Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

System tools are blocked, Recovery not working, virus? [Closed]

Started by tracey7793 , May 20 2014 02:12 PM

This topic is locked

#1
tracey7793

Posted 20 May 2014 - 02:12 PM

Member

Member
23 posts

I need help! My laptop seems to have a mind of it's own. I dont know if I have a virus, but all my files are moved, some I cant even find or access is denied. I have tried to run security scans but they say no threats found. I did do a norton power scrubber today, the reults popped up for a few minutes and now I can not find them. It said some files can not be trusted. Some had an ATI program and an AMD program. Thats all I remember, since they only stayed on screen for few minutes. I am in now way a computer genius, but I have been learning alot from the help screen. My administrative tools are not available to me. I seem to be only a user and not an administrator. I have went into safe mode, so I could look into locked programs. I went into registry but did not change anything. I did see all these strings, and it was really strange. Even my recovery and restore options are blocked. I have tried to reset, but the same setting come up and everything stays the same. I am at my wits end trying to do self help. If anyone could help me, I would be very grateful. I did try to download Malware bytes, but it said that shared files have a torent on it. I have tried to open these shared files, but access is denied. Also, there is an unknown device connected to my laptop, but I am unable to see it. It also says that I have a taredo connection and that my internet is being shared. I dont know how because I have wireless shut off and am currently using an ethernet. a few months ago, I was hacked and 2 of out laptops were compromised. My primary laptop, was destroyed, hard disc failure. My daughter laptop is still has a virus. And now my new one that I am currently on, is acting up. Please Help. Thanks in advance

#2
Dakeyras

Posted 20 May 2014 - 02:27 PM

Anti-Malware Mammoth

Expert
9,772 posts

Hi and welcome to Geeks to Go.

Can you inform myself please which exact Operating System(version) is in use on your machine and we will then go from there, thank you.

#3
tracey7793

Posted 20 May 2014 - 02:55 PM

Member

Topic Starter
Member
23 posts

Where would I find this? I am so sorry but I am not that computer friendly

#4
tracey7793

Posted 20 May 2014 - 02:56 PM

Member

Topic Starter
Member
23 posts

Just found it. 64 bit

#5
Dakeyras

Posted 20 May 2014 - 03:53 PM

Anti-Malware Mammoth

Expert
9,772 posts

Hi.

Where would I find this? I am so sorry but I am not that computer friendly

Not a problem and no need to apologise I assure you. If at any time you are unsure of something and or do not quite understand what I am advising; merely stop what you are doing and just inform myself please...

For future reference the below links may be of assistance when identifying which Operating System is in use on any one machine etc...

Which Windows operating system am I running?

How do I find out which operating system I have on my computer?

Just found it. 64 bit

Acknowledged...

For now lets just try two specific Anti-Malware tools and see what transpires(do limit online access with this infected machine please if able 'till I am better able to ascertain what the problem may be).

Download/run Rkill:

Please download Rkill from one of the following links and save to your Desktop:

One, Two,Three, Four or Five

Note: If your security software warns about Rkill, please ignore and allow the download to continue. Plus in the event one version of Rkill fails to work, delete it and download/try another.

Double click on Rkill.
A command window will open then disappear upon completion, this is normal.
Post the log created, found on the desktop rkill.txt. in your next reply.

Scan with RogueKiller:

Please download RogueKiller to your Desktop

Alternate downloads are here or here.

Quit all running programs.
Double-click on RogueKiller.exe to start the application.
Let the pre-scan complete, then click on Accept option when the disclaimer window appears.

Note: If a browser window is launched/opened, merely close it.

Now click on the Scan tab back in the RogueKiller main window.
The RKreport.txt shall be generated next to the executable along with a zip file named RK_Quarantine.
If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.com
Please post the contents of the RKreport.txt in your next reply.

Next:

When completed the above, please post back the following in the order asked for:

How is your computer performing now, any further symptoms and or problems encountered ?
Rkill Log.
RogueKiller Log.

#6
tracey7793

Posted 20 May 2014 - 05:01 PM

Member

Topic Starter
Member
23 posts

I havent tried any admin tools, or shut down so I am not sur yet. The logs are attached as requested.

Rkill 2.6.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingc...opic308364.html

Program started at: 05/20/2014 05:57:04 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Empty HKLM\...\Winlogon: [Shell]! Value reset to explorer.exe

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 05/20/2014 06:00:23 PM
Execution time: 0

Program started at: 05/20/2014 05:57:04 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Empty HKLM\...\Winlogon: [Shell]! Value reset to explorer.exe

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 05/20/2014 06:00:23 PM
Execution time: 0 hours(s), 3 minute(s), and 19 seconds(s)

hours(s), 3 minute(s), and 19 seconds(s) and the following is

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : home [Admin rights]
Mode : Scan -- Date : 05/20/2014 18:23:42
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 1 ¤¤¤
[V2][SUSP PATH] Registration : "C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe" - Registration ShowMessageTask2D [7][-] -> FOUND

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
[Address] IAT @iexplore.exe (SHGetValueW) : SHLWAPI.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x732D4927)
[Address] IAT @iexplore.exe (SHRegGetValueW) : SHLWAPI.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x732D4984)
[Address] IAT @iexplore.exe (SHSetValueW) : SHLWAPI.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x732F2B62)
[Address] IAT @iexplore.exe (PathIsURLW) : SHLWAPI.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x732DFA79)
[Address] EAT @iexplore.exe (BeginBufferedAnimation) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DDF38)
[Address] EAT @iexplore.exe (BeginBufferedPaint) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DB741)
[Address] EAT @iexplore.exe (BeginPanningFeedback) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724F76AF)
[Address] EAT @iexplore.exe (BufferedPaintClear) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DBBDB)
[Address] EAT @iexplore.exe (BufferedPaintInit) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DB8D4)
[Address] EAT @iexplore.exe (BufferedPaintRenderAnimation) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DDE83)
[Address] EAT @iexplore.exe (BufferedPaintSetAlpha) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FCE19)
[Address] EAT @iexplore.exe (BufferedPaintStopAllAnimations) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DE428)
[Address] EAT @iexplore.exe (BufferedPaintUnInit) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E7525)
[Address] EAT @iexplore.exe (CloseThemeData) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D1FA1)
[Address] EAT @iexplore.exe (DrawThemeBackground) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DD464)
[Address] EAT @iexplore.exe (DrawThemeBackgroundEx) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E436D)
[Address] EAT @iexplore.exe (DrawThemeEdge) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FC01C)
[Address] EAT @iexplore.exe (DrawThemeIcon) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FD123)
[Address] EAT @iexplore.exe (DrawThemeParentBackground) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DE776)
[Address] EAT @iexplore.exe (DrawThemeParentBackgroundEx) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DE5C5)
[Address] EAT @iexplore.exe (DrawThemeText) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DDB21)
[Address] EAT @iexplore.exe (DrawThemeTextEx) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DA70C)
[Address] EAT @iexplore.exe (EnableThemeDialogTexture) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E786D)
[Address] EAT @iexplore.exe (EnableTheming) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FC9FF)
[Address] EAT @iexplore.exe (EndBufferedAnimation) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DACE8)
[Address] EAT @iexplore.exe (EndBufferedPaint) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DACE8)
[Address] EAT @iexplore.exe (EndPanningFeedback) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724F762C)
[Address] EAT @iexplore.exe (GetBufferedPaintBits) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DCF26)
[Address] EAT @iexplore.exe (GetBufferedPaintDC) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FCDCF)
[Address] EAT @iexplore.exe (GetBufferedPaintTargetDC) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FCD86)
[Address] EAT @iexplore.exe (GetBufferedPaintTargetRect) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FC893)
[Address] EAT @iexplore.exe (GetCurrentThemeName) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E63AE)
[Address] EAT @iexplore.exe (GetThemeAppProperties) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DEBD6)
[Address] EAT @iexplore.exe (GetThemeBackgroundContentRect) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DDA9E)
[Address] EAT @iexplore.exe (GetThemeBackgroundExtent) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E7155)
[Address] EAT @iexplore.exe (GetThemeBackgroundRegion) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E0190)
[Address] EAT @iexplore.exe (GetThemeBitmap) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D4B9C)
[Address] EAT @iexplore.exe (GetThemeBool) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D6651)
[Address] EAT @iexplore.exe (GetThemeColor) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D27C0)
[Address] EAT @iexplore.exe (GetThemeDocumentationProperty) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FC346)
[Address] EAT @iexplore.exe (GetThemeEnumValue) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D27C0)
[Address] EAT @iexplore.exe (GetThemeFilename) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FB997)
[Address] EAT @iexplore.exe (GetThemeFont) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E76A2)
[Address] EAT @iexplore.exe (GetThemeInt) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D27C0)
[Address] EAT @iexplore.exe (GetThemeIntList) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FB86E)
[Address] EAT @iexplore.exe (GetThemeMargins) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D2F97)
[Address] EAT @iexplore.exe (GetThemeMetric) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E55B4)
[Address] EAT @iexplore.exe (GetThemePartSize) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D289F)
[Address] EAT @iexplore.exe (GetThemePosition) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FB80D)
[Address] EAT @iexplore.exe (GetThemePropertyOrigin) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E0923)
[Address] EAT @iexplore.exe (GetThemeRect) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FB936)
[Address] EAT @iexplore.exe (GetThemeStream) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FB8CF)
[Address] EAT @iexplore.exe (GetThemeString) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FB7A1)
[Address] EAT @iexplore.exe (GetThemeSysBool) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FCB86)
[Address] EAT @iexplore.exe (GetThemeSysColor) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E5530)
[Address] EAT @iexplore.exe (GetThemeSysColorBrush) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FCA32)
[Address] EAT @iexplore.exe (GetThemeSysFont) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FC3D8)
[Address] EAT @iexplore.exe (GetThemeSysInt) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FC5E7)
[Address] EAT @iexplore.exe (GetThemeSysSize) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FCC61)
[Address] EAT @iexplore.exe (GetThemeSysString) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FC553)
[Address] EAT @iexplore.exe (GetThemeTextExtent) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D89FE)
[Address] EAT @iexplore.exe (GetThemeTextMetrics) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E778C)
[Address] EAT @iexplore.exe (GetThemeTransitionDuration) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DE1A1)
[Address] EAT @iexplore.exe (GetWindowTheme) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E535B)
[Address] EAT @iexplore.exe (HitTestThemeBackground) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E2DC1)
[Address] EAT @iexplore.exe (IsAppThemed) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E7009)
[Address] EAT @iexplore.exe (IsCompositionActive) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D65DF)
[Address] EAT @iexplore.exe (IsThemeActive) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E6F36)
[Address] EAT @iexplore.exe (IsThemeBackgroundPartiallyTransparent) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D281C)
[Address] EAT @iexplore.exe (IsThemeDialogTextureEnabled) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FCB3F)
[Address] EAT @iexplore.exe (IsThemePartDefined) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D30CF)
[Address] EAT @iexplore.exe (OpenThemeData) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D5F29)
[Address] EAT @iexplore.exe (OpenThemeDataEx) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E06FE)
[Address] EAT @iexplore.exe (SetThemeAppProperties) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FCCEC)
[Address] EAT @iexplore.exe (SetWindowTheme) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E7AFC)
[Address] EAT @iexplore.exe (SetWindowThemeAttribute) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D9E39)
[Address] EAT @iexplore.exe (ThemeInitApiHook) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D4571)
[Address] EAT @iexplore.exe (UpdatePanningFeedback) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724F75ED)
[Address] IAT @iexplore.exe (SHGetValueW) : SHLWAPI.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x732D4927)
[Address] IAT @iexplore.exe (SHRegGetValueW) : SHLWAPI.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x732D4984)
[Address] IAT @iexplore.exe (SHSetValueW) : SHLWAPI.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x732F2B62)
[Address] IAT @iexplore.exe (PathIsURLW) : SHLWAPI.dll -> HOOKED (C:\Program Files (x86)\Internet Explorer\IEShims.dll @ 0x732DFA79)
[Address] EAT @iexplore.exe (BeginBufferedAnimation) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DDF38)
[Address] EAT @iexplore.exe (BeginBufferedPaint) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DB741)
[Address] EAT @iexplore.exe (BeginPanningFeedback) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724F76AF)
[Address] EAT @iexplore.exe (BufferedPaintClear) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DBBDB)
[Address] EAT @iexplore.exe (BufferedPaintInit) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DB8D4)
[Address] EAT @iexplore.exe (BufferedPaintRenderAnimation) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DDE83)
[Address] EAT @iexplore.exe (BufferedPaintSetAlpha) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FCE19)
[Address] EAT @iexplore.exe (BufferedPaintStopAllAnimations) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DE428)
[Address] EAT @iexplore.exe (BufferedPaintUnInit) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E7525)
[Address] EAT @iexplore.exe (CloseThemeData) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D1FA1)
[Address] EAT @iexplore.exe (DrawThemeBackground) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DD464)
[Address] EAT @iexplore.exe (DrawThemeBackgroundEx) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E436D)
[Address] EAT @iexplore.exe (DrawThemeEdge) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FC01C)
[Address] EAT @iexplore.exe (DrawThemeIcon) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FD123)
[Address] EAT @iexplore.exe (DrawThemeParentBackground) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DE776)
[Address] EAT @iexplore.exe (DrawThemeParentBackgroundEx) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DE5C5)
[Address] EAT @iexplore.exe (DrawThemeText) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DDB21)
[Address] EAT @iexplore.exe (DrawThemeTextEx) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DA70C)
[Address] EAT @iexplore.exe (EnableThemeDialogTexture) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E786D)
[Address] EAT @iexplore.exe (EnableTheming) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FC9FF)
[Address] EAT @iexplore.exe (EndBufferedAnimation) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DACE8)
[Address] EAT @iexplore.exe (EndBufferedPaint) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DACE8)
[Address] EAT @iexplore.exe (EndPanningFeedback) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724F762C)
[Address] EAT @iexplore.exe (GetBufferedPaintBits) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DCF26)
[Address] EAT @iexplore.exe (GetBufferedPaintDC) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FCDCF)
[Address] EAT @iexplore.exe (GetBufferedPaintTargetDC) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FCD86)
[Address] EAT @iexplore.exe (GetBufferedPaintTargetRect) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FC893)
[Address] EAT @iexplore.exe (GetCurrentThemeName) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E63AE)
[Address] EAT @iexplore.exe (GetThemeAppProperties) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DEBD6)
[Address] EAT @iexplore.exe (GetThemeBackgroundContentRect) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DDA9E)
[Address] EAT @iexplore.exe (GetThemeBackgroundExtent) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E7155)
[Address] EAT @iexplore.exe (GetThemeBackgroundRegion) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E0190)
[Address] EAT @iexplore.exe (GetThemeBitmap) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D4B9C)
[Address] EAT @iexplore.exe (GetThemeBool) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D6651)
[Address] EAT @iexplore.exe (GetThemeColor) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D27C0)
[Address] EAT @iexplore.exe (GetThemeDocumentationProperty) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FC346)
[Address] EAT @iexplore.exe (GetThemeEnumValue) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D27C0)
[Address] EAT @iexplore.exe (GetThemeFilename) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FB997)
[Address] EAT @iexplore.exe (GetThemeFont) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E76A2)
[Address] EAT @iexplore.exe (GetThemeInt) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D27C0)
[Address] EAT @iexplore.exe (GetThemeIntList) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FB86E)
[Address] EAT @iexplore.exe (GetThemeMargins) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D2F97)
[Address] EAT @iexplore.exe (GetThemeMetric) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E55B4)
[Address] EAT @iexplore.exe (GetThemePartSize) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D289F)
[Address] EAT @iexplore.exe (GetThemePosition) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FB80D)
[Address] EAT @iexplore.exe (GetThemePropertyOrigin) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E0923)
[Address] EAT @iexplore.exe (GetThemeRect) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FB936)
[Address] EAT @iexplore.exe (GetThemeStream) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FB8CF)
[Address] EAT @iexplore.exe (GetThemeString) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FB7A1)
[Address] EAT @iexplore.exe (GetThemeSysBool) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FCB86)
[Address] EAT @iexplore.exe (GetThemeSysColor) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E5530)
[Address] EAT @iexplore.exe (GetThemeSysColorBrush) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FCA32)
[Address] EAT @iexplore.exe (GetThemeSysFont) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FC3D8)
[Address] EAT @iexplore.exe (GetThemeSysInt) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FC5E7)
[Address] EAT @iexplore.exe (GetThemeSysSize) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FCC61)
[Address] EAT @iexplore.exe (GetThemeSysString) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FC553)
[Address] EAT @iexplore.exe (GetThemeTextExtent) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D89FE)
[Address] EAT @iexplore.exe (GetThemeTextMetrics) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E778C)
[Address] EAT @iexplore.exe (GetThemeTransitionDuration) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724DE1A1)
[Address] EAT @iexplore.exe (GetWindowTheme) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E535B)
[Address] EAT @iexplore.exe (HitTestThemeBackground) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E2DC1)
[Address] EAT @iexplore.exe (IsAppThemed) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E7009)
[Address] EAT @iexplore.exe (IsCompositionActive) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D65DF)
[Address] EAT @iexplore.exe (IsThemeActive) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E6F36)
[Address] EAT @iexplore.exe (IsThemeBackgroundPartiallyTransparent) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D281C)
[Address] EAT @iexplore.exe (IsThemeDialogTextureEnabled) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FCB3F)
[Address] EAT @iexplore.exe (IsThemePartDefined) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D30CF)
[Address] EAT @iexplore.exe (OpenThemeData) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D5F29)
[Address] EAT @iexplore.exe (OpenThemeDataEx) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E06FE)
[Address] EAT @iexplore.exe (SetThemeAppProperties) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724FCCEC)
[Address] EAT @iexplore.exe (SetWindowTheme) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724E7AFC)
[Address] EAT @iexplore.exe (SetWindowThemeAttribute) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D9E39)
[Address] EAT @iexplore.exe (ThemeInitApiHook) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724D4571)
[Address] EAT @iexplore.exe (UpdatePanningFeedback) : gdiplus.dll -> HOOKED (C:\Windows\system32\uxtheme.dll @ 0x724F75ED)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS545050A7E380 SATA Disk Device +++++
--- User ---
[MBR] eb085894d55d7e01e8a9c686b7d5796f
[BSP] c9fef6cae9eb703c6a22a06f2053cc20 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 457598 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 937570304 | Size: 19038 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_05202014_182342.txt >>

#7
tracey7793

Posted 20 May 2014 - 05:34 PM

Member

Topic Starter
Member
23 posts

The r\Rogue program is giving me the option to delete and fix the problems. I dont want to close the program until I know what to do. The options buttons on the right of the screen are delete, followed in order by fix host , fix proxy, fix DNS, or fix shortcuts. There is a tool button on top that say repair services. Does this mean that the program didnt finish running or is this normal?

#8
Dakeyras

Posted 21 May 2014 - 03:36 AM

Anti-Malware Mammoth

Expert
9,772 posts

Hi.

I havent tried any admin tools, or shut down so I am not sur yet

Fair play.

The r\Rogue program is giving me the option to delete and fix the problems. I dont want to close the program until I know what to do. The options buttons on the right of the screen are delete, followed in order by fix host , fix proxy, fix DNS, or fix shortcuts. There is a tool button on top that say repair services. Does this mean that the program didnt finish running or is this normal?

Nothing to be concerned about as this is normal and feel free to close the program now if still running as we will not be using it again.

Next:

Lets proceed as follows shall we...

Download/run Unhide

Please download and save Unhide to your desktop

Then right-click on unhide.exe and select Run as Administrator to launch the application >> a black command window will appear, this is normal
Once Unhide has completed processing your machines hard-drive it will automatically close. This may take some time...
There should be a notepad file named unhide.txt on the desktop afterwards, please post the contents of the aforementioned in your next reply.
Now reboot(restart) your machine.

Scan with aswMBR:

Please download aswMBR.exe to your desktop.

Right-click on aswMBR.exe and select Run as Administrator to launch the application.
When prompted with The application can use the Avast! Free Antivirus for scanning >> select Yes
The Avast! virus definitions database will automatically be downloaded. Be patient this make take some time depending on the speed of your Internet Connection.
Once it has downloaded >> ensure the option next to AV scan: >> QuickScan is selected only. It should be by default.
Now click on the Scan button to start the scan.
On completion of the scan click Save Log, save it to your desktop and post the contents in your next reply
Click on Exit.

Note: There will also be a file on your desktop named MBR.dat(or similar) do not delete this for now it is a actual backup of the MBR(master boot record).

Next:

When completed the above, please post back the following in the order asked for:

Unhide Log.
awsMBR Log.

#9
tracey7793

Posted 21 May 2014 - 10:09 AM

Member

Topic Starter
Member
23 posts

Here are the logs

Unhide by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Unhide.exe can be found at this link:
http://www.bleepingc...opic405109.html

Program started at: 05/21/2014 09:56:38 AM
Windows Version: Windows 7

Please be patient while your files are made visible again.

Processing the C:\ drive
Finished processing the C:\ drive. 186758 files processed.

Processing the D:\ drive
Finished processing the D:\ drive. 125 files processed.

The C:\Users\home\AppData\Local\Temp\smtmp\ folder does not exist!!
Unhide cannot restore your missing shortcuts!!
Please see this topic in order to learn how to restore default
Start Menu shortcuts: http://www.bleepingc...opic405109.html

Searching for Windows Registry changes made by FakeHDD rogues.
- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
- Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
No registry changes detected.

Program finished at: 05/21/2014 09:58:09 AM
Execution time: 0 hours(s), 1 minute(s), and 31 seconds(s)

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-05-21 10:25:33
-----------------------------
10:25:33.216    OS Version: Windows x64 6.1.7601 Service Pack 1
10:25:33.216    Number of processors: 2 586 0x1001
10:25:33.216    ComputerName: HOME-HP UserName: home
10:25:34.167    Initialze error C000010E - driver not loaded
10:25:34.214    write error "aswCmnB.dll". The process cannot access the file because it is being used by another process.
10:30:40.319    AVAST engine defs: 14052100
10:46:13.120    Service scanning
10:46:19.083    Service BHDrvx64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20140510.001\BHDrvx64.sys **LOCKED** 5
10:46:24.261    Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
10:46:29.768    Service IDSVia64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20140520.001\IDSvia64.sys **LOCKED** 5
10:46:33.662    Service NAVENG C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140520.022\ENG64.SYS **LOCKED** 5
10:46:33.958    Service NAVEX15 C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140520.022\EX64.SYS **LOCKED** 5
10:46:52.788    Modules scanning
10:46:52.788    Disk 0 trace - called modules:
10:46:52.804
10:46:53.682    AVAST engine scan C:\Windows
10:46:55.934    AVAST engine scan C:\Windows\system32
10:50:16.775    AVAST engine scan C:\Windows\system32\drivers
10:50:28.591    AVAST engine scan C:\Users\home
10:50:37.206    AVAST engine scan C:\ProgramData
10:50:56.951    Scan finished successfully
11:50:11.511    The log file has been saved successfully to "C:\Users\home\Desktop\aswMBR.txt"

#10
Dakeyras

Posted 22 May 2014 - 04:10 AM

Anti-Malware Mammoth

Expert
9,772 posts

Hi.

Here are the logs

Thank you!

Next:

OK please download this file here and save to your desktop.

Once downloaded, the should be a file named win7-x64-sm-reset.exe on your deskstop...
Right-click on win7-x64-sm-reset.exe and select Run as Administrator >> at the prompt click on OK >> at the next prompt click on OK
Then reboot(restart) your machine.

Scan with Farbar Recovery Scan Tool:

Please download and save Farbar Recovery Scan Tool 64-Bit to your Desktop.

Right-click on FRST.exe and select Run as Administrator to start FRST >> follow the prompt/click on Yes
Under Optional Scan ensure both Drivers MD5 and Addition.txt are selected.
Now click on the Scan button/radio tab >> at the Scan completed prompt click on OK
At the next prompt denoting Addition.txt is saved in the same location FRST tool is run >> click on OK
There will now be two logs on your desktop, Addition.txt and FRST.txt. Post the contents of both in your next reply.

Next:

When completed the above, please post back the following in the order asked for:

Both FRST logs. <-- Post them individually please, IE: one Log per post/reply.

#11
tracey7793

Posted 22 May 2014 - 12:11 PM

Member

Topic Starter
Member
23 posts

frst log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by user (ATTENTION: The logged in user is not administrator) on HOME_H on 22-05-2014 14:04:44
Running from C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UXTI9CGK
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(HP) C:\Program Files (x86)\HP SimplePass\BioMonitor.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_197_ActiveX.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-06] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2899216 2012-03-26] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-20] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-04-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8ED6A3AAE275CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: HP SimplePass Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: HP SimplePass Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
Toolbar: HKLM - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
Toolbar: HKLM-x32 - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-04-12] (Advanced Micro Devices, Inc.)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [260424 2011-12-11] (HP)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [269640 2011-12-09] (AuthenTec, Inc.)

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [31872 2012-02-02] (Advanced Micro Devices, Inc.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-01] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-01] (Broadcom Corporation.)
S3 SmbDrvAMDASF; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [26384 2012-03-26] (Synaptics Incorporated)
S3 SmbDrvIntel; C:\Windows\system32\drivers\Smb_driver_Intel.sys [27408 2012-03-26] (Synaptics Incorporated)

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\system32\drivers\Accelerometer.sys A3D3A95303269011060BBCFB97CA1DD5
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdhub30.sys 2EF1BA6D5DC79FCE5E9216C8C2D3F193
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdiox64.sys 6A2EEB0C4133B20773BB3DD0B7B377B4
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys DCA69D34DA827A5E2DAA914F0C23E772
C:\Windows\System32\DRIVERS\atikmpag.sys 7B1D1CDD93DB9E045045A500310C7397
C:\Windows\System32\drivers\amdkmpfd.sys 554FB0F28C411FB1EAFD4EA46A8CAAA4
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\amdxhc.sys 541A6C49C792ED71FB3EFF8C815CFE60
C:\Windows\System32\drivers\amd_sata.sys A1434F35B7B171CB697D74D33F7D029F
C:\Windows\System32\drivers\amd_xata.sys E9B5A82FA268BB2D1B012030D5F4E096
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW76.sys 24464B908E143D2561E9E452FEE97309
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\drivers\bcbtums.sys BC9E4469FE2CE605902D4C8BB09E8236
C:\Windows\System32\DRIVERS\bcmwl664.sys 94387EFC7254F2E74C6C6E6019ACA53A
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 64C198198501F7560EE41D8D1EFA7952
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\system32\drivers\btwampfl.sys 93F0E54C65EF7FCB56287FA685E4C4B7
C:\Windows\System32\drivers\btwaudio.sys D1F3C58892C621935947C0261BAEF3C0
C:\Windows\system32\drivers\btwavdt.sys 9C7A3858D87F3A2574C1D326CA6C1461
C:\Windows\System32\DRIVERS\btwdpan.sys AC602E3B6940B48E454D90545D85E8C3
C:\Windows\System32\DRIVERS\btwl2cap.sys B1ACFD00CDD13B48D86F46BFEC153BF9
C:\Windows\system32\drivers\btwrchid.sys BB892C59D453E127797F8C5B203678DC
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\clwvd.sys 50F92C943F18B070F166D019DFAB3D9A
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys C4943B6C962E4B82197542447AD599F4
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys CE7743807258A7D383C427E3C178A49E
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\System32\drivers\hpdskflt.sys 4EC5F601B46C00DF87323CD58E8AA1A3
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys DA1E991A61CFDD755A589E206B97644B
C:\Windows\System32\Drivers\ksecpkg.sys 7E33198D956943A4F11A5474C1E9106F
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys C38B8AE57F78915905064A9A24DC1586
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys A2F74975097F52A00745F9637451FDD8
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvm62x64.sys A85B4F2EF3A7304A5399EF0526423040
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys 6D76E6433574B058ADCB0C50DF834492
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\RtsBaStor.sys C855010A28099C6916123B28CA51351F
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys C5CD940EFFADE1F6246730BCA14E9FE6
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\system32\drivers\Smb_driver_AMDASF.sys 8B03527A651EBBC12EAF10D875A7C1B4
C:\Windows\system32\drivers\Smb_driver_Intel.sys B9EECC2BDA778921C2B49F828B88CDD4
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\VSTAZL6.SYS 0C4540311E11664B245A263E1154CEF8
C:\Windows\System32\DRIVERS\VSTDPV6.SYS 02071D207A9858FBE3A48CBFD59C4A04
C:\Windows\System32\DRIVERS\VSTCNXT6.SYS 18E40C245DBFAF36FD0134A7EF2DF396
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys 9F21BBDA0227A08C86175C2AB5F17F70
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\SynTP.sys 50647FA8EFACB6C80FD29669FE9C1666
C:\Windows\System32\drivers\tcpip.sys FC62769E7BFF2896035AEED399108162
C:\Windows\System32\DRIVERS\tcpip.sys FC62769E7BFF2896035AEED399108162
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbccgp.sys 2B26FCB7C634C49313FD72120FB9946E
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbehci.sys AA68C758B3F225618A5FD1ED40C383C4
C:\Windows\System32\DRIVERS\usbfilter.sys 33A58C5630200E17B51C8D73DD64181B
C:\Windows\system32\drivers\usbhub.sys 66E1EF753543785D7E2C44719B2C5DAD
C:\Windows\system32\drivers\usbohci.sys B26ACA4784AD1295C25A7501FD4AB79E
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\system32\drivers\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 35944CFF264134FFD2E7EED0F8B81A56
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys DF8126BD41180351A093A3AD2FC8903B
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-22 16:23 - 2014-05-22 16:23 - 00057560 _____ () C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-22 16:23 - 2014-05-22 16:23 - 00000000 ____D () C:\Users\user\AppData\Roaming\ATI
2014-05-22 16:23 - 2014-05-22 16:23 - 00000000 ____D () C:\Users\user\AppData\Local\ATI
2014-05-22 16:23 - 2014-05-22 16:23 - 00000000 ____D () C:\Users\user\AppData\Local\AMD
2014-05-22 16:22 - 2014-05-22 16:22 - 00001447 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-22 16:22 - 2014-05-22 16:22 - 00001413 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-22 16:22 - 2014-05-22 16:22 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-22 16:22 - 2014-05-22 16:22 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-22 16:22 - 2014-05-22 16:22 - 00000000 ____D () C:\Users\user\AppData\Roaming\Synaptics
2014-05-22 16:22 - 2014-05-22 13:41 - 00000000 ____D () C:\Users\user\AppData\Local\Hewlett-Packard
2014-05-22 16:21 - 2014-05-22 16:21 - 00000020 ___SH () C:\Users\user\ntuser.ini
2014-05-22 16:21 - 2014-05-22 16:21 - 00000000 ____D () C:\Users\user\AppData\Local\VirtualStore
2014-05-22 16:21 - 2009-07-14 00:54 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-22 16:21 - 2009-07-14 00:49 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-22 14:56 - 2014-05-22 14:57 - 00000000 ____D () C:\Users\Home
2014-05-22 14:04 - 2014-05-22 14:04 - 00000000 ____D () C:\FRST
2014-05-22 14:00 - 2010-11-21 02:16 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
2014-05-22 13:59 - 2009-06-10 16:30 - 00048265 _____ () C:\Windows\HomePremium.xml
2014-05-22 13:58 - 2014-05-22 13:58 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-22 13:51 - 2014-05-22 14:05 - 00039208 _____ () C:\Windows\WindowsUpdate.log
2014-05-22 13:44 - 2014-05-22 13:44 - 00000000 ____D () C:\ProgramData\ATI
2014-05-22 13:43 - 2014-05-22 13:43 - 00000000 ____D () C:\ProgramData\Synaptics
2014-05-22 13:41 - 2014-05-22 13:41 - 00000000 ____D () C:\Users\user\AppData\Roaming\hpqlog
2014-05-22 13:35 - 2014-05-22 13:35 - 00002179 _____ () C:\Users\Public\Desktop\HP Support Assistant.lnk
2014-05-22 13:34 - 2014-05-22 13:48 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-22 13:34 - 2014-05-22 13:34 - 00417440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-22 13:34 - 2014-05-22 13:34 - 00070304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-22 13:34 - 2014-05-22 13:34 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-05-22 13:34 - 2014-05-22 13:34 - 00000000 ____D () C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2014-05-22 13:33 - 2014-05-22 13:33 - 00000000 ____D () C:\Windows\system32\Macromed
2014-05-22 13:33 - 2014-05-22 13:33 - 00000000 ____D () C:\Program Files (x86)\HP SimplePass
2014-05-22 13:32 - 2014-05-22 13:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-05-22 13:32 - 2014-05-22 13:32 - 00000000 ____D () C:\Users\Public\Documents\YouCam
2014-05-22 13:32 - 2014-05-22 13:32 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-05-22 13:32 - 2014-05-22 13:32 - 00000000 ____D () C:\Program Files\Common Files\AuthenTec
2014-05-22 13:30 - 2014-05-22 13:32 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-05-22 13:28 - 2014-05-22 13:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-05-22 13:28 - 2014-05-22 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2014-05-22 13:27 - 2014-05-22 13:27 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-05-22 13:25 - 2012-06-02 18:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-05-22 13:25 - 2012-06-02 18:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-05-22 13:25 - 2012-06-02 18:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-05-22 13:25 - 2012-06-02 18:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-05-22 13:25 - 2012-06-02 18:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-05-22 13:25 - 2012-06-02 18:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-05-22 13:25 - 2012-06-02 18:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 17773056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 12268544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 10884096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 09702400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-05-22 13:24 - 2014-05-22 13:24 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-05-22 13:24 - 2014-05-22 13:24 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-22 13:24 - 2014-05-22 13:24 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-22 13:24 - 2014-05-22 13:24 - 02303488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 02136064 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 01797632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 01785344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 01492992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-22 13:24 - 2014-05-22 13:24 - 01427456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-22 13:24 - 2014-05-22 13:24 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 01344000 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 01102336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00818176 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00716800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00580608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-05-22 13:24 - 2014-05-22 13:24 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-05-22 13:24 - 2014-05-22 13:24 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-05-22 13:24 - 2014-05-22 13:24 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-05-22 13:24 - 2014-05-22 13:24 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00000000 ____D () C:\Users\user\AppData\Roaming\Macromedia
2014-05-22 13:24 - 2014-05-22 13:24 - 00000000 ____D () C:\Users\user\AppData\Roaming\Adobe
2014-05-22 13:24 - 2012-06-02 18:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-05-22 13:24 - 2012-06-02 18:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-05-22 13:23 - 2014-05-22 13:35 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-22 13:23 - 2014-05-22 13:23 - 00772430 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-22 13:23 - 2014-05-22 13:23 - 00000000 ____D () C:\Windows\Hewlett-Packard
2014-05-22 13:18 - 2012-02-01 23:07 - 00615976 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys
2014-05-22 13:17 - 2012-02-01 23:07 - 00211496 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys
2014-05-22 13:17 - 2012-02-01 23:07 - 00184360 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys
2014-05-22 13:17 - 2012-02-01 23:07 - 00134696 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys
2014-05-22 13:17 - 2012-02-01 23:07 - 00089640 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwdpan.sys
2014-05-22 13:17 - 2012-02-01 23:07 - 00039976 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys
2014-05-22 13:17 - 2012-02-01 23:07 - 00039566 _____ () C:\Windows\system32\Drivers\BCM20702A1_001.002.014.0136.0168.hex
2014-05-22 13:17 - 2012-02-01 23:07 - 00021544 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys
2014-05-22 13:16 - 2014-05-22 13:43 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-05-22 13:16 - 2014-05-22 13:16 - 00000000 ____D () C:\Program Files\WIDCOMM
2014-05-22 13:15 - 2014-05-22 13:15 - 04747328 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL664.SYS
2014-05-22 13:15 - 2014-05-22 13:15 - 03952640 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2014-05-22 13:15 - 2014-05-22 13:15 - 03617792 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2014-05-22 13:15 - 2014-05-22 13:15 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2014-05-22 13:15 - 2014-05-22 13:15 - 00006656 _____ () C:\Windows\system32\bcmwlrc.dll
2014-05-22 13:15 - 2014-05-22 13:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-05-22 13:15 - 2014-05-22 13:15 - 00000000 ____D () C:\Program Files\Synaptics
2014-05-22 13:15 - 2014-05-22 13:15 - 00000000 ____D () C:\Program Files\Broadcom
2014-05-22 13:14 - 2014-05-22 13:15 - 00007080 _____ () C:\Windows\DPINST.LOG
2014-05-22 13:14 - 2014-05-22 13:15 - 00001350 _____ () C:\Windows\Synaptics.log
2014-05-22 13:14 - 2014-05-22 13:14 - 00000000 ____D () C:\Windows\SysWOW64\sda
2014-05-22 13:14 - 2014-05-22 13:14 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-05-22 13:14 - 2012-03-08 15:43 - 09888872 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsBaStorIcon.dll
2014-05-22 13:14 - 2012-03-08 15:43 - 00293480 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsBaStor.sys
2014-05-22 13:14 - 2012-03-08 00:01 - 06539264 _____ () C:\Windows\system32\IDTNGUI.exe
2014-05-22 13:14 - 2012-03-08 00:00 - 07563264 _____ () C:\Windows\system32\IDTNHP.dll
2014-05-22 13:14 - 2012-03-07 23:58 - 02184704 _____ () C:\Windows\system32\IDTNX.dll
2014-05-22 13:14 - 2012-03-06 00:04 - 04639232 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2014-05-22 13:14 - 2012-03-06 00:04 - 01819648 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl
2014-05-22 13:14 - 2012-03-06 00:04 - 01425408 _____ (IDT, Inc.) C:\Windows\sttray64.exe
2014-05-22 13:14 - 2012-03-06 00:04 - 00249344 _____ (IDT, Inc.) C:\Windows\system32\IDTNJ.exe
2014-05-22 13:14 - 2012-03-06 00:04 - 00223744 _____ (IDT, Inc.) C:\Windows\system32\HPToneCtrls64.dll
2014-05-22 13:14 - 2012-02-07 08:54 - 00042461 _____ () C:\Windows\system32\Exige.xml
2014-05-22 13:14 - 2011-05-17 21:25 - 00464384 _____ (SRS Labs, Inc.) C:\Windows\system32\slapoi64.dll
2014-05-22 13:13 - 2014-05-22 13:14 - 00000000 ____D () C:\Program Files\IDT
2014-05-22 13:13 - 2012-03-06 00:04 - 01977856 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2014-05-22 13:13 - 2012-03-06 00:04 - 00655360 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2014-05-22 13:13 - 2012-03-06 00:04 - 00536064 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2014-05-22 13:13 - 2012-03-06 00:04 - 00448512 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2014-05-22 13:13 - 2012-03-06 00:04 - 00255488 _____ (IDT, Inc.) C:\Windows\system32\staco64.dll
2014-05-22 13:12 - 2014-05-22 13:35 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information
2014-05-22 13:12 - 2014-05-22 13:14 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-05-22 13:12 - 2012-03-10 00:41 - 00685160 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-05-22 13:12 - 2012-03-10 00:41 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-05-22 13:12 - 2012-03-10 00:41 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-05-22 13:11 - 2014-05-22 13:11 - 00000000 ____D () C:\Windows\kdb
2014-05-22 13:11 - 2014-05-22 13:11 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-05-22 13:11 - 2014-05-22 13:11 - 00000000 ____D () C:\Program Files\AMD
2014-05-22 13:11 - 2014-05-22 13:11 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-05-22 13:11 - 2014-05-22 13:11 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-05-22 13:10 - 2014-05-22 13:10 - 00000000 ____D () C:\ProgramData\AMD
2014-05-22 13:10 - 2014-05-22 13:10 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-05-22 13:10 - 2012-01-14 08:05 - 00056448 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2014-05-22 13:10 - 2010-02-18 12:18 - 00046136 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdiox64.sys
2014-05-22 13:09 - 2014-05-22 13:11 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-05-22 13:09 - 2014-05-22 13:09 - 00000000 __RSH () C:\Windows\SysWOW64\Drivers\103C_HP_cNB_ENVY 6 Notebook PC_Y5335KV_0U_QCND2280V7B_E689263-001_4A_I18DE_SHP_V77.47_BF.15_T130122_W73-1_L409_M3553_J500_7AMD_8F01_92.10_#140522_N_(B5Q40UA#ABA)_XMOBILE_CN10_Z_20795100000205600000320100.MRK
2014-05-22 13:09 - 2014-05-22 13:09 - 00000000 __RSH () C:\Windows\system32\Drivers\103C_HP_cNB_ENVY 6 Notebook PC_Y5335KV_0U_QCND2280V7B_E689263-001_4A_I18DE_SHP_V77.47_BF.15_T130122_W73-1_L409_M3553_J500_7AMD_8F01_92.10_#140522_N_(B5Q40UA#ABA)_XMOBILE_CN10_Z_20795100000205600000320100.MRK
2014-05-22 13:09 - 2014-05-22 13:09 - 00000000 ____D () C:\Program Files\ATI
2014-05-22 13:05 - 2011-05-09 17:57 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-05-22 13:05 - 2011-05-09 17:57 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

==================== One Month Modified Files and Folders =======

2014-05-22 16:23 - 2014-05-22 16:23 - 00057560 _____ () C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-22 16:23 - 2014-05-22 16:23 - 00000000 ____D () C:\Users\user\AppData\Roaming\ATI
2014-05-22 16:23 - 2014-05-22 16:23 - 00000000 ____D () C:\Users\user\AppData\Local\ATI
2014-05-22 16:23 - 2014-05-22 16:23 - 00000000 ____D () C:\Users\user\AppData\Local\AMD
2014-05-22 16:22 - 2014-05-22 16:22 - 00001447 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-22 16:22 - 2014-05-22 16:22 - 00001413 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-22 16:22 - 2014-05-22 16:22 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-22 16:22 - 2014-05-22 16:22 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-22 16:22 - 2014-05-22 16:22 - 00000000 ____D () C:\Users\user\AppData\Roaming\Synaptics
2014-05-22 16:21 - 2014-05-22 16:21 - 00000020 ___SH () C:\Users\user\ntuser.ini
2014-05-22 16:21 - 2014-05-22 16:21 - 00000000 ____D () C:\Users\user\AppData\Local\VirtualStore
2014-05-22 14:57 - 2014-05-22 14:56 - 00000000 ____D () C:\Users\Home
2014-05-22 14:57 - 2011-02-10 15:23 - 00000000 ____D () C:\SYSTEM.SAV
2014-05-22 14:57 - 2011-02-10 15:23 - 00000000 ____D () C:\SWSetup
2014-05-22 14:57 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-05-22 14:57 - 2007-01-01 21:32 - 00000000 __SHD () C:\Recovery
2014-05-22 14:54 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-05-22 14:05 - 2014-05-22 13:51 - 00039208 _____ () C:\Windows\WindowsUpdate.log
2014-05-22 14:04 - 2014-05-22 14:04 - 00000000 ____D () C:\FRST
2014-05-22 14:01 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-22 14:01 - 2009-07-14 00:51 - 00034406 _____ () C:\Windows\setupact.log
2014-05-22 13:59 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-05-22 13:59 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-05-22 13:58 - 2014-05-22 13:58 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-22 13:56 - 2007-01-01 21:25 - 00000000 ____D () C:\Windows\Panther
2014-05-22 13:55 - 2009-07-14 00:45 - 00031248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-22 13:55 - 2009-07-14 00:45 - 00031248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-22 13:52 - 2009-07-14 01:13 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-22 13:50 - 2009-07-14 00:46 - 00005075 _____ () C:\Windows\DtcInstall.log
2014-05-22 13:50 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-05-22 13:48 - 2014-05-22 13:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-22 13:48 - 2007-01-01 21:29 - 00005949 _____ () C:\Windows\TSSysprep.log
2014-05-22 13:44 - 2014-05-22 13:44 - 00000000 ____D () C:\ProgramData\ATI
2014-05-22 13:43 - 2014-05-22 13:43 - 00000000 ____D () C:\ProgramData\Synaptics
2014-05-22 13:43 - 2014-05-22 13:16 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-05-22 13:41 - 2014-05-22 16:22 - 00000000 ____D () C:\Users\user\AppData\Local\Hewlett-Packard
2014-05-22 13:41 - 2014-05-22 13:41 - 00000000 ____D () C:\Users\user\AppData\Roaming\hpqlog
2014-05-22 13:35 - 2014-05-22 13:35 - 00002179 _____ () C:\Users\Public\Desktop\HP Support Assistant.lnk
2014-05-22 13:35 - 2014-05-22 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-05-22 13:35 - 2014-05-22 13:23 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-22 13:35 - 2014-05-22 13:12 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information
2014-05-22 13:35 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
2014-05-22 13:34 - 2014-05-22 13:34 - 00417440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-22 13:34 - 2014-05-22 13:34 - 00070304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-22 13:34 - 2014-05-22 13:34 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-05-22 13:34 - 2014-05-22 13:34 - 00000000 ____D () C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2014-05-22 13:33 - 2014-05-22 13:33 - 00000000 ____D () C:\Windows\system32\Macromed
2014-05-22 13:33 - 2014-05-22 13:33 - 00000000 ____D () C:\Program Files (x86)\HP SimplePass
2014-05-22 13:33 - 2014-05-22 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2014-05-22 13:33 - 2012-02-23 21:22 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-05-22 13:32 - 2014-05-22 13:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-05-22 13:32 - 2014-05-22 13:32 - 00000000 ____D () C:\Users\Public\Documents\YouCam
2014-05-22 13:32 - 2014-05-22 13:32 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-05-22 13:32 - 2014-05-22 13:32 - 00000000 ____D () C:\Program Files\Common Files\AuthenTec
2014-05-22 13:32 - 2014-05-22 13:30 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-05-22 13:27 - 2014-05-22 13:27 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-05-22 13:26 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-22 13:24 - 2014-05-22 13:24 - 17773056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 12268544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 10884096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 09702400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-05-22 13:24 - 2014-05-22 13:24 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-05-22 13:24 - 2014-05-22 13:24 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-22 13:24 - 2014-05-22 13:24 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-22 13:24 - 2014-05-22 13:24 - 02303488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 02136064 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 01797632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 01785344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 01492992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-22 13:24 - 2014-05-22 13:24 - 01427456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-22 13:24 - 2014-05-22 13:24 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 01344000 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 01102336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00818176 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00716800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00580608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-05-22 13:24 - 2014-05-22 13:24 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-05-22 13:24 - 2014-05-22 13:24 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-05-22 13:24 - 2014-05-22 13:24 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-05-22 13:24 - 2014-05-22 13:24 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-05-22 13:24 - 2014-05-22 13:24 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-05-22 13:24 - 2014-05-22 13:24 - 00000000 ____D () C:\Users\user\AppData\Roaming\Macromedia
2014-05-22 13:24 - 2014-05-22 13:24 - 00000000 ____D () C:\Users\user\AppData\Roaming\Adobe
2014-05-22 13:24 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\restore
2014-05-22 13:23 - 2014-05-22 13:23 - 00772430 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-22 13:23 - 2014-05-22 13:23 - 00000000 ____D () C:\Windows\Hewlett-Packard
2014-05-22 13:16 - 2014-05-22 13:16 - 00000000 ____D () C:\Program Files\WIDCOMM
2014-05-22 13:15 - 2014-05-22 13:15 - 04747328 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL664.SYS
2014-05-22 13:15 - 2014-05-22 13:15 - 03952640 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2014-05-22 13:15 - 2014-05-22 13:15 - 03617792 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2014-05-22 13:15 - 2014-05-22 13:15 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2014-05-22 13:15 - 2014-05-22 13:15 - 00006656 _____ () C:\Windows\system32\bcmwlrc.dll
2014-05-22 13:15 - 2014-05-22 13:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-05-22 13:15 - 2014-05-22 13:15 - 00000000 ____D () C:\Program Files\Synaptics
2014-05-22 13:15 - 2014-05-22 13:15 - 00000000 ____D () C:\Program Files\Broadcom
2014-05-22 13:15 - 2014-05-22 13:14 - 00007080 _____ () C:\Windows\DPINST.LOG
2014-05-22 13:15 - 2014-05-22 13:14 - 00001350 _____ () C:\Windows\Synaptics.log
2014-05-22 13:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-05-22 13:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-05-22 13:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\th-TH
2014-05-22 13:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-05-22 13:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-05-22 13:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-05-22 13:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-05-22 13:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-05-22 13:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-05-22 13:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-05-22 13:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\et-EE
2014-05-22 13:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-05-22 13:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-05-22 13:14 - 2014-05-22 13:14 - 00000000 ____D () C:\Windows\SysWOW64\sda
2014-05-22 13:14 - 2014-05-22 13:14 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-05-22 13:14 - 2014-05-22 13:13 - 00000000 ____D () C:\Program Files\IDT
2014-05-22 13:14 - 2014-05-22 13:12 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-05-22 13:11 - 2014-05-22 13:11 - 00000000 ____D () C:\Windows\kdb
2014-05-22 13:11 - 2014-05-22 13:11 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-05-22 13:11 - 2014-05-22 13:11 - 00000000 ____D () C:\Program Files\AMD
2014-05-22 13:11 - 2014-05-22 13:11 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-05-22 13:11 - 2014-05-22 13:11 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-05-22 13:11 - 2014-05-22 13:09 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-05-22 13:10 - 2014-05-22 13:10 - 00000000 ____D () C:\ProgramData\AMD
2014-05-22 13:10 - 2014-05-22 13:10 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-05-22 13:09 - 2014-05-22 13:09 - 00000000 __RSH () C:\Windows\SysWOW64\Drivers\103C_HP_cNB_ENVY 6 Notebook PC_Y5335KV_0U_QCND2280V7B_E689263-001_4A_I18DE_SHP_V77.47_BF.15_T130122_W73-1_L409_M3553_J500_7AMD_8F01_92.10_#140522_N_(B5Q40UA#ABA)_XMOBILE_CN10_Z_20795100000205600000320100.MRK
2014-05-22 13:09 - 2014-05-22 13:09 - 00000000 __RSH () C:\Windows\system32\Drivers\103C_HP_cNB_ENVY 6 Notebook PC_Y5335KV_0U_QCND2280V7B_E689263-001_4A_I18DE_SHP_V77.47_BF.15_T130122_W73-1_L409_M3553_J500_7AMD_8F01_92.10_#140522_N_(B5Q40UA#ABA)_XMOBILE_CN10_Z_20795100000205600000320100.MRK
2014-05-22 13:09 - 2014-05-22 13:09 - 00000000 ____D () C:\Program Files\ATI
2014-05-22 13:09 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-05-22 13:01 - 2009-07-14 00:45 - 00274320 _____ () C:\Windows\system32\FNTCACHE.DAT

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

#12
tracey7793

Posted 22 May 2014 - 12:12 PM

Member

Topic Starter
Member
23 posts

addt log

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2014
Ran by user at 2014-05-22 14:05:31
Running from C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UXTI9CGK
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.197 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.873.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{72AD3E4B-2753-96DD-720F-043E3D738DB3}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.0412.347.4710 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In (Version: 2.03.0000 - AMD) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.0412.347.4710 - Advanced Micro Devices, Inc.) Hidden
AuthenTec TrueAPI 64-bit (Version: 1.5.0.165 - AuthenTec, Inc.) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0412.347.4710 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0412.347.4710 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0412.347.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0412.0346.4710 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0412.347.4710 - Advanced Micro Devices, Inc.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.3.5018 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.3.5018 - CyberLink Corp.) Hidden
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E1ACF120-CD69-47F0-B202-9A4B95C436D8}) (Version: 5.1.5 - Hewlett-Packard)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{FD7FB4D6-4F13-44E5-955A-A69A202D253D}) (Version: 4.1.12.1 - Hewlett-Packard Company)
HP Application Assistant (HKLM\...\{0CE7EBAF-157D-4111-9146-057CB2A4023E}) (Version: 1.1.466.3970 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (HKLM\...\{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}) (Version: 3.0.4 - Hewlett-Packard Company)
HP SimplePass PE (HKLM-x32\...\{880B5A98-B242-4B53-BD6F-41EA17495EAD}) (Version: 5.4.0.402 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{962CB079-85E6-405F-8704-1C62365AE46F}) (Version: 4.5.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6392.0 - IDT)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.54.309.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27016 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.5.1 - Synaptics Incorporated)

==================== Restore Points =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.

==================== Hosts content: ==========================

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?

==================== Loaded Modules (whitelisted) =============

2011-12-20 02:34 - 2011-12-20 02:34 - 00108880 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2012-04-12 07:01 - 2012-04-12 07:01 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-04-12 06:40 - 2012-04-12 06:40 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 12:55 - 2011-11-09 12:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

Name: Broadcom 4313GN 802.11b/g/n 1x1 Wi-Fi Adapter
Description: Broadcom 4313GN 802.11b/g/n 1x1 Wi-Fi Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/22/2014 02:04:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/22/2014 02:02:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2014 01:50:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/22/2014 01:49:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2014 01:41:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/22/2014 04:22:00 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (4992) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

System errors:
=============
Error: (05/22/2014 01:49:53 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

Microsoft Office Sessions:
=========================
Error: (05/22/2014 02:04:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/22/2014 01:50:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/22/2014 01:41:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/22/2014 04:22:00 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail4992WindowsMail0:

#13
Dakeyras

Posted 23 May 2014 - 01:32 AM

Anti-Malware Mammoth

Expert
9,772 posts

Hi.

It appears you ran FRST from this location:-

Running from C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UXTI9CGK

Far from ideal but not a problem as we will be re-running FRST again via a different methodology. Now going back to this you mentioned in your first post:-

I did do a norton power scrubber today, the reults popped up for a few minutes and now I can not find them. It said some files can not be trusted. Some had an ATI program and an AMD program.

Do you mean you used the Norton Power Eraser ? If so no evidence at present it has been ran but unfortunately this particular software can quite often make a situation far worse than actually remedy anything which I suspect is the case with your machine.

Re-scan with Farbar Recovery Scan Tool:

Please download and save Farbar Recovery Scan Tool 64-Bit to a Flash/USB drive.

Then insert the Flash/USB drive into your machine....

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

Select Command Prompt
In the command window type in notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\frst64.exe and press Enter

Note: Replace letter e with the drive letter of your flash drive.

The tool will start to run.
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste the contents of the aforementioned notepad file in your next reply.

#14
tracey7793

Posted 23 May 2014 - 10:00 AM

Member

Topic Starter
Member
23 posts

Thank You so much for your time and help! I always use my standard user account for surfing the web because after I was hacked and my old laptops were destroyed, I was told not to use admin account because then they (hackers) can access all my files. All the programs you directed me to use, I did have to enter admin password, but as far as the file that was mentioned in last post(local, app file, temp internet file) I have no idea what it means or how it was set to be used. I will be the frst log in next post. It was put on usb as directed.

#15
tracey7793

Posted 23 May 2014 - 10:01 AM

Member

Topic Starter
Member
23 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by SYSTEM on MININT-4JAUE6I on 23-05-2014 10:23:09
Running from G:\
Platform: Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-05] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2899216 2012-03-26] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-04-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKU\Home\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-05-22] (Google Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

==================== Services (Whitelisted) =================

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-04-12] (Advanced Micro Devices, Inc.)
S2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [260424 2011-12-11] (HP)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [269640 2011-12-09] (AuthenTec, Inc.)

==================== Drivers (Whitelisted) ====================

S0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [31872 2012-02-02] (Advanced Micro Devices, Inc.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-01] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-01] (Broadcom Corporation.)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-24] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 SmbDrvAMDASF; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [26384 2012-03-26] (Synaptics Incorporated)
S3 SmbDrvIntel; C:\Windows\system32\drivers\Smb_driver_Intel.sys [27408 2012-03-26] (Synaptics Incorporated)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-23 05:48 - 2013-10-14 14:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\System32\IEUDINIT.EXE
2014-05-23 05:44 - 2014-05-23 05:44 - 23549440 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 13551104 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 05784064 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 02767360 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-23 05:44 - 2014-05-23 05:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-05-23 05:44 - 2014-05-23 05:44 - 02260480 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 02043904 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-05-23 05:44 - 2014-05-23 05:44 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-23 05:44 - 2014-05-23 05:44 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 01400832 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 01228800 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00942592 _____ (Microsoft Corporation) C:\Windows\System32\jsIntl.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00752640 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00628736 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-05-23 05:44 - 2014-05-23 05:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2014-05-23 05:44 - 2014-05-23 05:44 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00586240 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00413696 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2014-05-23 05:44 - 2014-05-23 05:44 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-05-23 05:44 - 2014-05-23 05:44 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00263376 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00147968 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00101376 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00090112 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2014-05-23 05:44 - 2014-05-23 05:44 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-05-23 05:44 - 2014-05-23 05:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 03928064 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 02776576 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01682432 _____ (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01424384 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01238528 _____ (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01175552 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00648192 _____ (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00522752 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00363008 _____ (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00333312 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00245248 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00221184 _____ (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00194560 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00010752 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00009728 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00002560 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-23 05:39 - 2014-05-23 05:48 - 00009861 _____ () C:\Windows\IE11_main.log
2014-05-23 05:13 - 2014-05-23 05:13 - 02067456 _____ (Farbar) C:\Users\user\Downloads\FRST64 (1).exe
2014-05-23 05:11 - 2014-05-23 05:11 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-05-23 05:07 - 2014-05-23 05:07 - 00000000 ____D () C:\Windows\System32\MRT
2014-05-23 05:07 - 2014-05-04 13:12 - 93223848 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-05-23 04:35 - 2014-05-23 04:35 - 02067456 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-05-23 04:34 - 2014-04-11 18:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2014-05-23 04:34 - 2014-04-11 18:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2014-05-23 04:34 - 2014-04-11 18:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-05-23 04:34 - 2014-04-11 18:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2014-05-23 04:34 - 2014-04-11 18:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2014-05-23 04:34 - 2014-04-11 18:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2014-05-23 04:34 - 2014-04-11 18:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2014-05-23 04:34 - 2014-04-11 18:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-23 04:34 - 2014-04-11 18:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-23 04:34 - 2014-03-04 01:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2014-05-23 04:34 - 2014-03-04 01:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2014-05-23 04:34 - 2014-03-04 01:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\System32\objsel.dll
2014-05-23 04:34 - 2014-03-04 01:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2014-05-23 04:34 - 2014-03-04 01:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2014-05-23 04:34 - 2014-03-04 01:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2014-05-23 04:34 - 2014-03-04 01:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2014-05-23 04:34 - 2014-03-04 01:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2014-05-23 04:34 - 2014-03-04 01:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\wincredprovider.dll
2014-05-23 04:34 - 2014-03-04 01:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2014-05-23 04:34 - 2014-03-04 01:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\System32\cngprovider.dll
2014-05-23 04:34 - 2014-03-04 01:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\adprovider.dll
2014-05-23 04:34 - 2014-03-04 01:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\capiprovider.dll
2014-05-23 04:34 - 2014-03-04 01:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\System32\dpapiprovider.dll
2014-05-23 04:34 - 2014-03-04 01:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\dimsroam.dll
2014-05-23 04:34 - 2014-03-04 01:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2014-05-23 04:34 - 2014-03-04 01:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-23 04:34 - 2014-03-04 01:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-23 04:34 - 2014-03-04 01:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-23 04:34 - 2014-03-04 01:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-23 04:34 - 2014-03-04 01:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-23 04:34 - 2014-03-04 01:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-23 04:34 - 2014-03-04 01:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-23 04:34 - 2014-03-04 01:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-23 04:34 - 2014-03-04 01:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-23 04:34 - 2014-03-04 01:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-23 04:34 - 2014-03-04 01:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-23 04:34 - 2014-03-04 01:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-23 04:34 - 2014-03-04 01:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-23 04:34 - 2014-03-04 01:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-23 04:34 - 2014-03-04 01:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-23 04:34 - 2014-03-04 01:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-23 04:34 - 2013-09-24 18:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2014-05-23 04:34 - 2013-09-24 17:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-05-23 04:34 - 2013-08-01 18:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2014-05-23 04:34 - 2013-08-01 18:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2014-05-23 04:34 - 2013-08-01 17:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-05-23 04:34 - 2013-08-01 16:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2014-05-23 04:34 - 2013-07-04 04:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2014-05-23 04:33 - 2013-08-28 18:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2014-05-23 04:33 - 2013-08-28 18:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\System32\tdh.dll
2014-05-23 04:33 - 2013-08-28 18:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2014-05-23 04:33 - 2013-08-28 17:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-05-23 04:33 - 2013-08-28 17:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-05-23 04:33 - 2013-08-28 17:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-05-23 04:06 - 2014-05-23 04:06 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Google
2014-05-22 21:10 - 2014-05-22 21:10 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-05-22 19:21 - 2013-05-09 21:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2014-05-22 19:21 - 2013-05-09 21:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2014-05-22 19:21 - 2013-05-09 20:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-05-22 19:21 - 2013-05-09 20:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-05-22 17:39 - 2012-07-25 19:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2014-05-22 17:39 - 2012-07-25 19:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2014-05-22 17:39 - 2012-07-25 19:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2014-05-22 17:39 - 2012-07-25 19:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2014-05-22 17:39 - 2012-07-25 19:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2014-05-22 17:39 - 2012-07-25 18:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2014-05-22 17:39 - 2012-07-25 18:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2014-05-22 17:39 - 2012-06-02 06:57 - 00000003 _____ () C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-05-22 17:29 - 2012-02-29 22:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2014-05-22 17:29 - 2012-02-29 22:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\System32\wmi.dll
2014-05-22 17:29 - 2012-02-29 21:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-05-22 17:17 - 2014-05-08 22:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-05-22 17:17 - 2014-05-08 22:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-05-22 17:17 - 2012-04-25 21:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2014-05-22 17:17 - 2012-04-25 21:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2014-05-22 17:17 - 2012-04-25 21:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2014-05-22 17:16 - 2013-12-03 18:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\System32\secproc.dll
2014-05-22 17:16 - 2013-12-03 18:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\System32\secproc_isv.dll
2014-05-22 17:16 - 2013-12-03 18:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\System32\secproc_ssp_isv.dll
2014-05-22 17:16 - 2013-12-03 18:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\System32\secproc_ssp.dll
2014-05-22 17:16 - 2013-12-03 18:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\System32\msdrm.dll
2014-05-22 17:16 - 2013-12-03 18:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\System32\RMActivate_isv.exe
2014-05-22 17:16 - 2013-12-03 18:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\System32\RMActivate.exe
2014-05-22 17:16 - 2013-12-03 18:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp.exe
2014-05-22 17:16 - 2013-12-03 18:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp_isv.exe
2014-05-22 17:16 - 2013-12-03 18:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-05-22 17:16 - 2013-12-03 18:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-05-22 17:16 - 2013-12-03 18:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-05-22 17:16 - 2013-12-03 18:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-05-22 17:16 - 2013-12-03 18:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-05-22 17:16 - 2013-12-03 17:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-05-22 17:16 - 2013-12-03 17:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-05-22 17:16 - 2013-12-03 17:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-05-22 17:16 - 2013-12-03 17:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-05-22 17:16 - 2013-10-05 12:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2014-05-22 17:16 - 2013-10-05 11:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-05-22 17:16 - 2013-07-08 21:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2014-05-22 17:16 - 2013-07-08 21:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2014-05-22 17:16 - 2013-07-08 20:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-05-22 17:16 - 2013-07-08 20:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-05-22 17:15 - 2013-04-25 15:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-05-22 17:15 - 2013-03-31 14:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2014-05-22 17:15 - 2013-02-26 22:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
2014-05-22 17:15 - 2013-02-26 21:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2014-05-22 17:15 - 2012-12-07 05:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\System32\Wpc.dll
2014-05-22 17:15 - 2012-12-07 05:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\System32\gameux.dll
2014-05-22 17:15 - 2012-12-07 04:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-05-22 17:15 - 2012-12-07 04:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-05-22 17:15 - 2012-12-07 03:20 - 00045568 _____ (Microsoft) C:\Windows\System32\oflc-nz.rs
2014-05-22 17:15 - 2012-12-07 03:20 - 00044544 _____ (Microsoft) C:\Windows\System32\pegibbfc.rs
2014-05-22 17:15 - 2012-12-07 03:20 - 00043520 _____ (Microsoft) C:\Windows\System32\csrr.rs
2014-05-22 17:15 - 2012-12-07 03:20 - 00030720 _____ (Microsoft) C:\Windows\System32\usk.rs
2014-05-22 17:15 - 2012-12-07 03:20 - 00023552 _____ (Microsoft) C:\Windows\System32\oflc.rs
2014-05-22 17:15 - 2012-12-07 03:20 - 00020480 _____ (Microsoft) C:\Windows\System32\pegi-pt.rs
2014-05-22 17:15 - 2012-12-07 03:20 - 00020480 _____ (Microsoft) C:\Windows\System32\pegi-fi.rs
2014-05-22 17:15 - 2012-12-07 03:19 - 00055296 _____ (Microsoft) C:\Windows\System32\cero.rs
2014-05-22 17:15 - 2012-12-07 03:19 - 00051712 _____ (Microsoft) C:\Windows\System32\esrb.rs
2014-05-22 17:15 - 2012-12-07 03:19 - 00046592 _____ (Microsoft) C:\Windows\System32\fpb.rs
2014-05-22 17:15 - 2012-12-07 03:19 - 00040960 _____ (Microsoft) C:\Windows\System32\cob-au.rs
2014-05-22 17:15 - 2012-12-07 03:19 - 00021504 _____ (Microsoft) C:\Windows\System32\grb.rs
2014-05-22 17:15 - 2012-12-07 03:19 - 00020480 _____ (Microsoft) C:\Windows\System32\pegi.rs
2014-05-22 17:15 - 2012-12-07 03:19 - 00015360 _____ (Microsoft) C:\Windows\System32\djctq.rs
2014-05-22 17:15 - 2012-12-07 02:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-05-22 17:15 - 2012-12-07 02:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-05-22 17:15 - 2012-12-07 02:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-05-22 17:15 - 2012-12-07 02:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-05-22 17:15 - 2012-12-07 02:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-05-22 17:15 - 2012-12-07 02:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-05-22 17:15 - 2012-12-07 02:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-05-22 17:15 - 2012-12-07 02:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-05-22 17:15 - 2012-12-07 02:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-05-22 17:15 - 2012-12-07 02:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-05-22 17:15 - 2012-12-07 02:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-05-22 17:15 - 2012-12-07 02:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-05-22 17:15 - 2012-12-07 02:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-05-22 17:15 - 2012-12-07 02:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-05-22 17:13 - 2012-10-09 10:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2014-05-22 17:13 - 2012-10-09 10:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2014-05-22 17:13 - 2012-10-09 09:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-05-22 17:13 - 2012-10-09 09:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-05-22 17:13 - 2012-10-03 09:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2014-05-22 17:13 - 2012-10-03 09:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\System32\netcorehc.dll
2014-05-22 17:13 - 2012-10-03 09:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2014-05-22 17:13 - 2012-10-03 09:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2014-05-22 17:13 - 2012-10-03 09:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\System32\netevent.dll
2014-05-22 17:13 - 2012-10-03 09:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2014-05-22 17:13 - 2012-10-03 08:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-05-22 17:13 - 2012-10-03 08:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-05-22 17:13 - 2012-10-03 08:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-05-22 17:13 - 2012-10-03 08:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2014-05-22 17:13 - 2012-01-12 23:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-05-22 17:12 - 2013-07-25 01:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2014-05-22 17:12 - 2013-07-25 00:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-05-22 17:12 - 2013-07-08 21:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2014-05-22 17:12 - 2013-07-08 20:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-05-22 17:12 - 2013-02-14 22:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2014-05-22 17:12 - 2013-02-14 22:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-05-22 17:12 - 2013-02-14 22:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2014-05-22 17:12 - 2013-02-14 20:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-22 17:12 - 2013-02-14 20:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-05-22 17:12 - 2013-02-14 19:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-05-22 17:11 - 2014-03-24 18:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2014-05-22 17:11 - 2014-03-24 18:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-22 17:11 - 2013-12-05 18:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2014-05-22 17:11 - 2013-12-05 18:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2014-05-22 17:11 - 2013-12-05 18:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-05-22 17:11 - 2013-12-05 18:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-05-22 17:11 - 2013-11-11 18:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-05-22 17:11 - 2013-11-11 18:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-05-22 17:11 - 2013-10-03 18:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\System32\SmartcardCredentialProvider.dll
2014-05-22 17:11 - 2013-10-03 18:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\credui.dll
2014-05-22 17:11 - 2013-10-03 18:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2014-05-22 17:11 - 2013-10-03 17:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-05-22 17:11 - 2013-10-03 17:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-05-22 17:11 - 2013-10-03 17:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-05-22 17:11 - 2013-09-07 18:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2014-05-22 17:11 - 2013-09-07 18:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-05-22 17:11 - 2013-06-14 20:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2014-05-22 17:11 - 2013-02-11 20:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2014-05-22 17:11 - 2011-04-08 22:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2014-05-22 17:11 - 2011-04-08 21:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-05-22 17:10 - 2014-02-06 17:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-05-22 17:10 - 2014-01-28 18:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\System32\wer.dll
2014-05-22 17:10 - 2014-01-28 18:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-05-22 17:10 - 2014-01-27 18:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2014-05-22 17:10 - 2013-12-31 15:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-05-22 17:10 - 2013-12-31 15:04 - 00420008 _____ () C:\Windows\System32\locale.nls
2014-05-22 17:10 - 2013-11-26 17:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2014-05-22 17:10 - 2013-11-26 17:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2014-05-22 17:10 - 2013-11-26 17:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2014-05-22 17:10 - 2013-11-26 17:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2014-05-22 17:10 - 2013-11-26 17:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2014-05-22 17:10 - 2013-11-26 17:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2014-05-22 17:10 - 2013-10-29 18:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\System32\msieftp.dll
2014-05-22 17:10 - 2013-10-29 18:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-05-22 17:10 - 2013-10-18 18:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2014-05-22 17:10 - 2013-10-18 17:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-05-22 17:10 - 2013-10-03 18:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2014-05-22 17:10 - 2013-10-03 17:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2014-05-22 17:10 - 2013-09-27 17:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2014-05-22 17:10 - 2013-08-04 18:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2014-05-22 17:10 - 2013-07-08 21:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2014-05-22 17:10 - 2013-07-08 20:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-05-22 17:10 - 2013-07-04 04:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2014-05-22 17:10 - 2013-07-04 03:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-05-22 17:10 - 2013-06-25 14:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2014-05-22 17:10 - 2013-06-05 21:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2014-05-22 17:10 - 2013-06-05 21:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2014-05-22 17:10 - 2013-06-05 21:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2014-05-22 17:10 - 2013-06-05 21:47 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2014-05-22 17:10 - 2013-06-05 20:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-05-22 17:10 - 2013-06-05 20:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-05-22 17:10 - 2013-06-05 20:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-05-22 17:10 - 2013-06-05 19:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2014-05-22 17:10 - 2013-06-05 19:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-05-22 17:10 - 2013-06-05 19:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-05-22 17:10 - 2013-03-18 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2014-05-22 17:10 - 2012-11-28 14:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2014-05-22 17:10 - 2012-11-28 14:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2014-05-22 17:10 - 2012-11-28 14:56 - 00000003 _____ () C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-05-22 17:10 - 2012-11-21 21:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\usp10.dll
2014-05-22 17:10 - 2012-11-21 20:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-05-22 17:10 - 2012-10-31 21:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2014-05-22 17:10 - 2012-10-31 20:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-05-22 17:10 - 2012-08-22 10:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2014-05-22 17:10 - 2012-08-21 13:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2014-05-22 17:10 - 2012-07-04 12:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2014-05-22 17:10 - 2012-04-30 21:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2014-05-22 17:09 - 2013-11-26 03:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2014-05-22 17:09 - 2013-09-07 18:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2014-05-22 17:09 - 2013-07-12 02:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2014-05-22 17:09 - 2013-07-12 02:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2014-05-22 17:09 - 2013-07-04 04:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2014-05-22 17:09 - 2013-07-04 04:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2014-05-22 17:09 - 2013-07-04 03:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-05-22 17:09 - 2013-07-04 03:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-05-22 17:09 - 2013-07-04 02:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2014-05-22 17:09 - 2013-07-02 20:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2014-05-22 17:09 - 2013-07-02 20:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2014-05-22 17:09 - 2012-11-01 21:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2014-05-22 17:09 - 2012-11-01 21:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-05-22 17:09 - 2012-04-27 19:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2014-05-22 17:07 - 2014-05-22 19:50 - 00000000 ____D () C:\Users\user\AppData\Local\CrashDumps
2014-05-22 16:55 - 2012-03-16 23:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2014-05-22 16:54 - 2014-01-23 18:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2014-05-22 16:53 - 2014-03-04 01:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-05-22 16:53 - 2014-03-04 01:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2014-05-22 16:53 - 2014-03-04 01:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2014-05-22 16:53 - 2014-03-04 01:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2014-05-22 16:53 - 2014-03-04 01:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2014-05-22 16:53 - 2014-03-04 01:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-22 16:53 - 2014-03-04 01:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-22 16:53 - 2014-03-04 01:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-22 16:53 - 2014-03-04 01:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-22 16:53 - 2014-03-04 00:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-22 16:53 - 2014-03-04 00:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-22 16:53 - 2013-08-01 18:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 17:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2014-05-22 16:53 - 2013-08-01 16:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 16:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 16:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-05-22 16:53 - 2013-08-01 16:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-05-22 16:53 - 2013-07-25 18:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2014-05-22 16:53 - 2013-07-25 17:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-05-22 16:53 - 2013-05-12 21:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\certenc.dll
2014-05-22 16:53 - 2013-05-12 19:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\System32\certutil.exe
2014-05-22 16:53 - 2013-05-12 19:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-05-22 16:53 - 2013-05-12 19:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-05-22 16:53 - 2013-01-02 22:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2014-05-22 16:53 - 2012-04-07 04:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2014-05-22 16:52 - 2014-02-03 18:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2014-05-22 16:52 - 2014-02-03 18:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2014-05-22 16:52 - 2014-02-03 18:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2014-05-22 16:52 - 2014-02-03 18:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2014-05-22 16:52 - 2014-02-03 18:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\iologmsg.dll
2014-05-22 16:52 - 2014-02-03 18:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-05-22 16:52 - 2014-02-03 18:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-22 16:52 - 2013-10-11 18:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\System32\wshom.ocx
2014-05-22 16:52 - 2013-10-11 18:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\System32\scrrun.dll
2014-05-22 16:52 - 2013-10-11 18:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2014-05-22 16:52 - 2013-10-11 18:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2014-05-22 16:52 - 2013-10-11 18:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2014-05-22 16:52 - 2013-10-11 18:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-05-22 16:52 - 2013-10-11 18:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-05-22 16:52 - 2013-10-11 18:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-05-22 16:52 - 2013-10-11 18:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-05-22 16:52 - 2013-10-11 17:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\System32\wscript.exe
2014-05-22 16:52 - 2013-10-11 17:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\System32\cscript.exe
2014-05-22 16:52 - 2013-10-11 17:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-05-22 16:52 - 2013-10-11 17:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-05-22 16:52 - 2013-10-02 18:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-05-22 16:52 - 2013-10-02 18:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-05-22 16:52 - 2013-08-27 17:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\System32\scavengeui.dll
2014-05-22 16:52 - 2013-08-01 01:19 - 00984512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2014-05-22 16:52 - 2013-08-01 01:19 - 00265152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2014-05-22 16:52 - 2013-07-20 02:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2014-05-22 16:52 - 2013-07-20 02:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-22 16:52 - 2013-05-09 21:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2014-05-22 16:52 - 2013-05-09 19:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-05-22 16:52 - 2013-04-25 21:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2014-05-22 16:52 - 2013-04-25 20:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-05-22 16:52 - 2013-01-23 22:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2014-05-22 16:52 - 2012-11-22 19:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2014-05-22 16:52 - 2012-09-25 14:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-05-22 16:52 - 2012-09-25 14:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\System32\synceng.dll
2014-05-22 16:52 - 2012-07-06 12:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2014-05-22 16:52 - 2012-07-04 14:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2014-05-22 16:52 - 2012-07-04 14:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\browser.dll
2014-05-22 16:52 - 2012-07-04 14:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\System32\browcli.dll
2014-05-22 16:52 - 2012-07-04 13:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-05-22 16:52 - 2012-07-04 13:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-05-22 16:52 - 2012-05-13 21:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\System32\localspl.dll
2014-05-22 16:52 - 2012-05-05 00:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2014-05-22 16:52 - 2012-05-04 23:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-05-22 16:52 - 2012-04-07 03:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-05-22 16:51 - 2012-06-05 22:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2014-05-22 16:51 - 2012-06-05 21:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-05-22 16:26 - 2014-05-22 16:26 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-05-22 16:26 - 2014-05-22 16:26 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-05-22 16:26 - 2014-05-22 16:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-05-22 16:22 - 2014-05-22 16:23 - 13829304 _____ (Microsoft Corporation) C:\Users\user\Downloads\mseinstall.exe
2014-05-22 15:57 - 2014-05-23 06:07 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-22 15:57 - 2014-05-23 04:26 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-22 15:57 - 2014-05-23 04:06 - 00000000 ____D () C:\Users\Home\AppData\Local\Google
2014-05-22 15:57 - 2014-05-22 16:02 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-22 15:57 - 2014-05-22 16:02 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-22 15:57 - 2014-05-22 15:57 - 00000000 ____D () C:\ProgramData\Google
2014-05-22 15:57 - 2014-05-22 15:57 - 00000000 ____D () C:\Program Files\Google
2014-05-22 15:57 - 2014-05-22 15:57 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-22 15:56 - 2014-05-22 15:58 - 00000000 ____D () C:\Users\Home\AppData\Local\Adobe
2014-05-22 12:23 - 2014-05-23 04:26 - 00058016 _____ () C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-22 12:23 - 2014-05-22 12:23 - 00000000 ____D () C:\Users\user\AppData\Roaming\ATI
2014-05-22 12:23 - 2014-05-22 12:23 - 00000000 ____D () C:\Users\user\AppData\Local\ATI
2014-05-22 12:23 - 2014-05-22 12:23 - 00000000 ____D () C:\Users\user\AppData\Local\AMD
2014-05-22 12:22 - 2014-05-22 12:22 - 00000000 ____D () C:\Users\user\AppData\Roaming\Synaptics
2014-05-22 12:22 - 2014-05-22 09:41 - 00000000 ____D () C:\Users\user\AppData\Local\Hewlett-Packard
2014-05-22 12:21 - 2014-05-22 12:21 - 00000020 ___SH () C:\Users\user\ntuser.ini
2014-05-22 12:21 - 2014-05-22 12:21 - 00000000 ____D () C:\Users\user\AppData\Local\VirtualStore
2014-05-22 10:59 - 2014-05-23 04:01 - 00058016 _____ () C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-22 10:58 - 2014-05-22 10:58 - 00000000 ____D () C:\Users\Home\AppData\Roaming\ATI
2014-05-22 10:58 - 2014-05-22 10:58 - 00000000 ____D () C:\Users\Home\AppData\Local\ATI
2014-05-22 10:58 - 2014-05-22 10:58 - 00000000 ____D () C:\Users\Home\AppData\Local\AMD
2014-05-22 10:57 - 2014-05-22 10:57 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Synaptics
2014-05-22 10:57 - 2014-05-22 10:57 - 00000000 ____D () C:\Users\Home\AppData\Local\VirtualStore
2014-05-22 10:57 - 2014-05-22 10:57 - 00000000 ____D () C:\Users\Home\AppData\Local\Hewlett-Packard
2014-05-22 10:56 - 2014-05-22 10:57 - 00000000 ____D () C:\users\Home
2014-05-22 10:56 - 2014-05-22 10:56 - 00000020 ___SH () C:\Users\Home\ntuser.ini
2014-05-22 10:04 - 2014-05-23 10:23 - 00000000 ____D () C:\FRST
2014-05-22 09:59 - 2014-05-22 09:59 - 00002196 _____ () C:\Users\Home\Desktop\aswMBR.txt
2014-05-22 09:59 - 2014-05-22 09:59 - 00000512 _____ () C:\Users\Home\Desktop\MBR.dat
2014-05-22 09:59 - 2009-06-10 12:30 - 00048265 _____ () C:\Windows\HomePremium.xml
2014-05-22 09:58 - 2014-05-22 09:58 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-22 09:51 - 2014-05-23 06:17 - 01680145 _____ () C:\Windows\WindowsUpdate.log
2014-05-22 09:44 - 2014-05-22 09:44 - 00000000 ____D () C:\ProgramData\ATI
2014-05-22 09:43 - 2014-05-22 09:44 - 00002542 _____ () C:\Users\Home\Desktop\unhide.txt
2014-05-22 09:43 - 2014-05-22 09:43 - 00000000 ____D () C:\ProgramData\Synaptics
2014-05-22 09:41 - 2014-05-22 09:41 - 00000000 ____D () C:\Users\user\AppData\Roaming\hpqlog
2014-05-22 09:39 - 2014-05-22 09:39 - 00001732 _____ () C:\Users\Home\Desktop\RKreport[0]_S_05222014_103959.txt
2014-05-22 09:36 - 2014-05-22 09:42 - 00000000 ____D () C:\Users\Home\Desktop\RK_Quarantine
2014-05-22 09:35 - 2014-05-22 09:35 - 00002179 _____ () C:\Users\Public\Desktop\HP Support Assistant.lnk
2014-05-22 09:35 - 2014-05-22 09:35 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
2014-05-22 09:34 - 2014-05-22 15:57 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-22 09:34 - 2014-05-22 15:57 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-22 09:34 - 2014-05-22 09:34 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-05-22 09:34 - 2014-05-22 09:34 - 00000000 ____D () C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2014-05-22 09:33 - 2014-05-22 09:33 - 00000000 ____D () C:\Windows\System32\Macromed
2014-05-22 09:33 - 2014-05-22 09:33 - 00000000 ____D () C:\Program Files (x86)\HP SimplePass
2014-05-22 09:32 - 2014-05-22 09:34 - 00002040 _____ () C:\Users\Home\Desktop\Rkill.txt
2014-05-22 09:32 - 2014-05-22 09:32 - 00003148 _____ () C:\Windows\System32\Tasks\MirageAgent
2014-05-22 09:32 - 2014-05-22 09:32 - 00000000 ____D () C:\Users\Public\Documents\YouCam
2014-05-22 09:32 - 2014-05-22 09:32 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-05-22 09:32 - 2014-05-22 09:32 - 00000000 ____D () C:\Program Files\Common Files\AuthenTec
2014-05-22 09:30 - 2014-05-22 09:32 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-05-22 09:27 - 2014-05-22 09:27 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-05-22 09:25 - 2012-06-02 14:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2014-05-22 09:25 - 2012-06-02 14:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2014-05-22 09:25 - 2012-06-02 14:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2014-05-22 09:25 - 2012-06-02 14:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2014-05-22 09:25 - 2012-06-02 14:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2014-05-22 09:25 - 2012-06-02 14:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2014-05-22 09:25 - 2012-06-02 14:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2014-05-22 09:24 - 2014-05-22 09:24 - 00000000 ____D () C:\Users\user\AppData\Roaming\Macromedia
2014-05-22 09:24 - 2014-05-22 09:24 - 00000000 ____D () C:\Users\user\AppData\Roaming\Adobe
2014-05-22 09:24 - 2012-06-02 14:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2014-05-22 09:24 - 2012-06-02 14:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2014-05-22 09:23 - 2014-05-23 05:58 - 00775084 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-22 09:23 - 2014-05-22 09:35 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-22 09:23 - 2014-05-22 09:23 - 00000000 ____D () C:\Windows\Hewlett-Packard
2014-05-22 09:18 - 2012-02-01 19:07 - 00615976 _____ (Broadcom Corporation.) C:\Windows\System32\Drivers\btwampfl.sys
2014-05-22 09:17 - 2012-02-01 19:07 - 00211496 _____ (Broadcom Corporation.) C:\Windows\System32\Drivers\btwavdt.sys
2014-05-22 09:17 - 2012-02-01 19:07 - 00184360 _____ (Broadcom Corporation.) C:\Windows\System32\Drivers\btwaudio.sys
2014-05-22 09:17 - 2012-02-01 19:07 - 00134696 _____ (Broadcom Corporation.) C:\Windows\System32\Drivers\bcbtums.sys
2014-05-22 09:17 - 2012-02-01 19:07 - 00089640 _____ (Broadcom Corporation.) C:\Windows\System32\Drivers\btwdpan.sys
2014-05-22 09:17 - 2012-02-01 19:07 - 00039976 _____ (Broadcom Corporation.) C:\Windows\System32\Drivers\btwl2cap.sys
2014-05-22 09:17 - 2012-02-01 19:07 - 00039566 _____ () C:\Windows\System32\Drivers\BCM20702A1_001.002.014.0136.0168.hex
2014-05-22 09:17 - 2012-02-01 19:07 - 00021544 _____ (Broadcom Corporation.) C:\Windows\System32\Drivers\btwrchid.sys
2014-05-22 09:16 - 2014-05-22 09:43 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-05-22 09:16 - 2014-05-22 09:16 - 00000000 ____D () C:\Program Files\WIDCOMM
2014-05-22 09:15 - 2014-05-22 09:15 - 04747328 _____ (Broadcom Corporation) C:\Windows\System32\Drivers\BCMWL664.SYS
2014-05-22 09:15 - 2014-05-22 09:15 - 03952640 _____ (Broadcom Corporation) C:\Windows\System32\bcmihvsrv64.dll
2014-05-22 09:15 - 2014-05-22 09:15 - 03617792 _____ (Broadcom Corporation) C:\Windows\System32\bcmihvui64.dll
2014-05-22 09:15 - 2014-05-22 09:15 - 00095544 _____ (Broadcom Corporation) C:\Windows\System32\bcmwlcoi.dll
2014-05-22 09:15 - 2014-05-22 09:15 - 00006656 _____ () C:\Windows\System32\bcmwlrc.dll
2014-05-22 09:15 - 2014-05-22 09:15 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-05-22 09:15 - 2014-05-22 09:15 - 00000000 ____D () C:\Program Files\Synaptics
2014-05-22 09:15 - 2014-05-22 09:15 - 00000000 ____D () C:\Program Files\Broadcom
2014-05-22 09:14 - 2014-05-22 09:15 - 00007080 _____ () C:\Windows\DPINST.LOG
2014-05-22 09:14 - 2014-05-22 09:15 - 00001350 _____ () C:\Windows\Synaptics.log
2014-05-22 09:14 - 2014-05-22 09:14 - 00000000 ____D () C:\Windows\SysWOW64\sda
2014-05-22 09:14 - 2014-05-22 09:14 - 00000000 ____D () C:\Windows\System32\SRSLabs
2014-05-22 09:14 - 2012-03-08 11:43 - 09888872 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsBaStorIcon.dll
2014-05-22 09:14 - 2012-03-08 11:43 - 00293480 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RtsBaStor.sys
2014-05-22 09:14 - 2012-03-07 20:01 - 06539264 _____ () C:\Windows\System32\IDTNGUI.exe
2014-05-22 09:14 - 2012-03-07 20:00 - 07563264 _____ () C:\Windows\System32\IDTNHP.dll
2014-05-22 09:14 - 2012-03-07 19:58 - 02184704 _____ () C:\Windows\System32\IDTNX.dll
2014-05-22 09:14 - 2012-03-05 20:04 - 04639232 _____ (IDT, Inc.) C:\Windows\System32\stlang64.dll
2014-05-22 09:14 - 2012-03-05 20:04 - 01819648 _____ (IDT, Inc.) C:\Windows\System32\IDTNC64.cpl
2014-05-22 09:14 - 2012-03-05 20:04 - 01425408 _____ (IDT, Inc.) C:\Windows\sttray64.exe
2014-05-22 09:14 - 2012-03-05 20:04 - 00249344 _____ (IDT, Inc.) C:\Windows\System32\IDTNJ.exe
2014-05-22 09:14 - 2012-03-05 20:04 - 00223744 _____ (IDT, Inc.) C:\Windows\System32\HPToneCtrls64.dll
2014-05-22 09:14 - 2012-02-07 04:54 - 00042461 _____ () C:\Windows\System32\Exige.xml
2014-05-22 09:14 - 2011-05-17 17:25 - 00464384 _____ (SRS Labs, Inc.) C:\Windows\System32\slapoi64.dll
2014-05-22 09:13 - 2014-05-22 09:14 - 00000000 ____D () C:\Program Files\IDT
2014-05-22 09:13 - 2012-03-05 20:04 - 01977856 _____ (IDT, Inc.) C:\Windows\System32\stapo64.dll
2014-05-22 09:13 - 2012-03-05 20:04 - 00655360 ____N (IDT, Inc.) C:\Windows\System32\stapi64.dll
2014-05-22 09:13 - 2012-03-05 20:04 - 00536064 _____ (IDT, Inc.) C:\Windows\System32\Drivers\stwrt64.sys
2014-05-22 09:13 - 2012-03-05 20:04 - 00448512 _____ (IDT, Inc.) C:\Windows\System32\stcplx64.dll
2014-05-22 09:13 - 2012-03-05 20:04 - 00255488 _____ (IDT, Inc.) C:\Windows\System32\staco64.dll
2014-05-22 09:12 - 2014-05-22 09:35 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information
2014-05-22 09:12 - 2014-05-22 09:14 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-05-22 09:12 - 2012-03-09 20:41 - 00685160 _____ (Realtek ) C:\Windows\System32\Drivers\Rt64win7.sys
2014-05-22 09:12 - 2012-03-09 20:41 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\System32\RTNUninst64.dll
2014-05-22 09:12 - 2012-03-09 20:41 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\System32\RtNicProp64.dll
2014-05-22 09:11 - 2014-05-22 09:11 - 00000000 ____D () C:\Windows\kdb
2014-05-22 09:11 - 2014-05-22 09:11 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-05-22 09:11 - 2014-05-22 09:11 - 00000000 ____D () C:\Program Files\AMD
2014-05-22 09:11 - 2014-05-22 09:11 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-05-22 09:11 - 2014-05-22 09:11 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-05-22 09:10 - 2014-05-22 09:10 - 00000000 ____D () C:\ProgramData\AMD
2014-05-22 09:10 - 2014-05-22 09:10 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-05-22 09:10 - 2012-01-14 04:05 - 00056448 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\usbfilter.sys
2014-05-22 09:10 - 2010-02-18 08:18 - 00046136 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\amdiox64.sys
2014-05-22 09:09 - 2014-05-22 09:11 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-05-22 09:09 - 2014-05-22 09:09 - 00000000 __RSH () C:\Windows\SysWOW64\Drivers\103C_HP_cNB_ENVY 6 Notebook PC_Y5335KV_0U_QCND2280V7B_E689263-001_4A_I18DE_SHP_V77.47_BF.15_T130122_W73-1_L409_M3553_J500_7AMD_8F01_92.10_#140522_N_(B5Q40UA#ABA)_XMOBILE_CN10_Z_20795100000205600000320100.MRK
2014-05-22 09:09 - 2014-05-22 09:09 - 00000000 __RSH () C:\Windows\System32\Drivers\103C_HP_cNB_ENVY 6 Notebook PC_Y5335KV_0U_QCND2280V7B_E689263-001_4A_I18DE_SHP_V77.47_BF.15_T130122_W73-1_L409_M3553_J500_7AMD_8F01_92.10_#140522_N_(B5Q40UA#ABA)_XMOBILE_CN10_Z_20795100000205600000320100.MRK
2014-05-22 09:09 - 2014-05-22 09:09 - 00000000 ____D () C:\Program Files\ATI

==================== One Month Modified Files and Folders =======

2014-05-23 10:23 - 2014-05-22 10:04 - 00000000 ____D () C:\FRST
2014-05-23 06:17 - 2014-05-22 09:51 - 01680145 _____ () C:\Windows\WindowsUpdate.log
2014-05-23 06:11 - 2009-07-13 20:45 - 00031248 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-23 06:11 - 2009-07-13 20:45 - 00031248 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-23 06:10 - 2009-07-13 21:13 - 00782470 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-05-23 06:07 - 2014-05-22 15:57 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-23 06:05 - 2010-11-20 19:47 - 00020146 _____ () C:\Windows\PFRO.log
2014-05-23 06:05 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-23 06:05 - 2009-07-13 20:51 - 00035217 _____ () C:\Windows\setupact.log
2014-05-23 06:03 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-23 06:02 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-05-23 06:02 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-05-23 06:02 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\zh-HK
2014-05-23 06:02 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\tr-TR
2014-05-23 05:58 - 2014-05-22 09:23 - 00775084 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-23 05:48 - 2014-05-23 05:39 - 00009861 _____ () C:\Windows\IE11_main.log
2014-05-23 05:44 - 2014-05-23 05:44 - 23549440 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 13551104 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 05784064 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 02767360 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-23 05:44 - 2014-05-23 05:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-05-23 05:44 - 2014-05-23 05:44 - 02260480 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 02043904 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-05-23 05:44 - 2014-05-23 05:44 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-23 05:44 - 2014-05-23 05:44 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 01400832 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 01228800 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00942592 _____ (Microsoft Corporation) C:\Windows\System32\jsIntl.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00752640 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00628736 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-05-23 05:44 - 2014-05-23 05:44 - 00616104 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2014-05-23 05:44 - 2014-05-23 05:44 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00586240 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00413696 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2014-05-23 05:44 - 2014-05-23 05:44 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-05-23 05:44 - 2014-05-23 05:44 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00263376 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00147968 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00101376 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00090112 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00086016 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2014-05-23 05:44 - 2014-05-23 05:44 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-05-23 05:44 - 2014-05-23 05:44 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-05-23 05:44 - 2014-05-23 05:44 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-05-23 05:44 - 2014-05-23 05:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 03928064 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 02776576 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01682432 _____ (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01424384 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01238528 _____ (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01175552 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00648192 _____ (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00522752 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00363008 _____ (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00333312 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00245248 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00221184 _____ (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00194560 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00010752 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00009728 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-23 05:41 - 2014-05-23 05:41 - 00002560 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-23 05:13 - 2014-05-23 05:13 - 02067456 _____ (Farbar) C:\Users\user\Downloads\FRST64 (1).exe
2014-05-23 05:11 - 2014-05-23 05:11 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-05-23 05:08 - 2014-05-23 05:07 - 00000000 ____D () C:\Windows\System32\MRT
2014-05-23 04:35 - 2014-05-23 04:35 - 02067456 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-05-23 04:26 - 2014-05-22 15:57 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-23 04:26 - 2014-05-22 12:23 - 00058016 _____ () C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-23 04:06 - 2014-05-23 04:06 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Google
2014-05-23 04:06 - 2014-05-22 15:57 - 00000000 ____D () C:\Users\Home\AppData\Local\Google
2014-05-23 04:01 - 2014-05-22 10:59 - 00058016 _____ () C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-23 02:39 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-05-22 21:13 - 2009-07-13 20:45 - 00275712 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-05-22 21:10 - 2014-05-22 21:10 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-05-22 21:10 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-22 21:10 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-22 21:10 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-22 19:50 - 2014-05-22 17:07 - 00000000 ____D () C:\Users\user\AppData\Local\CrashDumps
2014-05-22 16:26 - 2014-05-22 16:26 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-05-22 16:26 - 2014-05-22 16:26 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-05-22 16:26 - 2014-05-22 16:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-05-22 16:23 - 2014-05-22 16:22 - 13829304 _____ (Microsoft Corporation) C:\Users\user\Downloads\mseinstall.exe
2014-05-22 16:02 - 2014-05-22 15:57 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-22 16:02 - 2014-05-22 15:57 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-22 15:58 - 2014-05-22 15:56 - 00000000 ____D () C:\Users\Home\AppData\Local\Adobe
2014-05-22 15:57 - 2014-05-22 15:57 - 00000000 ____D () C:\ProgramData\Google
2014-05-22 15:57 - 2014-05-22 15:57 - 00000000 ____D () C:\Program Files\Google
2014-05-22 15:57 - 2014-05-22 15:57 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-22 15:57 - 2014-05-22 09:34 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-22 15:57 - 2014-05-22 09:34 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-22 12:23 - 2014-05-22 12:23 - 00000000 ____D () C:\Users\user\AppData\Roaming\ATI
2014-05-22 12:23 - 2014-05-22 12:23 - 00000000 ____D () C:\Users\user\AppData\Local\ATI
2014-05-22 12:23 - 2014-05-22 12:23 - 00000000 ____D () C:\Users\user\AppData\Local\AMD
2014-05-22 12:22 - 2014-05-22 12:22 - 00000000 ____D () C:\Users\user\AppData\Roaming\Synaptics
2014-05-22 12:21 - 2014-05-22 12:21 - 00000020 ___SH () C:\Users\user\ntuser.ini
2014-05-22 12:21 - 2014-05-22 12:21 - 00000000 ____D () C:\Users\user\AppData\Local\VirtualStore
2014-05-22 10:58 - 2014-05-22 10:58 - 00000000 ____D () C:\Users\Home\AppData\Roaming\ATI
2014-05-22 10:58 - 2014-05-22 10:58 - 00000000 ____D () C:\Users\Home\AppData\Local\ATI
2014-05-22 10:58 - 2014-05-22 10:58 - 00000000 ____D () C:\Users\Home\AppData\Local\AMD
2014-05-22 10:57 - 2014-05-22 10:57 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Synaptics
2014-05-22 10:57 - 2014-05-22 10:57 - 00000000 ____D () C:\Users\Home\AppData\Local\VirtualStore
2014-05-22 10:57 - 2014-05-22 10:57 - 00000000 ____D () C:\Users\Home\AppData\Local\Hewlett-Packard
2014-05-22 10:57 - 2014-05-22 10:56 - 00000000 ____D () C:\users\Home
2014-05-22 10:57 - 2011-02-10 11:23 - 00000000 ____D () C:\SYSTEM.SAV
2014-05-22 10:57 - 2011-02-10 11:23 - 00000000 ____D () C:\SWSetup
2014-05-22 10:57 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\Recovery
2014-05-22 10:57 - 2007-01-01 17:32 - 00000000 __SHD () C:\Recovery
2014-05-22 10:56 - 2014-05-22 10:56 - 00000020 ___SH () C:\Users\Home\ntuser.ini
2014-05-22 09:59 - 2014-05-22 09:59 - 00002196 _____ () C:\Users\Home\Desktop\aswMBR.txt
2014-05-22 09:59 - 2014-05-22 09:59 - 00000512 _____ () C:\Users\Home\Desktop\MBR.dat
2014-05-22 09:59 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-05-22 09:59 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-05-22 09:58 - 2014-05-22 09:58 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-22 09:58 - 2009-07-13 21:38 - 00029696 ___SH () C:\Windows\System32\config\BCD-Template.LOG
2014-05-22 09:58 - 2009-07-13 21:32 - 00032768 _____ () C:\Windows\System32\config\BCD-Template
2014-05-22 09:56 - 2007-01-01 17:25 - 00000000 ____D () C:\Windows\Panther
2014-05-22 09:50 - 2009-07-13 20:46 - 00005075 _____ () C:\Windows\DtcInstall.log
2014-05-22 09:50 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sysprep
2014-05-22 09:48 - 2007-01-01 17:29 - 00005949 _____ () C:\Windows\TSSysprep.log
2014-05-22 09:44 - 2014-05-22 09:44 - 00000000 ____D () C:\ProgramData\ATI
2014-05-22 09:44 - 2014-05-22 09:43 - 00002542 _____ () C:\Users\Home\Desktop\unhide.txt
2014-05-22 09:43 - 2014-05-22 09:43 - 00000000 ____D () C:\ProgramData\Synaptics
2014-05-22 09:43 - 2014-05-22 09:16 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-05-22 09:42 - 2014-05-22 09:36 - 00000000 ____D () C:\Users\Home\Desktop\RK_Quarantine
2014-05-22 09:41 - 2014-05-22 12:22 - 00000000 ____D () C:\Users\user\AppData\Local\Hewlett-Packard
2014-05-22 09:41 - 2014-05-22 09:41 - 00000000 ____D () C:\Users\user\AppData\Roaming\hpqlog
2014-05-22 09:39 - 2014-05-22 09:39 - 00001732 _____ () C:\Users\Home\Desktop\RKreport[0]_S_05222014_103959.txt
2014-05-22 09:35 - 2014-05-22 09:35 - 00002179 _____ () C:\Users\Public\Desktop\HP Support Assistant.lnk
2014-05-22 09:35 - 2014-05-22 09:35 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
2014-05-22 09:35 - 2014-05-22 09:23 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-22 09:35 - 2014-05-22 09:12 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information
2014-05-22 09:35 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Help
2014-05-22 09:34 - 2014-05-22 09:34 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-05-22 09:34 - 2014-05-22 09:34 - 00000000 ____D () C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2014-05-22 09:34 - 2014-05-22 09:32 - 00002040 _____ () C:\Users\Home\Desktop\Rkill.txt
2014-05-22 09:33 - 2014-05-22 09:33 - 00000000 ____D () C:\Windows\System32\Macromed
2014-05-22 09:33 - 2014-05-22 09:33 - 00000000 ____D () C:\Program Files (x86)\HP SimplePass
2014-05-22 09:33 - 2012-02-23 17:22 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-05-22 09:32 - 2014-05-22 09:32 - 00003148 _____ () C:\Windows\System32\Tasks\MirageAgent
2014-05-22 09:32 - 2014-05-22 09:32 - 00000000 ____D () C:\Users\Public\Documents\YouCam
2014-05-22 09:32 - 2014-05-22 09:32 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-05-22 09:32 - 2014-05-22 09:32 - 00000000 ____D () C:\Program Files\Common Files\AuthenTec
2014-05-22 09:32 - 2014-05-22 09:30 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-05-22 09:27 - 2014-05-22 09:27 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-05-22 09:24 - 2014-05-22 09:24 - 00000000 ____D () C:\Users\user\AppData\Roaming\Macromedia
2014-05-22 09:24 - 2014-05-22 09:24 - 00000000 ____D () C:\Users\user\AppData\Roaming\Adobe
2014-05-22 09:24 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\System32\restore
2014-05-22 09:23 - 2014-05-22 09:23 - 00000000 ____D () C:\Windows\Hewlett-Packard
2014-05-22 09:16 - 2014-05-22 09:16 - 00000000 ____D () C:\Program Files\WIDCOMM
2014-05-22 09:15 - 2014-05-22 09:15 - 04747328 _____ (Broadcom Corporation) C:\Windows\System32\Drivers\BCMWL664.SYS
2014-05-22 09:15 - 2014-05-22 09:15 - 03952640 _____ (Broadcom Corporation) C:\Windows\System32\bcmihvsrv64.dll
2014-05-22 09:15 - 2014-05-22 09:15 - 03617792 _____ (Broadcom Corporation) C:\Windows\System32\bcmihvui64.dll
2014-05-22 09:15 - 2014-05-22 09:15 - 00095544 _____ (Broadcom Corporation) C:\Windows\System32\bcmwlcoi.dll
2014-05-22 09:15 - 2014-05-22 09:15 - 00006656 _____ () C:\Windows\System32\bcmwlrc.dll
2014-05-22 09:15 - 2014-05-22 09:15 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-05-22 09:15 - 2014-05-22 09:15 - 00000000 ____D () C:\Program Files\Synaptics
2014-05-22 09:15 - 2014-05-22 09:15 - 00000000 ____D () C:\Program Files\Broadcom
2014-05-22 09:15 - 2014-05-22 09:14 - 00007080 _____ () C:\Windows\DPINST.LOG
2014-05-22 09:15 - 2014-05-22 09:14 - 00001350 _____ () C:\Windows\Synaptics.log
2014-05-22 09:15 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\th-TH
2014-05-22 09:15 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sl-SI
2014-05-22 09:15 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\sk-SK
2014-05-22 09:15 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\ro-RO
2014-05-22 09:15 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\lv-LV
2014-05-22 09:15 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\lt-LT
2014-05-22 09:15 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\hr-HR
2014-05-22 09:15 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\he-IL
2014-05-22 09:15 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\et-EE
2014-05-22 09:15 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\bg-BG
2014-05-22 09:15 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\ar-SA
2014-05-22 09:14 - 2014-05-22 09:14 - 00000000 ____D () C:\Windows\SysWOW64\sda
2014-05-22 09:14 - 2014-05-22 09:14 - 00000000 ____D () C:\Windows\System32\SRSLabs
2014-05-22 09:14 - 2014-05-22 09:13 - 00000000 ____D () C:\Program Files\IDT
2014-05-22 09:14 - 2014-05-22 09:12 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-05-22 09:11 - 2014-05-22 09:11 - 00000000 ____D () C:\Windows\kdb
2014-05-22 09:11 - 2014-05-22 09:11 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-05-22 09:11 - 2014-05-22 09:11 - 00000000 ____D () C:\Program Files\AMD
2014-05-22 09:11 - 2014-05-22 09:11 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-05-22 09:11 - 2014-05-22 09:11 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-05-22 09:11 - 2014-05-22 09:09 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-05-22 09:10 - 2014-05-22 09:10 - 00000000 ____D () C:\ProgramData\AMD
2014-05-22 09:10 - 2014-05-22 09:10 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-05-22 09:09 - 2014-05-22 09:09 - 00000000 __RSH () C:\Windows\SysWOW64\Drivers\103C_HP_cNB_ENVY 6 Notebook PC_Y5335KV_0U_QCND2280V7B_E689263-001_4A_I18DE_SHP_V77.47_BF.15_T130122_W73-1_L409_M3553_J500_7AMD_8F01_92.10_#140522_N_(B5Q40UA#ABA)_XMOBILE_CN10_Z_20795100000205600000320100.MRK
2014-05-22 09:09 - 2014-05-22 09:09 - 00000000 __RSH () C:\Windows\System32\Drivers\103C_HP_cNB_ENVY 6 Notebook PC_Y5335KV_0U_QCND2280V7B_E689263-001_4A_I18DE_SHP_V77.47_BF.15_T130122_W73-1_L409_M3553_J500_7AMD_8F01_92.10_#140522_N_(B5Q40UA#ABA)_XMOBILE_CN10_Z_20795100000205600000320100.MRK
2014-05-22 09:09 - 2014-05-22 09:09 - 00000000 ____D () C:\Program Files\ATI
2014-05-22 09:09 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-05-08 22:14 - 2014-05-22 17:17 - 00477184 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-05-08 22:11 - 2014-05-22 17:17 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-05-04 13:12 - 2014-05-23 05:07 - 93223848 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe

Some content of TEMP:
====================
C:\Users\Home\AppData\Local\Temp\ntdll_dump.dll

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

==================== Restore Points =========================

Restore point made on: 2014-05-22 09:24:36
Restore point made on: 2014-05-22 16:42:23
Restore point made on: 2014-05-22 17:18:56
Restore point made on: 2014-05-23 02:15:04
Restore point made on: 2014-05-23 04:35:04
Restore point made on: 2014-05-23 06:16:57

==================== Memory info ===========================

Percentage of memory in use: 19%
Total physical RAM: 3552.36 MB
Available physical RAM: 2867.6 MB
Total Pagefile: 3550.51 MB
Available Pagefile: 2857.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.87 GB) (Free:417.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Recovery) (Fixed) (Total:18.59 GB) (Free:1.99 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive g: () (Removable) (Total:3.73 GB) (Free:3.63 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.25 GB) (Free:0.25 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5A31C1F9)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=447 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

LastRegBack: 2014-05-23 02:32

==================== End Of Log ============================