Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Web Browser Hanging Up and Shutting Down [Solved]


  • This topic is locked This topic is locked

#1
cloroxmartini

cloroxmartini

    Member

  • Member
  • PipPipPip
  • 134 posts

Originally posted in Windows 8 OS forum and told it sounds like a malware issue

 

"Have Google Chrome and IE 11.0.9.

 

HP desktop running Windows 8

 

Using Microsoft outlook and clicking links in email do not bring up internet browser.

 

Google Chrome takes forever to boot up and then drops out unexpectedly. If I close Google Chrome and open IE explorer, then Chrome won't open again, or it takes 10 minutes to load and then pops up.

 

What kind of issue is this?

 

Thanks in advance"

 

Ran OTL:

 

OTL logfile created on: 6/29/2014 4:58:11 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Donnapc\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.40 Gb Total Physical Memory | 5.68 Gb Available Physical Memory | 76.80% Memory free
7.99 Gb Paging File | 5.70 Gb Available in Paging File | 71.28% Paging File free
Paging file location(s): c:\pagefile.sys 400 4096 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.77 Gb Total Space | 873.65 Gb Free Space | 95.09% Space Free | Partition Type: NTFS
Drive D: | 10.83 Gb Total Space | 1.29 Gb Free Space | 11.92% Space Free | Partition Type: NTFS
 
Computer Name: DONNA | User Name: Donnapc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/06/29 16:57:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Donnapc\Desktop\OTL.exe
PRC - [2014/06/28 09:14:02 | 006,278,432 | ---- | M] () -- C:\Users\Donnapc\AppData\Local\Temp\paint.net.4.0.install.exe
PRC - [2014/06/24 13:18:50 | 000,080,960 | ---- | M] () -- C:\Users\Donnapc\AppData\Local\Temp\PdnSetup\SetupShim.exe
PRC - [2014/06/05 06:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/04/25 14:14:28 | 004,101,584 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014/04/25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2014/04/25 14:12:10 | 002,081,752 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014/04/25 14:12:06 | 001,738,200 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/07/15 05:43:00 | 000,095,800 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
PRC - [2010/10/25 15:53:46 | 000,145,920 | ---- | M] (HP) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2010/10/25 15:40:08 | 000,058,936 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/06/28 09:14:50 | 000,011,264 | ---- | M] () -- C:\Users\Donnapc\AppData\Local\Temp\nswBCF8.tmp\System.dll
MOD - [2014/06/28 09:14:02 | 006,278,432 | ---- | M] () -- C:\Users\Donnapc\AppData\Local\Temp\paint.net.4.0.install.exe
MOD - [2014/06/24 13:18:50 | 000,080,960 | ---- | M] () -- C:\Users\Donnapc\AppData\Local\Temp\PdnSetup\SetupShim.exe
MOD - [2014/06/03 09:21:00 | 011,926,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\102641775d6479119c61162a8a89bbff\System.Web.ni.dll
MOD - [2014/06/03 09:20:53 | 000,774,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\6372064a9615d7645a5a3a59470acb4d\System.Runtime.Remoting.ni.dll
MOD - [2014/06/03 09:20:53 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\465dac2a0ebb43fd93816404c1b03bc9\System.ServiceProcess.ni.dll
MOD - [2014/06/03 09:20:38 | 001,806,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\2bfb74c357b464512ac23cdb741e8bb9\System.Deployment.ni.dll
MOD - [2014/06/03 09:20:37 | 000,310,784 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\089846a68fa746808f6f5ff49ada0cb0\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2014/06/03 09:20:34 | 000,978,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\97272e5adde36ea896d7216bf0270e15\System.Configuration.ni.dll
MOD - [2014/06/01 10:39:19 | 005,463,552 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\672138dc2f47a077f59ef14290a6973e\System.Xml.ni.dll
MOD - [2014/06/01 10:39:16 | 012,436,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a673aacf407b499981342bb709cce917\System.Windows.Forms.ni.dll
MOD - [2014/06/01 10:39:10 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d76ae95d56d39a59f727f5518ac8e396\System.Drawing.ni.dll
MOD - [2014/06/01 10:39:10 | 001,051,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9f0fe59d471b42a6bbfe4ed1ca78aaa3\System.Management.ni.dll
MOD - [2014/06/01 10:38:43 | 007,993,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\20af51394609c937507288c2b1cf2c8c\System.ni.dll
MOD - [2014/06/01 10:38:39 | 011,499,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3de119146ed0e59408f896aa69cdfc42\mscorlib.ni.dll
MOD - [2014/04/25 14:11:24 | 000,167,768 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014/04/25 14:11:22 | 000,109,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014/04/25 14:11:20 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2010/10/25 15:36:22 | 000,119,864 | ---- | M] () -- C:\Program Files (x86)\HP\ToolboxFX\bin\NativeUtils.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/06/04 16:45:53 | 000,339,456 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2014/05/31 21:13:37 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/05/31 21:13:37 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/05/31 21:10:11 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/05/31 21:10:11 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/05/31 21:09:27 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/05/31 21:09:26 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/05/31 21:09:26 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/05/31 21:04:52 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2014/03/27 10:50:07 | 009,954,096 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2014/03/18 03:13:26 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/18 03:13:25 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/03/18 03:13:20 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/03/18 03:13:18 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/03/18 03:13:18 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/03/18 03:13:14 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/03/18 03:13:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/03/18 03:13:13 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/02/06 03:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/09/18 23:32:40 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/08/22 05:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 04:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 04:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 04:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 04:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 04:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 03:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 03:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 03:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 02:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 02:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 02:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 02:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 02:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 02:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 02:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 02:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2014/05/31 21:09:25 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/05/31 21:04:54 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2014/05/31 21:04:52 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2014/05/31 21:04:51 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/04 19:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/08/22 05:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 20:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 19:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012/10/12 17:22:08 | 000,035,744 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe -- (HPConnectedRemote)
SRV - [2010/10/25 15:53:46 | 000,145,920 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/06/04 16:45:53 | 000,551,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2014/06/04 16:44:29 | 000,083,224 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2014/05/31 21:13:37 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/05/31 21:13:37 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/05/31 21:13:37 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/05/31 21:13:37 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/05/31 21:10:11 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/05/31 21:10:11 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/05/31 21:10:11 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/05/31 21:09:25 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/05/23 18:34:41 | 000,020,672 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GUBootStartup.sys -- (GUBootStartup)
DRV:64bit: - [2014/05/14 00:02:46 | 000,017,600 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BootDefragDriver.sys -- (BootDefragDriver)
DRV:64bit: - [2014/05/01 06:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/03/31 14:02:10 | 000,046,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DisplayLinkUsbIo_x64_7.5.54609.0.sys -- (DisplayLinkUsbIo_x64)
DRV:64bit: - [2014/03/27 10:53:10 | 000,389,936 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
DRV:64bit: - [2014/03/27 10:53:10 | 000,017,200 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV:64bit: - [2014/03/18 03:13:19 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/03/18 03:13:15 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/18 03:13:15 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/03/18 03:13:02 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/03/18 03:13:01 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/03/18 03:13:01 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/03/18 03:13:01 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/03/18 03:13:01 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/03/18 03:13:01 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/03/18 03:13:00 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/03/18 03:13:00 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/03/18 03:13:00 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/03/18 02:45:47 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/03/18 02:45:41 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/11/26 17:34:02 | 002,505,904 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2013/09/18 23:32:40 | 012,526,592 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/09/18 23:32:40 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/08/22 06:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 06:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 05:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 05:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 05:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 05:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 05:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 05:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 05:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 05:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 05:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 05:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 05:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 05:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 05:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 05:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 05:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 05:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 05:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 05:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 05:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 05:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 05:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 05:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 05:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 05:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 05:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 05:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 05:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 04:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 04:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 04:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 04:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 04:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 04:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 04:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 04:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 04:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 04:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 04:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 04:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 04:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 04:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 04:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 04:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 04:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 04:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 04:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 04:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 04:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 04:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 01:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 16:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 17:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 11:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 12:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 07:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2012/07/16 19:36:29 | 000,057,000 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/06/25 10:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2009/02/25 11:58:58 | 000,022,040 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hppdbulkio.sys -- (HPFXBULKLEDM)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPDTDFJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPDTDFJS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPDTDFJS
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.5_0\
CHR - Extension: Google Wallet = C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Send Link by Email or Gmail = C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf\1.2.1_0\
 
O1 HOSTS File: ([2013/08/22 06:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [GUDelayStartup] C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe (Glarysoft Ltd)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 3
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD11F1B9-D937-4052-9AFB-94A70F308EF7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F725754D-E3F9-485F-870B-7CE3C90BBB64}: DhcpNameServer = 192.168.10.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/29 16:57:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Donnapc\Desktop\OTL.exe
[2014/06/11 12:55:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2014/06/04 16:46:02 | 002,213,376 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\SysNative\stapo64.dll
[2014/06/04 16:46:02 | 000,697,856 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\SysNative\stapi64.dll
[2014/06/04 16:46:02 | 000,551,936 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\SysNative\drivers\stwrt64.sys
[2014/06/04 16:46:02 | 000,256,000 | ---- | C] (IDT, Inc.) -- C:\WINDOWS\SysNative\st646491.dll
[2014/06/04 16:45:59 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2014/06/04 16:44:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AmUStor
[2014/06/04 16:44:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AmUStor
[2014/06/04 16:44:29 | 000,083,224 | ---- | C] (Alcor Micro, Corp.) -- C:\WINDOWS\SysNative\drivers\AmUStor.sys
[2014/06/04 16:44:29 | 000,021,784 | ---- | C] (Alcor Micro, Corp.) -- C:\WINDOWS\SysNative\AmUStor.dll
[2014/06/02 21:17:31 | 000,389,936 | ---- | C] (DisplayLink Corp.) -- C:\WINDOWS\SysNative\drivers\dlkmd.sys
[2014/06/02 21:17:31 | 000,017,200 | ---- | C] (DisplayLink Corp.) -- C:\WINDOWS\SysNative\drivers\dlkmdldr.sys
[2014/06/01 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\AppData\Local\EmieUserList
[2014/06/01 20:04:29 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\AppData\Local\EmieSiteList
[2014/06/01 13:49:13 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/01 13:42:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/06/01 13:41:55 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/06/01 13:41:55 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014/06/01 13:41:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/06/01 13:41:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
[2014/06/01 13:40:46 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014/06/01 13:40:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/06/01 13:40:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/05/31 21:16:33 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/05/31 21:16:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2014/05/31 21:04:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014/05/31 21:04:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014/05/31 21:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/05/31 21:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/05/31 21:04:58 | 000,000,000 | ---D | C] -- C:\inetpub
[2014/05/31 20:22:11 | 000,000,000 | --SD | C] -- C:\Users\Donnapc\AppData\Roaming\Microsoft
[2014/05/31 20:22:11 | 000,000,000 | R--D | C] -- C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/05/31 20:22:11 | 000,000,000 | R--D | C] -- C:\Users\Donnapc\Favorites
[2014/05/31 20:22:11 | 000,000,000 | R--D | C] -- C:\Users\Donnapc\Documents
[2014/05/31 20:22:11 | 000,000,000 | R--D | C] -- C:\Users\Donnapc\Desktop
[2014/05/31 20:22:11 | 000,000,000 | R--D | C] -- C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/05/31 20:22:11 | 000,000,000 | R--D | C] -- C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/05/31 20:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\AppData\Local\Temporary Internet Files
[2014/05/31 20:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\Templates
[2014/05/31 20:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\Start Menu
[2014/05/31 20:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\SendTo
[2014/05/31 20:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\Recent
[2014/05/31 20:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\PrintHood
[2014/05/31 20:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\NetHood
[2014/05/31 20:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\Documents\My Videos
[2014/05/31 20:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\Documents\My Pictures
[2014/05/31 20:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\Documents\My Music
[2014/05/31 20:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\My Documents
[2014/05/31 20:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\Local Settings
[2014/05/31 20:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\AppData\Local\History
[2014/05/31 20:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\Cookies
[2014/05/31 20:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\Application Data
[2014/05/31 20:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Donnapc\AppData\Local\Application Data
[2014/05/31 20:22:11 | 000,000,000 | -H-D | C] -- C:\Users\Donnapc\AppData
[2014/05/31 20:22:11 | 000,000,000 | ---D | C] -- C:\Users\Donnapc\AppData\Local\Temp
[2014/05/31 20:22:11 | 000,000,000 | ---D | C] -- C:\Users\Donnapc\AppData\Local\Microsoft
[2014/05/31 20:22:11 | 000,000,000 | ---D | C] -- C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/05/31 20:18:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SRSLabs
[2014/05/31 20:18:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2014/05/31 20:17:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/29 16:57:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Donnapc\Desktop\OTL.exe
[2014/06/28 09:14:42 | 000,078,051 | ---- | M] () -- C:\Users\Donnapc\Desktop\HP System Information.png
[2014/06/28 08:36:59 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014/06/25 23:04:55 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/06/25 20:56:21 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/24 21:53:00 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/24 14:53:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/16 16:26:22 | 000,001,376 | ---- | M] () -- C:\Users\Donnapc\Desktop\Photo Gallery.lnk
[2014/06/16 16:19:46 | 000,956,476 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/06/16 16:19:46 | 000,794,884 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/06/16 16:19:46 | 000,161,140 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/06/15 16:13:00 | 000,643,050 | ---- | M] () -- C:\Users\Donnapc\Documents\PICT0002 (2).JPG
[2014/06/15 16:13:00 | 000,626,799 | ---- | M] () -- C:\Users\Donnapc\Documents\PICT0001 (2).JPG
[2014/06/15 16:13:00 | 000,108,415 | R--- | M] () -- C:\Users\Donnapc\Documents\PICT0025.jpg
[2014/06/15 14:59:54 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize 5.job
[2014/06/15 14:52:33 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/06/15 14:52:33 | 2059,649,023 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/13 23:45:51 | 000,000,356 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForDONNA$.job
[2014/06/04 16:45:53 | 006,101,504 | ---- | M] (IDT, Inc.) -- C:\WINDOWS\SysNative\stlang64.dll
[2014/06/04 16:45:53 | 002,213,376 | ---- | M] (IDT, Inc.) -- C:\WINDOWS\SysNative\stapo64.dll
[2014/06/04 16:45:53 | 001,703,424 | ---- | M] (IDT, Inc.) -- C:\WINDOWS\sttray64.exe
[2014/06/04 16:45:53 | 000,697,856 | ---- | M] (IDT, Inc.) -- C:\WINDOWS\SysNative\stapi64.dll
[2014/06/04 16:45:53 | 000,551,936 | ---- | M] (IDT, Inc.) -- C:\WINDOWS\SysNative\drivers\stwrt64.sys
[2014/06/04 16:45:53 | 000,256,000 | ---- | M] (IDT, Inc.) -- C:\WINDOWS\SysNative\st646491.dll
[2014/06/04 16:45:52 | 001,897,984 | ---- | M] (IDT, Inc.) -- C:\WINDOWS\SysNative\IDTNC64.cpl
[2014/06/04 16:44:29 | 000,942,080 | ---- | M] () -- C:\WINDOWS\SysNative\AmRdrIco.icl
[2014/06/04 16:44:29 | 000,083,224 | ---- | M] (Alcor Micro, Corp.) -- C:\WINDOWS\SysNative\drivers\AmUStor.sys
[2014/06/04 16:44:29 | 000,021,784 | ---- | M] (Alcor Micro, Corp.) -- C:\WINDOWS\SysNative\AmUStor.dll
[2014/06/04 16:44:29 | 000,004,435 | ---- | M] () -- C:\WINDOWS\SysNative\AmUStor.ini
[2014/06/04 16:44:29 | 000,000,640 | ---- | M] () -- C:\WINDOWS\SysNative\VendorCmd0.bin
[2014/06/04 16:44:29 | 000,000,008 | ---- | M] () -- C:\WINDOWS\SysNative\CardDetect.bin
[2014/06/02 22:42:24 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/06/01 13:42:18 | 000,001,397 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/06/01 13:42:01 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/31 21:13:37 | 000,387,210 | ---- | M] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/05/31 20:32:42 | 000,026,673 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2014/05/31 20:32:42 | 000,026,673 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2014/05/31 20:32:30 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/05/31 20:28:41 | 000,486,992 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/05/31 20:20:09 | 000,930,400 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/05/31 20:18:09 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
 
========== Files Created - No Company Name ==========
 
[2014/06/28 09:14:37 | 000,078,051 | ---- | C] () -- C:\Users\Donnapc\Desktop\HP System Information.png
[2014/06/28 08:36:59 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014/06/16 16:26:22 | 000,001,376 | ---- | C] () -- C:\Users\Donnapc\Desktop\Photo Gallery.lnk
[2014/06/15 16:30:41 | 000,108,415 | R--- | C] () -- C:\Users\Donnapc\Documents\PICT0025.jpg
[2014/06/15 16:30:28 | 000,643,050 | ---- | C] () -- C:\Users\Donnapc\Documents\PICT0002 (2).JPG
[2014/06/15 16:30:13 | 000,626,799 | ---- | C] () -- C:\Users\Donnapc\Documents\PICT0001 (2).JPG
[2014/06/11 16:20:56 | 000,000,356 | ---- | C] () -- C:\WINDOWS\tasks\HPCeeScheduleForDONNA$.job
[2014/06/04 16:44:29 | 000,942,080 | ---- | C] () -- C:\WINDOWS\SysNative\AmRdrIco.icl
[2014/06/04 16:44:29 | 000,004,435 | ---- | C] () -- C:\WINDOWS\SysNative\AmUStor.ini
[2014/06/04 16:44:29 | 000,000,640 | ---- | C] () -- C:\WINDOWS\SysNative\VendorCmd0.bin
[2014/06/04 16:44:29 | 000,000,008 | ---- | C] () -- C:\WINDOWS\SysNative\CardDetect.bin
[2014/06/02 22:42:24 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/06/01 10:27:44 | 000,001,448 | ---- | C] () -- C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/05/31 21:13:37 | 000,387,210 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/05/31 20:32:30 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/05/31 20:26:27 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2014/05/31 20:22:11 | 000,000,369 | ---- | C] () -- C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2014/05/31 20:22:11 | 000,000,369 | ---- | C] () -- C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2014/05/31 20:22:11 | 000,000,352 | ---- | C] () -- C:\Users\Donnapc\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/05/31 20:22:11 | 000,000,334 | ---- | C] () -- C:\Users\Donnapc\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/05/31 20:22:03 | 000,026,673 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2014/05/31 20:22:03 | 000,026,673 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2014/05/31 20:20:09 | 000,930,400 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/05/31 20:18:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2014/05/24 13:49:17 | 000,038,448 | ---- | C] () -- C:\Users\Donnapc\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2014/03/18 03:13:28 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 03:13:03 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/02/19 18:43:56 | 000,000,313 | ---- | C] () -- C:\WINDOWS\SysWow64\RaCheckBTDev.ini
[2014/02/07 17:19:11 | 000,000,017 | ---- | C] () -- C:\Users\Donnapc\AppData\Local\resmon.resmoncfg
[2014/02/03 17:48:48 | 000,000,085 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013/11/23 20:33:50 | 000,036,384 | ---- | C] () -- C:\Users\Donnapc\AppData\Roaming\Comma Separated Values (Windows).ADR
[2013/11/18 23:16:04 | 000,172,032 | ---- | C] () -- C:\WINDOWS\SysWow64\rsUtil.dll
[2013/11/12 18:12:45 | 000,000,141 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2013/09/18 23:32:48 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013/09/18 23:32:48 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013/09/18 23:32:44 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013/09/18 23:32:34 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013/09/18 23:32:34 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013/09/18 23:32:30 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013/08/22 08:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 08:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 07:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 00:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 20:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 16:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 16:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/07/25 13:22:54 | 000,982,240 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng500.bin
[2012/07/25 13:22:54 | 000,439,308 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng500.bin
[2012/07/25 13:22:54 | 000,092,356 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg500m.bin
 
========== ZeroAccess Check ==========
 
[2014/05/31 20:29:47 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/05/31 21:09:26 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/05/31 21:09:27 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 02:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 19:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 02:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/04/07 17:05:30 | 000,000,000 | -HSD | M] -- C:\Users\Donnapc\AppData\Roaming\.#
[2014/06/29 09:04:19 | 000,000,000 | ---D | M] -- C:\Users\Donnapc\AppData\Roaming\ClassicShell
[2014/05/23 18:34:52 | 000,000,000 | ---D | M] -- C:\Users\Donnapc\AppData\Roaming\GlarySoft
[2013/11/14 16:58:12 | 000,000,000 | ---D | M] -- C:\Users\Donnapc\AppData\Roaming\WinBatch
 
========== Purity Check ==========
 
 

< End of report >


Edited by cloroxmartini, 29 June 2014 - 06:10 PM.

  • 0

Advertisements


#2
LiquidTension

LiquidTension

    Instructor

  • GeekU Moderator
  • 1,068 posts

Hello cloroxmartini,
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. smile.png
 
======================================================
 
Important: I have laid out some "ground rules" I would very much appreciate you follow. Please read through the points below, to ensure this process moves as quickly and efficiently as possible.

  • Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
  • Please do not post logs using the CODEQUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.
  • Ensure you are subscribed to this topic to receive instant email notifications of my responses.
    • ​Scroll to the top of this page and ensure you see the following: 6hgDYJ6.png
    • If you are not set to follow this topic, click the Follow this topic button and follow the prompts.
  • Please attempt to backup important documents before proceeding with my instructions.
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.
  • Topics are locked if no response is made after 5 days. Please inform me if you will require additional time to complete my instructions.

======================================================

 

Please be advised that I am currently in training at WhattheTech.com. My responses will need to be approved by a instructor at WhattheTech.com before I post in order to ensure you are receiving accurate instructions. I will return as soon as possible.

  • 0

#3
LiquidTension

LiquidTension

    Instructor

  • GeekU Moderator
  • 1,068 posts

Hello cloroxmartini,
 
Please run the following programmes, and post the logs generated. 
 
STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Please download Farbar Recovery Scan Tool (x64) and save the file to your desktop.
  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your desktop. Copy the contents of both logs and paste in your next reply. 
     

STEP 2
aA7bkRO.png aswMBR

  • Please download aswMBR and save the file to your desktop
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click aswMBR.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • If you are prompted to download the latest anti-virus definitions from avast!, click Yes.
  • Click the AV Scan: drop down box and click C:\.
  • Click Scan
  • Upon completion, you will see Scan finished successfully. Click Save log
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.

Note: Do NOT attempt to click Fix or FixMBR.
Note: A file (MBR.dat) will be created on your desktop. Do NOT click or delete it.
 

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • FRST.txt
  • Addition.txt
  • aswMBR log

  • 0

#4
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

Hi, Adam. Thank you for taking the time to help with my mother's computer (she's like 76 or something). Here we go...

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02
Ran by Donnapc (administrator) on DONNA on 30-06-2014 11:08:05
Running from C:\Users\Donnapc\Desktop
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-06-04] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ToolboxFX] => C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe [58936 2010-10-25] (Hewlett-Packard Company)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3730426596-1190900839-1826073975-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [457728 2014-03-18] (Microsoft Corporation)
HKU\S-1-5-21-3730426596-1190900839-1826073975-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-05-14] (Glarysoft Ltd)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-23]
CHR Extension: (Google Drive) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-23]
CHR Extension: (Google Search) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-23]
CHR Extension: (AdBlock) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-04]
CHR Extension: (Google Wallet) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-23]
CHR Extension: (Gmail) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-23]
CHR Extension: (Send Link by Email or Gmail) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2014-06-02]

==================== Services (Whitelisted) =================

R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9954096 2014-03-27] (DisplayLink Corp.)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-25] (HP) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2014-06-04] (IDT, Inc.) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-05-31] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-05-31] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-05-14] (Glarysoft Ltd)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DisplayLinkUsbIo_x64; C:\Windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.5.54609.0.sys [46384 2014-03-31] ()
R0 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20672 2014-05-23] (Glarysoft Ltd)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-05-31] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-30 11:08 - 2014-06-30 11:08 - 00012636 _____ () C:\Users\Donnapc\Desktop\FRST.txt
2014-06-30 11:07 - 2014-06-30 11:08 - 00000000 ____D () C:\FRST
2014-06-30 11:06 - 2014-06-30 11:06 - 02083328 _____ (Farbar) C:\Users\Donnapc\Desktop\FRST64.exe
2014-06-30 11:02 - 2014-06-30 11:02 - 00001162 _____ () C:\Users\Donnapc\Desktop\Live PC Help.lnk
2014-06-30 09:12 - 2014-06-30 09:12 - 04862664 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2014-06-30 09:12 - 2014-06-30 09:12 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-30 09:07 - 2014-06-30 17:55 - 00020328 _____ (Systweak Inc., (www.systweak.com)) C:\WINDOWS\system32\roboot64.exe
2014-06-30 09:07 - 2014-06-30 11:03 - 00000000 ____D () C:\Users\Donnapc\AppData\Roaming\Systweak
2014-06-30 09:07 - 2014-06-30 11:03 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-06-30 09:07 - 2014-06-30 09:07 - 00000000 ____D () C:\Users\Donnapc\AppData\Roaming\amazon
2014-06-30 09:05 - 2014-06-30 09:05 - 04489040 _____ (Systweak Inc ) C:\Users\Donnapc\Downloads\rcp_dcomnew_sec_728.exe
2014-06-29 17:03 - 2014-06-29 17:03 - 00085256 _____ () C:\Users\Donnapc\Desktop\Extras.Txt
2014-06-29 17:02 - 2014-06-29 17:02 - 00121506 _____ () C:\Users\Donnapc\Desktop\OTL.Txt
2014-06-29 16:57 - 2014-06-29 16:57 - 00602112 _____ (OldTimer Tools) C:\Users\Donnapc\Desktop\OTL.exe
2014-06-28 09:12 - 2014-06-28 09:12 - 00002919 _____ () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Microsoft Office Publisher 2007.lnk
2014-06-28 08:36 - 2014-06-28 08:36 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-20 20:00 - 2014-06-20 20:01 - 111107408 _____ (Apple Inc.) C:\Users\Donnapc\Downloads\iTunesSetup.exe
2014-06-20 19:54 - 2014-06-20 19:55 - 112616784 _____ (Apple Inc.) C:\Users\Donnapc\Downloads\iTunes64Setup.exe
2014-06-16 16:26 - 2014-06-16 16:26 - 00001376 _____ () C:\Users\Donnapc\Desktop\Photo Gallery.lnk
2014-06-11 16:20 - 2014-06-13 23:45 - 00000356 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForDONNA$.job
2014-06-11 16:20 - 2014-06-11 16:20 - 00003192 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForDONNA$
2014-06-11 12:55 - 2014-06-11 12:55 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-06-11 12:40 - 2014-05-30 03:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-11 12:40 - 2014-05-30 02:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-11 12:40 - 2014-05-30 02:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 12:40 - 2014-05-30 02:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 12:40 - 2014-05-30 02:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-11 12:40 - 2014-05-30 02:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-11 12:40 - 2014-05-30 02:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 12:40 - 2014-05-30 01:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-11 12:40 - 2014-05-30 01:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-11 12:40 - 2014-05-30 01:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 12:40 - 2014-05-30 01:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-11 12:40 - 2014-05-30 01:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 12:40 - 2014-05-30 01:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-11 12:40 - 2014-05-30 01:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 12:40 - 2014-05-30 01:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-11 12:40 - 2014-05-30 01:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-11 12:40 - 2014-05-30 01:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-11 12:40 - 2014-05-30 01:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-11 12:40 - 2014-05-30 00:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-11 12:40 - 2014-05-30 00:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-11 12:40 - 2014-05-30 00:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-11 12:40 - 2014-05-30 00:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-11 12:40 - 2014-05-30 00:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-11 12:40 - 2014-05-30 00:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-11 12:40 - 2014-05-30 00:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-11 12:40 - 2014-05-30 00:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-11 12:40 - 2014-05-30 00:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-11 12:40 - 2014-05-30 00:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 12:40 - 2014-05-30 00:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-11 12:40 - 2014-02-06 04:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 12:40 - 2014-02-06 04:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 12:40 - 2014-02-06 04:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 12:40 - 2014-02-06 03:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 12:40 - 2014-02-06 03:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 12:40 - 2014-02-06 03:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 12:40 - 2014-02-06 03:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 12:40 - 2014-02-06 03:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 12:40 - 2014-02-06 02:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 12:40 - 2014-02-06 02:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 12:40 - 2014-02-06 02:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 12:40 - 2014-02-06 02:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 12:39 - 2014-05-18 23:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 12:39 - 2014-05-18 23:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 12:39 - 2014-05-18 22:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 12:39 - 2014-05-09 20:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 12:39 - 2014-05-09 20:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 12:39 - 2014-05-08 16:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 12:39 - 2014-05-04 21:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 12:39 - 2014-05-03 00:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-11 12:39 - 2014-05-02 21:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 12:39 - 2014-05-02 21:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 12:39 - 2014-05-02 20:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-11 12:39 - 2014-05-02 20:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-11 12:39 - 2014-05-01 06:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 12:39 - 2014-05-01 06:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 12:39 - 2014-05-01 00:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 12:39 - 2014-05-01 00:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 12:39 - 2014-04-30 23:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 12:39 - 2014-04-30 22:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 12:39 - 2014-04-30 04:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 12:39 - 2014-04-29 21:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 12:39 - 2014-04-29 21:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 12:39 - 2014-04-29 20:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 12:39 - 2014-04-29 20:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 12:39 - 2014-04-03 00:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 12:39 - 2014-04-03 00:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-04 16:46 - 2014-06-04 16:45 - 02213376 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2014-06-04 16:46 - 2014-06-04 16:45 - 00697856 _____ (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2014-06-04 16:46 - 2014-06-04 16:45 - 00551936 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2014-06-04 16:46 - 2014-06-04 16:45 - 00256000 _____ (IDT, Inc.) C:\WINDOWS\system32\st646491.dll
2014-06-04 16:45 - 2014-06-04 16:46 - 00000000 ____D () C:\Program Files\IDT
2014-06-04 16:45 - 2014-06-04 16:45 - 00207048 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAC64.dll
2014-06-04 16:44 - 2014-06-04 16:44 - 00942080 _____ () C:\WINDOWS\system32\AmRdrIco.icl
2014-06-04 16:44 - 2014-06-04 16:44 - 00083224 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\Drivers\AmUStor.sys
2014-06-04 16:44 - 2014-06-04 16:44 - 00021784 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\AmUStor.dll
2014-06-04 16:44 - 2014-06-04 16:44 - 00004435 _____ () C:\WINDOWS\system32\AmUStor.ini
2014-06-04 16:44 - 2014-06-04 16:44 - 00000640 _____ () C:\WINDOWS\system32\VendorCmd0.bin
2014-06-04 16:44 - 2014-06-04 16:44 - 00000008 _____ () C:\WINDOWS\system32\CardDetect.bin
2014-06-04 16:44 - 2014-06-04 16:44 - 00000000 ____D () C:\ProgramData\AmUStor
2014-06-04 16:44 - 2014-06-04 16:44 - 00000000 ____D () C:\Program Files (x86)\AmUStor
2014-06-02 22:42 - 2014-06-02 22:42 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-06-02 21:24 - 2014-06-02 21:24 - 00035315 _____ () C:\Users\Donnapc\Downloads\Retreat Registrations 2014 (17).xlsx
2014-06-02 21:17 - 2014-03-27 10:53 - 00389936 _____ (DisplayLink Corp.) C:\WINDOWS\system32\Drivers\dlkmd.sys
2014-06-02 21:17 - 2014-03-27 10:53 - 00017200 _____ (DisplayLink Corp.) C:\WINDOWS\system32\Drivers\dlkmdldr.sys
2014-06-01 20:04 - 2014-06-01 20:04 - 00000000 __SHD () C:\Users\Donnapc\AppData\Local\EmieUserList
2014-06-01 20:04 - 2014-06-01 20:04 - 00000000 __SHD () C:\Users\Donnapc\AppData\Local\EmieSiteList
2014-06-01 13:49 - 2014-06-25 20:56 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-01 13:42 - 2014-06-01 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-01 13:41 - 2014-06-01 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2014-06-01 13:41 - 2014-06-01 13:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-01 13:41 - 2014-05-12 08:05 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-06-01 13:41 - 2014-05-12 08:05 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-06-01 13:40 - 2014-06-01 13:40 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-06-01 13:40 - 2014-06-01 13:40 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-06-01 13:40 - 2014-06-01 13:40 - 00000000 ____D () C:\Program Files\Java
2014-06-01 13:40 - 2014-06-01 13:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-01 13:39 - 2014-06-01 13:39 - 00265752 _____ (Secure By Design Inc.) C:\Users\Donnapc\Downloads\Ninite Classic Start Glary Java Installer.exe
2014-06-01 10:28 - 2014-06-01 10:28 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-06-01 10:27 - 2014-06-30 10:20 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2FB23BE9-8C7D-4C0C-9517-E850AAAB0A35}
2014-06-01 10:27 - 2014-06-01 10:27 - 00001448 _____ () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-01 10:27 - 2014-06-01 10:27 - 00000020 ___SH () C:\Users\Donnapc\ntuser.ini
2014-05-31 21:16 - 2014-06-02 00:00 - 00000000 ___DC () C:\WINDOWS\Panther
2014-05-31 21:16 - 2014-05-31 21:16 - 00000000 __SHD () C:\Recovery
2014-05-31 21:14 - 2014-05-31 21:14 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-31 21:14 - 2014-05-31 21:14 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-31 21:13 - 2014-05-31 21:13 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-05-31 21:13 - 2014-05-31 21:13 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-05-31 21:13 - 2014-05-31 21:13 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-05-31 21:13 - 2014-05-31 21:13 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-05-31 21:13 - 2014-05-31 21:13 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-05-31 21:13 - 2014-05-31 21:13 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-05-31 21:13 - 2014-05-31 21:13 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-05-31 21:13 - 2014-05-31 21:13 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-05-31 21:13 - 2014-05-31 21:13 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-05-31 21:13 - 2014-05-31 21:13 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-05-31 21:13 - 2014-05-31 21:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-05-31 21:13 - 2014-05-31 21:13 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-31 21:11 - 2014-05-31 21:11 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-31 21:11 - 2014-05-31 21:11 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-31 21:11 - 2014-05-31 21:11 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-31 21:10 - 2014-05-31 21:10 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-31 21:10 - 2014-05-31 21:10 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-05-31 21:10 - 2014-05-31 21:10 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-31 21:10 - 2014-05-31 21:10 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-31 21:10 - 2014-05-31 21:10 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-05-31 21:09 - 2014-05-31 21:09 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-05-31 21:09 - 2014-05-31 21:09 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-05-31 21:07 - 2014-05-31 21:07 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-05-31 21:04 - 2014-05-31 21:04 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-05-31 21:04 - 2014-05-31 21:04 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-05-31 21:04 - 2014-05-31 21:04 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-05-31 21:04 - 2014-05-31 21:04 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-31 21:04 - 2014-05-31 21:04 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-05-31 21:04 - 2014-05-31 21:04 - 00000000 ____D () C:\inetpub
2014-05-31 21:04 - 2014-05-31 20:28 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-05-31 21:04 - 2013-08-02 21:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-05-31 21:04 - 2013-08-02 21:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-31 21:04 - 2013-08-02 21:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-05-31 21:04 - 2013-08-02 21:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-05-31 21:04 - 2013-08-02 21:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-31 21:04 - 2013-08-02 21:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-05-31 20:33 - 2014-06-18 02:04 - 01266936 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-31 20:32 - 2014-05-31 20:32 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-05-31 20:26 - 2014-05-31 20:26 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-31 20:26 - 2014-05-31 20:26 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-05-31 20:26 - 2014-05-31 20:26 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-31 20:26 - 2014-05-31 20:26 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-05-31 20:26 - 2014-05-31 20:26 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-31 20:23 - 2014-05-31 20:23 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-05-31 20:22 - 2014-06-10 18:06 - 00000000 ____D () C:\Users\Donnapc
2014-05-31 20:22 - 2014-05-31 20:32 - 00026673 _____ () C:\WINDOWS\diagwrn.xml
2014-05-31 20:22 - 2014-05-31 20:32 - 00026673 _____ () C:\WINDOWS\diagerr.xml
2014-05-31 20:22 - 2014-05-31 20:23 - 00000000 ___RD () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-31 20:22 - 2014-05-31 20:23 - 00000000 ___RD () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-31 20:22 - 2014-03-18 03:13 - 00000369 _____ () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-05-31 20:22 - 2014-03-18 03:13 - 00000369 _____ () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-05-31 20:22 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-31 20:22 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-31 20:20 - 2014-05-31 20:20 - 00930400 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-05-31 20:19 - 2014-05-31 20:23 - 00012096 _____ () C:\WINDOWS\iis.log
2014-05-31 20:18 - 2014-05-31 20:18 - 00001350 _____ () C:\WINDOWS\system32\RaCoInst.log
2014-05-31 20:18 - 2014-05-31 20:18 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-05-31 20:18 - 2014-05-31 20:18 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-05-31 20:18 - 2014-05-31 20:18 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-05-31 19:38 - 2014-05-31 20:32 - 00006611 _____ () C:\WINDOWS\comsetup.log
2014-05-31 13:48 - 2014-05-31 13:48 - 00265752 _____ (Secure By Design Inc.) C:\Users\Donnapc\Downloads\Ninite Malwarebytes Spybot 2 Installer (1).exe

==================== One Month Modified Files and Folders =======

2014-06-30 17:55 - 2014-06-30 09:07 - 00020328 _____ (Systweak Inc., (www.systweak.com)) C:\WINDOWS\system32\roboot64.exe
2014-06-30 11:08 - 2014-06-30 11:08 - 00012636 _____ () C:\Users\Donnapc\Desktop\FRST.txt
2014-06-30 11:08 - 2014-06-30 11:07 - 00000000 ____D () C:\FRST
2014-06-30 11:08 - 2013-11-12 18:19 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3730426596-1190900839-1826073975-1001
2014-06-30 11:06 - 2014-06-30 11:06 - 02083328 _____ (Farbar) C:\Users\Donnapc\Desktop\FRST64.exe
2014-06-30 11:03 - 2014-06-30 09:07 - 00000000 ____D () C:\Users\Donnapc\AppData\Roaming\Systweak
2014-06-30 11:03 - 2014-06-30 09:07 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-06-30 11:02 - 2014-06-30 11:02 - 00001162 _____ () C:\Users\Donnapc\Desktop\Live PC Help.lnk
2014-06-30 11:02 - 2013-11-19 18:22 - 00000000 ____D () C:\Users\Donnapc\AppData\Roaming\ClassicShell
2014-06-30 11:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-30 10:20 - 2014-06-01 10:27 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2FB23BE9-8C7D-4C0C-9517-E850AAAB0A35}
2014-06-30 09:12 - 2014-06-30 09:12 - 04862664 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2014-06-30 09:12 - 2014-06-30 09:12 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-30 09:07 - 2014-06-30 09:07 - 00000000 ____D () C:\Users\Donnapc\AppData\Roaming\amazon
2014-06-30 09:05 - 2014-06-30 09:05 - 04489040 _____ (Systweak Inc ) C:\Users\Donnapc\Downloads\rcp_dcomnew_sec_728.exe
2014-06-30 05:39 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-29 17:03 - 2014-06-29 17:03 - 00085256 _____ () C:\Users\Donnapc\Desktop\Extras.Txt
2014-06-29 17:02 - 2014-06-29 17:02 - 00121506 _____ () C:\Users\Donnapc\Desktop\OTL.Txt
2014-06-29 16:57 - 2014-06-29 16:57 - 00602112 _____ (OldTimer Tools) C:\Users\Donnapc\Desktop\OTL.exe
2014-06-28 09:14 - 2014-02-08 14:30 - 00030208 ___SH () C:\Users\Donnapc\Desktop\Thumbs.db
2014-06-28 09:13 - 2013-11-19 18:20 - 00000000 ____D () C:\Users\Donnapc\AppData\Local\Paint.NET
2014-06-28 09:12 - 2014-06-28 09:12 - 00002919 _____ () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Microsoft Office Publisher 2007.lnk
2014-06-28 08:40 - 2013-08-22 07:46 - 00301284 _____ () C:\WINDOWS\setupact.log
2014-06-28 08:36 - 2014-06-28 08:36 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-25 20:56 - 2014-06-01 13:49 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-25 20:55 - 2014-05-23 08:48 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-06-24 21:53 - 2013-11-19 18:18 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-24 14:53 - 2013-11-19 18:18 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-20 20:01 - 2014-06-20 20:00 - 111107408 _____ (Apple Inc.) C:\Users\Donnapc\Downloads\iTunesSetup.exe
2014-06-20 19:55 - 2014-06-20 19:54 - 112616784 _____ (Apple Inc.) C:\Users\Donnapc\Downloads\iTunes64Setup.exe
2014-06-18 02:04 - 2014-05-31 20:33 - 01266936 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-17 10:25 - 2013-11-26 14:32 - 00000000 ____D () C:\Users\Donnapc\AppData\Local\Windows Live
2014-06-17 06:28 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-16 16:26 - 2014-06-16 16:26 - 00001376 _____ () C:\Users\Donnapc\Desktop\Photo Gallery.lnk
2014-06-16 16:19 - 2014-03-18 03:03 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-15 14:59 - 2014-05-23 18:34 - 00000348 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2014-06-15 14:52 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-15 14:52 - 2013-08-22 06:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-06-14 10:47 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-14 09:48 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-13 23:45 - 2014-06-11 16:20 - 00000356 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForDONNA$.job
2014-06-13 23:18 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-11 16:21 - 2013-11-13 22:21 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-06-11 16:20 - 2014-06-11 16:20 - 00003192 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForDONNA$
2014-06-11 16:20 - 2013-11-13 22:21 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-06-11 12:57 - 2013-11-17 16:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 12:56 - 2013-11-14 17:22 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-11 12:56 - 2013-11-14 17:22 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-11 12:55 - 2014-06-11 12:55 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-06-11 12:55 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-10 18:06 - 2014-05-31 20:22 - 00000000 ____D () C:\Users\Donnapc
2014-06-08 16:16 - 2013-11-17 21:46 - 00000000 ____D () C:\Users\Donnapc\Documents\Donna File
2014-06-04 16:46 - 2014-06-04 16:45 - 00000000 ____D () C:\Program Files\IDT
2014-06-04 16:45 - 2014-06-04 16:46 - 02213376 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2014-06-04 16:45 - 2014-06-04 16:46 - 00697856 _____ (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2014-06-04 16:45 - 2014-06-04 16:46 - 00551936 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2014-06-04 16:45 - 2014-06-04 16:46 - 00256000 _____ (IDT, Inc.) C:\WINDOWS\system32\st646491.dll
2014-06-04 16:45 - 2014-06-04 16:45 - 00207048 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAC64.dll
2014-06-04 16:45 - 2013-03-21 09:49 - 06101504 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2014-06-04 16:45 - 2013-03-21 09:49 - 01897984 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2014-06-04 16:45 - 2013-03-21 09:49 - 01703424 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2014-06-04 16:45 - 2012-10-11 20:24 - 00000000 ____D () C:\SWSETUP
2014-06-04 16:44 - 2014-06-04 16:44 - 00942080 _____ () C:\WINDOWS\system32\AmRdrIco.icl
2014-06-04 16:44 - 2014-06-04 16:44 - 00083224 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\Drivers\AmUStor.sys
2014-06-04 16:44 - 2014-06-04 16:44 - 00021784 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\AmUStor.dll
2014-06-04 16:44 - 2014-06-04 16:44 - 00004435 _____ () C:\WINDOWS\system32\AmUStor.ini
2014-06-04 16:44 - 2014-06-04 16:44 - 00000640 _____ () C:\WINDOWS\system32\VendorCmd0.bin
2014-06-04 16:44 - 2014-06-04 16:44 - 00000008 _____ () C:\WINDOWS\system32\CardDetect.bin
2014-06-04 16:44 - 2014-06-04 16:44 - 00000000 ____D () C:\ProgramData\AmUStor
2014-06-04 16:44 - 2014-06-04 16:44 - 00000000 ____D () C:\Program Files (x86)\AmUStor
2014-06-04 16:44 - 2013-03-21 09:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-03 10:44 - 2013-11-18 19:51 - 00000000 ____D () C:\Users\Donnapc\Documents\Aglow stuff
2014-06-02 22:59 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-06-02 22:42 - 2014-06-02 22:42 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-06-02 21:24 - 2014-06-02 21:24 - 00035315 _____ () C:\Users\Donnapc\Downloads\Retreat Registrations 2014 (17).xlsx
2014-06-02 20:15 - 2013-11-12 18:11 - 00000000 ____D () C:\Users\Donnapc\AppData\Local\Packages
2014-06-02 20:06 - 2013-11-12 18:20 - 00000000 ____D () C:\Program Files\DisplayLink Core Software
2014-06-02 00:00 - 2014-05-31 21:16 - 00000000 ___DC () C:\WINDOWS\Panther
2014-06-01 20:06 - 2013-11-17 21:56 - 00127568 _____ () C:\Users\Donnapc\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-01 20:05 - 2013-12-07 18:32 - 00000484 _____ () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Outlook.website
2014-06-01 20:04 - 2014-06-01 20:04 - 00000000 __SHD () C:\Users\Donnapc\AppData\Local\EmieUserList
2014-06-01 20:04 - 2014-06-01 20:04 - 00000000 __SHD () C:\Users\Donnapc\AppData\Local\EmieSiteList
2014-06-01 14:52 - 2014-02-03 16:57 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-01 13:42 - 2014-06-01 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-01 13:42 - 2014-02-08 13:41 - 00001409 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-01 13:42 - 2014-02-08 13:41 - 00001397 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-01 13:42 - 2014-02-08 13:41 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-01 13:42 - 2014-02-08 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-01 13:42 - 2014-02-03 16:57 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-01 13:42 - 2014-02-03 16:08 - 00000000 ____D () C:\Users\Donnapc\AppData\Roaming\Malwarebytes
2014-06-01 13:42 - 2014-02-03 16:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 13:41 - 2014-06-01 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2014-06-01 13:41 - 2014-06-01 13:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-01 13:41 - 2013-12-01 15:00 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-01 13:41 - 2013-11-19 18:20 - 00000000 ____D () C:\Program Files\Classic Shell
2014-06-01 13:40 - 2014-06-01 13:40 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-06-01 13:40 - 2014-06-01 13:40 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-06-01 13:40 - 2014-06-01 13:40 - 00000000 ____D () C:\Program Files\Java
2014-06-01 13:40 - 2014-06-01 13:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-01 13:39 - 2014-06-01 13:39 - 00265752 _____ (Secure By Design Inc.) C:\Users\Donnapc\Downloads\Ninite Classic Start Glary Java Installer.exe
2014-06-01 10:28 - 2014-06-01 10:28 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-06-01 10:27 - 2014-06-01 10:27 - 00001448 _____ () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-01 10:27 - 2014-06-01 10:27 - 00000020 ___SH () C:\Users\Donnapc\ntuser.ini
2014-05-31 21:16 - 2014-05-31 21:16 - 00000000 __SHD () C:\Recovery
2014-05-31 21:15 - 2013-08-22 08:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-05-31 21:14 - 2014-05-31 21:14 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-31 21:14 - 2014-05-31 21:14 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-31 21:13 - 2014-05-31 21:13 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-05-31 21:13 - 2014-05-31 21:13 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-05-31 21:13 - 2014-05-31 21:13 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-05-31 21:13 - 2014-05-31 21:13 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-05-31 21:13 - 2014-05-31 21:13 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-05-31 21:13 - 2014-05-31 21:13 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-05-31 21:13 - 2014-05-31 21:13 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-05-31 21:13 - 2014-05-31 21:13 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-05-31 21:13 - 2014-05-31 21:13 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-05-31 21:13 - 2014-05-31 21:13 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-05-31 21:13 - 2014-05-31 21:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-05-31 21:13 - 2014-05-31 21:13 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-05-31 21:13 - 2014-05-31 21:13 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-05-31 21:13 - 2014-05-31 21:13 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-05-31 21:13 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-05-31 21:11 - 2014-05-31 21:11 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-31 21:11 - 2014-05-31 21:11 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-31 21:11 - 2014-05-31 21:11 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-31 21:11 - 2014-05-31 21:11 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-31 21:11 - 2014-05-31 21:11 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-31 21:11 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-31 21:10 - 2014-05-31 21:10 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-31 21:10 - 2014-05-31 21:10 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-05-31 21:10 - 2014-05-31 21:10 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-31 21:10 - 2014-05-31 21:10 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-31 21:10 - 2014-05-31 21:10 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-31 21:10 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-31 21:10 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-31 21:10 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-31 21:10 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-31 21:09 - 2014-05-31 21:09 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-05-31 21:09 - 2014-05-31 21:09 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-05-31 21:09 - 2014-05-31 21:09 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-05-31 21:09 - 2014-05-31 21:09 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-05-31 21:09 - 2014-05-31 21:09 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-05-31 21:09 - 2014-05-31 21:09 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-05-31 21:09 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-05-31 21:09 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-05-31 21:09 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-05-31 21:07 - 2014-05-31 21:07 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-05-31 21:04 - 2014-05-31 21:04 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-05-31 21:04 - 2014-05-31 21:04 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-05-31 21:04 - 2014-05-31 21:04 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-05-31 21:04 - 2014-05-31 21:04 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-05-31 21:04 - 2014-05-31 21:04 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-31 21:04 - 2014-05-31 21:04 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-05-31 21:04 - 2014-05-31 21:04 - 00000000 ____D () C:\inetpub
2014-05-31 20:33 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-05-31 20:32 - 2014-05-31 20:32 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-05-31 20:32 - 2014-05-31 20:22 - 00026673 _____ () C:\WINDOWS\diagwrn.xml
2014-05-31 20:32 - 2014-05-31 20:22 - 00026673 _____ () C:\WINDOWS\diagerr.xml
2014-05-31 20:32 - 2014-05-31 19:38 - 00006611 _____ () C:\WINDOWS\comsetup.log
2014-05-31 20:31 - 2013-08-22 08:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-05-31 20:31 - 2013-08-22 08:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-05-31 20:28 - 2014-05-31 21:04 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-05-31 20:28 - 2014-05-23 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-05-31 20:28 - 2014-03-18 02:45 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-05-31 20:28 - 2013-12-28 16:34 - 00000000 ____D () C:\WINDOWS\en
2014-05-31 20:28 - 2013-12-08 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-31 20:28 - 2013-11-25 21:36 - 00000000 ____D () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CrossLoop
2014-05-31 20:28 - 2013-11-23 20:28 - 00000000 ____D () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft IE PassView
2014-05-31 20:28 - 2013-11-19 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-31 20:28 - 2013-11-19 18:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-31 20:28 - 2013-11-19 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-31 20:28 - 2013-11-18 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 4.0
2014-05-31 20:28 - 2013-11-18 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySoftware
2014-05-31 20:28 - 2013-11-17 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-05-31 20:28 - 2013-11-17 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-05-31 20:28 - 2013-08-22 07:44 - 00486992 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-31 20:28 - 2013-03-21 10:00 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-05-31 20:28 - 2013-03-21 09:56 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-05-31 20:26 - 2014-05-31 20:26 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-31 20:26 - 2014-05-31 20:26 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-05-31 20:26 - 2014-05-31 20:26 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-05-31 20:26 - 2014-05-31 20:26 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-05-31 20:26 - 2014-05-31 20:26 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-05-31 20:26 - 2014-03-18 02:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-05-31 20:26 - 2014-03-18 02:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-05-31 20:26 - 2014-03-18 02:32 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-05-31 20:26 - 2013-11-19 18:20 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-05-31 20:26 - 2013-08-22 08:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-05-31 20:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-05-31 20:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-05-31 20:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-05-31 20:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-05-31 20:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-05-31 20:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-05-31 20:26 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-05-31 20:26 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-05-31 20:26 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-05-31 20:26 - 2012-07-25 22:37 - 00000000 ____D () C:\Users\Default.migrated
2014-05-31 20:25 - 2013-11-18 23:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stamps.com Internet Postage
2014-05-31 20:25 - 2013-08-22 08:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-05-31 20:25 - 2013-08-22 08:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-05-31 20:25 - 2013-08-22 08:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-05-31 20:25 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Help
2014-05-31 20:25 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-31 20:25 - 2013-03-21 09:57 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2014-05-31 20:25 - 2012-08-10 16:52 - 00000000 ____D () C:\ProgramData\PRICache
2014-05-31 20:23 - 2014-05-31 20:23 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-05-31 20:23 - 2014-05-31 20:22 - 00000000 ___RD () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-31 20:23 - 2014-05-31 20:22 - 00000000 ___RD () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-31 20:23 - 2014-05-31 20:19 - 00012096 _____ () C:\WINDOWS\iis.log
2014-05-31 20:23 - 2014-01-20 18:39 - 00000000 ____D () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2014-05-31 20:23 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-05-31 20:20 - 2014-05-31 20:20 - 00930400 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-05-31 20:19 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-05-31 20:18 - 2014-05-31 20:18 - 00001350 _____ () C:\WINDOWS\system32\RaCoInst.log
2014-05-31 20:18 - 2014-05-31 20:18 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-05-31 20:18 - 2014-05-31 20:18 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-05-31 20:18 - 2014-05-31 20:18 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-05-31 20:17 - 2014-03-18 02:54 - 00000796 _____ () C:\WINDOWS\PFRO.log
2014-05-31 20:17 - 2013-08-22 06:36 - 00000000 __RHD () C:\Users\Default
2014-05-31 19:58 - 2013-11-12 18:11 - 01307805 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-05-31 19:27 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-05-31 13:48 - 2014-05-31 13:48 - 00265752 _____ (Secure By Design Inc.) C:\Users\Donnapc\Downloads\Ninite Malwarebytes Spybot 2 Installer (1).exe

Some content of TEMP:
====================
C:\Users\Donnapc\AppData\Local\Temp\paint.net.4.0.install.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-25 03:40

==================== End Of Log ============================


Edited by cloroxmartini, 30 June 2014 - 12:26 PM.

  • 0

#5
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02
Ran by Donnapc at 2014-06-30 11:08:48
Running from C:\Users\Donnapc\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Acrobat 4.0 (HKLM-x32\...\Adobe Acrobat 4.0) (Version: 4.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver  (x32 Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{CC6CCF1E-F361-910A-E41D-EB5176F1255C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Wireless Display v3.0 (Version: 1.0.0.13 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{3FA365DF-2D68-45ED-8F83-8C8A33E65143}) (Version: 1.1.0 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CrossLoop 2.82 (HKLM-x32\...\CrossLoop_is1) (Version: 2.82 - CrossLoop, Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2.5630 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.2.5630 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.2.2114 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.2.2114 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.2.3317 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2126 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.2.2126 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2126 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.2.2126 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.8.5511 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayLink Core Software (HKLM\...\{4049FB01-BA71-44DB-AC12-AAC479087CE1}) (Version: 7.5.54609.0 - DisplayLink Corp.)
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version:  - ) <==== ATTENTION
Glary Utilities 5.0 (HKLM-x32\...\Glary Utilities 5) (Version: 5.0.0.1 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\{51020C27-7422-3FBE-9480-4CB1CCC8E2CC}) (Version: 65.156.32827 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 112) hp - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP LaserJet Professional CP1520 Series (HKLM-x32\...\{5C069542-CA13-4f1b-B90C-28C6430F4992}) (Version:  - Hewlett-Packard)
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPLaserJetHelp_LearnCenter (HKLM-x32\...\{E15C68A1-9CA5-44AC-A7F7-6C0673F196A8}) (Version: 1.02.0000 - Hewlett-Packard)
HPLJUT (x32 Version: 1.00.0012 - HP) Hidden
hppCP1520LaserJetService (x32 Version: 001.008.00477 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 002.015.00599 - Hewlett-Packard) Hidden
hppTLBXFXCP1520 (x32 Version: 001.012.00948 - Hewlett-Packard) Hidden
hpzTLBXFX (x32 Version: 006.015.01163 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyMailList & AddressBook 5.0.3.2 (HKLM-x32\...\{7A15E1CA-6ED9-11D4-970E-00A0CC3F8931}) (Version:  - )
NirSoft IE PassView (HKLM-x32\...\NirSoft IE PassView) (Version:  - )
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}) (Version: 7.65.17.80 - Apple Inc.)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Recovery Manager (x32 Version: 5.5.0.5826 - CyberLink Corp.) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
Stamps.com Internet Postage (HKLM-x32\...\Stamps.com Internet Postage) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

11-06-2014 19:54:48 Windows Update
30-06-2014 12:42:39 Scheduled Checkpoint

==================== Hosts content: ==========================

2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00E47A7B-F331-4599-ADF7-14F91365F5A6} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {029FAAB5-4ECD-4F4E-9377-97BABA7DBF7B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {08798A8E-6982-4A84-A6D1-B2723DFC3C32} - System32\Tasks\HPCeeScheduleForDONNA$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D2BFD05-551E-4CB6-A3AC-DE7AAE00F213} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-05-14] (Glarysoft Ltd)
Task: {103D74B9-23F3-48F2-B5AE-AD1B2B86213F} - System32\Tasks\GU4SkipUAC => C:\Program Files (x86)\Glary Utilities 4\Integrator.exe
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {28C3D971-5CC4-4AA3-957E-DBAA85CFDCE0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {299E95C5-7668-47AE-A284-5B3CF462500A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4355738B-987C-4835-9931-60B7FDB8CC87} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {51DBE52F-920B-4A71-A71B-D54A16E83002} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {574B1B9E-FC17-4F24-9CBC-5CE9E5A0D65F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CNBF254797 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6D11FE6B-4459-4A20-AD0E-DD0986A7052A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN22O3BD6H => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {7384D3F0-A8CF-44AC-AFF8-C95CCA2DC7B9} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22] (Hewlett Packard)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7ACB2E69-083E-4A15-B908-3FE0037CFCFA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19] (Google Inc.)
Task: {7D665F41-5B61-4B73-A20E-13A32DA3B844} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8AD59C82-65E7-48E0-A31D-506EECCBD433} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {97A8FE72-1967-47AE-B697-ED1BB907E054} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A6E3378A-315C-4E14-8E7D-863108A36750} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A7F20BD8-8924-467B-BE2C-21AB5D1ABC1C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {ADD6F339-33B3-4E12-97BE-27046933F99C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {BB5FAAFD-004E-4DE3-BF5D-0638C32CCC6B} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-05-14] (Glarysoft Ltd)
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {CA50E120-38EA-43CF-812C-CCCEFD3AA0CB} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F24E87BF-E65E-4A55-A683-723A56BA9A4B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {F3F01731-8B4A-4FE3-ABDD-8523E8151E13} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-11] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForDONNA$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2012-10-12 17:22 - 2012-10-12 17:22 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-06-05 16:51 - 2013-06-05 16:51 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2014-06-02 10:29 - 2014-06-02 10:30 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\ErrorReporting.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Donnapc\Downloads\Change of Info Form For Area Team.eml:OECustomProperty
AlternateDataStreams: C:\Users\Donnapc\Downloads\Fw_ Matt Harding dances around the world.email.eml:OECustomProperty
AlternateDataStreams: C:\Users\Donnapc\Downloads\mime-attachment.eml:OECustomProperty
AlternateDataStreams: C:\Users\Donnapc\Downloads\RE Prayer Request.eml:OECustomProperty
AlternateDataStreams: C:\Users\Donnapc\Downloads\Word for 2014 from Doug Addison.eml:OECustomProperty
AlternateDataStreams: C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Outlook.website:TASKICON_0OLFavIE91284348923
AlternateDataStreams: C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Outlook.website:TASKICON_1OCalFavIE91545382048
AlternateDataStreams: C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Outlook.website:TASKICON_2PeopleFav-510560096
AlternateDataStreams: C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Outlook.website:TASKICON_3SkyDriveFav-324886575
AlternateDataStreams: C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Outlook.website:TASKICON_4OLFavIE91410631431

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/30/2014 10:41:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 25c8

Start Time: 01cf948983e337cf

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: d0ca7353-007d-11e4-bea9-78e3b5b85e87

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/30/2014 10:16:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 18b8

Start Time: 01cf9485e829082d

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 3512a630-007a-11e4-bea9-78e3b5b85e87

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/30/2014 09:46:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1c84

Start Time: 01cf9481b746a80e

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 0432a841-0076-11e4-bea9-78e3b5b85e87

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/30/2014 09:16:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 285c

Start Time: 01cf947d8662b95e

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: d3517a45-0071-11e4-bea9-78e3b5b85e87

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/30/2014 08:46:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 628

Start Time: 01cf9479557c19ef

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: a2691035-006d-11e4-bea9-78e3b5b85e87

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/30/2014 08:16:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: c40

Start Time: 01cf9475249ab6e9

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 71821a09-0069-11e4-bea9-78e3b5b85e87

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/30/2014 07:46:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 12d4

Start Time: 01cf9470f3b856be

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 409f924e-0065-11e4-bea9-78e3b5b85e87

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/30/2014 07:16:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2b20

Start Time: 01cf946cc2d5f699

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 0fc1f6d3-0061-11e4-bea9-78e3b5b85e87

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/30/2014 06:46:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 15e8

Start Time: 01cf946891f39667

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: dedd3451-005c-11e4-bea9-78e3b5b85e87

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/30/2014 06:16:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 185c

Start Time: 01cf94646111363f

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: adf871e8-0058-11e4-bea9-78e3b5b85e87

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

System errors:
=============
Error: (06/30/2014 11:08:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053

Error: (06/30/2014 11:08:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Group Policy Client service failed to start due to the following error:
%%1053

Error: (06/30/2014 11:07:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053

Error: (06/30/2014 11:07:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Error: (06/30/2014 11:07:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Error: (06/30/2014 11:07:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Error: (06/30/2014 11:07:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Error: (06/30/2014 11:07:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Error: (06/30/2014 11:07:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Error: (06/30/2014 11:07:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error:
%%1053

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-06-30 08:55:08.336
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-30 08:55:08.289
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-30 08:55:08.226
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-30 08:55:08.154
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-30 08:55:08.091
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-30 08:55:08.045
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-30 08:55:07.238
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-30 08:55:07.082
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-30 08:55:06.972
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-30 08:55:06.832
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Percentage of memory in use: 30%
Total physical RAM: 7575.29 MB
Available physical RAM: 5236.89 MB
Total Pagefile: 8183.29 MB
Available Pagefile: 5634.29 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.77 GB) (Free:878.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:10.83 GB) (Free:1.29 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 7A2964CB)

Partition: GPT Partition Type.

==================== End Of Log ============================


  • 0

#6
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

this is the first thing that popped up for aswMBR. Cancelled the process until we know it's safe...

 

rzFWe5Q.png


Edited by cloroxmartini, 30 June 2014 - 12:20 PM.

  • 0

#7
LiquidTension

LiquidTension

    Instructor

  • GeekU Moderator
  • 1,068 posts

Hi cloroxmartini,
 

Hi, Adam. Thank you for taking the time to help with my mother's computer (she's like 76 or something). Here we go...

You are more than welcome. smile.png
 

this is the first thing that popped up for aswMBR. Cancelled the process until we know it's safe...

Please click Yes and proceed with the instructions.


  • 0

#8
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-06-30 13:51:16
-----------------------------
13:51:16.671    OS Version: Windows x64 6.2.9200
13:51:16.671    Number of processors: 4 586 0x1001
13:51:16.671    ComputerName: DONNA  UserName:
13:51:17.593    Initialize success
13:51:17.593    VM: initialized successfully
13:51:17.609    VM: Amd CPU supported
13:51:19.468    VM: supported disk I/O storport.sys
13:51:48.717    AVAST engine defs: 14063000
13:53:04.502    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000025
13:53:04.502    Disk 0 Vendor: WDC_WD10EZEX-60ZF5A0 80.00A80 Size: 953869MB BusType: 11
13:53:04.612    Disk 0 MBR read successfully
13:53:04.612    Disk 0 MBR scan
13:53:04.643    Disk 0 unknown MBR code
13:53:04.659    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
13:53:04.721    Disk 0 scanning C:\WINDOWS\system32\drivers
13:53:16.393    Service scanning
13:53:39.315    Modules scanning
13:53:39.331    Disk 0 trace - called modules:
13:53:39.362   
13:53:40.393    AVAST engine scan C:\WINDOWS
13:53:42.956    AVAST engine scan C:\WINDOWS\system32
13:57:19.393    AVAST engine scan C:\WINDOWS\system32\drivers
13:57:51.909    AVAST engine scan C:\Users\Donnapc
14:07:19.722    AVAST engine scan C:\ProgramData
14:08:28.050    Scan finished successfully
14:12:20.159    Disk 0 MBR has been saved successfully to "C:\Users\Donnapc\Desktop\MBR.dat"
14:12:20.159    The log file has been saved successfully to "C:\Users\Donnapc\Desktop\aswMBR.txt"

 


  • 0

#9
LiquidTension

LiquidTension

    Instructor

  • GeekU Moderator
  • 1,068 posts

Hi cloroxmartini,
 
Please consider the following suggestion:
 

goGMWSt.gifSpybot S&D No Longer Recommended

------------------------------

MVPS.org is no longer recommending Spybot S&D due to poor testing results (scroll down and read under Freeware Antispyware Products).

I would strongly advise uninstalling Spybot S&D. The presence of this programme can make the cleaning of your computer more difficult. You can uninstall the programme by:

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for Spybot, right-click the entry and click Uninstall.
Please inform me of your decision.

 
 
Did you install, and do you use the following software?

  • CrossLoop 2.82

Did you set, and do you use the following IE default page and searchscopes?

  • Bing
  • MSN
     

STEP 1
nWhGEI3.png VirusTotal Upload

  • Please go to VirusTotal.com.
  • Click Choose File and locate the following file:
    • C:\Users\Donnapc\Desktop\MBR.dat
  • Click Scan it!.
  • If you receive the following notification: File already analysed click Reanalyse.
  • Once the file has been analyzed, copy the page URL at the top of the window and paste in your next reply. 
     

======================================================

STEP 2
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Did you uninstall Spybot?
  • Do you use CrossLoop?
  • Do you use Bing and MSN on IE?
  • VirusTotal Results

  • 0

#10
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

Uninstalled spybot.

 

CrossLoop is installed by choice for assistance from a trusted individual.

 

Bing and MSN are not used on IE. IE homepage is https://www.google.com/?gws_rd=ssl

 

https://www.virustot...sis/1404173516/


  • 0

Advertisements


#11
LiquidTension

LiquidTension

    Instructor

  • GeekU Moderator
  • 1,068 posts

Hello cloroxmartini,
 
Thank you for the report. Please proceed with the following:
 
STEP 1
6JO0hXH.png Revo Uninstaller

  • Please download and install Revo Uninstaller Free.
  • Double-click Revo Uninstaller to run the programme. 
  • From the list of programmes, locate the following, or anything similar and carry out the steps below one at a time.
    • DMUninstaller
  • Double-click the programme. 
  • When prompted if you want to uninstall click Yes.
  • Ensure the Moderate option is selected and click Next.
  • The programme will run. If prompted again click Yes.
  • Once the built-in uninstaller is finished click Next.
  • Once the programme has searched for leftovers click Next.
  • Check items in bold only in the list and click Delete. You may have to expand folders by clicking the "+" mark.
  • When prompted click Yes, followed by Next.
  • Click Select all, followed by Delete.
  • When prompted click Yes, followed by Next.
  • Once done click Finish.
     

STEP 2
BY4dvz9.png AdwCleaner

  • Please download AdwCleaner and save the file to your desktop.
  • Right-Click AdwCleaner.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts. 
  • Click Scan
  • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. 
  • Ensure anything you know to be legitimate does not have a checkmark, and click Clean
  • Follow the prompts and allow your computer to reboot
  • After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.
 

STEP 3
E3feWj5.png Junkware Removal Tool (JRT)

  • Please download Junkware Removal Tool and save the file to your desktop.
  • Note: If you unchecked any items in AdwCleaner, please backup the associated file/folder prior to running JRT. 
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click JRT.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts and allow the scan to run uninterrupted. 
  • Upon completion, a log (JRT.txt) will open on your desktop.
  • Re-enable your anti-virus software.
  • Copy the contents of JRT.txt and paste in your next reply.
     

STEP 4
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your desktop. Copy the contents of both logs and paste in your next reply. 
     

======================================================

STEP 5
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Did DMUninstaller uninstall successfully?
  • AdwCleaner[S0].txt
  • JRT.txt
  • FRST.txt
  • Addition.txt

  • 0

#12
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

DMUninstaller uninstalled ok.

 

AdwCleaner file was there at one time but not now. A search did not turn it up. A windows 7 "look and feel" overlay was applied to this computer and that is gone. With it went the AdwCleaner file.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Donnapc on Tue 07/01/2014 at  9:17:54.98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 07/01/2014 at  9:22:17.05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02
Ran by Donnapc (administrator) on DONNA on 01-07-2014 09:35:40
Running from C:\Users\Donnapc\Desktop
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-06-04] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ToolboxFX] => C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe [58936 2010-10-25] (Hewlett-Packard Company)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
HKU\S-1-5-21-3730426596-1190900839-1826073975-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [457728 2014-03-18] (Microsoft Corporation)
HKU\S-1-5-21-3730426596-1190900839-1826073975-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-06-16] (Glarysoft Ltd)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk *  BootDefrag.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage:
CHR Extension: (Google Docs) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-23]
CHR Extension: (Google Drive) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-23]
CHR Extension: (Google Search) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-23]
CHR Extension: (AdBlock) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-04]
CHR Extension: (Google Wallet) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-23]
CHR Extension: (Gmail) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-23]
CHR Extension: (Send Link by Email or Gmail) - C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2014-06-02]

==================== Services (Whitelisted) =================

R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9954096 2014-03-27] (DisplayLink Corp.)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-25] (HP) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2014-06-04] (IDT, Inc.) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-05-31] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-05-31] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-05-14] (Glarysoft Ltd)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DisplayLinkUsbIo_x64; C:\Windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.5.54609.0.sys [46384 2014-03-31] ()
R0 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20672 2014-05-23] (Glarysoft Ltd)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-05-31] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-01 09:22 - 2014-07-01 09:22 - 00000624 _____ () C:\Users\Donnapc\Desktop\JRT.txt
2014-07-01 09:17 - 2014-07-01 09:17 - 01016261 _____ (Thisisu) C:\Users\Donnapc\Desktop\JRT.exe
2014-07-01 09:17 - 2014-07-01 09:17 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-01 09:11 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-01 09:10 - 2014-07-01 09:13 - 00000000 ____D () C:\AdwCleaner
2014-07-01 09:09 - 2014-07-01 09:09 - 01346519 _____ () C:\Users\Donnapc\Desktop\AdwCleaner.exe
2014-07-01 09:07 - 2014-07-01 09:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Donnapc\Desktop\revosetup.exe
2014-07-01 09:07 - 2014-07-01 09:07 - 00001286 _____ () C:\Users\Donnapc\Desktop\Revo Uninstaller.lnk
2014-07-01 09:07 - 2014-07-01 09:07 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-30 20:00 - 2014-06-30 20:01 - 00000000 ____D () C:\Users\Donnapc\AppData\Roaming\DiskDefrag
2014-06-30 19:59 - 2014-06-30 20:00 - 13744328 _____ () C:\Users\Donnapc\Downloads\Glary_Utilities_v5.2.0.5.exe
2014-06-30 14:19 - 2014-06-30 14:19 - 00000000 ____D () C:\WINDOWS\Minidump
2014-06-30 14:12 - 2014-06-30 14:12 - 00001566 _____ () C:\Users\Donnapc\Desktop\aswMBR.txt
2014-06-30 14:12 - 2014-06-30 14:12 - 00000512 _____ () C:\Users\Donnapc\Desktop\MBR.dat
2014-06-30 13:48 - 2014-06-30 13:48 - 05185536 _____ (AVAST Software) C:\Users\Donnapc\Desktop\aswMBR.exe
2014-06-30 13:14 - 2014-06-30 13:14 - 00000424 _____ () C:\Users\Donnapc\Desktop\This PC - Shortcut.lnk
2014-06-30 11:08 - 2014-07-01 09:35 - 00011955 _____ () C:\Users\Donnapc\Desktop\FRST.txt
2014-06-30 11:08 - 2014-06-30 11:09 - 00044470 _____ () C:\Users\Donnapc\Desktop\Addition.txt
2014-06-30 11:07 - 2014-07-01 09:35 - 00000000 ____D () C:\FRST
2014-06-30 11:06 - 2014-06-30 11:06 - 02083328 _____ (Farbar) C:\Users\Donnapc\Desktop\FRST64.exe
2014-06-30 11:02 - 2014-06-30 11:02 - 00001162 _____ () C:\Users\Donnapc\Desktop\Live PC Help.lnk
2014-06-30 09:12 - 2014-06-30 09:12 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-30 09:07 - 2014-06-30 09:07 - 00000000 ____D () C:\Users\Donnapc\AppData\Roaming\amazon
2014-06-30 09:05 - 2014-06-30 09:05 - 04489040 _____ (Systweak Inc ) C:\Users\Donnapc\Downloads\rcp_dcomnew_sec_728.exe
2014-06-29 17:03 - 2014-06-29 17:03 - 00085256 _____ () C:\Users\Donnapc\Desktop\Extras.Txt
2014-06-29 17:02 - 2014-06-29 17:02 - 00121506 _____ () C:\Users\Donnapc\Desktop\OTL.Txt
2014-06-29 16:57 - 2014-06-29 16:57 - 00602112 _____ (OldTimer Tools) C:\Users\Donnapc\Desktop\OTL.exe
2014-06-28 09:12 - 2014-06-28 09:12 - 00002919 _____ () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Microsoft Office Publisher 2007.lnk
2014-06-28 08:36 - 2014-06-28 08:36 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-20 20:00 - 2014-06-20 20:01 - 111107408 _____ (Apple Inc.) C:\Users\Donnapc\Downloads\iTunesSetup.exe
2014-06-20 19:54 - 2014-06-20 19:55 - 112616784 _____ (Apple Inc.) C:\Users\Donnapc\Downloads\iTunes64Setup.exe
2014-06-16 16:26 - 2014-06-16 16:26 - 00001376 _____ () C:\Users\Donnapc\Desktop\Photo Gallery.lnk
2014-06-11 16:20 - 2014-06-13 23:45 - 00000356 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForDONNA$.job
2014-06-11 16:20 - 2014-06-11 16:20 - 00003192 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForDONNA$
2014-06-11 12:55 - 2014-06-11 12:55 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-06-11 12:40 - 2014-05-30 03:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-11 12:40 - 2014-05-30 02:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-11 12:40 - 2014-05-30 02:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 12:40 - 2014-05-30 02:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 12:40 - 2014-05-30 02:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-11 12:40 - 2014-05-30 02:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-11 12:40 - 2014-05-30 02:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 12:40 - 2014-05-30 01:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-11 12:40 - 2014-05-30 01:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-11 12:40 - 2014-05-30 01:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 12:40 - 2014-05-30 01:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-11 12:40 - 2014-05-30 01:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 12:40 - 2014-05-30 01:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-11 12:40 - 2014-05-30 01:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 12:40 - 2014-05-30 01:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-11 12:40 - 2014-05-30 01:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-11 12:40 - 2014-05-30 01:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-11 12:40 - 2014-05-30 01:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-11 12:40 - 2014-05-30 00:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-11 12:40 - 2014-05-30 00:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-11 12:40 - 2014-05-30 00:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-11 12:40 - 2014-05-30 00:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-11 12:40 - 2014-05-30 00:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-11 12:40 - 2014-05-30 00:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-11 12:40 - 2014-05-30 00:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-11 12:40 - 2014-05-30 00:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-11 12:40 - 2014-05-30 00:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-11 12:40 - 2014-05-30 00:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 12:40 - 2014-05-30 00:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-11 12:40 - 2014-02-06 04:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 12:40 - 2014-02-06 04:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 12:40 - 2014-02-06 04:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 12:40 - 2014-02-06 03:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 12:40 - 2014-02-06 03:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 12:40 - 2014-02-06 03:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 12:40 - 2014-02-06 03:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 12:40 - 2014-02-06 03:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 12:40 - 2014-02-06 02:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 12:40 - 2014-02-06 02:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 12:40 - 2014-02-06 02:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 12:40 - 2014-02-06 02:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 12:39 - 2014-05-18 23:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 12:39 - 2014-05-18 23:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 12:39 - 2014-05-18 22:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 12:39 - 2014-05-09 20:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 12:39 - 2014-05-09 20:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 12:39 - 2014-05-08 16:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 12:39 - 2014-05-04 21:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 12:39 - 2014-05-03 00:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-11 12:39 - 2014-05-02 21:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 12:39 - 2014-05-02 21:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 12:39 - 2014-05-02 20:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-11 12:39 - 2014-05-02 20:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-11 12:39 - 2014-05-01 06:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 12:39 - 2014-05-01 06:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 12:39 - 2014-05-01 00:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 12:39 - 2014-05-01 00:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 12:39 - 2014-04-30 23:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 12:39 - 2014-04-30 22:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 12:39 - 2014-04-30 04:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 12:39 - 2014-04-29 21:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 12:39 - 2014-04-29 21:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 12:39 - 2014-04-29 20:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 12:39 - 2014-04-29 20:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 12:39 - 2014-04-03 00:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 12:39 - 2014-04-03 00:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-04 16:46 - 2014-06-04 16:45 - 02213376 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2014-06-04 16:46 - 2014-06-04 16:45 - 00697856 _____ (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2014-06-04 16:46 - 2014-06-04 16:45 - 00551936 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2014-06-04 16:46 - 2014-06-04 16:45 - 00256000 _____ (IDT, Inc.) C:\WINDOWS\system32\st646491.dll
2014-06-04 16:45 - 2014-06-04 16:46 - 00000000 ____D () C:\Program Files\IDT
2014-06-04 16:45 - 2014-06-04 16:45 - 00207048 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAC64.dll
2014-06-04 16:44 - 2014-06-04 16:44 - 00942080 _____ () C:\WINDOWS\system32\AmRdrIco.icl
2014-06-04 16:44 - 2014-06-04 16:44 - 00083224 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\Drivers\AmUStor.sys
2014-06-04 16:44 - 2014-06-04 16:44 - 00021784 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\AmUStor.dll
2014-06-04 16:44 - 2014-06-04 16:44 - 00004435 _____ () C:\WINDOWS\system32\AmUStor.ini
2014-06-04 16:44 - 2014-06-04 16:44 - 00000640 _____ () C:\WINDOWS\system32\VendorCmd0.bin
2014-06-04 16:44 - 2014-06-04 16:44 - 00000008 _____ () C:\WINDOWS\system32\CardDetect.bin
2014-06-04 16:44 - 2014-06-04 16:44 - 00000000 ____D () C:\ProgramData\AmUStor
2014-06-04 16:44 - 2014-06-04 16:44 - 00000000 ____D () C:\Program Files (x86)\AmUStor
2014-06-02 22:42 - 2014-06-02 22:42 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-06-02 21:24 - 2014-06-02 21:24 - 00035315 _____ () C:\Users\Donnapc\Downloads\Retreat Registrations 2014 (17).xlsx
2014-06-02 21:17 - 2014-03-27 10:53 - 00389936 _____ (DisplayLink Corp.) C:\WINDOWS\system32\Drivers\dlkmd.sys
2014-06-02 21:17 - 2014-03-27 10:53 - 00017200 _____ (DisplayLink Corp.) C:\WINDOWS\system32\Drivers\dlkmdldr.sys
2014-06-01 20:04 - 2014-06-01 20:04 - 00000000 __SHD () C:\Users\Donnapc\AppData\Local\EmieUserList
2014-06-01 20:04 - 2014-06-01 20:04 - 00000000 __SHD () C:\Users\Donnapc\AppData\Local\EmieSiteList
2014-06-01 13:49 - 2014-06-25 20:56 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-01 13:42 - 2014-06-01 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-01 13:41 - 2014-06-01 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2014-06-01 13:41 - 2014-06-01 13:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-01 13:41 - 2014-05-12 08:05 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-06-01 13:41 - 2014-05-12 08:05 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-06-01 13:40 - 2014-06-01 13:40 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-06-01 13:40 - 2014-06-01 13:40 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-06-01 13:40 - 2014-06-01 13:40 - 00000000 ____D () C:\Program Files\Java
2014-06-01 13:40 - 2014-06-01 13:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-01 13:39 - 2014-06-01 13:39 - 00265752 _____ (Secure By Design Inc.) C:\Users\Donnapc\Downloads\Ninite Classic Start Glary Java Installer.exe
2014-06-01 10:28 - 2014-06-01 10:28 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-06-01 10:27 - 2014-07-01 09:17 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2FB23BE9-8C7D-4C0C-9517-E850AAAB0A35}
2014-06-01 10:27 - 2014-06-01 10:27 - 00001448 _____ () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-01 10:27 - 2014-06-01 10:27 - 00000020 ___SH () C:\Users\Donnapc\ntuser.ini

==================== One Month Modified Files and Folders =======

2014-07-01 09:35 - 2014-06-30 11:08 - 00011955 _____ () C:\Users\Donnapc\Desktop\FRST.txt
2014-07-01 09:35 - 2014-06-30 11:07 - 00000000 ____D () C:\FRST
2014-07-01 09:28 - 2013-11-19 18:18 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-01 09:24 - 2013-11-12 18:19 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3730426596-1190900839-1826073975-1001
2014-07-01 09:22 - 2014-07-01 09:22 - 00000624 _____ () C:\Users\Donnapc\Desktop\JRT.txt
2014-07-01 09:19 - 2014-03-18 03:03 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-01 09:17 - 2014-07-01 09:17 - 01016261 _____ (Thisisu) C:\Users\Donnapc\Desktop\JRT.exe
2014-07-01 09:17 - 2014-07-01 09:17 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-01 09:17 - 2014-06-01 10:27 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2FB23BE9-8C7D-4C0C-9517-E850AAAB0A35}
2014-07-01 09:14 - 2014-03-18 02:54 - 00003408 _____ () C:\WINDOWS\PFRO.log
2014-07-01 09:14 - 2013-11-19 18:18 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-01 09:14 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-01 09:14 - 2013-08-22 06:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-01 09:13 - 2014-07-01 09:10 - 00000000 ____D () C:\AdwCleaner
2014-07-01 09:09 - 2014-07-01 09:09 - 01346519 _____ () C:\Users\Donnapc\Desktop\AdwCleaner.exe
2014-07-01 09:07 - 2014-07-01 09:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Donnapc\Desktop\revosetup.exe
2014-07-01 09:07 - 2014-07-01 09:07 - 00001286 _____ () C:\Users\Donnapc\Desktop\Revo Uninstaller.lnk
2014-07-01 09:07 - 2014-07-01 09:07 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-01 09:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-01 08:44 - 2014-05-31 20:33 - 01468843 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-30 20:01 - 2014-06-30 20:00 - 00000000 ____D () C:\Users\Donnapc\AppData\Roaming\DiskDefrag
2014-06-30 20:01 - 2014-02-08 14:30 - 00039424 ___SH () C:\Users\Donnapc\Desktop\Thumbs.db
2014-06-30 20:01 - 2014-02-03 16:57 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-30 20:00 - 2014-06-30 19:59 - 13744328 _____ () C:\Users\Donnapc\Downloads\Glary_Utilities_v5.2.0.5.exe
2014-06-30 20:00 - 2014-05-31 20:22 - 00000000 ____D () C:\Users\Donnapc
2014-06-30 20:00 - 2014-05-23 18:34 - 00002970 _____ () C:\WINDOWS\System32\Tasks\GU5SkipUAC
2014-06-30 20:00 - 2014-05-23 18:34 - 00001110 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-06-30 20:00 - 2014-05-23 18:34 - 00001098 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-06-30 20:00 - 2014-05-23 18:34 - 00000348 _____ () C:\WINDOWS\Tasks\GlaryInitialize 5.job
2014-06-30 20:00 - 2014-05-23 08:48 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-06-30 18:30 - 2013-11-19 18:22 - 00000000 ____D () C:\Users\Donnapc\AppData\Roaming\ClassicShell
2014-06-30 18:15 - 2013-08-22 07:46 - 00303755 _____ () C:\WINDOWS\setupact.log
2014-06-30 17:06 - 2014-02-03 17:48 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-06-30 17:06 - 2014-02-03 16:57 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-30 14:30 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-30 14:23 - 2013-11-19 18:18 - 00003890 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-30 14:23 - 2013-11-19 18:18 - 00003654 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-30 14:19 - 2014-06-30 14:19 - 00000000 ____D () C:\WINDOWS\Minidump
2014-06-30 14:19 - 2013-11-12 17:44 - 00124870 ____N () C:\WINDOWS\Minidump\063014-15500-01.dmp
2014-06-30 14:12 - 2014-06-30 14:12 - 00001566 _____ () C:\Users\Donnapc\Desktop\aswMBR.txt
2014-06-30 14:12 - 2014-06-30 14:12 - 00000512 _____ () C:\Users\Donnapc\Desktop\MBR.dat
2014-06-30 13:48 - 2014-06-30 13:48 - 05185536 _____ (AVAST Software) C:\Users\Donnapc\Desktop\aswMBR.exe
2014-06-30 13:32 - 2014-02-27 21:59 - 00052224 ___SH () C:\Users\Donnapc\Documents\Thumbs.db
2014-06-30 13:14 - 2014-06-30 13:14 - 00000424 _____ () C:\Users\Donnapc\Desktop\This PC - Shortcut.lnk
2014-06-30 11:12 - 2013-11-19 18:20 - 00000000 ____D () C:\Users\Donnapc\AppData\Local\Paint.NET
2014-06-30 11:09 - 2014-06-30 11:08 - 00044470 _____ () C:\Users\Donnapc\Desktop\Addition.txt
2014-06-30 11:06 - 2014-06-30 11:06 - 02083328 _____ (Farbar) C:\Users\Donnapc\Desktop\FRST64.exe
2014-06-30 11:02 - 2014-06-30 11:02 - 00001162 _____ () C:\Users\Donnapc\Desktop\Live PC Help.lnk
2014-06-30 09:12 - 2014-06-30 09:12 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-30 09:07 - 2014-06-30 09:07 - 00000000 ____D () C:\Users\Donnapc\AppData\Roaming\amazon
2014-06-30 09:05 - 2014-06-30 09:05 - 04489040 _____ (Systweak Inc ) C:\Users\Donnapc\Downloads\rcp_dcomnew_sec_728.exe
2014-06-30 05:39 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-29 17:03 - 2014-06-29 17:03 - 00085256 _____ () C:\Users\Donnapc\Desktop\Extras.Txt
2014-06-29 17:02 - 2014-06-29 17:02 - 00121506 _____ () C:\Users\Donnapc\Desktop\OTL.Txt
2014-06-29 16:57 - 2014-06-29 16:57 - 00602112 _____ (OldTimer Tools) C:\Users\Donnapc\Desktop\OTL.exe
2014-06-28 09:12 - 2014-06-28 09:12 - 00002919 _____ () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Microsoft Office Publisher 2007.lnk
2014-06-28 08:36 - 2014-06-28 08:36 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-25 20:56 - 2014-06-01 13:49 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-20 20:01 - 2014-06-20 20:00 - 111107408 _____ (Apple Inc.) C:\Users\Donnapc\Downloads\iTunesSetup.exe
2014-06-20 19:55 - 2014-06-20 19:54 - 112616784 _____ (Apple Inc.) C:\Users\Donnapc\Downloads\iTunes64Setup.exe
2014-06-17 10:25 - 2013-11-26 14:32 - 00000000 ____D () C:\Users\Donnapc\AppData\Local\Windows Live
2014-06-16 16:26 - 2014-06-16 16:26 - 00001376 _____ () C:\Users\Donnapc\Desktop\Photo Gallery.lnk
2014-06-14 10:47 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-14 09:48 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-13 23:45 - 2014-06-11 16:20 - 00000356 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForDONNA$.job
2014-06-13 23:18 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-11 16:21 - 2013-11-13 22:21 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-06-11 16:20 - 2014-06-11 16:20 - 00003192 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForDONNA$
2014-06-11 16:20 - 2013-11-13 22:21 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-06-11 12:57 - 2013-11-17 16:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 12:56 - 2013-11-14 17:22 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-11 12:56 - 2013-11-14 17:22 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-11 12:55 - 2014-06-11 12:55 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-06-11 12:55 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-08 16:16 - 2013-11-17 21:46 - 00000000 ____D () C:\Users\Donnapc\Documents\Donna File
2014-06-04 16:46 - 2014-06-04 16:45 - 00000000 ____D () C:\Program Files\IDT
2014-06-04 16:45 - 2014-06-04 16:46 - 02213376 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2014-06-04 16:45 - 2014-06-04 16:46 - 00697856 _____ (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2014-06-04 16:45 - 2014-06-04 16:46 - 00551936 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2014-06-04 16:45 - 2014-06-04 16:46 - 00256000 _____ (IDT, Inc.) C:\WINDOWS\system32\st646491.dll
2014-06-04 16:45 - 2014-06-04 16:45 - 00207048 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAC64.dll
2014-06-04 16:45 - 2013-03-21 09:49 - 06101504 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2014-06-04 16:45 - 2013-03-21 09:49 - 01897984 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2014-06-04 16:45 - 2013-03-21 09:49 - 01703424 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2014-06-04 16:45 - 2012-10-11 20:24 - 00000000 ____D () C:\SWSETUP
2014-06-04 16:44 - 2014-06-04 16:44 - 00942080 _____ () C:\WINDOWS\system32\AmRdrIco.icl
2014-06-04 16:44 - 2014-06-04 16:44 - 00083224 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\Drivers\AmUStor.sys
2014-06-04 16:44 - 2014-06-04 16:44 - 00021784 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\AmUStor.dll
2014-06-04 16:44 - 2014-06-04 16:44 - 00004435 _____ () C:\WINDOWS\system32\AmUStor.ini
2014-06-04 16:44 - 2014-06-04 16:44 - 00000640 _____ () C:\WINDOWS\system32\VendorCmd0.bin
2014-06-04 16:44 - 2014-06-04 16:44 - 00000008 _____ () C:\WINDOWS\system32\CardDetect.bin
2014-06-04 16:44 - 2014-06-04 16:44 - 00000000 ____D () C:\ProgramData\AmUStor
2014-06-04 16:44 - 2014-06-04 16:44 - 00000000 ____D () C:\Program Files (x86)\AmUStor
2014-06-04 16:44 - 2013-03-21 09:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-03 10:44 - 2013-11-18 19:51 - 00000000 ____D () C:\Users\Donnapc\Documents\Aglow stuff
2014-06-02 22:59 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-06-02 22:42 - 2014-06-02 22:42 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-06-02 21:24 - 2014-06-02 21:24 - 00035315 _____ () C:\Users\Donnapc\Downloads\Retreat Registrations 2014 (17).xlsx
2014-06-02 20:15 - 2013-11-12 18:11 - 00000000 ____D () C:\Users\Donnapc\AppData\Local\Packages
2014-06-02 20:06 - 2013-11-12 18:20 - 00000000 ____D () C:\Program Files\DisplayLink Core Software
2014-06-02 00:00 - 2014-05-31 21:16 - 00000000 ___DC () C:\WINDOWS\Panther
2014-06-01 20:06 - 2013-11-17 21:56 - 00127568 _____ () C:\Users\Donnapc\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-01 20:05 - 2013-12-07 18:32 - 00000484 _____ () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Outlook.website
2014-06-01 20:04 - 2014-06-01 20:04 - 00000000 __SHD () C:\Users\Donnapc\AppData\Local\EmieUserList
2014-06-01 20:04 - 2014-06-01 20:04 - 00000000 __SHD () C:\Users\Donnapc\AppData\Local\EmieSiteList
2014-06-01 13:42 - 2014-06-01 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-01 13:42 - 2014-02-08 13:41 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-01 13:42 - 2014-02-03 16:08 - 00000000 ____D () C:\Users\Donnapc\AppData\Roaming\Malwarebytes
2014-06-01 13:42 - 2014-02-03 16:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 13:41 - 2014-06-01 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2014-06-01 13:41 - 2014-06-01 13:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-01 13:41 - 2013-12-01 15:00 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-01 13:41 - 2013-11-19 18:20 - 00000000 ____D () C:\Program Files\Classic Shell
2014-06-01 13:40 - 2014-06-01 13:40 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-06-01 13:40 - 2014-06-01 13:40 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-06-01 13:40 - 2014-06-01 13:40 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-06-01 13:40 - 2014-06-01 13:40 - 00000000 ____D () C:\Program Files\Java
2014-06-01 13:40 - 2014-06-01 13:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-01 13:39 - 2014-06-01 13:39 - 00265752 _____ (Secure By Design Inc.) C:\Users\Donnapc\Downloads\Ninite Classic Start Glary Java Installer.exe
2014-06-01 10:28 - 2014-06-01 10:28 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-06-01 10:27 - 2014-06-01 10:27 - 00001448 _____ () C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-01 10:27 - 2014-06-01 10:27 - 00000020 ___SH () C:\Users\Donnapc\ntuser.ini

Some content of TEMP:
====================
C:\Users\Donnapc\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-30 20:24

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02
Ran by Donnapc at 2014-07-01 09:36:27
Running from C:\Users\Donnapc\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Acrobat 4.0 (HKLM-x32\...\Adobe Acrobat 4.0) (Version: 4.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver  (x32 Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{CC6CCF1E-F361-910A-E41D-EB5176F1255C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Wireless Display v3.0 (Version: 1.0.0.13 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{3FA365DF-2D68-45ED-8F83-8C8A33E65143}) (Version: 1.1.0 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CrossLoop 2.82 (HKLM-x32\...\CrossLoop_is1) (Version: 2.82 - CrossLoop, Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2.5630 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.2.5630 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.2.2114 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.2.2114 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.2.3317 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2126 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.2.2126 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2126 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.2.2126 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.8.5511 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayLink Core Software (HKLM\...\{4049FB01-BA71-44DB-AC12-AAC479087CE1}) (Version: 7.5.54609.0 - DisplayLink Corp.)
Glary Utilities 5.2 (HKLM-x32\...\Glary Utilities 5) (Version: 5.2.0.5 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\{51020C27-7422-3FBE-9480-4CB1CCC8E2CC}) (Version: 65.156.32827 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 112) hp - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP LaserJet Professional CP1520 Series (HKLM-x32\...\{5C069542-CA13-4f1b-B90C-28C6430F4992}) (Version:  - Hewlett-Packard)
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPLaserJetHelp_LearnCenter (HKLM-x32\...\{E15C68A1-9CA5-44AC-A7F7-6C0673F196A8}) (Version: 1.02.0000 - Hewlett-Packard)
HPLJUT (x32 Version: 1.00.0012 - HP) Hidden
hppCP1520LaserJetService (x32 Version: 001.008.00477 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 002.015.00599 - Hewlett-Packard) Hidden
hppTLBXFXCP1520 (x32 Version: 001.012.00948 - Hewlett-Packard) Hidden
hpzTLBXFX (x32 Version: 006.015.01163 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyMailList & AddressBook 5.0.3.2 (HKLM-x32\...\{7A15E1CA-6ED9-11D4-970E-00A0CC3F8931}) (Version:  - )
NirSoft IE PassView (HKLM-x32\...\NirSoft IE PassView) (Version:  - )
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}) (Version: 7.65.17.80 - Apple Inc.)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Recovery Manager (x32 Version: 5.5.0.5826 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Stamps.com Internet Postage (HKLM-x32\...\Stamps.com Internet Postage) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

11-06-2014 19:54:48 Windows Update
30-06-2014 12:42:39 Scheduled Checkpoint
01-07-2014 16:08:30 Revo Uninstaller's restore point - DMUninstaller

==================== Hosts content: ==========================

2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00E47A7B-F331-4599-ADF7-14F91365F5A6} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {029FAAB5-4ECD-4F4E-9377-97BABA7DBF7B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {08798A8E-6982-4A84-A6D1-B2723DFC3C32} - System32\Tasks\HPCeeScheduleForDONNA$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D2BFD05-551E-4CB6-A3AC-DE7AAE00F213} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-06-16] (Glarysoft Ltd)
Task: {103D74B9-23F3-48F2-B5AE-AD1B2B86213F} - System32\Tasks\GU4SkipUAC => C:\Program Files (x86)\Glary Utilities 4\Integrator.exe
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {28C3D971-5CC4-4AA3-957E-DBAA85CFDCE0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {299E95C5-7668-47AE-A284-5B3CF462500A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4355738B-987C-4835-9931-60B7FDB8CC87} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {574B1B9E-FC17-4F24-9CBC-5CE9E5A0D65F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CNBF254797 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6D11FE6B-4459-4A20-AD0E-DD0986A7052A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN22O3BD6H => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {7384D3F0-A8CF-44AC-AFF8-C95CCA2DC7B9} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22] (Hewlett Packard)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7ACB2E69-083E-4A15-B908-3FE0037CFCFA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-19] (Google Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8AD59C82-65E7-48E0-A31D-506EECCBD433} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A6E3378A-315C-4E14-8E7D-863108A36750} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A7F20BD8-8924-467B-BE2C-21AB5D1ABC1C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {ADD6F339-33B3-4E12-97BE-27046933F99C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {CA50E120-38EA-43CF-812C-CCCEFD3AA0CB} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DD0AAF56-22AC-4594-A6B7-D679061180CE} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-06-16] (Glarysoft Ltd)
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F24E87BF-E65E-4A55-A683-723A56BA9A4B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {FD37B8B9-4C00-419F-9133-F510287AE8F0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-11] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForDONNA$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2013-06-05 16:51 - 2013-06-05 16:51 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2010-10-25 15:36 - 2010-10-25 15:36 - 00119864 _____ () C:\Program Files (x86)\HP\ToolboxFX\bin\nativeutils.dll
2013-03-21 10:00 - 2012-06-07 20:34 - 00627216 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Donnapc\Downloads\Change of Info Form For Area Team.eml:OECustomProperty
AlternateDataStreams: C:\Users\Donnapc\Downloads\Fw_ Matt Harding dances around the world.email.eml:OECustomProperty
AlternateDataStreams: C:\Users\Donnapc\Downloads\mime-attachment.eml:OECustomProperty
AlternateDataStreams: C:\Users\Donnapc\Downloads\RE Prayer Request.eml:OECustomProperty
AlternateDataStreams: C:\Users\Donnapc\Downloads\Word for 2014 from Doug Addison.eml:OECustomProperty
AlternateDataStreams: C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Outlook.website:TASKICON_0OLFavIE91284348923
AlternateDataStreams: C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Outlook.website:TASKICON_1OCalFavIE91545382048
AlternateDataStreams: C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Outlook.website:TASKICON_2PeopleFav-510560096
AlternateDataStreams: C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Outlook.website:TASKICON_3SkyDriveFav-324886575
AlternateDataStreams: C:\Users\Donnapc\AppData\Roaming\Microsoft\Windows\Start Menu\Outlook.website:TASKICON_4OLFavIE91410631431

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (07/01/2014 09:36:22 AM) (Source: DCOM) (EventID: 10010) (User: Donna)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (07/01/2014 09:35:52 AM) (Source: DCOM) (EventID: 10010) (User: Donna)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (07/01/2014 09:35:22 AM) (Source: DCOM) (EventID: 10010) (User: Donna)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (07/01/2014 09:35:22 AM) (Source: DCOM) (EventID: 10010) (User: Donna)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (07/01/2014 09:34:51 AM) (Source: DCOM) (EventID: 10010) (User: Donna)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (07/01/2014 09:34:21 AM) (Source: DCOM) (EventID: 10010) (User: Donna)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (07/01/2014 09:33:51 AM) (Source: DCOM) (EventID: 10010) (User: Donna)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (07/01/2014 09:32:40 AM) (Source: DCOM) (EventID: 10010) (User: Donna)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (07/01/2014 09:32:10 AM) (Source: DCOM) (EventID: 10010) (User: Donna)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (07/01/2014 09:31:39 AM) (Source: DCOM) (EventID: 10010) (User: Donna)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-07-01 09:16:29.535
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-01 09:16:29.488
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-01 09:16:29.442
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-01 09:16:29.379
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-01 09:10:01.738
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-01 09:10:01.691
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-01 09:05:26.777
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-01 09:05:26.730
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-01 09:05:26.668
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-01 09:05:26.621
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Percentage of memory in use: 19%
Total physical RAM: 7575.29 MB
Available physical RAM: 6098.82 MB
Total Pagefile: 7975.29 MB
Available Pagefile: 6344.21 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.77 GB) (Free:877.26 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:10.83 GB) (Free:1.29 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 7A2964CB)

Partition: GPT Partition Type.

==================== End Of Log ============================


  • 0

#13
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

Loading up "my pc" - where it shows the system drives and file folders - takes forever now.


  • 0

#14
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

Found Adw file

 

# AdwCleaner v3.214 - Report created 01/07/2014 at 09:12:49
# Updated 29/06/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Donnapc - DONNA
# Running from : C:\Users\Donnapc\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\RegClean Pro
Folder Deleted : C:\Program Files\Level Quality Watcher
Folder Deleted : C:\Users\Donnapc\AppData\Roaming\Systweak
File Deleted : C:\END
File Deleted : C:\WINDOWS\System32\roboot64.exe

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\Software\systweak

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Donnapc\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb

*************************

AdwCleaner[R0].txt - [1497 octets] - [01/07/2014 09:10:49]
AdwCleaner[S0].txt - [1400 octets] - [01/07/2014 09:12:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1460 octets] ##########


  • 0

#15
cloroxmartini

cloroxmartini

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

Reset Classic Shell and the menu options and file explorer work fine now


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP