdaterEX.job
[2014/03/24 09:49:48 | 000,000,089 | ---- | C] () -- C:\Users\Katie\AppData\Roaming\WB.CFG
[2014/03/23 23:11:30 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/03/23 23:02:59 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk
[2014/03/23 18:08:56 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/03/23 17:55:13 | 000,001,011 | ---- | C] () -- C:\Users\Katie\Desktop\SpeedFan.lnk
[2014/03/23 17:55:11 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2014/03/23 17:55:11 | 000,000,000 | ---- | C] () -- C:\Users\Katie\Desktop\initdebug.nfo
[2014/03/22 11:50:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/03/21 16:58:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014/03/19 22:32:28 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/03/19 22:32:25 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/03/19 22:30:01 | 3193,446,400 | -HS- | C] () -- C:\hiberfil.sys
[2014/03/19 21:04:44 | 000,001,218 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
[2014/03/19 21:04:44 | 000,001,206 | ---- | C] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2014/03/19 20:55:49 | 000,000,222 | ---- | C] () -- C:\Users\Katie\Desktop\Banished.url
[2014/03/19 20:53:33 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/03/19 20:40:18 | 000,790,104 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/03/19 20:04:11 | 000,002,283 | ---- | C] () -- C:\Users\Katie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/19 20:04:11 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/19 20:03:54 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/19 20:03:53 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/19 20:03:50 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/19 20:02:00 | 000,001,441 | ---- | C] () -- C:\Users\Katie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/03/19 20:00:25 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2014/03/19 19:59:12 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2014/03/19 19:51:36 | 000,001,417 | ---- | C] () -- C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/03/19 19:51:21 | 000,000,290 | ---- | C] () -- C:\Users\Katie\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/03/19 19:51:21 | 000,000,272 | ---- | C] () -- C:\Users\Katie\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/12/06 17:38:38 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/12/06 17:38:38 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/12/06 16:44:26 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013/12/06 16:39:24 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/12/06 16:39:24 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2072/03/24 21:14:35 | 000,000,000 | ---D | M] -- C:\Users\Katie\AppData\Roaming\.minecraft
[2014/03/24 09:50:37 | 000,000,000 | ---D | M] -- C:\Users\Katie\AppData\Roaming\UpdaterEX
 
========== Purity Check ==========
 
 

< End of report >


Edited by Katehsparrow, 25 March 2014 - 02:55 PM.

  • 0

Advertisements

#2
Dakeyras
Posted 26 March 2014 - 06:42 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post the appropriate logs in the Virus, Spyware, Malware Removal forum and wait for help.


Hi and welcome to Geeks to Go. :)

I'm Dakeyras and I am going to try to assist you with your problem. Please take note of the below:
  • I will start working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine!
  • The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Refrain from running self fixes as this will hinder the malware removal process.
  • It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
Before we start:

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Next:


I don't have an Anti-Virus program currently installed-- it fell to the backburner when all of these problems started happening. So its entirely possible that it is malware. :(

We will address this in due course.
 

ETA: I also wanted to mention that this is my 3rd install of Windows. Is it possible for malware to persist after a clean install of Windows?

Aye unfortunately such is feasible, via say the use of compromised backups and or master boot record to name a few examples.

All else you mentioned is acknowledged/I have read through the prior topic etc.

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.
  • Please download the installer for Registry Backup from here or here and save to your desktop.
  • Right-click on tweaking.com_registry_backup_setup.exe and select Run as Administrator >> Follow the prompts for a default installation
  • Ensure the option Open "Tweaking.com - Registry Backup" When Install Completes is selected >> Next > >> Finish
  • Once the GUI(graphical user interface) has appeared/loaded:-
TCRB-1.jpg
  • Click on Backup Now >> once the process is complete, similar to the below will displayed in the GUI:-
TBRB-2.jpg
  • Close Tweaking.com - Registry Backup
Note: There will now be a folder at the root of the Hard-Drive named C:\RegBackup, do not delete this as it is the actual backup just created.

A tutorial for Registry Backup explaining the various features can be viewed here.

Next:

Let myself know when completed the above. Also post the extras log created by OTL(it should be in your Downloads folder) and we will then go from there, thank you.
  • 0

#3
Katehsparrow
Posted 26 March 2014 - 05:14 PM

Katehsparrow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

ETA: It seems that there was a misunderstanding between Phill and myself over on the hardware forum -- he still has a few things for me to check. As I don't want to waste anyones time on this busy forum, perhaps it is best if this topic is closed for the meantime so it could potentially be revisited in the event that he declares it a malware problem. Much thanks and apologies!

 

Hi there Dakeyras! Thanks a bunch for taking this on! I really appreciate it!

 

I followed your instructions and backed up my registry.

 

I wanted to let you know that the situation is really deteriorating on my end. It is getting harder and harder to get the computer to boot. It took about 10 attempts to get it into Windows (most of the reboots happening during the "Starting Windows" page and then a few happening at log-in and a few once the desktop loaded) and once it did, it rebooted just as I was replying to you, leading to another 5 reboots before it I was able to quick copy paste the Extras file and post it so I could edit this post on my laptop. 

 

OTL Extras logfile created on: 3/25/2014 4:30:22 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Katie\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.97 Gb Total Physical Memory | 2.92 Gb Available Physical Memory | 73.65% Memory free
7.93 Gb Paging File | 6.69 Gb Available in Paging File | 84.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 899.08 Gb Free Space | 96.53% Space Free | Partition Type: NTFS
 
Computer Name: KATIE-PC | User Name: Katie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09AFC982-84DD-47BA-B61E-C9AA18673BE2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{14F5826C-05DC-4E29-8490-B3C7326279FE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{29893C37-0925-43C7-B8B2-F296D2732420}" = rport=137 | protocol=17 | dir=out | app=system |
"{2E3E99AA-CB0A-4F07-8F7C-E92EB5FE70DE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{339E1AAC-CB5B-43C8-880D-2D70B997B587}" = rport=138 | protocol=17 | dir=out | app=system |
"{351136C7-2175-4D7D-9DD2-B9926C3E8060}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{39AA56CD-107A-4A9D-A435-1AE554A66AB1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3A213657-DDC8-4008-9BAB-77CAE57A98C3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3CE7518E-7A6C-485B-B3E3-9BC76D1D84F3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4666E3C2-DC87-42A1-945A-BC1DAD5E815B}" = lport=138 | protocol=17 | dir=in | app=system |
"{46E976D5-8C41-4DF8-8222-BB8C875ACD58}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{584FE04F-0D32-4D4E-BE24-18DFAA7581BE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6785EA20-52DF-4D54-BFEF-0AE17C11247C}" = lport=445 | protocol=6 | dir=in | app=system |
"{81DE05C2-AC75-47CD-8D46-D6CDC0D7FAD1}" = rport=139 | protocol=6 | dir=out | app=system |
"{95DBC603-228E-4737-AC5C-6FBCE9C6C300}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A4E0A393-0DF2-47CB-9199-F05C12413D7B}" = rport=445 | protocol=6 | dir=out | app=system |
"{AEBD9DAF-7D21-446C-8489-E6E2D6326A41}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B1C5DED7-DB38-4814-8DBB-D3FFACA7435F}" = lport=137 | protocol=17 | dir=in | app=system |
"{D62A1C57-7891-4A9C-BD47-3AAA5B67EF10}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DBC362FD-41D9-49A9-A2C3-10BDFF29D447}" = lport=139 | protocol=6 | dir=in | app=system |
"{EB8E2DB1-C852-4C3C-BCC4-25FCB44D1EC0}" = lport=10243 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015CDDB6-8434-41F6-B41F-537F6D9AB015}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0470307D-6902-48B7-9B51-65E34D239DBE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{141F2962-3E8B-4A52-829D-D958E89411F8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1BBEE11E-62BA-4525-9867-8B9B84BBA860}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\banished\application-steam-x64.exe |
"{2CA9BB4D-9ECB-4665-9538-10E27DEEAA14}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\banished\application-steam-x64.exe |
"{2DFDB08B-7E4E-4311-9738-A9C051E4B694}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{352BD963-DAE2-4C68-8EAC-AAC00954F5CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{381340EC-9F15-4D99-87F1-0FF1805347A8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4BBF8047-D21D-42D0-8B88-F72C73CBFDA4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{544F1742-B641-4690-8858-A5B2110F638F}" = protocol=1 | dir=in | [email protected],-28543 |
"{637C4151-81D0-421C-9AF1-DEB76ADC5FA4}" = protocol=58 | dir=in | [email protected],-28545 |
"{7065BAB7-97C2-4DB8-AB62-B17FF962B523}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{76203A1A-364B-4118-9F42-1EF19972021C}" = protocol=58 | dir=out | [email protected],-28546 |
"{7AC38A36-1BA4-48D2-9A04-F24FD5205226}" = protocol=1 | dir=out | [email protected],-28544 |
"{7FF9C120-1040-4866-AC89-687F343223A9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8F7EA313-75B2-4CEA-B1B3-72009CE0A51F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{916A942C-1640-458A-A0C2-AFD497374C3C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{956F65B5-D2CA-4425-9DD3-545D095703BE}" = dir=in | app=c:\program files (x86)\raidxpert2\apache\bin\httpd.exe |
"{9C19C94B-28D4-43A9-A08D-4166F75E2E2C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AEE2043A-66EF-4EB6-B2FA-3F6E6B4BB4DC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B1DBA4D6-44B3-4C25-966B-5F063A2AAE32}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BD02632E-BF89-4E65-9AE3-E45DF12503AC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C5908C00-981E-4FBE-9079-A4348BD4F7B0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C6DBC918-3F6C-498A-9E88-38807CA6BB19}" = protocol=6 | dir=out | app=system |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{308051DA-0048-7A07-FE8B-9B6EC119A9E8}" = AMD Catalyst Install Manager
"{44AAA767-F540-F091-4571-ADCBC10B0C92}" = AMD Fuel
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{678A75C7-5953-B109-57EE-46C7BA4C29C1}" = AMD Drag and Drop Transcoding
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{AEF57B06-B494-8180-AFC7-05EFB1DB2B64}" = ccc-utility64
"{BD1BCEF8-5CD6-D8ED-7D36-31C2172076EA}" = AMD Media Foundation Decoders
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{ED273D26-E354-1A5B-A0D0-CB5258D43BD2}" = AMD Wireless Display v3.0
"{FCC4426F-0296-D30D-729C-E76C8E7252C7}" = AMD Accelerated Video Transcoding
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.24
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{046B79EE-7ED3-37A4-621A-FE297EF484C2}" = CCC Help Greek
"{10CB5DDD-38E1-2EB2-F62C-C1948A99943E}" = AMD Catalyst Control Center
"{1194740D-0DB8-A508-31BA-E722597B4516}" = Catalyst Control Center Graphics Previews Common
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1D5BE6B5-7FD4-4A78-90F2-AF6B53BC8C1C}_is1" = ModifyRegistry version 0.1
"{1FB16E3B-3AFB-46CB-6E83-2F5A0CF4ED16}" = Catalyst Control Center Localization All
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20E0DE70-8644-F1C6-7E00-04EEB9195B14}" = HydraVision
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{2E3A81FB-7952-F8CB-9AD5-50544E2F4838}" = CCC Help Czech
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B12.1025.1
"{4172E797-CE12-AC47-05B7-0E48BDB33E75}" = CCC Help Russian
"{4428AEE6-FA5E-2913-8D12-B410E85E11AA}" = CCC Help Spanish
"{4FF1533E-FF2C-A04A-25DD-A8AEC6FA106B}" = CCC Help Chinese Standard
"{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak
"{6071CB80-DABC-B10D-F244-7F410FB3B150}" = CCC Help Polish
"{6343B6BA-F97F-B336-9ED8-FFD43776E84D}" = CCC Help Finnish
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8D3A11D0-D925-FA0F-43F3-242E49975CD2}" = CCC Help Danish
"{8EF39A9F-6A57-9706-86A5-9312D9ED8016}" = CCC Help Portuguese
"{92352C97-C657-DB89-5F3A-E8C3789D9C89}" = CCC Help Chinese Traditional
"{95545E55-3309-1929-FF41-2908A9706742}" = CCC Help Turkish
"{9CA5F712-9CAA-B3CB-02D3-7134DFC8801E}" = CCC Help French
"{A128A816-FD3F-990E-DD80-E1735BD718AE}" = CCC Help Italian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AFC9ECA9-6A4E-1370-98F3-002B63B5AF8E}" = CCC Help Thai
"{B88F2045-CF9A-996C-1670-6F7D65F1D18A}" = CCC Help Norwegian
"{BED96D0C-7743-3CE3-F7DF-A0A4475FBF2F}" = CCC Help Hungarian
"{C0B16F2E-3980-44F8-8CF4-F84696541FF7}" = ASUS Product Register Program
"{CB79256B-C0E0-40C6-8EB7-BDD796203581}" = Catalyst Control Center - Branding
"{E297492A-E114-CAE0-502E-5F36C386DD30}" = CCC Help Dutch
"{E6533A85-ED92-F897-2B68-58AC3BD87F94}" = CCC Help English
"{EBAC163A-588E-1E5A-3CE8-826E9A449244}" = CCC Help Korean
"{ED65BD75-CEF3-C0C2-9E9C-FA567484FF60}" = CCC Help Japanese
"{EEB34D84-92A1-7BE3-6DB7-ABD1C4912D6B}" = Catalyst Control Center InstallProxy
"{F1289D68-1C48-930F-51CF-577BDB371252}" = CCC Help Swedish
"{F3F340A5-64EC-AEEC-4BDF-DC537D390BF5}" = CCC Help German
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}" = ASUS GPU Tweak
"SpeedFan" = SpeedFan (remove only)
"Steam" = Steam
"Steam App 242920" = Banished
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 3/24/2072 9:42:27 PM | Computer Name = Katie-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to poke open firewall
 
Error - 3/24/2072 9:43:24 PM | Computer Name = Katie-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 3/25/2072 2:32:42 PM | Computer Name = Katie-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 3/25/2072 2:38:26 PM | Computer Name = Katie-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 3/25/2072 2:43:19 PM | Computer Name = Katie-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 3/25/2072 2:57:26 PM | Computer Name = Katie-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 3/25/2072 3:09:10 PM | Computer Name = Katie-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 3/25/2014 3:56:44 PM | Computer Name = Katie-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 3/25/2014 3:57:04 PM | Computer Name = Katie-PC | Source = Steam Client Service | ID = 1
Description = Error: Failed to poke open firewall
 
Error - 3/25/2014 4:01:19 PM | Computer Name = Katie-PC | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 3/25/2072 12:31:03 PM | Computer Name = Katie-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   qknfd
 
Error - 3/25/2072 2:31:00 PM | Computer Name = Katie-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   qknfd
 
Error - 3/25/2072 2:36:46 PM | Computer Name = Katie-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   qknfd
 
Error - 3/25/2072 2:41:35 PM | Computer Name = Katie-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   qknfd
 
Error - 3/25/2072 2:55:46 PM | Computer Name = Katie-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   qknfd
 
Error - 3/25/2072 3:07:31 PM | Computer Name = Katie-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   qknfd
 
Error - 3/25/2014 3:55:04 PM | Computer Name = Katie-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:53:51 PM on ?3/?25/?2014 was unexpected.
 
Error - 3/25/2014 3:55:11 PM | Computer Name = Katie-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   qknfd
 
Error - 3/25/2014 3:59:22 PM | Computer Name = Katie-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:57:56 PM on ?3/?25/?2014 was unexpected.
 
Error - 3/25/2014 3:59:24 PM | Computer Name = Katie-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   qknfd
 
 
< End of report >
 


Edited by Katehsparrow, 26 March 2014 - 05:23 PM.

  • 0

#4
Dakeyras
Posted 27 March 2014 - 03:03 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts

Hi. :)
 

ETA: It seems that there was a misunderstanding between Phill and myself over on the hardware forum -- he still has a few things for me to check. As I don't want to waste anyones time on this busy forum, perhaps it is best if this topic is closed for the meantime so it could potentially be revisited in the event that he declares it a malware problem. Much thanks and apologies!


Not a problem, as phillpower2 mentioned in the other topic, lets ensure malware is not the root cause first and then if it is not by all means continue seeking assistance in the aforementioned topic OK.
 

I followed your instructions and backed up my registry.


Good.
 

I wanted to let you know that the situation is really deteriorating on my end. It is getting harder and harder to get the computer to boot. It took about 10 attempts to get it into Windows (most of the reboots happening during the "Starting Windows" page and then a few happening at log-in and a few once the desktop loaded) and once it did, it rebooted just as I was replying to you, leading to another 5 reboots before it I was able to quick copy paste the Extras file and post it so I could edit this post on my laptop.


Acknowledged, the below certainly will not be helping matters:-
 

Error - 3/25/2072 12:31:03 PM | Computer Name = Katie-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load: qknfd


And is malware related...anyway since your machine is quite unstable at present lets work outside the actual Windows environment as follows...

Scan with Farbar Recovery Scan Tool:

Please download and save Farbar Recovery Scan Tool 64-Bit to a Flash/USB drive.

Then insert the Flash/USB drive into your problem machine....

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst64.exe and press Enter

Note: Replace letter e with the drive letter of your flash drive.

  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste the contents of the aforementioned notepad file in your next reply.

  • 0

#5
Katehsparrow
Posted 27 March 2014 - 05:39 PM

Katehsparrow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Hi there Dakeyras!

 

I guess you are stuck with me then. :) For some reason, hearing that there is a malware problem makes me feel a little relieved. It feels like I've been running in circle for the past 2 weeks and now it is good to have a lead. :D

 

Here is my FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by SYSTEM on MININT-TPNUC8P on 27-03-2014 19:10:14
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Registry (Whitelisted) ==================
 
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\Katie\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-06-11] (AMD)
 
==================== Services (Whitelisted) =================
 
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] ()
S2 Asus Product Register Service; C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe [62128 2012-09-11] ()
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-02] (VIA Technologies, Inc.)
 
==================== Drivers (Whitelisted) ====================
 
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
S1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
S4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
S3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [231112 2013-01-02] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [301256 2013-01-02] (VIA Technologies, Inc.)
S3 cpuz136; \??\C:\Users\Katie\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S1 qknfd; system32\drivers\qknfd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2072-03-25 11:06 - 2072-03-25 11:06 - 00000000 ___HD () C:\Windows\msdownld.tmp
2072-03-25 11:06 - 2013-10-14 14:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\System32\IEUDINIT.EXE
2072-03-25 11:04 - 2072-03-25 11:04 - 23212032 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 12995584 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 05765120 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 02764288 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2072-03-25 11:04 - 2072-03-25 11:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2072-03-25 11:04 - 2072-03-25 11:04 - 02332160 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 01993728 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2072-03-25 11:04 - 2072-03-25 11:04 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2072-03-25 11:04 - 2072-03-25 11:04 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 01394176 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 01228800 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00942592 _____ (Microsoft Corporation) C:\Windows\System32\jsIntl.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00708608 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00626176 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2072-03-25 11:04 - 2072-03-25 11:04 - 00616104 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2072-03-25 11:04 - 2072-03-25 11:04 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00413696 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2072-03-25 11:04 - 2072-03-25 11:04 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2072-03-25 11:04 - 2072-03-25 11:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00263376 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00218624 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00147968 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00101376 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00090112 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2072-03-25 11:04 - 2072-03-25 11:04 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2072-03-25 11:04 - 2072-03-25 11:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2072-03-25 11:03 - 2072-03-25 11:06 - 00013093 _____ () C:\Windows\IE11_main.log
2072-03-24 17:48 - 2072-03-24 17:48 - 00000000 ____D () C:\Users\Katie\Documents\Banished
2072-03-24 17:20 - 2072-03-24 17:20 - 29141928 _____ (Oracle Corporation) C:\Users\Katie\Downloads\jre-7u51-windows-i586 (1).exe
2072-03-24 17:19 - 2072-03-24 17:19 - 30796712 _____ (Oracle Corporation) C:\Users\Katie\Downloads\jre-7u51-windows-x64.exe
2072-03-24 17:17 - 2072-03-24 17:17 - 00921000 _____ (Oracle Corporation) C:\Users\Katie\Downloads\chromeinstall-7u51 (1).exe
2072-03-24 17:16 - 2072-03-24 17:16 - 00347816 _____ (Microsoft Corporation) C:\Users\Katie\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.14831914084717401.2.2.Run.exe
2072-03-24 17:15 - 2072-03-24 17:15 - 00347816 _____ (Microsoft Corporation) C:\Users\Katie\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.14831914084717401.2.1.Run.exe
2072-03-24 17:14 - 2072-03-24 17:21 - 00000000 ____D () C:\ProgramData\Oracle
2072-03-24 17:14 - 2072-03-24 17:14 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\.minecraft
2072-03-24 17:14 - 2072-03-24 17:14 - 00000000 ____D () C:\ProgramData\Sun
2072-03-24 17:12 - 2072-03-24 17:13 - 29141928 _____ (Oracle Corporation) C:\Users\Katie\Downloads\jre-7u51-windows-i586.exe
2072-03-24 17:12 - 2072-03-24 17:12 - 00347816 _____ (Microsoft Corporation) C:\Users\Katie\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.14831914084717401.1.2.Run.exe
2072-03-24 17:12 - 2072-03-24 17:12 - 00347816 _____ (Microsoft Corporation) C:\Users\Katie\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.14831914084717401.1.1.Run.exe
2072-03-24 17:11 - 2072-03-24 17:11 - 00921000 _____ (Oracle Corporation) C:\Users\Katie\Downloads\chromeinstall-7u51.exe
2072-03-24 16:56 - 2072-03-24 16:56 - 01186161 _____ () C:\Windows\unins000.exe
2072-03-24 16:56 - 2072-03-24 16:56 - 00001134 _____ () C:\Windows\unins000.dat
2072-03-24 16:56 - 2072-03-24 16:56 - 00000000 ____D () C:\Program Files\GIGABYTE
2072-03-24 16:56 - 2072-03-24 16:56 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2072-03-24 16:56 - 2012-10-25 05:01 - 00022680 _____ () C:\Windows\System32\Drivers\AppleCharger.sys
2072-03-24 16:56 - 2010-04-06 12:30 - 00031272 _____ () C:\Windows\System32\AppleChargerSrv.exe
2072-03-24 16:46 - 2072-03-24 16:46 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_xhcdrv_01011.Wdf
2072-03-24 16:46 - 2072-03-24 16:46 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_ViaHub3_01011.Wdf
2072-03-24 16:46 - 2013-01-02 17:31 - 00301256 _____ (VIA Technologies, Inc.) C:\Windows\System32\Drivers\xhcdrv.sys
2072-03-24 16:46 - 2013-01-02 17:31 - 00231112 ____R (VIA Technologies, Inc.) C:\Windows\System32\Drivers\ViaHub3.sys
2072-03-24 16:46 - 2012-08-16 18:57 - 01795952 _____ (Microsoft Corporation) C:\Windows\System32\WdfCoInstaller01011.dll
2072-03-24 16:44 - 2010-02-23 03:46 - 00023680 _____ (ASUSTeK Computer Inc.) C:\Windows\System32\Drivers\IOMap64.sys
2072-03-24 16:43 - 2072-03-24 16:43 - 00000032 _____ () C:\setup.log
2072-03-24 16:42 - 2072-03-24 16:43 - 00000000 ____D () C:\Program Files (x86)\ASUS
2072-03-24 16:42 - 2072-03-24 16:42 - 00001043 _____ () C:\Users\Public\Desktop\ASUS GPU Tweak.lnk
2072-03-24 16:37 - 2072-03-24 16:37 - 00000000 ____D () C:\Windows\Downloaded Installations
2072-03-24 16:37 - 2072-03-24 16:37 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-03-27 19:09 - 2014-03-27 19:10 - 00000000 ____D () C:\FRST
2014-03-26 15:00 - 2014-03-26 15:00 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-KATIE-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-03-26 14:59 - 2014-03-26 14:59 - 00002239 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-03-26 14:59 - 2014-03-26 14:59 - 00000000 ____D () C:\RegBackup
2014-03-26 14:59 - 2014-03-26 14:59 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-03-25 12:33 - 2014-03-25 12:33 - 00076500 _____ () C:\Users\Katie\Downloads\OTL.Txt
2014-03-25 12:33 - 2014-03-25 12:33 - 00040708 _____ () C:\Users\Katie\Downloads\Extras.Txt
2014-03-25 12:30 - 2014-03-25 12:30 - 00602112 _____ (OldTimer Tools) C:\Users\Katie\Downloads\OTL.exe
2014-03-24 05:54 - 2014-03-24 05:54 - 00000000 ____D () C:\Users\Katie\Documents\Optimizer Pro
2014-03-24 05:50 - 2014-03-26 19:09 - 00000292 _____ () C:\Windows\Tasks\UpdaterEX.job
2014-03-24 05:50 - 2014-03-25 11:51 - 00003232 _____ () C:\Windows\System32\Tasks\UpdaterEX
2014-03-24 05:50 - 2014-03-24 05:50 - 24489269 _____ () C:\Users\Katie\Downloads\setup [1].exe
2014-03-24 05:50 - 2014-03-24 05:50 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\UpdaterEX
2014-03-24 05:49 - 2014-03-25 11:51 - 00000089 _____ () C:\Users\Katie\AppData\Roaming\WB.CFG
2014-03-23 20:18 - 2013-05-09 21:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2014-03-23 20:18 - 2013-05-09 21:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2014-03-23 20:18 - 2013-05-09 20:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-03-23 20:18 - 2013-05-09 20:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 03928064 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 02776576 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01682432 _____ (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01424384 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01238528 _____ (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01175552 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00648192 _____ (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00522752 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00363008 _____ (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00333312 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00245248 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00221184 _____ (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00194560 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00010752 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00009728 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00002560 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-23 19:29 - 2014-03-23 19:38 - 00010977 _____ () C:\Windows\IE10_main.log
2014-03-23 19:18 - 2014-03-23 19:20 - 00003249 _____ () C:\Windows\IE9_main.log
2014-03-23 19:11 - 2012-07-25 19:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2014-03-23 19:11 - 2012-07-25 19:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2014-03-23 19:11 - 2012-07-25 19:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2014-03-23 19:11 - 2012-07-25 19:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2014-03-23 19:11 - 2012-07-25 19:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2014-03-23 19:11 - 2012-07-25 18:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2014-03-23 19:11 - 2012-07-25 18:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2014-03-23 19:11 - 2012-06-02 06:57 - 00000003 _____ () C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-03-23 19:08 - 2012-02-29 22:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2014-03-23 19:08 - 2012-02-29 22:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\System32\wmi.dll
2014-03-23 19:08 - 2012-02-29 21:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-03-23 19:02 - 2014-03-23 19:02 - 00000930 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2014-03-23 14:10 - 2014-02-03 18:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2014-03-23 14:10 - 2014-02-03 18:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-23 14:10 - 2014-01-27 18:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2014-03-23 14:10 - 2013-10-29 18:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\System32\msieftp.dll
2014-03-23 14:10 - 2013-10-29 18:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-03-23 14:10 - 2013-10-02 18:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-03-23 14:10 - 2013-10-02 18:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-03-23 14:10 - 2013-07-20 02:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2014-03-23 14:10 - 2013-07-20 02:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-03-23 14:10 - 2013-07-08 21:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2014-03-23 14:10 - 2013-07-08 20:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-03-23 14:10 - 2013-07-04 04:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2014-03-23 14:10 - 2013-07-04 03:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-03-23 14:10 - 2013-05-09 21:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2014-03-23 14:10 - 2013-05-09 19:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-03-23 14:10 - 2013-03-18 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2014-03-23 14:10 - 2013-02-26 22:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
2014-03-23 14:10 - 2013-02-26 21:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2014-03-23 14:10 - 2013-02-14 22:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2014-03-23 14:10 - 2013-02-14 22:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-03-23 14:10 - 2013-02-14 22:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2014-03-23 14:10 - 2013-02-14 20:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-23 14:10 - 2013-02-14 20:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-03-23 14:10 - 2013-02-14 19:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-23 14:10 - 2013-01-02 22:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2014-03-23 14:10 - 2012-11-22 19:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2014-03-23 14:10 - 2012-10-09 10:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2014-03-23 14:10 - 2012-10-09 10:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2014-03-23 14:10 - 2012-10-09 09:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-03-23 14:10 - 2012-10-09 09:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-03-23 14:10 - 2012-07-04 14:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2014-03-23 14:10 - 2012-07-04 14:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\browser.dll
2014-03-23 14:10 - 2012-07-04 14:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\System32\browcli.dll
2014-03-23 14:10 - 2012-07-04 13:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-03-23 14:10 - 2012-07-04 13:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-03-23 14:10 - 2012-01-04 02:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2014-03-23 14:10 - 2012-01-04 00:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-03-23 14:10 - 2011-11-16 22:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\System32\webio.dll
2014-03-23 14:10 - 2011-11-16 21:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-03-23 14:10 - 2011-10-25 21:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\System32\quartz.dll
2014-03-23 14:10 - 2011-10-25 21:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2014-03-23 14:10 - 2011-10-25 20:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-03-23 14:10 - 2011-10-25 20:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-03-23 14:10 - 2011-07-08 18:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2014-03-23 14:10 - 2011-06-15 21:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2014-03-23 14:10 - 2011-06-15 20:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-03-23 14:10 - 2011-06-15 02:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2014-03-23 14:10 - 2011-06-15 02:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2014-03-23 14:10 - 2011-06-15 02:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2014-03-23 14:10 - 2011-06-15 02:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2014-03-23 14:10 - 2011-06-15 00:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-03-23 14:10 - 2011-06-15 00:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-03-23 14:10 - 2011-06-15 00:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-03-23 14:10 - 2011-06-15 00:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-03-23 14:10 - 2011-06-15 00:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-03-23 14:10 - 2011-05-24 03:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2014-03-23 14:10 - 2011-05-24 02:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-03-23 14:10 - 2011-05-24 02:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-03-23 14:10 - 2011-05-24 02:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-03-23 14:10 - 2011-05-24 02:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-03-23 14:10 - 2011-05-03 21:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\System32\tquery.dll
2014-03-23 14:10 - 2011-05-03 21:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2014-03-23 14:10 - 2011-05-03 21:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2014-03-23 14:10 - 2011-05-03 21:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\System32\mssph.dll
2014-03-23 14:10 - 2011-05-03 21:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2014-03-23 14:10 - 2011-05-03 21:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2014-03-23 14:10 - 2011-05-03 21:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2014-03-23 14:10 - 2011-05-03 21:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2014-03-23 14:10 - 2011-05-03 21:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2014-03-23 14:10 - 2011-05-03 20:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-03-23 14:10 - 2011-05-03 20:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-03-23 14:10 - 2011-05-03 20:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-03-23 14:10 - 2011-05-03 20:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-03-23 14:10 - 2011-05-03 20:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-03-23 14:10 - 2011-05-03 20:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-03-23 14:10 - 2011-05-03 20:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-03-23 14:10 - 2011-05-03 20:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-03-23 14:10 - 2011-05-03 20:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-03-23 14:10 - 2011-04-26 18:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2014-03-23 14:10 - 2011-04-26 18:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2014-03-23 14:10 - 2011-04-08 22:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2014-03-23 14:10 - 2011-04-08 21:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-03-23 14:10 - 2011-02-18 02:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\prevhost.exe
2014-03-23 14:10 - 2011-02-17 21:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-03-23 14:10 - 2010-12-23 02:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\System32\sbe.dll
2014-03-23 14:10 - 2010-12-23 02:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\System32\CPFilters.dll
2014-03-23 14:10 - 2010-12-23 02:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\System32\mpg2splt.ax
2014-03-23 14:10 - 2010-12-22 21:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-03-23 14:10 - 2010-12-22 21:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-03-23 14:10 - 2010-12-22 21:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-03-23 14:09 - 2014-02-06 17:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-03-23 14:09 - 2014-01-28 18:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\System32\wer.dll
2014-03-23 14:09 - 2014-01-28 18:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-23 14:09 - 2013-12-31 15:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-03-23 14:09 - 2013-12-31 15:04 - 00420008 _____ () C:\Windows\System32\locale.nls
2014-03-23 14:09 - 2013-12-05 18:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2014-03-23 14:09 - 2013-12-05 18:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2014-03-23 14:09 - 2013-12-05 18:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-03-23 14:09 - 2013-12-05 18:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-03-23 14:09 - 2013-12-03 18:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\System32\secproc.dll
2014-03-23 14:09 - 2013-12-03 18:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\System32\secproc_isv.dll
2014-03-23 14:09 - 2013-12-03 18:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\System32\secproc_ssp_isv.dll
2014-03-23 14:09 - 2013-12-03 18:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\System32\secproc_ssp.dll
2014-03-23 14:09 - 2013-12-03 18:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\System32\msdrm.dll
2014-03-23 14:09 - 2013-12-03 18:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\System32\RMActivate_isv.exe
2014-03-23 14:09 - 2013-12-03 18:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\System32\RMActivate.exe
2014-03-23 14:09 - 2013-12-03 18:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp.exe
2014-03-23 14:09 - 2013-12-03 18:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp_isv.exe
2014-03-23 14:09 - 2013-12-03 18:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-03-23 14:09 - 2013-12-03 18:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-03-23 14:09 - 2013-12-03 18:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-03-23 14:09 - 2013-12-03 18:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-03-23 14:09 - 2013-12-03 18:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-03-23 14:09 - 2013-12-03 17:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-03-23 14:09 - 2013-12-03 17:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-03-23 14:09 - 2013-12-03 17:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-03-23 14:09 - 2013-12-03 17:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-03-23 14:09 - 2013-11-26 17:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2014-03-23 14:09 - 2013-11-26 17:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2014-03-23 14:09 - 2013-11-26 17:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2014-03-23 14:09 - 2013-11-26 17:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2014-03-23 14:09 - 2013-11-26 17:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2014-03-23 14:09 - 2013-11-26 17:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2014-03-23 14:09 - 2013-11-11 18:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-03-23 14:09 - 2013-11-11 18:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-03-23 14:09 - 2013-10-18 18:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2014-03-23 14:09 - 2013-10-18 17:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-03-23 14:09 - 2013-10-05 12:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2014-03-23 14:09 - 2013-10-05 11:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-03-23 14:09 - 2013-10-03 18:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\System32\SmartcardCredentialProvider.dll
2014-03-23 14:09 - 2013-10-03 18:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\credui.dll
2014-03-23 14:09 - 2013-10-03 18:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2014-03-23 14:09 - 2013-10-03 18:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2014-03-23 14:09 - 2013-10-03 17:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-03-23 14:09 - 2013-10-03 17:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-03-23 14:09 - 2013-10-03 17:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-03-23 14:09 - 2013-10-03 17:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2014-03-23 14:09 - 2013-09-27 17:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2014-03-23 14:09 - 2013-09-24 18:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2014-03-23 14:09 - 2013-09-24 18:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2014-03-23 14:09 - 2013-09-24 18:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2014-03-23 14:09 - 2013-09-24 18:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2014-03-23 14:09 - 2013-09-24 18:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2014-03-23 14:09 - 2013-09-24 18:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2014-03-23 14:09 - 2013-09-24 18:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-03-23 14:09 - 2013-09-24 18:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2014-03-23 14:09 - 2013-09-24 17:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-03-23 14:09 - 2013-09-24 17:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-03-23 14:09 - 2013-09-24 17:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-03-23 14:09 - 2013-09-24 17:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-03-23 14:09 - 2013-09-24 17:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2014-03-23 14:09 - 2013-08-04 18:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2014-03-23 14:09 - 2013-08-01 18:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2014-03-23 14:09 - 2013-08-01 18:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-03-23 14:09 - 2013-08-01 18:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-03-23 14:09 - 2013-08-01 17:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 17:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2014-03-23 14:09 - 2013-08-01 16:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2014-03-23 14:09 - 2013-08-01 16:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 16:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 16:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-03-23 14:09 - 2013-08-01 16:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-03-23 14:09 - 2013-07-25 01:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2014-03-23 14:09 - 2013-07-25 00:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-03-23 14:09 - 2013-07-08 21:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2014-03-23 14:09 - 2013-07-08 21:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2014-03-23 14:09 - 2013-07-08 20:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-03-23 14:09 - 2013-07-08 20:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-03-23 14:09 - 2013-07-04 04:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2014-03-23 14:09 - 2013-06-05 21:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2014-03-23 14:09 - 2013-06-05 21:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2014-03-23 14:09 - 2013-06-05 21:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2014-03-23 14:09 - 2013-06-05 21:47 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2014-03-23 14:09 - 2013-06-05 20:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-03-23 14:09 - 2013-06-05 20:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-03-23 14:09 - 2013-06-05 20:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-03-23 14:09 - 2013-06-05 19:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2014-03-23 14:09 - 2013-06-05 19:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-03-23 14:09 - 2013-06-05 19:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-03-23 14:09 - 2013-04-25 15:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-03-23 14:09 - 2013-04-12 06:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2014-03-23 14:09 - 2013-03-31 14:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2014-03-23 14:09 - 2013-02-11 20:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2014-03-23 14:09 - 2012-08-22 10:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2014-03-23 14:09 - 2012-07-04 12:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2014-03-23 14:09 - 2011-12-29 22:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2014-03-23 14:09 - 2011-12-29 21:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-03-23 14:09 - 2011-03-10 22:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2014-03-23 14:09 - 2011-03-10 22:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2014-03-23 14:09 - 2011-03-10 21:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-03-23 14:09 - 2011-03-10 21:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-03-23 14:08 - 2013-09-07 18:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2014-03-23 14:08 - 2013-09-07 18:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-03-23 14:08 - 2013-07-12 02:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2014-03-23 14:08 - 2013-07-08 21:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2014-03-23 14:08 - 2013-07-08 20:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-03-23 14:08 - 2013-07-04 04:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2014-03-23 14:08 - 2013-07-04 04:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2014-03-23 14:08 - 2013-07-04 03:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-03-23 14:08 - 2013-07-04 03:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-03-23 14:08 - 2013-07-04 02:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2014-03-23 14:08 - 2013-07-02 20:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2014-03-23 14:08 - 2013-07-02 20:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2014-03-23 14:08 - 2013-06-25 14:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2014-03-23 14:08 - 2013-06-14 20:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2014-03-23 14:08 - 2012-12-07 05:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\System32\Wpc.dll
2014-03-23 14:08 - 2012-12-07 05:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\System32\gameux.dll
2014-03-23 14:08 - 2012-12-07 04:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-03-23 14:08 - 2012-12-07 04:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-03-23 14:08 - 2012-12-07 03:20 - 00045568 _____ (Microsoft) C:\Windows\System32\oflc-nz.rs
2014-03-23 14:08 - 2012-12-07 03:20 - 00044544 _____ (Microsoft) C:\Windows\System32\pegibbfc.rs
2014-03-23 14:08 - 2012-12-07 03:20 - 00043520 _____ (Microsoft) C:\Windows\System32\csrr.rs
2014-03-23 14:08 - 2012-12-07 03:20 - 00030720 _____ (Microsoft) C:\Windows\System32\usk.rs
2014-03-23 14:08 - 2012-12-07 03:20 - 00023552 _____ (Microsoft) C:\Windows\System32\oflc.rs
2014-03-23 14:08 - 2012-12-07 03:20 - 00020480 _____ (Microsoft) C:\Windows\System32\pegi-pt.rs
2014-03-23 14:08 - 2012-12-07 03:20 - 00020480 _____ (Microsoft) C:\Windows\System32\pegi-fi.rs
2014-03-23 14:08 - 2012-12-07 03:19 - 00055296 _____ (Microsoft) C:\Windows\System32\cero.rs
2014-03-23 14:08 - 2012-12-07 03:19 - 00051712 _____ (Microsoft) C:\Windows\System32\esrb.rs
2014-03-23 14:08 - 2012-12-07 03:19 - 00046592 _____ (Microsoft) C:\Windows\System32\fpb.rs
2014-03-23 14:08 - 2012-12-07 03:19 - 00040960 _____ (Microsoft) C:\Windows\System32\cob-au.rs
2014-03-23 14:08 - 2012-12-07 03:19 - 00021504 _____ (Microsoft) C:\Windows\System32\grb.rs
2014-03-23 14:08 - 2012-12-07 03:19 - 00020480 _____ (Microsoft) C:\Windows\System32\pegi.rs
2014-03-23 14:08 - 2012-12-07 03:19 - 00015360 _____ (Microsoft) C:\Windows\System32\djctq.rs
2014-03-23 14:08 - 2012-12-07 02:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-03-23 14:08 - 2012-12-07 02:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-03-23 14:08 - 2012-12-07 02:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-03-23 14:08 - 2012-12-07 02:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-03-23 14:08 - 2012-12-07 02:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-03-23 14:08 - 2012-12-07 02:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-03-23 14:08 - 2012-12-07 02:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-03-23 14:08 - 2012-12-07 02:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-03-23 14:08 - 2012-12-07 02:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-03-23 14:08 - 2012-12-07 02:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-03-23 14:08 - 2012-12-07 02:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-03-23 14:08 - 2012-12-07 02:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-03-23 14:08 - 2012-12-07 02:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-03-23 14:08 - 2012-12-07 02:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-03-23 14:08 - 2012-11-28 14:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2014-03-23 14:08 - 2012-11-28 14:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2014-03-23 14:08 - 2012-11-28 14:56 - 00000003 _____ () C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-03-23 14:08 - 2012-11-21 21:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\usp10.dll
2014-03-23 14:08 - 2012-11-21 20:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-03-23 14:08 - 2012-11-01 21:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2014-03-23 14:08 - 2012-11-01 21:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-03-23 14:08 - 2012-10-31 21:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2014-03-23 14:08 - 2012-10-31 20:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-03-23 14:08 - 2012-10-03 09:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2014-03-23 14:08 - 2012-10-03 09:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\System32\netcorehc.dll
2014-03-23 14:08 - 2012-10-03 09:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2014-03-23 14:08 - 2012-10-03 09:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2014-03-23 14:08 - 2012-10-03 09:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\System32\netevent.dll
2014-03-23 14:08 - 2012-10-03 09:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2014-03-23 14:08 - 2012-10-03 08:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-03-23 14:08 - 2012-10-03 08:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-03-23 14:08 - 2012-10-03 08:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-03-23 14:08 - 2012-10-03 08:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2014-03-23 14:08 - 2012-08-21 13:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2014-03-23 14:08 - 2012-04-30 21:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2014-03-23 14:08 - 2012-04-25 21:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2014-03-23 14:08 - 2012-04-25 21:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2014-03-23 14:08 - 2012-04-25 21:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2014-03-23 14:08 - 2012-01-12 23:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-03-23 14:08 - 2011-04-28 19:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2014-03-23 14:08 - 2011-04-28 19:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2014-03-23 14:08 - 2011-04-28 19:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2014-03-23 14:08 - 2011-04-22 14:15 - 00027520 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2014-03-23 14:08 - 2011-03-02 22:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2014-03-23 14:08 - 2011-03-02 22:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2014-03-23 14:08 - 2011-03-02 22:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2014-03-23 14:08 - 2011-03-02 21:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-03-23 14:08 - 2011-03-02 21:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-03-23 14:07 - 2013-11-26 03:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2014-03-23 14:07 - 2013-09-07 18:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2014-03-23 14:07 - 2013-08-28 18:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2014-03-23 14:07 - 2013-08-28 18:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2014-03-23 14:07 - 2013-08-28 18:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\System32\tdh.dll
2014-03-23 14:07 - 2013-08-28 18:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2014-03-23 14:07 - 2013-08-28 18:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2014-03-23 14:07 - 2013-08-28 17:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-03-23 14:07 - 2013-08-28 17:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-03-23 14:07 - 2013-08-28 17:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-03-23 14:07 - 2013-08-28 17:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-03-23 14:07 - 2013-08-28 17:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-03-23 14:07 - 2013-08-28 17:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-03-23 14:07 - 2013-08-28 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-03-23 14:07 - 2013-08-28 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-03-23 14:07 - 2013-08-28 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-03-23 14:07 - 2013-08-28 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-03-23 14:07 - 2012-04-27 19:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2014-03-23 14:07 - 2011-08-16 21:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2014-03-23 14:07 - 2011-08-16 21:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2014-03-23 14:07 - 2011-08-16 20:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-03-23 14:07 - 2011-08-16 20:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-03-23 14:06 - 2013-07-25 18:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2014-03-23 14:06 - 2013-07-25 18:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2014-03-23 14:06 - 2013-07-25 17:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-23 14:06 - 2013-07-25 17:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-03-23 14:06 - 2013-05-12 21:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\certenc.dll
2014-03-23 14:06 - 2013-05-12 19:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\System32\certutil.exe
2014-03-23 14:06 - 2013-05-12 19:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-03-23 14:06 - 2013-05-12 19:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-03-23 14:06 - 2013-04-25 21:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2014-03-23 14:06 - 2013-04-25 20:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-03-23 14:06 - 2013-01-23 22:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2014-03-23 14:06 - 2012-11-29 21:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2014-03-23 14:06 - 2012-11-29 21:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2014-03-23 14:06 - 2012-11-29 21:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2014-03-23 14:06 - 2012-09-25 14:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-03-23 14:06 - 2012-09-25 14:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\System32\synceng.dll
2014-03-23 14:06 - 2012-08-10 16:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2014-03-23 14:06 - 2012-08-10 15:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-03-23 14:06 - 2012-05-05 00:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2014-03-23 14:06 - 2012-05-04 23:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-03-23 14:06 - 2012-04-07 04:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2014-03-23 14:06 - 2012-04-07 03:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-03-23 14:06 - 2012-03-16 23:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2014-03-23 14:06 - 2011-12-16 00:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2014-03-23 14:06 - 2011-12-15 23:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-03-23 14:06 - 2011-05-02 21:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2014-03-23 14:06 - 2011-05-02 20:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-03-23 14:06 - 2011-02-12 03:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\System32\FXSCOVER.exe
2014-03-23 14:06 - 2011-02-05 09:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2014-03-23 14:06 - 2011-02-05 09:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\System32\kdusb.dll
2014-03-23 14:06 - 2011-02-05 09:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\System32\kd1394.dll
2014-03-23 14:06 - 2011-02-05 09:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\System32\kdcom.dll
2014-03-23 14:06 - 2011-02-05 09:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2014-03-23 14:06 - 2011-02-05 09:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2014-03-23 14:06 - 2011-02-05 09:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2014-03-23 13:58 - 2013-10-11 18:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\System32\wshom.ocx
2014-03-23 13:58 - 2013-10-11 18:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\System32\scrrun.dll
2014-03-23 13:58 - 2013-10-11 18:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-03-23 13:58 - 2013-10-11 18:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-03-23 13:58 - 2013-10-11 17:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\System32\wscript.exe
2014-03-23 13:58 - 2013-10-11 17:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\System32\cscript.exe
2014-03-23 13:58 - 2013-10-11 17:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-03-23 13:58 - 2013-10-11 17:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-03-23 13:58 - 2013-08-01 04:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2014-03-23 13:58 - 2013-04-09 22:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2014-03-23 13:58 - 2012-06-05 22:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2014-03-23 13:58 - 2012-06-05 21:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-03-23 13:58 - 2012-05-13 21:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\System32\localspl.dll
2014-03-23 13:58 - 2011-10-14 22:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2014-03-23 13:58 - 2011-10-14 21:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-03-23 13:58 - 2011-08-26 21:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2014-03-23 13:58 - 2011-08-26 21:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2014-03-23 13:58 - 2011-08-26 20:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-03-23 13:58 - 2011-08-26 20:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-03-23 13:58 - 2011-02-22 20:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2014-03-23 13:58 - 2011-02-03 03:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\cdd.dll
2014-03-23 13:55 - 2014-03-23 14:10 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-03-23 13:55 - 2014-03-23 13:55 - 00001011 _____ () C:\Users\Katie\Desktop\SpeedFan.lnk
2014-03-23 13:55 - 2014-03-23 13:55 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-03-23 13:55 - 2014-03-23 13:55 - 00000000 _____ () C:\Users\Katie\Desktop\initdebug.nfo
2014-03-22 08:06 - 2013-10-11 18:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2014-03-22 08:06 - 2013-10-11 18:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2014-03-22 08:06 - 2013-10-11 18:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2014-03-22 08:06 - 2013-10-11 18:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-03-22 08:06 - 2013-10-11 18:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-03-22 08:06 - 2013-08-27 17:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\System32\scavengeui.dll
2014-03-22 08:06 - 2012-02-16 22:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2014-03-22 08:06 - 2012-02-16 21:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-03-22 08:06 - 2012-02-16 20:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2014-03-22 08:06 - 2011-11-19 06:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\packager.dll
2014-03-22 08:06 - 2011-11-19 06:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-03-22 07:50 - 2014-03-22 07:50 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-03-22 07:46 - 2013-08-07 19:50 - 00000019 _____ () C:\Users\Katie\Downloads\autoexec.bat
2014-03-22 07:46 - 2013-08-05 23:53 - 04194304 _____ () C:\Users\Katie\Downloads\970AD3P.F5
2014-03-22 07:46 - 2012-09-25 22:14 - 00059836 _____ () C:\Users\Katie\Downloads\Efiflash.exe
2014-03-22 07:45 - 2014-03-22 07:45 - 02975825 _____ () C:\Users\Katie\Downloads\mb_bios_ga-970a-d3p_f5.exe
2014-03-21 13:35 - 2012-06-02 14:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2014-03-21 13:35 - 2012-06-02 14:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2014-03-21 13:35 - 2012-06-02 14:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2014-03-21 13:35 - 2012-06-02 14:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2014-03-21 13:35 - 2012-06-02 14:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2014-03-21 13:35 - 2012-06-02 14:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2014-03-21 13:35 - 2012-06-02 14:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2014-03-21 13:35 - 2012-06-02 11:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2014-03-21 13:35 - 2012-06-02 11:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2014-03-21 12:58 - 2014-03-21 12:58 - 00000000 ____D () C:\ProgramData\ATI
2014-03-21 12:58 - 2014-03-21 12:58 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-03-21 12:56 - 2014-03-21 12:56 - 00060777 _____ () C:\Windows\SysWOW64\CCCInstall_201403211656094562.log
2014-03-21 12:56 - 2014-03-21 12:56 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-03-21 12:54 - 2014-03-21 12:54 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-03-21 12:54 - 2014-03-21 12:54 - 00000000 ____D () C:\Program Files\AMD
2014-03-21 12:52 - 2014-03-21 12:52 - 212753896 _____ (Advanced Micro Devices, Inc.) C:\Users\Katie\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe
2014-03-21 12:52 - 2014-03-21 12:52 - 00000000 ____D () C:\AMD
2014-03-20 16:50 - 2014-03-21 13:20 - 00000000 ____D () C:\Users\Katie\Downloads\WinDlg_v1_25
2014-03-20 16:50 - 2014-03-20 16:50 - 00925193 _____ () C:\Users\Katie\Downloads\WinDlg_v1_25.zip
2014-03-19 19:29 - 2014-03-19 15:51 - 00000000 ____D () C:\Windows\Panther
2014-03-19 18:50 - 2014-03-26 19:09 - 01420176 _____ () C:\Windows\WindowsUpdate.log
2014-03-19 18:31 - 2014-03-19 18:31 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-03-19 18:21 - 2014-03-19 18:21 - 00000000 ____D () C:\Windows\Minidump
2014-03-19 17:42 - 2014-03-19 17:42 - 00415016 _____ () C:\Users\Katie\Downloads\CoreTempGadget.zip
2014-03-19 17:33 - 2014-03-19 17:33 - 00000000 ____D () C:\Program Files\CPUID
2014-03-19 17:32 - 2014-03-21 13:20 - 00000000 ____D () C:\Users\Katie\Downloads\RealTemp_370
2014-03-19 17:31 - 2014-03-19 17:31 - 00330853 _____ () C:\Users\Katie\Downloads\RealTemp_370.zip
2014-03-19 17:04 - 2014-03-21 13:20 - 00000000 ____D () C:\Program Files (x86)\VIA
2014-03-19 17:04 - 2014-03-19 17:04 - 00001206 _____ () C:\Users\Public\Desktop\HD VDeck.lnk
2014-03-19 17:04 - 2007-04-10 23:35 - 00414632 ____N (Microsoft Corporation) C:\Windows\difxapi.dll
2014-03-19 17:02 - 2014-03-22 08:03 - 00000000 ____D () C:\Users\Katie\Downloads\VIA
2014-03-19 17:02 - 2014-03-19 17:02 - 85509927 _____ () C:\Users\Katie\Downloads\mb_driver_audio_via_v10800a-amd.exe
2014-03-19 17:02 - 2012-08-02 21:28 - 00070800 _____ (Windows ® Codename Longhorn DDK provider) C:\Windows\System32\VtSrdAPO.dll
2014-03-19 17:02 - 2012-08-02 21:27 - 02993296 _____ (VIA Technologies, Inc.) C:\Windows\System32\VIAPropPageExt.dll
2014-03-19 17:02 - 2012-08-02 21:27 - 02206352 _____ (VIA Technologies, Inc.) C:\Windows\System32\Drivers\viahduaa.sys
2014-03-19 17:02 - 2012-08-02 21:27 - 01161360 _____ (VIA Technologies, Inc.) C:\Windows\System32\ViaKaraokeApo.dll
2014-03-19 17:02 - 2012-08-02 21:27 - 01119376 _____ (VIA Technologies, Inc.) C:\Windows\System32\ViaMicArrayAPO.dll
2014-03-19 17:02 - 2012-08-02 21:27 - 00681104 _____ (VIA Technologies, Inc.) C:\Windows\System32\VIASysFx.dll
2014-03-19 17:02 - 2012-08-02 21:27 - 00248976 _____ (Windows ® Codename Longhorn DDK provider) C:\Windows\System32\Dts2APO.dll
2014-03-19 17:02 - 2012-08-02 21:27 - 00123536 _____ (VIA Technologies,Inc.) C:\Windows\System32\ViaKaraokePropPageExt.dll
2014-03-19 17:02 - 2012-08-02 21:27 - 00095376 _____ (VIA Technologies,Inc.) C:\Windows\System32\ViaMicArrayPropPageExt.dll
2014-03-19 17:02 - 2012-08-02 21:27 - 00092304 _____ (VIA Technologies, Inc.) C:\Windows\System32\Dts2PropPageExt.dll
2014-03-19 17:02 - 2012-08-02 21:27 - 00055440 _____ (TODO: <Company name>) C:\Windows\System32\PropPageExt.dll
2014-03-19 17:02 - 2012-08-02 21:27 - 00027792 _____ (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
2014-03-19 17:02 - 2012-06-28 00:54 - 00086016 _____ (QSound Labs, Inc.) C:\Windows\System32\nQPropPageExt.dll
2014-03-19 17:02 - 2011-06-08 02:19 - 00083968 _____ (QSound Labs, Inc.) C:\Windows\System32\nQAPO.dll
2014-03-19 16:58 - 2014-03-19 16:58 - 00010009 _____ () C:\Windows\DirectX.log
2014-03-19 16:58 - 2010-06-02 00:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-03-19 16:58 - 2010-06-02 00:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_7.dll
2014-03-19 16:58 - 2010-06-02 00:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-03-19 16:58 - 2010-06-02 00:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_7.dll
2014-03-19 16:58 - 2010-06-02 00:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_5.dll
2014-03-19 16:58 - 2010-06-02 00:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-03-19 16:58 - 2010-05-26 07:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_43.dll
2014-03-19 16:58 - 2010-05-26 07:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_43.dll
2014-03-19 16:58 - 2010-05-26 07:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-03-19 16:58 - 2010-05-26 07:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-03-19 16:58 - 2010-05-26 07:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\System32\d3dcsx_43.dll
2014-03-19 16:58 - 2010-05-26 07:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-03-19 16:58 - 2010-05-26 07:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_43.dll
2014-03-19 16:58 - 2010-05-26 07:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-03-19 16:58 - 2010-05-26 07:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\System32\d3dx11_43.dll
2014-03-19 16:58 - 2010-05-26 07:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-03-19 16:58 - 2010-02-04 06:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_6.dll
2014-03-19 16:58 - 2010-02-04 06:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-03-19 16:58 - 2010-02-04 06:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-03-19 16:58 - 2010-02-04 06:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_6.dll
2014-03-19 16:58 - 2010-02-04 06:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_4.dll
2014-03-19 16:58 - 2010-02-04 06:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-03-19 16:58 - 2010-02-04 06:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_7.dll
2014-03-19 16:58 - 2010-02-04 06:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-03-19 16:58 - 2009-09-04 13:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_5.dll
2014-03-19 16:58 - 2009-09-04 13:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-03-19 16:58 - 2009-09-04 13:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-03-19 16:58 - 2009-09-04 13:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_5.dll
2014-03-19 16:58 - 2009-09-04 13:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_3.dll
2014-03-19 16:58 - 2009-09-04 13:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-03-19 16:58 - 2009-09-04 13:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\System32\d3dcsx_42.dll
2014-03-19 16:58 - 2009-09-04 13:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-03-19 16:58 - 2009-09-04 13:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll
2014-03-19 16:58 - 2009-09-04 13:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_42.dll
2014-03-19 16:58 - 2009-09-04 13:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-03-19 16:58 - 2009-09-04 13:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-03-19 16:58 - 2009-09-04 13:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_42.dll
2014-03-19 16:58 - 2009-09-04 13:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-03-19 16:58 - 2009-09-04 13:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\System32\d3dx11_42.dll
2014-03-19 16:58 - 2009-09-04 13:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-03-19 16:58 - 2009-03-16 10:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_4.dll
2014-03-19 16:58 - 2009-03-16 10:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-03-19 16:58 - 2009-03-16 10:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-03-19 16:58 - 2009-03-16 10:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_4.dll
2014-03-19 16:58 - 2009-03-16 10:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_6.dll
2014-03-19 16:58 - 2009-03-16 10:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-03-19 16:58 - 2009-03-09 11:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll
2014-03-19 16:58 - 2009-03-09 11:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-03-19 16:58 - 2009-03-09 11:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_41.dll
2014-03-19 16:58 - 2009-03-09 11:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-03-19 16:58 - 2009-03-09 11:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_41.dll
2014-03-19 16:58 - 2009-03-09 11:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-03-19 16:58 - 2008-10-27 06:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_3.dll
2014-03-19 16:58 - 2008-10-27 06:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-03-19 16:58 - 2008-10-27 06:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-03-19 16:58 - 2008-10-27 06:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_3.dll
2014-03-19 16:58 - 2008-10-27 06:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_2.dll
2014-03-19 16:58 - 2008-10-27 06:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-03-19 16:58 - 2008-10-27 06:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_5.dll
2014-03-19 16:58 - 2008-10-27 06:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-03-19 16:58 - 2008-10-15 02:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll
2014-03-19 16:58 - 2008-10-15 02:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-03-19 16:58 - 2008-10-15 02:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll
2014-03-19 16:58 - 2008-10-15 02:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-03-19 16:58 - 2008-10-15 02:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll
2014-03-19 16:58 - 2008-10-15 02:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-03-19 16:58 - 2008-07-31 06:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-03-19 16:58 - 2008-07-31 06:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_2.dll
2014-03-19 16:58 - 2008-07-31 06:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_1.dll
2014-03-19 16:58 - 2008-07-31 06:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-03-19 16:58 - 2008-07-31 06:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_2.dll
2014-03-19 16:58 - 2008-07-31 06:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-03-19 16:58 - 2008-07-10 07:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-03-19 16:58 - 2008-07-10 07:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_39.dll
2014-03-19 16:58 - 2008-07-10 07:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-03-19 16:58 - 2008-07-10 07:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_39.dll
2014-03-19 16:58 - 2008-07-10 07:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-03-19 16:58 - 2008-07-10 07:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_39.dll
2014-03-19 16:58 - 2008-05-30 10:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_1.dll
2014-03-19 16:58 - 2008-05-30 10:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-03-19 16:58 - 2008-05-30 10:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-03-19 16:58 - 2008-05-30 10:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_1.dll
2014-03-19 16:58 - 2008-05-30 10:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\System32\XAPOFX1_0.dll
2014-03-19 16:58 - 2008-05-30 10:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-03-19 16:58 - 2008-05-30 10:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-03-19 16:58 - 2008-05-30 10:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_4.dll
2014-03-19 16:58 - 2008-05-30 10:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_38.dll
2014-03-19 16:58 - 2008-05-30 10:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-03-19 16:58 - 2008-05-30 10:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_38.dll
2014-03-19 16:58 - 2008-05-30 10:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-03-19 16:58 - 2008-05-30 10:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_38.dll
2014-03-19 16:58 - 2008-05-30 10:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-03-19 16:58 - 2008-03-05 12:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\System32\XAudio2_0.dll
2014-03-19 16:58 - 2008-03-05 12:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-03-19 16:58 - 2008-03-05 12:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-03-19 16:58 - 2008-03-05 12:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\System32\xactengine3_0.dll
2014-03-19 16:58 - 2008-03-05 12:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_3.dll
2014-03-19 16:58 - 2008-03-05 12:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-03-19 16:58 - 2008-03-05 11:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\System32\D3DX9_37.dll
2014-03-19 16:58 - 2008-03-05 11:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-03-19 16:58 - 2008-03-05 11:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_37.dll
2014-03-19 16:58 - 2008-03-05 11:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-03-19 16:58 - 2008-02-05 19:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_37.dll
2014-03-19 16:58 - 2008-02-05 19:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-03-19 16:58 - 2007-10-21 23:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_10.dll
2014-03-19 16:58 - 2007-10-21 23:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-03-19 16:58 - 2007-10-21 23:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\System32\X3DAudio1_2.dll
2014-03-19 16:58 - 2007-10-21 23:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-03-19 16:58 - 2007-10-12 11:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_36.dll
2014-03-19 16:58 - 2007-10-12 11:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-03-19 16:58 - 2007-10-12 11:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_36.dll
2014-03-19 16:58 - 2007-10-12 11:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-03-19 16:58 - 2007-10-02 05:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_36.dll
2014-03-19 16:58 - 2007-10-02 05:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-03-19 16:58 - 2007-07-19 20:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_9.dll
2014-03-19 16:58 - 2007-07-19 20:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-03-19 16:58 - 2007-07-19 14:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_35.dll
2014-03-19 16:58 - 2007-07-19 14:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-03-19 16:58 - 2007-07-19 14:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_35.dll
2014-03-19 16:58 - 2007-07-19 14:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-03-19 16:58 - 2007-07-19 14:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_35.dll
2014-03-19 16:58 - 2007-07-19 14:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-03-19 16:58 - 2007-06-20 16:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_8.dll
2014-03-19 16:58 - 2007-06-20 16:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-03-19 16:58 - 2007-05-16 12:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_34.dll
2014-03-19 16:58 - 2007-05-16 12:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-03-19 16:58 - 2007-05-16 12:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_34.dll
2014-03-19 16:58 - 2007-05-16 12:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-03-19 16:58 - 2007-05-16 12:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_34.dll
2014-03-19 16:58 - 2007-05-16 12:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-03-19 16:58 - 2007-04-04 14:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_7.dll
2014-03-19 16:58 - 2007-04-04 14:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-03-19 16:58 - 2007-04-04 14:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_3.dll
2014-03-19 16:58 - 2007-04-04 14:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-03-19 16:58 - 2007-03-15 12:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_33.dll
2014-03-19 16:58 - 2007-03-15 12:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-03-19 16:58 - 2007-03-12 12:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_33.dll
2014-03-19 16:58 - 2007-03-12 12:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-03-19 16:58 - 2007-03-12 12:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_33.dll
2014-03-19 16:58 - 2007-03-12 12:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-03-19 16:58 - 2007-03-05 08:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\System32\x3daudio1_1.dll
2014-03-19 16:58 - 2007-03-05 08:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-03-19 16:58 - 2007-01-24 11:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_6.dll
2014-03-19 16:58 - 2007-01-24 11:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-03-19 16:58 - 2006-12-08 08:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-03-19 16:58 - 2006-12-08 08:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_5.dll
2014-03-19 16:58 - 2006-11-29 09:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_32.dll
2014-03-19 16:58 - 2006-11-29 09:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-03-19 16:58 - 2006-11-29 09:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10.dll
2014-03-19 16:58 - 2006-11-29 09:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-03-19 16:58 - 2006-09-28 12:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_31.dll
2014-03-19 16:58 - 2006-09-28 12:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-03-19 16:58 - 2006-09-28 12:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-03-19 16:58 - 2006-09-28 12:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_4.dll
2014-03-19 16:58 - 2006-07-28 05:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_2.dll
2014-03-19 16:58 - 2006-07-28 05:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_3.dll
2014-03-19 16:58 - 2006-07-28 05:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-03-19 16:58 - 2006-07-28 05:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-03-19 16:58 - 2006-05-31 03:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-03-19 16:58 - 2006-05-31 03:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_2.dll
2014-03-19 16:58 - 2006-03-31 08:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_30.dll
2014-03-19 16:58 - 2006-03-31 08:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-03-19 16:58 - 2006-03-31 08:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_1.dll
2014-03-19 16:58 - 2006-03-31 08:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-03-19 16:58 - 2006-03-31 08:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_1.dll
2014-03-19 16:58 - 2006-03-31 08:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-03-19 16:58 - 2006-02-03 04:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_29.dll
2014-03-19 16:58 - 2006-02-03 04:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-03-19 16:58 - 2006-02-03 04:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_0.dll
2014-03-19 16:58 - 2006-02-03 04:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-03-19 16:58 - 2006-02-03 04:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\System32\x3daudio1_0.dll
2014-03-19 16:58 - 2006-02-03 04:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-03-19 16:58 - 2005-12-05 14:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_28.dll
2014-03-19 16:58 - 2005-12-05 14:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-03-19 16:58 - 2005-07-22 15:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll
2014-03-19 16:58 - 2005-07-22 15:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-03-19 16:58 - 2005-05-26 11:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_26.dll
2014-03-19 16:58 - 2005-05-26 11:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-03-19 16:58 - 2005-03-18 13:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_25.dll
2014-03-19 16:58 - 2005-03-18 13:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-03-19 16:58 - 2005-02-05 15:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_24.dll
2014-03-19 16:58 - 2005-02-05 15:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-03-19 16:55 - 2014-03-19 16:55 - 00000222 _____ () C:\Users\Katie\Desktop\Banished.url
2014-03-19 16:53 - 2014-03-25 11:57 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-19 16:53 - 2014-03-19 16:53 - 01141680 _____ () C:\Users\Katie\Downloads\SteamSetup.exe
2014-03-19 16:53 - 2014-03-19 16:53 - 00000967 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-03-19 16:50 - 2014-03-24 05:48 - 00058016 _____ () C:\Users\Katie\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-19 16:50 - 2014-03-19 16:50 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\ATI
2014-03-19 16:50 - 2014-03-19 16:50 - 00000000 ____D () C:\Users\Katie\AppData\Local\ATI
2014-03-19 16:50 - 2014-03-19 16:50 - 00000000 ____D () C:\Users\Katie\AppData\Local\AMD
2014-03-19 16:45 - 2014-03-19 16:45 - 01021432 _____ (Microsoft Corporation) C:\Users\Katie\Downloads\NDP451-KB2859818-Web (1).exe
2014-03-19 16:41 - 2014-03-19 16:41 - 01021432 _____ (Microsoft Corporation) C:\Users\Katie\Downloads\NDP451-KB2859818-Web.exe
2014-03-19 16:40 - 2014-03-23 19:21 - 00790104 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-19 16:27 - 2014-03-19 16:27 - 00675988 _____ () C:\Users\Katie\Downloads\Minecraft (1).exe
2014-03-19 16:25 - 2014-03-19 16:25 - 00675988 _____ () C:\Users\Katie\Downloads\Minecraft.exe
2014-03-19 16:18 - 2072-03-24 16:36 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-03-19 16:18 - 2014-03-21 12:56 - 00000000 ____D () C:\ProgramData\AMD
2014-03-19 16:18 - 2012-08-28 04:27 - 00058536 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\usbfilter.sys
2014-03-19 16:17 - 2014-03-19 16:17 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-19 16:16 - 2014-03-21 12:55 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-19 16:16 - 2014-03-19 16:16 - 00000010 _____ () C:\csb.log
2014-03-19 16:16 - 2014-03-19 16:16 - 00000000 ____D () C:\Program Files\ATI
2014-03-19 16:15 - 2014-03-19 16:15 - 131750644 _____ (Igor Pavlov) C:\Users\Katie\Downloads\mb_driver_chipset_amd9series_win.exe
2014-03-19 16:15 - 2014-01-16 18:54 - 00000000 ____D () C:\Users\Katie\Downloads\chipset_win
2014-03-19 16:04 - 2072-03-24 17:10 - 00000000 ____D () C:\Program Files\Google
2014-03-19 16:04 - 2014-03-19 16:18 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-19 16:04 - 2014-03-19 16:12 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\Google
2014-03-19 16:04 - 2014-03-19 16:04 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\Macromedia
2014-03-19 16:04 - 2014-03-19 16:04 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\Adobe
2014-03-19 16:03 - 2072-03-24 17:10 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-19 16:03 - 2072-03-24 17:06 - 00000000 ____D () C:\Users\Katie\AppData\Local\Google
2014-03-19 16:03 - 2014-03-26 19:09 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-19 16:03 - 2014-03-26 19:09 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-19 16:03 - 2014-03-26 19:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-19 16:03 - 2014-03-19 16:11 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-19 16:03 - 2014-03-19 16:11 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-19 16:03 - 2014-03-19 16:04 - 00000000 ____D () C:\Users\Katie\AppData\Local\Adobe
2014-03-19 16:03 - 2014-03-19 16:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-19 16:03 - 2014-03-19 16:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-19 16:03 - 2014-03-19 16:03 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-19 16:03 - 2014-03-19 16:03 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-03-19 16:03 - 2014-03-19 16:03 - 00000000 ____D () C:\Windows\System32\Macromed
2014-03-19 16:00 - 2072-03-24 16:56 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-19 16:00 - 2014-03-19 16:00 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-03-19 16:00 - 2011-08-23 05:57 - 00565352 _____ (Realtek ) C:\Windows\System32\Drivers\Rt64win7.sys
2014-03-19 16:00 - 2011-08-23 05:57 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\System32\RTNUninst64.dll
2014-03-19 16:00 - 2011-08-23 05:57 - 00074272 _____ () C:\Windows\System32\RtNicProp64.dll
2014-03-19 15:59 - 2072-03-24 16:57 - 00000010 _____ () C:\Windows\GSetup.ini
2014-03-19 15:51 - 2014-03-21 09:22 - 00000000 ____D () C:\users\Katie
2014-03-19 15:51 - 2014-03-19 15:51 - 00000020 ___SH () C:\Users\Katie\ntuser.ini
2014-03-19 15:51 - 2014-03-19 15:51 - 00000000 __SHD () C:\Recovery
2014-03-19 15:51 - 2014-03-19 15:51 - 00000000 ____D () C:\Users\Katie\AppData\Local\VirtualStore
 
==================== One Month Modified Files and Folders =======
 
2072-03-25 11:06 - 2072-03-25 11:06 - 00000000 ___HD () C:\Windows\msdownld.tmp
2072-03-25 11:06 - 2072-03-25 11:03 - 00013093 _____ () C:\Windows\IE11_main.log
2072-03-25 11:06 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2072-03-25 11:04 - 2072-03-25 11:04 - 23212032 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 12995584 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 05765120 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 02764288 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2072-03-25 11:04 - 2072-03-25 11:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2072-03-25 11:04 - 2072-03-25 11:04 - 02332160 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 01993728 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2072-03-25 11:04 - 2072-03-25 11:04 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2072-03-25 11:04 - 2072-03-25 11:04 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 01394176 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 01228800 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00942592 _____ (Microsoft Corporation) C:\Windows\System32\jsIntl.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00708608 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00626176 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2072-03-25 11:04 - 2072-03-25 11:04 - 00616104 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2072-03-25 11:04 - 2072-03-25 11:04 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00413696 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2072-03-25 11:04 - 2072-03-25 11:04 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2072-03-25 11:04 - 2072-03-25 11:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00263376 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00218624 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00147968 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00101376 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00090112 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2072-03-25 11:04 - 2072-03-25 11:04 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2072-03-25 11:04 - 2072-03-25 11:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2072-03-25 11:04 - 2072-03-25 11:04 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2072-03-25 11:04 - 2072-03-25 11:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2072-03-24 17:48 - 2072-03-24 17:48 - 00000000 ____D () C:\Users\Katie\Documents\Banished
2072-03-24 17:21 - 2072-03-24 17:14 - 00000000 ____D () C:\ProgramData\Oracle
2072-03-24 17:20 - 2072-03-24 17:20 - 29141928 _____ (Oracle Corporation) C:\Users\Katie\Downloads\jre-7u51-windows-i586 (1).exe
2072-03-24 17:19 - 2072-03-24 17:19 - 30796712 _____ (Oracle Corporation) C:\Users\Katie\Downloads\jre-7u51-windows-x64.exe
2072-03-24 17:17 - 2072-03-24 17:17 - 00921000 _____ (Oracle Corporation) C:\Users\Katie\Downloads\chromeinstall-7u51 (1).exe
2072-03-24 17:16 - 2072-03-24 17:16 - 00347816 _____ (Microsoft Corporation) C:\Users\Katie\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.14831914084717401.2.2.Run.exe
2072-03-24 17:15 - 2072-03-24 17:15 - 00347816 _____ (Microsoft Corporation) C:\Users\Katie\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.14831914084717401.2.1.Run.exe
2072-03-24 17:14 - 2072-03-24 17:14 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\.minecraft
2072-03-24 17:14 - 2072-03-24 17:14 - 00000000 ____D () C:\ProgramData\Sun
2072-03-24 17:13 - 2072-03-24 17:12 - 29141928 _____ (Oracle Corporation) C:\Users\Katie\Downloads\jre-7u51-windows-i586.exe
2072-03-24 17:12 - 2072-03-24 17:12 - 00347816 _____ (Microsoft Corporation) C:\Users\Katie\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.14831914084717401.1.2.Run.exe
2072-03-24 17:12 - 2072-03-24 17:12 - 00347816 _____ (Microsoft Corporation) C:\Users\Katie\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.14831914084717401.1.1.Run.exe
2072-03-24 17:11 - 2072-03-24 17:11 - 00921000 _____ (Oracle Corporation) C:\Users\Katie\Downloads\chromeinstall-7u51.exe
2072-03-24 17:10 - 2014-03-19 16:04 - 00000000 ____D () C:\Program Files\Google
2072-03-24 17:10 - 2014-03-19 16:03 - 00000000 ____D () C:\Program Files (x86)\Google
2072-03-24 17:10 - 2010-11-20 19:47 - 00020674 _____ () C:\Windows\PFRO.log
2072-03-24 17:06 - 2014-03-19 16:03 - 00000000 ____D () C:\Users\Katie\AppData\Local\Google
2072-03-24 16:57 - 2014-03-19 15:59 - 00000010 _____ () C:\Windows\GSetup.ini
2072-03-24 16:56 - 2072-03-24 16:56 - 01186161 _____ () C:\Windows\unins000.exe
2072-03-24 16:56 - 2072-03-24 16:56 - 00001134 _____ () C:\Windows\unins000.dat
2072-03-24 16:56 - 2072-03-24 16:56 - 00000000 ____D () C:\Program Files\GIGABYTE
2072-03-24 16:56 - 2072-03-24 16:56 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2072-03-24 16:56 - 2014-03-19 16:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2072-03-24 16:46 - 2072-03-24 16:46 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_xhcdrv_01011.Wdf
2072-03-24 16:46 - 2072-03-24 16:46 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_ViaHub3_01011.Wdf
2072-03-24 16:43 - 2072-03-24 16:43 - 00000032 _____ () C:\setup.log
2072-03-24 16:43 - 2072-03-24 16:42 - 00000000 ____D () C:\Program Files (x86)\ASUS
2072-03-24 16:42 - 2072-03-24 16:42 - 00001043 _____ () C:\Users\Public\Desktop\ASUS GPU Tweak.lnk
2072-03-24 16:37 - 2072-03-24 16:37 - 00000000 ____D () C:\Windows\Downloaded Installations
2072-03-24 16:37 - 2072-03-24 16:37 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2072-03-24 16:36 - 2014-03-19 16:18 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-03-27 19:10 - 2014-03-27 19:09 - 00000000 ____D () C:\FRST
2014-03-26 19:09 - 2014-03-24 05:50 - 00000292 _____ () C:\Windows\Tasks\UpdaterEX.job
2014-03-26 19:09 - 2014-03-19 18:50 - 01420176 _____ () C:\Windows\WindowsUpdate.log
2014-03-26 19:09 - 2014-03-19 16:03 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-26 19:09 - 2014-03-19 16:03 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-26 19:09 - 2014-03-19 16:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-26 15:38 - 2009-07-13 20:45 - 00021888 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-26 15:38 - 2009-07-13 20:45 - 00021888 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-26 15:35 - 2009-07-13 21:13 - 00797934 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-03-26 15:31 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-26 15:31 - 2009-07-13 20:51 - 00035925 _____ () C:\Windows\setupact.log
2014-03-26 15:00 - 2014-03-26 15:00 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-KATIE-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-03-26 14:59 - 2014-03-26 14:59 - 00002239 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-03-26 14:59 - 2014-03-26 14:59 - 00000000 ____D () C:\RegBackup
2014-03-26 14:59 - 2014-03-26 14:59 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-03-25 13:19 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-03-25 12:33 - 2014-03-25 12:33 - 00076500 _____ () C:\Users\Katie\Downloads\OTL.Txt
2014-03-25 12:33 - 2014-03-25 12:33 - 00040708 _____ () C:\Users\Katie\Downloads\Extras.Txt
2014-03-25 12:30 - 2014-03-25 12:30 - 00602112 _____ (OldTimer Tools) C:\Users\Katie\Downloads\OTL.exe
2014-03-25 11:57 - 2014-03-19 16:53 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-25 11:51 - 2014-03-24 05:50 - 00003232 _____ () C:\Windows\System32\Tasks\UpdaterEX
2014-03-25 11:51 - 2014-03-24 05:49 - 00000089 _____ () C:\Users\Katie\AppData\Roaming\WB.CFG
2014-03-24 05:54 - 2014-03-24 05:54 - 00000000 ____D () C:\Users\Katie\Documents\Optimizer Pro
2014-03-24 05:50 - 2014-03-24 05:50 - 24489269 _____ () C:\Users\Katie\Downloads\setup [1].exe
2014-03-24 05:50 - 2014-03-24 05:50 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\UpdaterEX
2014-03-24 05:48 - 2014-03-19 16:50 - 00058016 _____ () C:\Users\Katie\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-24 05:43 - 2009-07-13 20:45 - 00275712 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-03-24 05:41 - 2011-04-12 00:28 - 00000000 ____D () C:\Program Files\Windows Journal
2014-03-24 05:41 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-24 05:41 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-24 05:41 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-03-24 05:41 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-03-24 05:41 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\zh-HK
2014-03-24 05:41 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\tr-TR
2014-03-24 05:41 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-03-23 19:38 - 2014-03-23 19:29 - 00010977 _____ () C:\Windows\IE10_main.log
2014-03-23 19:31 - 2014-03-23 19:31 - 03928064 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 02776576 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01682432 _____ (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01424384 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01238528 _____ (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01175552 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00648192 _____ (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00522752 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00363008 _____ (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00333312 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00245248 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00221184 _____ (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00194560 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00010752 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00009728 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-23 19:31 - 2014-03-23 19:31 - 00002560 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-23 19:21 - 2014-03-19 16:40 - 00790104 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-23 19:20 - 2014-03-23 19:18 - 00003249 _____ () C:\Windows\IE9_main.log
2014-03-23 19:02 - 2014-03-23 19:02 - 00000930 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2014-03-23 14:10 - 2014-03-23 13:55 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-03-23 13:55 - 2014-03-23 13:55 - 00001011 _____ () C:\Users\Katie\Desktop\SpeedFan.lnk
2014-03-23 13:55 - 2014-03-23 13:55 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-03-23 13:55 - 2014-03-23 13:55 - 00000000 _____ () C:\Users\Katie\Desktop\initdebug.nfo
2014-03-22 08:03 - 2014-03-19 17:02 - 00000000 ____D () C:\Users\Katie\Downloads\VIA
2014-03-22 07:50 - 2014-03-22 07:50 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-03-22 07:45 - 2014-03-22 07:45 - 02975825 _____ () C:\Users\Katie\Downloads\mb_bios_ga-970a-d3p_f5.exe
2014-03-21 13:20 - 2014-03-20 16:50 - 00000000 ____D () C:\Users\Katie\Downloads\WinDlg_v1_25
2014-03-21 13:20 - 2014-03-19 17:32 - 00000000 ____D () C:\Users\Katie\Downloads\RealTemp_370
2014-03-21 13:20 - 2014-03-19 17:04 - 00000000 ____D () C:\Program Files (x86)\VIA
2014-03-21 13:20 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2014-03-21 13:20 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\AppCompat
2014-03-21 12:58 - 2014-03-21 12:58 - 00000000 ____D () C:\ProgramData\ATI
2014-03-21 12:58 - 2014-03-21 12:58 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-03-21 12:56 - 2014-03-21 12:56 - 00060777 _____ () C:\Windows\SysWOW64\CCCInstall_201403211656094562.log
2014-03-21 12:56 - 2014-03-21 12:56 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-03-21 12:56 - 2014-03-19 16:18 - 00000000 ____D () C:\ProgramData\AMD
2014-03-21 12:55 - 2014-03-19 16:16 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-21 12:54 - 2014-03-21 12:54 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-03-21 12:54 - 2014-03-21 12:54 - 00000000 ____D () C:\Program Files\AMD
2014-03-21 12:52 - 2014-03-21 12:52 - 212753896 _____ (Advanced Micro Devices, Inc.) C:\Users\Katie\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe
2014-03-21 12:52 - 2014-03-21 12:52 - 00000000 ____D () C:\AMD
2014-03-21 09:22 - 2014-03-19 15:51 - 00000000 ____D () C:\users\Katie
2014-03-20 16:50 - 2014-03-20 16:50 - 00925193 _____ () C:\Users\Katie\Downloads\WinDlg_v1_25.zip
2014-03-19 19:29 - 2009-07-13 21:38 - 00025600 ___SH () C:\Windows\System32\config\BCD-Template.LOG
2014-03-19 19:29 - 2009-07-13 21:32 - 00028672 _____ () C:\Windows\System32\config\BCD-Template
2014-03-19 18:32 - 2009-07-13 20:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-03-19 18:32 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sysprep
2014-03-19 18:31 - 2014-03-19 18:31 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-03-19 18:21 - 2014-03-19 18:21 - 00000000 ____D () C:\Windows\Minidump
2014-03-19 17:42 - 2014-03-19 17:42 - 00415016 _____ () C:\Users\Katie\Downloads\CoreTempGadget.zip
2014-03-19 17:33 - 2014-03-19 17:33 - 00000000 ____D () C:\Program Files\CPUID
2014-03-19 17:31 - 2014-03-19 17:31 - 00330853 _____ () C:\Users\Katie\Downloads\RealTemp_370.zip
2014-03-19 17:04 - 2014-03-19 17:04 - 00001206 _____ () C:\Users\Public\Desktop\HD VDeck.lnk
2014-03-19 17:02 - 2014-03-19 17:02 - 85509927 _____ () C:\Users\Katie\Downloads\mb_driver_audio_via_v10800a-amd.exe
2014-03-19 16:58 - 2014-03-19 16:58 - 00010009 _____ () C:\Windows\DirectX.log
2014-03-19 16:55 - 2014-03-19 16:55 - 00000222 _____ () C:\Users\Katie\Desktop\Banished.url
2014-03-19 16:53 - 2014-03-19 16:53 - 01141680 _____ () C:\Users\Katie\Downloads\SteamSetup.exe
2014-03-19 16:53 - 2014-03-19 16:53 - 00000967 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-03-19 16:50 - 2014-03-19 16:50 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\ATI
2014-03-19 16:50 - 2014-03-19 16:50 - 00000000 ____D () C:\Users\Katie\AppData\Local\ATI
2014-03-19 16:50 - 2014-03-19 16:50 - 00000000 ____D () C:\Users\Katie\AppData\Local\AMD
2014-03-19 16:45 - 2014-03-19 16:45 - 01021432 _____ (Microsoft Corporation) C:\Users\Katie\Downloads\NDP451-KB2859818-Web (1).exe
2014-03-19 16:41 - 2014-03-19 16:41 - 01021432 _____ (Microsoft Corporation) C:\Users\Katie\Downloads\NDP451-KB2859818-Web.exe
2014-03-19 16:27 - 2014-03-19 16:27 - 00675988 _____ () C:\Users\Katie\Downloads\Minecraft (1).exe
2014-03-19 16:25 - 2014-03-19 16:25 - 00675988 _____ () C:\Users\Katie\Downloads\Minecraft.exe
2014-03-19 16:18 - 2014-03-19 16:04 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-19 16:17 - 2014-03-19 16:17 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-19 16:17 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-03-19 16:16 - 2014-03-19 16:16 - 00000010 _____ () C:\csb.log
2014-03-19 16:16 - 2014-03-19 16:16 - 00000000 ____D () C:\Program Files\ATI
2014-03-19 16:15 - 2014-03-19 16:15 - 131750644 _____ (Igor Pavlov) C:\Users\Katie\Downloads\mb_driver_chipset_amd9series_win.exe
2014-03-19 16:12 - 2014-03-19 16:04 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\Google
2014-03-19 16:11 - 2014-03-19 16:03 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-19 16:11 - 2014-03-19 16:03 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-19 16:04 - 2014-03-19 16:04 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\Macromedia
2014-03-19 16:04 - 2014-03-19 16:04 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\Adobe
2014-03-19 16:04 - 2014-03-19 16:03 - 00000000 ____D () C:\Users\Katie\AppData\Local\Adobe
2014-03-19 16:03 - 2014-03-19 16:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-19 16:03 - 2014-03-19 16:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-19 16:03 - 2014-03-19 16:03 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-19 16:03 - 2014-03-19 16:03 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-03-19 16:03 - 2014-03-19 16:03 - 00000000 ____D () C:\Windows\System32\Macromed
2014-03-19 16:01 - 2009-07-13 19:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-19 16:00 - 2014-03-19 16:00 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-03-19 16:00 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\System32\restore
2014-03-19 15:51 - 2014-03-19 19:29 - 00000000 ____D () C:\Windows\Panther
2014-03-19 15:51 - 2014-03-19 15:51 - 00000020 ___SH () C:\Users\Katie\ntuser.ini
2014-03-19 15:51 - 2014-03-19 15:51 - 00000000 __SHD () C:\Recovery
2014-03-19 15:51 - 2014-03-19 15:51 - 00000000 ____D () C:\Users\Katie\AppData\Local\VirtualStore
2014-03-19 15:51 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\Recovery
 
Some content of TEMP:
====================
C:\Users\Katie\AppData\Local\Temp\SCC.dll
C:\Users\Katie\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Katie\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Katie\AppData\Local\Temp\sfamcc00003.dll
C:\Users\Katie\AppData\Local\Temp\sfareca00001.dll
C:\Users\Katie\AppData\Local\Temp\sfareca00002.dll
C:\Users\Katie\AppData\Local\Temp\sfextra.dll
C:\Users\Katie\AppData\Local\Temp\SymCCIS.dll
C:\Users\Katie\AppData\Local\Temp\Uninstall.exe
 
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
Restore point made on: 2014-03-19 17:04:05
Restore point made on: 2014-03-19 17:13:48
Restore point made on: 2014-03-19 17:21:58
Restore point made on: 2014-03-21 12:53:40
Restore point made on: 2014-03-21 12:54:05
Restore point made on: 2014-03-21 13:35:15
Restore point made on: 2014-03-22 08:07:35
Restore point made on: 2014-03-23 13:54:15
Restore point made on: 2014-03-23 19:06:21
Restore point made on: 2014-03-26 15:00:16
Restore point made on: 2072-03-24 16:42:50
Restore point made on: 2072-03-24 16:45:45
Restore point made on: 2072-03-24 16:56:13
Restore point made on: 2072-03-24 17:13:36
Restore point made on: 2072-03-24 17:19:36
Restore point made on: 2072-03-24 17:20:35
Restore point made on: 2072-03-24 17:21:04
Restore point made on: 2072-03-24 19:33:09
Restore point made on: 2072-03-25 11:03:57
Restore point made on: 2072-03-25 11:11:35
Restore point made on: 2072-03-25 11:12:06
 
==================== Memory info =========================== 
 
Percentage of memory in use: 15%
Total physical RAM: 4060.66 MB
Available physical RAM: 3441.54 MB
Total Pagefile: 4058.86 MB
Available Pagefile: 3428.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:898.27 GB) NTFS
Drive f: () (Removable) (Total:0.94 GB) (Free:0.93 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 4612E044)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 961 MB) (Disk ID: 0096EBDD)
Partition 1: (Active) - (Size=961 MB) - (Type=06)
 
 
LastRegBack: 2014-03-20 00:11
 
==================== End Of Log ============================

  • 0

#6
Dakeyras
Posted 28 March 2014 - 03:40 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)
 

I guess you are stuck with me then. :)


Or the other way round, your stuck with the woolly mammoth for the time being! :lol:

Levity aside...
 

For some reason, hearing that there is a malware problem makes me feel a little relieved. It feels like I've been running in circle for the past 2 weeks and now it is good to have a lead. :D


Aye for sure definitely some malware I have identified so far. Specifically Quiknowledge and Optimizer Pro to name a few examples plus some further adware related dross; non of which appears to have been completely removed nor is there any evidence of specific Anti-Malware tools that have been deployed to account for this. Possible this you mentioned in the other topic may shed some light on that:-
 

My boss's husband is an IT guy and offered to take a look at my computer and ran a few tests of his own. Which tests, I haven't the slightest idea


So he may have manually removed some elements, not saying he did just speculating as I can only go from the logs/information at hand etc. Either way incorrect removal of malware can actually exacerbate a situation rather than improve and may account for these ongoing issues apart from the suspect hardware related. Though the fact the your machine has not had any form of Anti-Virus software installed is certainly a factor also.

Anyway lets proceed as follows shall we...

Custom FRST Script:

Please download the attached fixlist.txt(see below) and save to your usb drive.

  • Now please enter System Recovery Options then select Command Prompt.
  • Run FRST64 again as outlined in my prior post and then press the Fix button just once and wait.
  • The tool will make a log on the usb drive (Fixlog.txt). Please copy and paste the contents of the aforementioned notepad file in your next reply
  • Reboot your machine back into Normal Mode.
Next:

Let myself know in your next reply if your machine can now successfully boot into Normal Mode and post the contents of the requested Fix Log.

In the event still problems booting up into Normal Mode, please check for myself if you can boot into Safe Mode with Networking and do you have a Windows 7 64 Bit Installtion DVD or not ?
  • 0

#7
Katehsparrow
Posted 28 March 2014 - 09:52 AM

Katehsparrow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Hi there Dakeyras,

 

I spoke to my boss' husband the other day and he said he only looked at hardware because that was what I suspected to be the problem. The half-removed malware/adware is probably my fault-- I probably got this malware by installing & uninstalling programs that I thought were hardware tests. The past several years of being a Mac-only user have made me careless, unfortunately. :( Should have installed an anti-virus first thing.

 

Anyways, I followed your instructions and ran the fix. Unfortunately, I am still unable to boot into either Normal or Safe More with Networking. The Fixlog is below.

 

I do have have a Windows 7 64 Bit Installation DVD with a legit Key. 

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by SYSTEM at 2014-03-28 08:59:49 Run:1
Running from F:\
Boot Mode: Recovery
==============================================
 
Content of fixlist:
*****************
Start
S1 qknfd; system32\drivers\qknfd.sys [X]
2014-03-24 05:54 - 2014-03-24 05:54 - 00000000 ____D () C:\Users\Katie\Documents\Optimizer Pro
2014-03-24 05:50 - 2014-03-26 19:09 - 00000292 _____ () C:\Windows\Tasks\UpdaterEX.job
2014-03-24 05:50 - 2014-03-25 11:51 - 00003232 _____ () C:\Windows\System32\Tasks\UpdaterEX
2014-03-24 05:50 - 2014-03-24 05:50 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\UpdaterEX
C:\Users\Katie\AppData\Local\Temp\SCC.dll
C:\Users\Katie\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Katie\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Katie\AppData\Local\Temp\sfamcc00003.dll
C:\Users\Katie\AppData\Local\Temp\sfareca00001.dll
C:\Users\Katie\AppData\Local\Temp\sfareca00002.dll
C:\Users\Katie\AppData\Local\Temp\sfextra.dll
C:\Users\Katie\AppData\Local\Temp\SymCCIS.dll
C:\Users\Katie\AppData\Local\Temp\Uninstall.exe
End
*****************
 
qknfd => Service deleted successfully.
C:\Users\Katie\Documents\Optimizer Pro => Moved successfully.
C:\Windows\Tasks\UpdaterEX.job => Moved successfully.
C:\Windows\System32\Tasks\UpdaterEX => Moved successfully.
C:\Users\Katie\AppData\Roaming\UpdaterEX => Moved successfully.
C:\Users\Katie\AppData\Local\Temp\SCC.dll => Moved successfully.
C:\Users\Katie\AppData\Local\Temp\sfamcc00001.dll => Moved successfully.
C:\Users\Katie\AppData\Local\Temp\sfamcc00002.dll => Moved successfully.
C:\Users\Katie\AppData\Local\Temp\sfamcc00003.dll => Moved successfully.
C:\Users\Katie\AppData\Local\Temp\sfareca00001.dll => Moved successfully.
C:\Users\Katie\AppData\Local\Temp\sfareca00002.dll => Moved successfully.
C:\Users\Katie\AppData\Local\Temp\sfextra.dll => Moved successfully.
C:\Users\Katie\AppData\Local\Temp\SymCCIS.dll => Moved successfully.
C:\Users\Katie\AppData\Local\Temp\Uninstall.exe => Moved successfully.
 
==== End of Fixlog ====

  • 0

#8
Dakeyras
Posted 28 March 2014 - 03:08 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)
 

The half-removed malware/adware is probably my fault-- I probably got this malware by installing & uninstalling programs that I thought were hardware tests. The past several years of being a Mac-only user have made me careless, unfortunately. :(


Fair play and do not worry about it.
 

Should have installed an anti-virus first thing.


Again do not worry about it and all hindsight will do is make you feel worse. End of the days these things occur, its called being human and non of us are truly infallible eh...least of all myself for example and all we can do is hopefully learn from a genuine mistake.
 

Anyways, I followed your instructions and ran the fix. Unfortunately, I am still unable to boot into either Normal or Safe More with Networking.


Acknowledged, a fair few methodology's we can attempt too see if we can get your machine stable enough to work upon.
 

I do have have a Windows 7 64 Bit Installation DVD


Good, if the need we can make use of that.

Custom FRST Script:

Delete the current fix log and fixlist if still present on your usb drive...

Then please download this new attached fixlist.txt(see below) and save to your usb drive.

  • Now please enter System Recovery Options on the infected machine again and then select Command Prompt.
  • Run FRST64 again as outlined in my prior post and then press the Fix button just once and wait.
  • The tool will make a log on the usb drive (Fixlog.txt). Please copy and paste the contents of the aforementioned notepad file in your next reply
  • Reboot the machine back into Normal Mode.
Next:

Let myself know in your next reply if your machine can now successfully boot into Normal Mode and post the contents of the requested Fix Log.

In the event still problems booting up into Normal Mode, please check for myself if you can boot the machine into any of the Safe Mode options.
  • 0

#9
Katehsparrow
Posted 28 March 2014 - 05:33 PM

Katehsparrow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Hello again,

 

First of all, thanks for your kind words. :)

 

Second, I have good news and bad news.

 

Bad news is that I am still unable to boot into Normal Mode. I still get a reboot at the Starting Windows screen and then a "Windows failed to start" screen with repair options.

 

Good news is that I am now able to boot into Safe Mode with Networking.

 

Two other things I wanted to let you know about:

When my desktop appeared, I had a prompt that said something along the lines of 'Windows must restart in order to apply these changes.' I haven't done anything with it.

 

I also have an icon on my desktop now that says "Tweaking....-Registry..." -- is this something to be concerned about or is it one of the tools we've been using?

 

The log you requested is below:

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by SYSTEM at 2014-03-28 19:22:56 Run:3
Running from F:\
Boot Mode: Recovery
==============================================
 
Content of fixlist:
*****************
Start
LastRegBack: 2014-03-20 00:11
End
*****************
 
DEFAULT hive was successfully copied to System32\config\HiveBackup
DEFAULT hive was successfully restored from registry back up.
SAM hive was successfully copied to System32\config\HiveBackup
SAM hive was successfully restored from registry back up.
SECURITY hive was successfully copied to System32\config\HiveBackup
SECURITY hive was successfully restored from registry back up.
SOFTWARE hive was successfully copied to System32\config\HiveBackup
SOFTWARE hive was successfully restored from registry back up.
SYSTEM hive was successfully copied to System32\config\HiveBackup
SYSTEM hive was successfully restored from registry back up.
 
==== End of Fixlog ====

Edited by Katehsparrow, 28 March 2014 - 05:40 PM.

  • 0

#10
Dakeyras
Posted 28 March 2014 - 06:16 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)
 

First of all, thanks for your kind words. :)


You're welcome!

 

Bad news is that I am still unable to boot into Normal Mode. I still get a reboot at the Starting Windows screen and then a "Windows failed to start" screen with repair options.


Acknowledged.
 

Good news is that I am now able to boot into Safe Mode with Networking.


Ok at least that is something more positive. Lets check if a Startup Repair will enable Normal Mode and if not we can always resort back to the one working mode/Safe Mode with Networking etc.
 

When my desktop appeared, I had a prompt that said something along the lines of 'Windows must restart in order to apply these changes.' I haven't done anything with it.


Ignore such if occurs again but try and make a note of what exactly is denoted and or create a screen-shot if able please and in turn post that as a attachment for my review etc.
 

I also have an icon on my desktop now that says "Tweaking....-Registry..." -- is this something to be concerned about or is it one of the tools we've been using?


It does indeed relate to something I advised, specifically 'Backup the Registry' in post #2.

Now something I would like to ask you, could you please refrain from editing posts. Absolutely anything you wish to bring to my attention merely post a reply again regardless what it may be, thank you.

Run Windows 7 SR:

Boot up your machine using the Windows 7 64 Bit Installation DVD...
  • If not sure how to, a very good tutorial can be read here.
  • You will have to answer a few basic questions then select the option Repair your computer
  • At the System Recovery Options screen click Windows 7 to highlight then Next>
  • Now click on/select Startup Repair
  • If prompted to use System Restore, select Cancel.
  • The same if prompted to Send information about this problem (recommended), select Don't send.
  • Click Finish when Startup Repair has completed, run it again a further two times.
  • Upon completion of the third run, remove the Windows 7 64 Bit Installation DVD and then click on Restart
Note: Even if states nothing detected/repaired running it three times consecutively can at times implement some repairs even if not apparent etc.

Next:

Let myself know when completed the above and if your machine can now successfully boot into Normal Mode after the third Startup Repair run...

In the event still problems booting up into Normal Mode, please double check again for myself if you can still boot the machine into any of the Safe Mode options.
  • 0

Advertisements

#11
Katehsparrow
Posted 28 March 2014 - 06:37 PM

Katehsparrow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Hi again,

 

Sorry about that! I'll make sure to post another reply next time. Old habit of avoiding spamming. :)

 

I inserted the installation disk and clicked 'Repair your computer' and the following error message popped up. I am certain that I am using the Windows 7 installation disk.

 

 

Attached Thumbnails

  • 20140328_203146.jpg

  • 0

#12
Dakeyras
Posted 28 March 2014 - 06:53 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)
 

Sorry about that! I'll make sure to post another reply next time. Old habit of avoiding spamming. :)


Fair play and not a problem.
 

I inserted the installation disk and clicked 'Repair your computer' and the following error message popped up. I am certain that I am using the Windows 7 installation disk.


Hmm possible you used a 32 bit version, ok try the below with the problem machine actually running in Safe Mode with Networking...

Create a Windows 7 System Repair Disc

Note: you will require a blank rewritable CD/DVD to create the below.
  • Download this iso file to your desktop.
  • Now double click on recdisc.iso and the below should appear:
rec1.gif
  • Select the option Verify disc after burning >> click on Burn
  • The process should now begin:
rec2.gif
  • Once created/the burning process has completed, it will be verified:
rec3.gif
  • After that the optical drive of your machine will re-open and you can remove the disc:
rec4.gif
  • Click on Close, you now have a Windows 7 System Repair Disc.
Next:

If successfully created, use it to follow my prior advice re: Run Windows 7 SR.
  • 0

#13
Katehsparrow
Posted 28 March 2014 - 07:27 PM

Katehsparrow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Alright. So something bizarre (but good?) just happened.

 

I was able to create the disk re your instruction and inserted it into my infected computer. When it came to the screen where I was supposed to press a key to boot from the disk, I missed it by a second and Windows started to boot up in Normal mode instead. 

 

And to my surprise-- it booted. 

 

I removed the disk and shut down the computer and started it back up again-- same result. Even just clicking "Restart" now allows me to boot back up into Normal mode.

 

Considering this bizarre turn of events, what steps would you like me to take next? I have the repair disk set aside in case we want to continue along that route.

 

I'm pretty sure there is some witchcraft going on or something.  :headscratch:

 

The only other thing that I noticed was strange was that I received this warning message after it sat on for a few minutes. Not sure if it has anything to do with what we are doing here (it could just be that I need to update my graphics card drivers), but I didn't want to leave any stone unturned.

 

 

Attached Thumbnails

  • Capture.JPG

  • 0

#14
Katehsparrow
Posted 28 March 2014 - 07:36 PM

Katehsparrow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Alas, I spoke too soon. On another attempt to start the computer up, I became stuck in an endless boot loop again. I am going to continue to follow your Startup Repair instructions.


  • 0

#15
Katehsparrow
Posted 28 March 2014 - 07:57 PM

Katehsparrow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

So upon rebooting the computer with the created Repair Disk in, I noticed that I didn't miss the prompt to boot from CD/DVD-- it wasn't there to begin with. So I restarted and this time when BIOS loaded, I pressed F12 to bring up the boot menu and had it boot from the CD/DVD drive (which is listed as first on the list). Instead of the screens you listed, the normal Windows login screen appeared. I burnt a second repair disk while in Safe Mode with Networking to make sure that it wasn't the disk, but the same thing happened again.

 

Without the disk in, it seems like I am able to get to my desktop, as well. Before though, I did get caught in an endless boot loop.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP