Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PUP.conduit.A and more? [Closed] [Solved]

Started by LESI , Jul 07 2014 09:11 PM
PUP conduitA

  • This topic is locked This topic is locked

#1
LESI
Posted 07 July 2014 - 09:11 PM

LESI

    Member

  • Member
  • PipPip
  • 51 posts
Hi,  :wave: 

I'm having problems with a couple malware/adware(?), so I'll list 3 such items:
  1) PUP.conduit.A keeps showing up listed twice when I run Malwarebytes
   2) typing in skype and chatrooms is very delayed
   3) suspicious that other malware/adware may be lurking
 
Win 8.1  2013
Processor: AMD E1-1200 APU with Radeon™ HD Graphics  1.40 GHz
Installed Memory (RAM):  4.00 GB (3.58 GB usable)
System Type: 64-bit Operating System, x64 based processor
Pen and Touch: no Pen or Touch Input is available for this Display
HP- AllinOne
 

You helped me once before, and I can follow instructions well and keep up with the assistance given.  I'm persistent to the end.

Here's my OTL log and Extra log

Thank You,

Boomerang  :geek: 
======================================

OTL logfile created on: 7/7/2014 10:39:15 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Martha\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.58 Gb Total Physical Memory | 1.77 Gb Available Physical Memory | 49.49% Memory free
4.54 Gb Paging File | 1.39 Gb Available in Paging File | 30.66% Paging File free
Paging file location(s): c:\pagefile.sys 400 4096 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444.06 Gb Total Space | 388.04 Gb Free Space | 87.38% Space Free | Partition Type: NTFS
Drive D: | 19.78 Gb Total Space | 2.47 Gb Free Space | 12.50% Space Free | Partition Type: NTFS
 
Computer Name: HP-ALLINONE | User Name: Martha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/07 22:38:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martha\Downloads\OTL.exe
PRC - [2014/07/04 00:37:52 | 004,086,432 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/07/04 00:37:51 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/06/05 09:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/03/18 06:13:58 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WWAHost.exe
PRC - [2014/01/13 13:52:22 | 000,009,216 | ---- | M] (Ellora Assets Corp.) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/27 21:21:26 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012/06/07 23:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/04 00:37:58 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/07/04 00:37:55 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2014/06/21 18:56:10 | 000,018,856 | ---- | M] () -- C:\Program Files (x86)\Java\jre7\bin\jp2native.dll
MOD - [2014/06/05 09:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014/06/05 09:58:37 | 014,612,296 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
MOD - [2014/06/05 09:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014/06/05 09:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014/06/05 09:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014/06/05 09:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2012/06/08 14:34:06 | 000,016,400 | ---- | M] () -- c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/07 23:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/07/04 00:37:51 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/06/19 23:08:33 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/06/19 23:04:34 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/06/19 23:04:34 | 000,834,560 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/06/19 22:57:31 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/06/19 22:57:31 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/06/19 22:55:59 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/06/19 22:55:58 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/06/19 22:55:58 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/06/19 22:49:21 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2014/06/10 00:52:30 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2014/03/18 06:13:26 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/18 06:13:25 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/03/18 06:13:20 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/03/18 06:13:18 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/03/18 06:13:18 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/03/18 06:13:14 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/03/18 06:13:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/03/18 06:13:13 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/11/19 21:40:52 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 07:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 07:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 07:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 07:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 07:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 06:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 06:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 05:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 05:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 05:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 05:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 05:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 05:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 05:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 05:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2014/06/19 22:55:57 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/06/19 22:49:24 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2014/06/19 22:49:20 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2014/06/19 22:49:19 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2014/04/22 05:25:15 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/01/13 13:52:24 | 000,103,936 | ---- | M] (Freemake) [Auto | Stopped] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2014/01/13 13:52:22 | 000,009,216 | ---- | M] (Ellora Assets Corp.) [Auto | Running] -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/19 21:47:00 | 002,468,496 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2013/11/04 19:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 23:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 22:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012/07/19 21:06:58 | 000,035,232 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe -- (HPConnectedRemote)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/07/07 20:31:14 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/07/04 12:38:30 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/07/04 00:38:04 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/07/04 00:38:04 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/07/04 00:38:04 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/07/04 00:38:04 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/07/04 00:38:04 | 000,065,776 | ---- | M] () [Kernel | Boot | Stopped] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/07/04 00:38:04 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/07/04 00:38:02 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/06/19 23:06:46 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/06/19 23:04:36 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/06/19 23:04:34 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/06/19 23:04:34 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/06/19 23:04:34 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/06/19 22:57:31 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/06/19 22:57:31 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/06/19 22:57:31 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/06/19 22:55:57 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/06/17 09:55:07 | 000,870,104 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2014/06/10 00:52:30 | 013,209,088 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2014/06/10 00:52:30 | 000,626,688 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2014/03/18 06:13:19 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/03/18 06:13:15 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/18 06:13:15 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/03/18 06:13:02 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/03/18 06:13:01 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/03/18 06:13:01 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/03/18 06:13:01 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/03/18 06:13:01 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/03/18 06:13:01 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/03/18 06:13:00 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/03/18 06:13:00 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/03/18 06:13:00 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/03/18 05:45:47 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/03/18 05:45:41 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/12/04 11:02:30 | 002,505,904 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2013/11/19 21:47:01 | 000,353,864 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2013/08/22 09:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 09:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 08:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 08:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 08:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 08:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 08:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 08:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 08:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 08:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 08:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 08:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 08:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 08:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 08:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 08:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 08:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 08:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 08:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 08:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 08:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 08:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 08:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 08:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 08:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 08:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 08:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 08:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 08:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 07:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 07:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 07:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 07:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 07:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 07:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 07:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 07:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 07:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 07:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 07:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 07:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 07:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 07:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 07:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 07:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 07:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 07:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 07:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 07:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 07:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 07:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 04:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 19:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 20:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 14:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 15:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2012/06/25 13:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/03/31 02:49:08 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/02/11 17:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPDTDFJS
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{84B29D74-CDD6-47A8-9ECE-278809800D63}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
IE - HKLM\..\SearchScopes,DefaultScope = {632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPDTDFJS
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKLM\..\SearchScopes\{84B29D74-CDD6-47A8-9ECE-278809800D63}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPDSK13/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
IE - HKCU\..\SearchScopes,DefaultScope = {632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPDTDFJS
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKCU\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKCU\..\SearchScopes\{84B29D74-CDD6-47A8-9ECE-278809800D63}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0
FF - prefs.js..browser.search.selectedEngine: "Microsoft (Bing)"
FF - prefs.js..browser.search.defaultengine: "Microsoft (Bing)"
FF - prefs.js..browser.search.defaultenginename: "Microsoft (Bing)"
FF - prefs.js..browser.search.defaultthis.engineName: "Microsoft (Bing)"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search"
FF - prefs.js..browser.search.order.1: "Microsoft (Bing)"
FF - prefs.js..keyword.URL: "http://www.bing.com/search"
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?pc=AV01"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@startmeeting.com/launcher: C:\Users\Martha\AppData\Local\SMPlugins\npsmlauncher.dll (Start Meeting)
FF - HKCU\Software\MozillaPlugins\gamevenus.com/CertifiedBrowser: C:\Users\Martha\AppData\Roaming\GVU Technologies\YouTubeDownloaderConverter\npCertifiedBrowser.dll (GVU Technologies)
FF - HKCU\Software\MozillaPlugins\hp.com/HPDetect: C:\Users\Martha\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected]\ [2014/01/13 21:49:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected]\ [2014/01/13 21:49:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/07/04 00:38:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
 
[2014/05/09 14:11:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martha\AppData\Roaming\mozilla\Extensions
[2014/05/09 14:19:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martha\AppData\Roaming\mozilla\Firefox\Profiles\ad89ajwx.default\extensions
[2014/07/04 00:44:49 | 000,005,830 | ---- | M] () -- C:\Users\Martha\AppData\Roaming\mozilla\firefox\profiles\ad89ajwx.default\searchplugins\bing-avast.xml
[2014/05/09 14:10:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/09 14:10:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Ixquick (Enabled)
CHR - default_search_provider: search_url = http://ixquick.com/d...anguage=english
CHR - default_search_provider: suggest_url = ,
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Freemake Video Downloader = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\
CHR - Extension: Google Search = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: LastPass: Free Password Manager = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.1.41_0\
CHR - Extension: Skype Click to Call = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15747.10003_0\
CHR - Extension: Google Wallet = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/08/22 09:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [FreeScreenSharing] C:\Users\Martha\AppData\Local\FreeScreenSharing\FreeScreenSharing.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: LastPass - file://C:\Users\Martha\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Users\Martha\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: LastPass - file://C:\Users\Martha\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Martha\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9:64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{29B5CF79-3278-41A1-86F5-B3673D2C956F}: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBC4812E-DD0B-4C8B-9F7F-46C2962A294B}: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/04 00:39:21 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Roaming\AVAST Software
[2014/07/04 00:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/07/04 00:38:14 | 001,041,168 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2014/07/04 00:38:14 | 000,427,360 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys
[2014/07/04 00:38:14 | 000,426,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys.1404491910000
[2014/07/04 00:38:14 | 000,093,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2014/07/04 00:38:14 | 000,092,008 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2014/07/04 00:38:14 | 000,079,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2014/07/04 00:38:11 | 000,307,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2014/07/04 00:38:00 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/07/04 00:36:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/07/04 00:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/07/02 00:08:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/07/01 18:08:04 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/01 18:07:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/01 18:07:29 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/07/01 18:07:29 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014/07/01 18:07:29 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/07/01 18:07:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/07/01 18:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/06/21 19:58:34 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Roaming\Oracle
[2014/06/21 18:56:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/06/21 18:56:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/06/21 18:56:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/06/19 23:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2014/06/19 23:12:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2014/06/19 22:49:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014/06/19 22:49:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014/06/19 22:49:33 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/06/19 22:49:33 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/06/19 22:49:33 | 000,000,000 | ---D | C] -- C:\inetpub
[2014/06/19 20:24:00 | 000,000,000 | R--D | C] -- C:\Users\Martha\OneDrive
[2014/06/19 20:19:06 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Roaming\Identities
[2014/06/19 20:19:02 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\assembly
[2014/06/19 19:28:44 | 000,000,000 | --SD | C] -- C:\Users\Martha\AppData\Roaming\Microsoft
[2014/06/19 19:28:44 | 000,000,000 | R--D | C] -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/06/19 19:28:44 | 000,000,000 | R--D | C] -- C:\Users\Martha\Favorites
[2014/06/19 19:28:44 | 000,000,000 | R--D | C] -- C:\Users\Martha\Documents
[2014/06/19 19:28:44 | 000,000,000 | R--D | C] -- C:\Users\Martha\Desktop
[2014/06/19 19:28:44 | 000,000,000 | R--D | C] -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/06/19 19:28:44 | 000,000,000 | R--D | C] -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\AppData\Local\Temporary Internet Files
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Templates
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Start Menu
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\SendTo
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Recent
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\PrintHood
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\NetHood
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Documents\My Videos
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Documents\My Pictures
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Documents\My Music
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\My Documents
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Local Settings
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\AppData\Local\History
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Cookies
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Application Data
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\AppData\Local\Application Data
[2014/06/19 19:28:44 | 000,000,000 | -H-D | C] -- C:\Users\Martha\AppData
[2014/06/19 19:28:44 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\Temp
[2014/06/19 19:28:44 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\Microsoft
[2014/06/19 19:28:44 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/06/19 19:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2014/06/19 19:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014/06/19 19:16:31 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/06/19 19:16:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2014/06/19 19:16:14 | 000,000,000 | ---D | C] -- C:\AMD
[2014/06/19 19:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2014/06/19 19:14:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014/06/18 00:50:50 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Roaming\HewlettPackard
[2014/06/17 17:48:51 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2014/06/17 17:44:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2014/06/17 09:55:48 | 000,870,104 | ---- | C] (Realtek                                            ) -- C:\WINDOWS\SysNative\drivers\Rt630x64.sys
[2014/06/13 00:00:06 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{13306DD2-7085-44C2-A60E-2A6E4009EDCF}
[2014/06/10 00:52:46 | 000,129,536 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\coinst_13.251.9001.dll
[2014/06/10 00:52:34 | 000,190,976 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atitmm64.dll
[2014/06/10 00:52:30 | 000,588,288 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atieclxx.exe
[2014/06/10 00:52:30 | 000,239,616 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atiesrxx.exe
[2014/06/10 00:52:30 | 000,031,232 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atimuixx.dll
[2014/06/10 00:52:24 | 000,063,488 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2014/06/10 00:52:24 | 000,057,344 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2014/04/10 23:43:38 | 014,883,840 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/07 22:38:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\HP Photo Creations Communicator.job
[2014/07/07 22:27:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/07 20:31:14 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/07 18:25:26 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForMartha.job
[2014/07/07 18:23:23 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/07/07 18:23:20 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/07 18:19:26 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/07/04 12:38:30 | 000,427,360 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys
[2014/07/04 00:44:49 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/07/04 00:38:54 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/07/04 00:38:04 | 001,041,168 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2014/07/04 00:38:04 | 000,426,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys.1404491910000
[2014/07/04 00:38:04 | 000,224,896 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2014/07/04 00:38:04 | 000,092,008 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2014/07/04 00:38:04 | 000,079,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2014/07/04 00:38:04 | 000,065,776 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2014/07/04 00:38:04 | 000,029,208 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2014/07/04 00:38:03 | 000,307,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2014/07/04 00:38:02 | 000,093,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2014/07/04 00:38:00 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/07/01 20:07:07 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/07/01 20:07:04 | 3075,129,344 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/01 18:07:52 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/23 12:20:07 | 000,001,310 | ---- | M] () -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2014/06/21 19:59:07 | 000,956,476 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/06/21 19:59:07 | 000,794,884 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/06/21 19:59:07 | 000,161,140 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/06/19 23:04:34 | 000,387,210 | ---- | M] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/06/19 19:58:21 | 000,041,913 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2014/06/19 19:58:21 | 000,041,913 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2014/06/19 19:57:53 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/06/19 19:45:29 | 000,419,792 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/06/19 19:22:35 | 000,930,400 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/06/19 19:16:17 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/06/19 19:16:05 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2014/06/17 09:55:07 | 000,870,104 | ---- | M] (Realtek                                            ) -- C:\WINDOWS\SysNative\drivers\Rt630x64.sys
[2014/06/10 00:52:46 | 000,230,912 | ---- | M] () -- C:\WINDOWS\SysNative\clinfo.exe
[2014/06/10 00:52:46 | 000,129,536 | ---- | M] (AMD) -- C:\WINDOWS\SysNative\coinst_13.251.9001.dll
[2014/06/10 00:52:38 | 000,234,036 | ---- | M] () -- C:\WINDOWS\SysNative\ativvaxy_cik.dat
[2014/06/10 00:52:38 | 000,233,776 | ---- | M] () -- C:\WINDOWS\SysNative\ativvaxy_cik_nd.dat
[2014/06/10 00:52:38 | 000,204,952 | ---- | M] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2014/06/10 00:52:38 | 000,204,952 | ---- | M] () -- C:\WINDOWS\SysNative\ativvsvl.dat
[2014/06/10 00:52:38 | 000,157,144 | ---- | M] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2014/06/10 00:52:38 | 000,157,144 | ---- | M] () -- C:\WINDOWS\SysNative\ativvsva.dat
[2014/06/10 00:52:38 | 000,083,552 | ---- | M] () -- C:\WINDOWS\SysNative\ativce02.dat
[2014/06/10 00:52:36 | 003,461,040 | ---- | M] () -- C:\WINDOWS\SysWow64\atiumdva.cap
[2014/06/10 00:52:36 | 003,426,688 | ---- | M] () -- C:\WINDOWS\SysNative\atiumd6a.cap
[2014/06/10 00:52:34 | 000,190,976 | ---- | M] (AMD) -- C:\WINDOWS\SysNative\atitmm64.dll
[2014/06/10 00:52:34 | 000,003,917 | ---- | M] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2014/06/10 00:52:34 | 000,003,917 | ---- | M] () -- C:\WINDOWS\SysNative\atipblag.dat
[2014/06/10 00:52:32 | 000,047,887 | ---- | M] () -- C:\WINDOWS\atiogl.xml
[2014/06/10 00:52:30 | 000,721,296 | ---- | M] () -- C:\WINDOWS\SysNative\atiicdxx.dat
[2014/06/10 00:52:30 | 000,588,288 | ---- | M] (AMD) -- C:\WINDOWS\SysNative\atieclxx.exe
[2014/06/10 00:52:30 | 000,239,616 | ---- | M] (AMD) -- C:\WINDOWS\SysNative\atiesrxx.exe
[2014/06/10 00:52:30 | 000,031,232 | ---- | M] (AMD) -- C:\WINDOWS\SysNative\atimuixx.dll
[2014/06/10 00:52:24 | 001,187,342 | ---- | M] () -- C:\WINDOWS\SysNative\amdocl_as64.exe
[2014/06/10 00:52:24 | 001,061,902 | ---- | M] () -- C:\WINDOWS\SysNative\amdocl_ld64.exe
[2014/06/10 00:52:24 | 000,995,342 | ---- | M] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2014/06/10 00:52:24 | 000,798,734 | ---- | M] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2014/06/10 00:52:24 | 000,550,464 | ---- | M] () -- C:\WINDOWS\SysWow64\atiapfxx.blb
[2014/06/10 00:52:24 | 000,550,464 | ---- | M] () -- C:\WINDOWS\SysNative\atiapfxx.blb
[2014/06/10 00:52:24 | 000,063,488 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2014/06/10 00:52:24 | 000,057,344 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2014/06/10 00:52:18 | 000,412,672 | ---- | M] () -- C:\WINDOWS\SysNative\amdmiracast.dll
[2014/06/10 00:52:18 | 000,134,656 | ---- | M] () -- C:\WINDOWS\SysNative\amdhdl64.dll
[2014/06/10 00:52:18 | 000,123,392 | ---- | M] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
 
========== Files Created - No Company Name ==========
 
[2014/07/04 00:38:54 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/07/04 00:38:14 | 000,224,896 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2014/07/04 00:38:14 | 000,065,776 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2014/07/04 00:38:14 | 000,029,208 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2014/07/01 18:07:52 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/19 23:04:34 | 000,387,210 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/06/19 20:19:12 | 000,001,444 | ---- | C] () -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/06/19 19:57:53 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/06/19 19:41:41 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2014/06/19 19:28:44 | 000,000,369 | ---- | C] () -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2014/06/19 19:28:44 | 000,000,369 | ---- | C] () -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2014/06/19 19:28:44 | 000,000,352 | ---- | C] () -- C:\Users\Martha\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/06/19 19:28:44 | 000,000,334 | ---- | C] () -- C:\Users\Martha\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/06/19 19:28:19 | 000,041,913 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2014/06/19 19:28:19 | 000,041,913 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2014/06/19 19:22:35 | 000,930,400 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/06/19 19:16:17 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/06/19 19:16:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2014/06/10 00:52:46 | 000,230,912 | ---- | C] () -- C:\WINDOWS\SysNative\clinfo.exe
[2014/06/10 00:52:38 | 000,234,036 | ---- | C] () -- C:\WINDOWS\SysNative\ativvaxy_cik.dat
[2014/06/10 00:52:38 | 000,233,776 | ---- | C] () -- C:\WINDOWS\SysNative\ativvaxy_cik_nd.dat
[2014/06/10 00:52:38 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2014/06/10 00:52:38 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysNative\ativvsvl.dat
[2014/06/10 00:52:38 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2014/06/10 00:52:38 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysNative\ativvsva.dat
[2014/06/10 00:52:38 | 000,083,552 | ---- | C] () -- C:\WINDOWS\SysNative\ativce02.dat
[2014/06/10 00:52:36 | 003,461,040 | ---- | C] () -- C:\WINDOWS\SysWow64\atiumdva.cap
[2014/06/10 00:52:36 | 003,426,688 | ---- | C] () -- C:\WINDOWS\SysNative\atiumd6a.cap
[2014/06/10 00:52:34 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2014/06/10 00:52:34 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysNative\atipblag.dat
[2014/06/10 00:52:32 | 000,047,887 | ---- | C] () -- C:\WINDOWS\atiogl.xml
[2014/06/10 00:52:30 | 000,721,296 | ---- | C] () -- C:\WINDOWS\SysNative\atiicdxx.dat
[2014/06/10 00:52:24 | 001,187,342 | ---- | C] () -- C:\WINDOWS\SysNative\amdocl_as64.exe
[2014/06/10 00:52:24 | 001,061,902 | ---- | C] () -- C:\WINDOWS\SysNative\amdocl_ld64.exe
[2014/06/10 00:52:24 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2014/06/10 00:52:24 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2014/06/10 00:52:24 | 000,550,464 | ---- | C] () -- C:\WINDOWS\SysWow64\atiapfxx.blb
[2014/06/10 00:52:24 | 000,550,464 | ---- | C] () -- C:\WINDOWS\SysNative\atiapfxx.blb
[2014/06/10 00:52:18 | 000,412,672 | ---- | C] () -- C:\WINDOWS\SysNative\amdmiracast.dll
[2014/06/10 00:52:18 | 000,134,656 | ---- | C] () -- C:\WINDOWS\SysNative\amdhdl64.dll
[2014/06/10 00:52:18 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2014/03/18 06:13:28 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 06:13:03 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/02/11 01:39:49 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/10/17 21:39:23 | 000,188,041 | ---- | C] () -- C:\WINDOWS\hpoins13.dat
[2013/10/17 21:39:23 | 000,000,462 | ---- | C] () -- C:\WINDOWS\hpomdl13.dat
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/09/11 10:34:27 | 000,000,141 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2012/07/25 16:22:54 | 000,982,240 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng500.bin
[2012/07/25 16:22:54 | 000,439,308 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng500.bin
[2012/07/25 16:22:54 | 000,092,356 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg500m.bin
 
========== ZeroAccess Check ==========
 
[2014/06/19 20:27:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/19 22:55:58 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/19 22:55:59 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/07/04 00:39:21 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\AVAST Software
[2014/05/20 10:27:38 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\ESET
[2014/03/23 23:34:21 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\GVU Technologies
[2014/06/18 00:50:50 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\HewlettPackard
[2014/06/21 19:58:34 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\Oracle
[2014/02/12 02:30:29 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\Visan
[2013/11/19 21:21:23 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\WinBatch
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 969 bytes -> C:\Users\Martha\Documents\ME Trng_ Thurs_ 6_14_07 w_Mike Harris on NM HAP Tips.eml:OECustomProperty
@Alternate Data Stream - 935 bytes -> C:\Users\Martha\Documents\KTFA26 4_5_2012___Frank's Post.eml:OECustomProperty
@Alternate Data Stream - 809 bytes -> C:\Users\Martha\Documents\RE_ Request Rental Agreement.eml:OECustomProperty
@Alternate Data Stream - 220 bytes -> C:\Users\Martha\OneDrive:ms-properties
 
< End of report >
 

==========================================================

OTL Extras logfile created on: 7/7/2014 10:39:15 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Martha\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.58 Gb Total Physical Memory | 1.77 Gb Available Physical Memory | 49.49% Memory free
4.54 Gb Paging File | 1.39 Gb Available in Paging File | 30.66% Paging File free
Paging file location(s): c:\pagefile.sys 400 4096 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444.06 Gb Total Space | 388.04 Gb Free Space | 87.38% Space Free | Partition Type: NTFS
Drive D: | 19.78 Gb Total Space | 2.47 Gb Free Space | 12.50% Space Free | Partition Type: NTFS
 
Computer Name: HP-ALLINONE | User Name: Martha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{032D7F2E-8BD8-4FB5-B9B8-29DC359F9CC8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{0F793E1E-12B1-4CE3-BBBC-196A8F03BE3F}" = lport=53000 | protocol=6 | dir=in | name=hpconnectedremoteservice.exe | 
"{3BB36859-ADA2-4D89-98CD-2860E71A307C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{3EE68057-F53F-412A-9347-3E9873626B12}" = lport=137 | protocol=17 | dir=in | app=system | 
"{41FC3918-E3FB-47B6-9919-4F91B2FDB869}" = rport=445 | protocol=6 | dir=out | app=system | 
"{4E756C92-2C4C-4788-B49F-64D12993C49D}" = lport=139 | protocol=6 | dir=in | app=system | 
"{558EA4DE-17E8-47F6-AEFD-E3872752EDBE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{58BDF63F-15C4-4CC5-A983-33101283B822}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5F12DB81-70F6-4486-B4E3-1E3BFD60978A}" = lport=138 | protocol=17 | dir=in | app=system | 
"{6AB42A46-DAD7-4DA4-B948-9C080DAA4D8D}" = lport=445 | protocol=6 | dir=in | app=system | 
"{A744538B-B84B-471B-B68C-4E6F21370777}" = rport=139 | protocol=6 | dir=out | app=system | 
"{B4D3A582-EA0E-41E8-A0F6-9E6C56535C05}" = lport=52000 | protocol=6 | dir=in | name=hpconnectedremoteuser.exe | 
"{BEE23A29-7BD2-4B86-AD8D-2D082180F516}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 
"{C529BBA2-7A15-402F-AE65-C938003A055E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CA9C465A-8439-42BA-B896-76837F884960}" = rport=137 | protocol=17 | dir=out | app=system | 
"{F7ECDB0A-017A-425C-A469-0E18A96C787C}" = rport=138 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003731ED-2AC6-433B-B6E6-CC15F1105CAE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe | 
"{02432335-F09D-42ED-8E25-06B960576148}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{04635C93-071E-43CA-995F-3DA54136D9D8}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{05B8D536-EFEB-4F15-A868-6883B7CFCEE2}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{0735F07E-56C1-4FE9-A2FD-55C9764D4759}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{07DDDA9B-7A30-4220-8CDE-93FFCCD535FF}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{095ECD38-2BA2-4299-9AC1-E5B7E3C3CA9B}" = dir=in | name=juniper networks junos pulse | 
"{099A951B-7471-4159-9252-AE83BB3C3434}" = dir=out | name=hp connected photo | 
"{0D3D0362-3BFA-42D2-A8E7-80C3C041B2FE}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{0FC001B5-97A3-43D8-B250-53A97F19A1FF}" = dir=out | name=hp connected photo powered by snapfish | 
"{1278777A-6EDE-486D-B789-DC49B0473C11}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{17687C2C-CE4B-4EE1-AEA1-EB3CD1C1AB5F}" = dir=out | name=sonicwall mobile connect | 
"{1AF7E26B-D430-49FF-B8FA-A959A3EC49DE}" = dir=out | name=@{microsoft.bingtravel_2.0.0.319_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{1B9DAF62-9AEA-45A8-BF63-2BB9A9EC2F1D}" = dir=out | name=iheartradio | 
"{1D594954-9061-4D1C-BD47-2D38DEFEF2DC}" = dir=out | name=skype | 
"{1EBD65FB-BBEF-4F62-ACCC-7F56716F13F4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe | 
"{22C28C0D-01A2-4241-869F-C8411A0CB5E8}" = dir=out | name=getting started with windows 8 | 
"{24AC7C12-76EE-4755-98A9-56C0CC0A0329}" = dir=out | name=skype | 
"{261379EE-DACD-4B61-9F8A-BF6F93F7DF35}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{2671F4C4-09E8-48CF-808F-0F2DACD0CB2C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{26CB6A55-9E39-4435-81D3-0288B5162DB0}" = dir=out | name=microsoft solitaire collection | 
"{27F4866A-85A9-4CBE-B396-6FD538FC22F3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{28B16984-7E2A-4472-B6F4-EC7AD84DBBAB}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{29A901F6-2B06-40C1-9ECC-D5FE9AD9B9A3}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{29FCBA5A-59E6-4C93-9FB4-4A125BAFD616}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{2A6770F4-6973-4A9F-8FF9-F78FA8F97200}" = protocol=1 | dir=out | [email protected],-28544 | 
"{2BB29776-E03C-489E-998B-7B6DF3E02309}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{300BC644-B453-4D1D-B8FF-FA9932038530}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{3046BF50-389A-4981-8F51-DD9091AE9D12}" = protocol=6 | dir=in | app=c:\users\martha\appdata\local\temp\7zs6e8d\hpdiagnosticcoreui.exe | 
"{31825145-1E09-406E-A056-002B1B9F6B8A}" = dir=out | name=kindle | 
"{332A5005-E439-4970-B6C6-60D45D5DF71D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{3776EEEF-2B1F-4746-8C0D-04709652CCBE}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{38A681A5-B676-439E-84AE-A97A18701C6C}" = dir=in | name=hp+ | 
"{3D2D5B76-B58F-42FE-86A4-805FBAD423E5}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{3F163FA7-9D4A-4A92-87F0-F34F8E93EF2E}" = dir=out | name=@{microsoft.bingsports_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{4009CA69-B2DC-4101-8217-BB0142B5958F}" = dir=out | name=iheartradio | 
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | 
"{42990CA0-74E5-4B89-B678-F82C49DF84B8}" = dir=in | name=kindle | 
"{494BB1F2-314F-487C-A0E3-0C88558F24E9}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{4B632657-F4F5-4906-91A1-693E11C8951E}" = dir=out | name=juniper networks junos pulse | 
"{4C810558-9DEE-4A3C-91AB-234FFAEE0C73}" = dir=out | name=@{microsoft.bingweather_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{4CEDB935-AA24-4E62-93B0-DBC9AAAB1519}" = dir=out | name=netflix | 
"{4DFA2942-47B6-407C-835A-0444BFBF1172}" = dir=out | name=onenote | 
"{4E62BF99-0C5A-4FFC-AEE4-ADCFB822BADE}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{4F96DD75-042B-4D27-9B4A-E73A617C4419}" = dir=out | name=microsoft mahjong | 
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | 
"{57725EBB-A01E-4F18-830E-30E1B68C9AB8}" = dir=out | name=ebay | 
"{592C18E1-0E01-42C6-BFA3-47853DD2D1F8}" = protocol=17 | dir=in | name=hpconnectedremoteservice.exe | 
"{5B31BA36-9CE5-4180-83EB-F0F5C31C581D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | 
"{5EBB718A-3FD4-488D-827B-BE2DCB9F1A00}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{5F0B061F-74AB-46A7-AA55-5DA60E86BD74}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | 
"{5F9A12C9-ACE9-4D55-8E84-544ADA363DD1}" = dir=in | name=check point vpn | 
"{62D178E2-FE67-4D44-890B-6111A6BA51CC}" = dir=out | name=@{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | 
"{64F6D659-3D6F-4208-AB6E-DC0B17DDBA5C}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{671DE153-0417-4311-A4BE-22D963989D46}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{69C2AC13-A156-4E5E-8E2E-BC697CB57338}" = dir=out | name=@{microsoft.zunevideo_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{6A5004B5-47B4-438F-A96B-3D8E23F2880B}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{6C379F8F-431D-41C3-8B9C-A19A1EFCFCC5}" = protocol=58 | dir=out | [email protected],-28546 | 
"{6D71E33B-010D-4187-9280-DF475BC2AB54}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{6D799BBA-EE5D-4F01-8D9A-D50442D12B0D}" = dir=out | name=@{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | 
"{6DAC5EFC-753F-4767-B079-1763C82E2EB5}" = dir=in | name=skype | 
"{6EF9C444-DA06-42F9-A182-356BFB17598D}" = dir=in | name=skype | 
"{763EFF93-D1F6-4F2E-ABDE-FBCA4E7C3C0C}" = dir=out | name=@{microsoft.zunemusic_2.2.903.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{7911955B-65BA-4B79-9CE5-6D9160AA0AC7}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{82A4D273-5E23-4EDA-A39C-EB496B827AC8}" = dir=in | name=microsoft solitaire collection | 
"{87010DB7-297E-435E-AB81-7C0757767CAC}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe | 
"{8723FBDC-51FA-4EF9-98D2-E3FB5E3C7A88}" = protocol=17 | dir=in | app=c:\users\martha\appdata\local\temp\7zs6e8d\hpdiagnosticcoreui.exe | 
"{8C2DEFF9-DE45-4C92-8AAF-9CA5B5C23245}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{8EB37856-4833-4BE2-B923-505481E633F9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{90E84140-54EB-4410-A071-6714047FA80A}" = dir=out | name=@{microsoft.zunemusic_1.5.216.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{918E93F7-3C28-4BE3-A294-9764706BFC6E}" = dir=out | name=@{microsoft.zunevideo_1.5.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{943F4962-36AD-4C6E-9C10-245BAA81D111}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{985E8C32-4786-4B1D-82E7-35640407B158}" = dir=out | name=netflix | 
"{9905DFF2-DD7D-4088-91EF-7133AECBE0E4}" = dir=in | name=sonicwall mobile connect | 
"{99C0597C-ED61-4DA1-B8B0-7F594C5B3538}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{9A38437B-2DDC-4B2B-8D31-49DBBDE72C74}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{9CF6D748-0603-4768-939B-C4F9D125D8A9}" = dir=out | name=check point vpn | 
"{9E375920-7D83-4D89-8AFD-36ADE6A032CC}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{9F2AE01E-6C45-4557-97A3-A0832A26FD38}" = dir=in | name=@{ad2f1837.gettingstartedwithwindows8_1.5.3.1_neutral__v10z8vjag6ke6?ms-resource://ad2f1837.gettingstartedwithwindows8/resources/id_app_title} | 
"{A04CAF81-2D19-4627-9545-0B2D7CE54C2F}" = dir=out | name=kindle | 
"{A549F8E4-92D7-4EBF-BC39-4099334ECD00}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{A56F3737-A2AB-4F4B-B77A-15E1B2DA81D2}" = dir=out | name=microsoft solitaire collection | 
"{A8AE72E9-8645-45E3-A06A-52111DD23214}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{A96CD638-3E3B-4BD0-AF23-A0552EC832EA}" = protocol=58 | dir=in | [email protected],-28545 | 
"{AEA414F7-2933-4206-8798-8E015E7920E6}" = dir=in | name=microsoft mahjong | 
"{B4BEF396-A268-4402-903C-822652D95CDF}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{B53C7172-6AFC-4D72-A162-F16912A1A45F}" = dir=out | name=norton studio | 
"{B6D693E7-D84F-46D9-A816-DE973D437AF7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{B89E879D-BD98-4D5F-96F2-FD6D2D8DC482}" = dir=out | name=hp+ | 
"{B9FEC07A-AFE6-4508-92D7-6A86909D592E}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe | 
"{BA705673-ED16-4F9D-A5AA-1C0E57ED8CF9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{BD17FD9D-1D83-459C-8B59-AFA2F1A44C0A}" = protocol=1 | dir=in | [email protected],-28543 | 
"{C26A7F23-D9DB-498A-8551-28386F2BCFFD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{C5E46710-C978-4840-A3F3-7AA22903CB1F}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{C722ABF2-8C85-4E1A-B2AD-86EE7BD2C7CA}" = dir=out | name=@{ad2f1837.gettingstartedwithwindows8_1.5.3.1_neutral__v10z8vjag6ke6?ms-resource://ad2f1837.gettingstartedwithwindows8/resources/id_app_title} | 
"{C76819FE-B426-4CC8-9FBC-CF2AE3FFB7F7}" = dir=out | name=@{microsoft.bingnews_3.0.2.261_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | 
"{CA4A31C3-023F-4CDA-9869-4FD4FBA1963D}" = protocol=17 | dir=in | app=c:\users\martha\appdata\local\temp\7zs0ade\hpdiagnosticcoreui.exe | 
"{CAF3A69C-3E69-4D65-B619-51305B6B0FAD}" = dir=out | name=ebay | 
"{CD51ABDF-3E0A-4435-8924-427D233040C9}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{D38A3C31-DFEA-450E-BE56-AEDECEEDC9CF}" = dir=in | name=onenote | 
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | 
"{D6B8CD45-143A-4180-8E67-9AC6D87D21FD}" = dir=out | name=@{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{DB54BD9C-A9CA-4720-9FD0-36BA7E8AB2E9}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | 
"{DF7C7C91-F03B-4A1D-9F4D-9744EF73E054}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{E08A68A7-7EC0-48B6-AF24-6214682EDFFE}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{E1BF2165-31CB-4596-8351-F4CCA7C03C31}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{E1F6ACEC-78DB-4AF1-8EB5-A2D3B8912A24}" = dir=in | name=ebay | 
"{E3601F1A-1CAC-4E87-9641-B2CA5140A6AE}" = dir=out | name=windows_ie_ac_001 | 
"{E4B7AFB2-B526-422D-8EC4-EDAB0AB56262}" = dir=out | name=hp registration | 
"{E5B29156-E424-4DFA-93E7-A4ADC7400BB8}" = dir=out | name=hp registration | 
"{E66714BC-05EA-446C-8159-8BAA5AD193B6}" = dir=out | name=microsoft mahjong | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{E7C892FB-F2D2-4CD1-8906-4385494D02D2}" = dir=in | name=f5 vpn | 
"{E8996564-BED3-4E5D-9C56-EA5A5FB7A7D6}" = dir=out | name=hp+ | 
"{EA6AD8A9-6946-4138-B752-25F78D0E562E}" = dir=out | name=windows_ie_ac_001 | 
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | 
"{ED2EFA03-CEE0-4C94-A95F-431DA24A80AD}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{EF5E8ADD-E87E-41E4-A84A-E01EC91F7457}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{F06871F3-B488-4261-A18B-1C0415E373A3}" = dir=out | name=f5 vpn | 
"{F0EFD3E8-C0BF-4B2E-B3CC-B7BDE4EAC75A}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{F3BB0ADF-FBEB-4317-906C-76F57CD17DFC}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{F570C76F-4F05-4F93-BAA6-E9F7AD1D27A5}" = protocol=6 | dir=in | app=c:\users\martha\appdata\local\temp\7zs0ade\hpdiagnosticcoreui.exe | 
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | 
"{F6454B74-A3E3-44DF-A3BF-0D94B8B7B86B}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{F6690854-411C-4977-BBDA-1A421B57D95E}" = dir=in | name=hp connected photo | 
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | 
"{F79E1BD5-20B4-415C-96F6-2C459403E11A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{FC1BCD8E-088B-4A16-A03F-86B3A6960B9B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{FD2D3E22-B5EA-43F2-9F16-189C7703C3EF}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | 
"{FD751B07-BAB2-4555-8862-EFB538FDB807}" = dir=out | name=norton studio | 
"{FDE4AA63-4DBD-437C-A85F-F353AC65A535}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"TCP Query User{0567D287-1638-4E07-BB66-BC2EEE297C78}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{9F622C71-E89F-4795-8DFA-EF9C1F343CF0}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"UDP Query User{E0ECB194-8074-4738-92DB-227DB989E14E}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"UDP Query User{FA82DE6F-9BE6-4059-A897-A7A93953CCA6}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0FA995CC-C849-4755-B14B-5404CC75DC24}" = Energy Star
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{276C40A7-8110-4976-80D2-39C669B84D32}" = HP Photosmart C4200 All-In-One Driver Software 14.0 Rel. 6
"{2E58F5E0-B5EF-844C-5B18-4C21F800CAD6}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5C76ED0D-0F6F-4985-8B34-F9AE7834848F}" = HP Unified IO
"{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}" = AMD Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{E3047FA0-2D6B-4BD6-8CD4-599955F1CE9D}" = Microsoft Mouse and Keyboard Center
"{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}" = HP Registration Service
"{E9F0BCD8-6BD5-1ED7-EDA3-9FCF2A478AA1}" = Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64)
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"Shop for HP Supplies" = Shop for HP Supplies
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{09BE17DC-59D2-FD28-371D-DCE0AE76CE75}" = CCC Help Korean
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}" = Realtek PCIE Card Reader
"{104D7F23-A414-EE6D-315E-A07CB75ADEEE}" = CCC Help English
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A7CF3BE-0D4A-33DF-DFD9-824487726365}" = CCC Help German
"{1BC4C58D-D726-172B-DA2C-BBE6AE5DEB76}" = CCC Help Finnish
"{1E6AF4B4-0910-4821-CB20-F8FD7AA09CCB}" = CCC Help Russian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}" = HP ePrint
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2E2526C8-51A8-F6EB-8289-6787E880CE27}" = Catalyst Control Center Localization All
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{574F0207-8E98-46CD-8F79-318348C98C46}" = HP Quick Start
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AD25D5C-C813-146B-4FB0-76561F7875B7}" = CCC Help Hungarian
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5B4886EE-5A95-C257-A68F-2DCADE47A273}" = CCC Help Norwegian
"{5DB58618-7021-C650-EE8A-58CD1FAA95F9}" = CCC Help Thai
"{5F5ACD0C-A454-32A7-E206-EE89B1510128}" = CCC Help Danish
"{60D5EE24-2C43-45EF-87D4-C35EA2101878}" = PS_AIO_Software_min
"{67087BB4-19B4-C169-3E52-2BED796D8AB3}" = CCC Help Swedish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AE04BB9-A455-16ED-5806-DCFBB14505D6}" = CCC Help Dutch
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7474548C-E456-4818-8ED0-4A1F00EF77A1}" = Catalyst Control Center - Branding
"{76DFBEB9-9E55-8CC6-B99A-9CEFAC573A1F}" = CCC Help Spanish
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{839D1577-5415-6C89-6642-515DFFE6432F}" = CCC Help Czech
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84B13BF6-F7AF-198E-0E77-DCA4027B9D19}" = CCC Help Japanese
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT5390R 802.11bgn Wi-Fi Adapter
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{974A1DB5-D3B2-4491-B28F-3AA4045DBCE4}" = YouTubeDownloaderConverter
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B2FBA60-AF4A-11DD-AD8B-0800200C9A66}" = LiveUpload to YouTube
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A666A6E7-3A51-E289-559B-BF3486036ABF}" = CCC Help Turkish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{ABA39912-380C-0EF3-C820-868115EB1DAC}" = Catalyst Control Center InstallProxy
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{AC7A441A-353F-75F6-6ABA-3BF98161B530}" = CCC Help Greek
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B2B7B1C8-7C8B-476C-BE2C-049731C55992}" = HP Support Information
"{B6480ED1-448E-813B-4FE0-BED811D1C01F}" = CCC Help French
"{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BDBF9803-B57C-AB2A-8830-CBED34703840}" = Catalyst Control Center Graphics Previews Common
"{BFB6DE5F-9BEA-1FBB-3584-2C78639CE59A}" = CCC Help Polish
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C5D59EB4-AE43-449C-80BF-C8DFC99FB36A}" = C4200
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCCDD476-98F9-4B06-91DB-23F27CEC3BE1}" = HPDetect
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DD35ECFB-5C95-398B-CAFA-B5E8881363C3}" = CCC Help Italian
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E65CA2A8-1F2A-4400-AE55-FFD43D3B6980}" = c4200_Help
"{E8406BA9-5D47-4A62-08C3-759EA677229A}" = AMD VISION Engine Control Center
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1390872-2500-4408-A46C-CD16C960C661}" = HP Unified IO
"{F193812F-83C0-3CED-1EDE-BE2525267303}" = CCC Help Chinese Traditional
"{F243A34B-AB7F-4065-B770-B85B767C247C}" = HP Connected Remote
"{F2456876-05A8-440D-83D1-7BA229F68411}_is1" = Unseen App version 0.1.6
"{F754BC24-2C04-F76E-C403-0175F0954560}" = CCC Help Chinese Standard
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FC62C740-2339-618C-467B-36CE6D409E5F}" = CCC Help Portuguese
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Avast" = avast! Free Antivirus
"Freemake Video Downloader_is1" = Freemake Video Downloader
"Freemake Youtube Mp3 Converter_is1" = Freemake Youtube Mp3 Converter
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"LastPass" = LastPass (uninstall only)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Mozilla Firefox 29.0 (x86 en-US)" = Mozilla Firefox 29.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"StartHPConnectedMusic" = HP Connected Music (Meridian - installer)
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FreeScreenSharing" = FreeScreenSharing
"HPConnectedMusic" = HP Connected Music (Meridian - player)
"StartMeeting" = StartMeeting
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 7/2/2014 4:35:05 AM | Computer Name = HP-AllinOne | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Users\Martha\Downloads\esetsmartinstaller_enu.exe".Error
 in manifest or policy file "" on line .  A component version required by the application
 conflicts with another component version already active.  Conflicting components 
are:.  Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component
 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error - 7/2/2014 10:37:28 AM | Computer Name = HP-AllinOne | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with
 error: -2147417836 See the Microsoft-Windows-TWinUI/Operational log for additional
 information.
 
Error - 7/2/2014 10:37:28 AM | Computer Name = HP-AllinOne | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with
 error: -2147417836 See the Microsoft-Windows-TWinUI/Operational log for additional
 information.
 
Error - 7/3/2014 10:30:36 AM | Computer Name = HP-AllinOne | Source = Microsoft-Windows-Spell-Checking | ID = 30
Description = Spell checking provider returned error indexes out of the string boundaries.
 This indicates that the provider either has a bug or that it is malicious.
 
Error - 7/3/2014 10:30:36 AM | Computer Name = HP-AllinOne | Source = Microsoft-Windows-Spell-Checking | ID = 30
Description = Spell checking provider returned error indexes out of the string boundaries.
 This indicates that the provider either has a bug or that it is malicious.
 
Error - 7/3/2014 10:30:36 AM | Computer Name = HP-AllinOne | Source = Microsoft-Windows-Spell-Checking | ID = 30
Description = Spell checking provider returned error indexes out of the string boundaries.
 This indicates that the provider either has a bug or that it is malicious.
 
Error - 7/3/2014 11:56:09 AM | Computer Name = HP-AllinOne | Source = Application Error | ID = 1000
Description = Faulting application name: wwahost.exe, version: 6.3.9600.17031, time
 stamp: 0x53085904  Faulting module name: ntdll.dll, version: 6.3.9600.17031, time
 stamp: 0x5308893d  Exception code: 0xc0000005  Fault offset: 0x0001f0a3  Faulting process
 id: 0xd34  Faulting application start time: 0x01cf96c82cf5d74f  Faulting application
 path: C:\WINDOWS\syswow64\wwahost.exe  Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report
 Id: 8befe220-02ca-11e4-be8d-4c72b9dfcdd8  Faulting package full name: Microsoft.SkypeApp_2.8.0.1001_x86__kzf8qxf38zg5c
Faulting
 package-relative application ID: App
 
Error - 7/4/2014 12:36:02 AM | Computer Name = HP-AllinOne | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Cryptographic Services failed while processing the OnIdentity() call
 in the System Writer Object.  Details: AddLegacyDriverFiles: Unable to back up image
 of binary pmwemffp.  System Error: The system cannot find the file specified.  .
 
Error - 7/7/2014 9:18:56 PM | Computer Name = HP-AllinOne | Source = .NET Runtime | ID = 1026
Description = 
 
Error - 7/7/2014 9:19:04 PM | Computer Name = HP-AllinOne | Source = Application Error | ID = 1000
Description = Faulting application name: FreemakeUtilsService.exe, version: 1.0.0.0,
 time stamp: 0x52d3a947  Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055,
 time stamp: 0x532943a3  Exception code: 0xe0434352  Fault offset: 0x00011d4d  Faulting
 process id: 0x6a4  Faulting application start time: 0x01cf958995447631  Faulting application
 path: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe  Faulting
 module path: C:\WINDOWS\SYSTEM32\KERNELBASE.dll  Report Id: d9203245-063d-11e4-be8d-4c72b9dfcdd8
Faulting
 package full name:   Faulting package-relative application ID: 
 
[ Hewlett-Packard Events ]
Error - 11/21/2013 8:39:43 AM | Computer Name = HP-AllinOne | Source = hpsa_service.exe | ID = 2000
Description = 
 
Error - 6/17/2014 9:54:34 AM | Computer Name = HP-AllinOne | Source = HPSF.exe | ID = 2000
Description = 
 
[ System Events ]
Error - 7/1/2014 5:47:20 PM | Computer Name = HP-AllinOne | Source = DCOM | ID = 10010
Description = 
 
Error - 7/1/2014 5:47:20 PM | Computer Name = HP-AllinOne | Source = DCOM | ID = 10010
Description = 
 
Error - 7/1/2014 5:47:21 PM | Computer Name = HP-AllinOne | Source = DCOM | ID = 10010
Description = 
 
Error - 7/1/2014 5:47:22 PM | Computer Name = HP-AllinOne | Source = DCOM | ID = 10010
Description = 
 
Error - 7/1/2014 5:47:22 PM | Computer Name = HP-AllinOne | Source = DCOM | ID = 10010
Description = 
 
Error - 7/1/2014 5:47:22 PM | Computer Name = HP-AllinOne | Source = DCOM | ID = 10010
Description = 
 
Error - 7/1/2014 5:47:22 PM | Computer Name = HP-AllinOne | Source = DCOM | ID = 10010
Description = 
 
Error - 7/1/2014 5:48:33 PM | Computer Name = HP-AllinOne | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as  a member
 of a domain. The Netlogon service does not need to run in this  configuration.
 
Error - 7/1/2014 8:06:34 PM | Computer Name = HP-AllinOne | Source = Service Control Manager | ID = 7023
Description = The Superfetch service terminated with the following error:   %%1062
 
Error - 7/1/2014 8:07:14 PM | Computer Name = HP-AllinOne | Source = NETLOGON | ID = 3095
Description = This computer is configured as a member of a workgroup, not as  a member
 of a domain. The Netlogon service does not need to run in this  configuration.
 
 
< End of report >

Edited by LESI, 07 July 2014 - 09:16 PM.

  • 0

Advertisements

#2
pystryker
Posted 08 July 2014 - 07:38 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hello and welcome to Geeks to Go! My nickname is Pystryker :) , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you
  • If you are receiving help for this issue at another forum, please let me know so I can close this thread.
  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
  • Please read through my instructions carefully and completely before executing them. I will lay the instructions out in a step by step order to make them easy to follow.
  • Please make sure that all the programs I ask you to download are downloaded to and run from your Desktop.
  • Please make sure you (if you are able) to print out these instructions so that you will be able to refer to them while working on your machine. Part of the solution(s) to your problem may involve us working in Safe Mode and you will need them to go by.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • Please make sure you reply within 3 days to my responses, if there is no reply within 3 days, the topic will be closed and you will need to request the topic be reopened.
  • Before we get started, please remember we will do our best to get your machine repaired. However, there are some cases where the only solution is a reformat and reinstall of the operating system. This is a worst case scenario though.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If possible, please have your original Windows installation disks handy, just in case.
  • If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  • Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
  • Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
  • Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)
Now, let's get started, shall we? :thumbsup:


Hello :)

I'm not seeing a whole lot, which is a good thing. Let's get rid of the things I do see and run some tools to get rid of any adware. Then we'll get a fresh look with OTL.


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Chrome Changes


We need to change your homepage in Chrome. Please follow the instructions below.
  • Open Chrome and type this in the address bar: chrome:settings
  • When the Settings page opens, look under On Startup and then click Open a specific set of pages and click Set Pages
  • When the window opens, type in any page you wish as your new start page and remove search.conduit.com.
  • Once you have typed in your new home page, close the window.
Step 2: OTL Fix


Let's run an OTL fix:

Warning: This fix is to be used on this system and this system ONLY. Using this fix on any other machine other than yours can seriously damage it.

Be advised that when the fix commences, it will shut down all running processes and you may lose the desktop and icons, they will return on reboot.

Run OTL by double clicking it (Windows Vista, Windows 7, and 8, right click and select "Run as Administrator)
  • Copy the text in the quote box below (do not copy the word "quote") and paste in the in the box marked Custom Scans/Fixes as shown in the graphic below.
otlrunfix.jpg






:Commands
[createrestorepoint]

:OTL
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
O4 - HKLM..\Run: [] File not found
O8:64bit: - Extra context menu item: LastPass - file://C:\Users\Martha\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Users\Martha\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: LastPass - file://C:\Users\Martha\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Martha\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing

:Files
netsh advfirewall reset /c
netsh advfirewall set allprofiles state on /c
ipconfig /flushdns /c

:Commands
[emptytemp]
[resethosts]

  • Click the Run Fix button at the top of the OTL control panel.
  • Let the program run until it's finished and then reboot the computer.
  • Once your machine has rebooted, a log will open. Please post that log in your next reply.
If you have any problems, questions, or need further explanation, please post a message in this thread and I will get back to you asap.


Step 3: AdwCleaner


Download ADWcleaner by clicking here. Please save it to your Desktop


adwcleaner2_zps680e0e15.jpg
  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Clean button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
    • Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply.
    This report is also saved at C:\AdwCleaner[R0].txt
Step 4: Junkware Removal Tool


thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 5: Fresh OTL Scan
  • Close any open windows and then double click (Vista, Windows 7, 8, right click and then click Run as Administrator) the icon to start OTL.
  • Please make sure the following boxes are checked.
  • Scan All Users
  • Use Company-Name WhiteList
  • Skip Microsoft Files
  • Use No-Company-Name Whitelist
  • LOP Check
  • Purity Check
  • Copy the contents of the quote box below Do not copy the word quote! and paste them into the Custom Scans/Fixes box at the bottom of OTL's control panel.

    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    rpcss.dll
    /md5stop
    dir "%systemdrive%\*" /S /A:L /C

  • Click the Run Scan button.
firstscangraphic.jpg
  • Please do not interrupt the scanning process. It may take a while to complete the scan, so please be patient. :)
  • When the scan is finished, it will generate 1 log, OTL.txt in a Notepad window. This log is saved in the same location as OTL. In this case here: C:\Users\Martha\Downloads
  • Please post log in your next reply.
Things I need to see in your next post

OTL Fixlog

AdwCleaner Log

Junkware Removal Tool Log

Fresh OTL Log
  • 0

#3
LESI
Posted 09 July 2014 - 07:56 AM

LESI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Howdy Pystryker,  Am I glad to see you.  Okkkay...I did all of the above and have the logs below!  I will put them in the order as listed above.  Here's hoping I did them correctly.  LESI  :geek:


 

 

 

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\LastPass\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\LastPass Fill Forms\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\LastPass\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\LastPass Fill Forms\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
========== FILES ==========
< netsh advfirewall reset /c >
Ok.
C:\Users\Martha\Downloads\cmd.bat deleted successfully.
C:\Users\Martha\Downloads\cmd.txt deleted successfully.
< netsh advfirewall set allprofiles state on /c >
Ok.
C:\Users\Martha\Downloads\cmd.bat deleted successfully.
C:\Users\Martha\Downloads\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Martha\Downloads\cmd.bat deleted successfully.
C:\Users\Martha\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: All Users
 
User: Betty
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default.migrated
 
User: Martha
->Temp folder emptied: 2213672 bytes
->Temporary Internet Files folder emptied: 3457827 bytes
->Java cache emptied: 7746557 bytes
->FireFox cache emptied: 14339779 bytes
->Google Chrome cache emptied: 389789123 bytes
->Flash cache emptied: 3109 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12092649 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 410.00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 07092014_005154
 
Files\Folders moved on Reboot...
C:\Users\Martha\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\Low\SkypeClickToCall\Logs\AutoUpdateSvc.log scheduled to be moved on reboot.
C:\WINDOWS\temp\UploadUI.log moved successfully.
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...
 
================================================================================================================
 

# AdwCleaner v3.215 - Report created 09/07/2014 at 01:13:37
# Updated 09/07/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Martha - HP-ALLINONE
# Running from : C:\Users\Martha\Downloads\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\eBay.lnk
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Mozilla Firefox v29.0 (en-US)
 
[ File : C:\Users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\ad89ajwx.default\prefs.js ]
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Startup_urls] : hxxp://search.conduit.com/?ctid=CT3321972&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SP2360F13D-99DE-423C-9AFA-E7849F281233&SSPV=
Deleted [Startup_urls] : hxxp://start.mysearchdial.com/?f=1&a=dsites02_14_25_ch&cd=2XzuyEtN2Y1L1QzuyDyE0B0E0FyBtDyDtBtDtA0AyDtD0F0BtN0D0Tzu0SzytDtCtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0E0AyDtD0FyB0CtGyD0AyEtAtGyE0EtBtAtGyDtAyEzytGtAzy0F0CyByD0BtAtAtDyByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyD0EtCyE0Czz0AtG0EtByCtBtG0B0FtA0CtGtBtAyDtBtGtA0C0ByDtCtByBtDyEzytC0E2Q&cr=1275317519&ir=
Deleted [Homepage] : hxxp://search.conduit.com/?ctid=CT3321972&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SP2360F13D-99DE-423C-9AFA-E7849F281233&SSPV=
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : bpegkgagfojjbcpkihigfmkojdmmimdf
Deleted [Extension] : ehgldbbpchgpcfagfpfjgoomddhccfgh
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
 
*************************
 
AdwCleaner[R0].txt - [3201 octets] - [09/07/2014 01:06:31]
AdwCleaner[S0].txt - [3037 octets] - [09/07/2014 01:13:37]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3097 octets] ##########
 
======================================================================================================================
 

# AdwCleaner v3.215 - Report created 09/07/2014 at 01:13:37
# Updated 09/07/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Martha - HP-ALLINONE
# Running from : C:\Users\Martha\Downloads\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\eBay.lnk
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Mozilla Firefox v29.0 (en-US)
 
[ File : C:\Users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\ad89ajwx.default\prefs.js ]
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Startup_urls] : hxxp://search.conduit.com/?ctid=CT3321972&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SP2360F13D-99DE-423C-9AFA-E7849F281233&SSPV=
Deleted [Startup_urls] : hxxp://start.mysearchdial.com/?f=1&a=dsites02_14_25_ch&cd=2XzuyEtN2Y1L1QzuyDyE0B0E0FyBtDyDtBtDtA0AyDtD0F0BtN0D0Tzu0SzytDtCtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0E0AyDtD0FyB0CtGyD0AyEtAtGyE0EtBtAtGyDtAyEzytGtAzy0F0CyByD0BtAtAtDyByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyD0EtCyE0Czz0AtG0EtByCtBtG0B0FtA0CtGtBtAyDtBtGtA0C0ByDtCtByBtDyEzytC0E2Q&cr=1275317519&ir=
Deleted [Homepage] : hxxp://search.conduit.com/?ctid=CT3321972&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SP2360F13D-99DE-423C-9AFA-E7849F281233&SSPV=
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : bpegkgagfojjbcpkihigfmkojdmmimdf
Deleted [Extension] : ehgldbbpchgpcfagfpfjgoomddhccfgh
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
 
*************************
 
AdwCleaner[R0].txt - [3201 octets] - [09/07/2014 01:06:31]
AdwCleaner[S0].txt - [3037 octets] - [09/07/2014 01:13:37]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3097 octets] ##########
 
============================================================================================================================
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Martha on Wed 07/09/2014 at  1:28:05.07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{84B29D74-CDD6-47A8-9ECE-278809800D63}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{84B29D74-CDD6-47A8-9ECE-278809800D63}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{07F7F03C-D72F-48AA-A956-DA3D687745B1}
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{13306DD2-7085-44C2-A60E-2A6E4009EDCF}
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{1E214659-411B-4885-B4FF-D3EBD4387D70}
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{27EC4DF0-8C70-4F07-A612-A5DA2C9FA442}
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{3C5AA6C5-B15E-4F38-8145-E74CC1FD0A0C}
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{4BAABCA3-4E5C-4149-B261-3A64AE127B2C}
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{4D41AEF9-EAB5-4CC5-B1BC-DB38FAF60D42}
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{5B9BA6CC-FCFA-498B-9019-E916C6071FC1}
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{6D1613AD-78B3-42FD-946A-DA71E252BC74}
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{75426B51-8A82-4F49-A07C-473243B6F53D}
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{844B616F-9FDB-4BCF-A20D-7E2E2562AF32}
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{A08EA2EB-652A-435B-BA39-03B831516C1A}
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{DB678269-072C-4179-BB5E-96ABE0C6CE1C}
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{E0DDA1AE-4998-4DC3-AEF8-E3487D863E44}
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{E3997378-6080-4845-BAF1-95B4842CDDA4}
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{F3DDCA68-DC80-45A3-80CE-D2BFFD58818B}
Successfully deleted: [Empty Folder] C:\Users\Martha\appdata\local\{FA5FE5BF-E9EF-4B7B-934B-9114261D01C4}
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 07/09/2014 at  1:53:30.50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
==============================================================================================================================================
 

 OTL logfile created on: 7/9/2014 2:03:59 AM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Martha\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.58 Gb Total Physical Memory | 2.45 Gb Available Physical Memory | 68.50% Memory free
3.97 Gb Paging File | 2.80 Gb Available in Paging File | 70.43% Paging File free
Paging file location(s): c:\pagefile.sys 400 4096 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444.06 Gb Total Space | 388.89 Gb Free Space | 87.57% Space Free | Partition Type: NTFS
Drive D: | 19.78 Gb Total Space | 2.47 Gb Free Space | 12.50% Space Free | Partition Type: NTFS
 
Computer Name: HP-ALLINONE | User Name: Martha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/07 22:38:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martha\Desktop\OTL.exe
PRC - [2014/07/04 00:37:52 | 004,086,432 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/07/04 00:37:51 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/01/13 13:52:24 | 000,103,936 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2014/01/13 13:52:22 | 000,009,216 | ---- | M] (Ellora Assets Corp.) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/27 21:21:26 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012/06/07 23:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/04 00:37:58 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/07/04 00:37:55 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2012/06/08 14:34:06 | 000,016,400 | ---- | M] () -- c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/07 23:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/07/04 00:37:51 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/06/19 23:08:33 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/06/19 23:04:34 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/06/19 23:04:34 | 000,834,560 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/06/19 22:57:31 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/06/19 22:57:31 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/06/19 22:55:59 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/06/19 22:55:58 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/06/19 22:55:58 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/06/19 22:49:21 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2014/06/10 00:52:30 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2014/03/18 06:13:26 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/18 06:13:25 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/03/18 06:13:20 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/03/18 06:13:18 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/03/18 06:13:18 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/03/18 06:13:14 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/03/18 06:13:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/03/18 06:13:13 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/11/19 21:40:52 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 07:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 07:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 07:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 07:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 07:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 06:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 06:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 05:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 05:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 05:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 05:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 05:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 05:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 05:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 05:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2014/06/19 22:55:57 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/06/19 22:49:24 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2014/06/19 22:49:20 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2014/06/19 22:49:19 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2014/04/22 05:25:15 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/01/13 13:52:24 | 000,103,936 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2014/01/13 13:52:22 | 000,009,216 | ---- | M] (Ellora Assets Corp.) [Auto | Running] -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/19 21:47:00 | 002,468,496 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2013/11/04 19:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 23:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 22:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012/07/19 21:06:58 | 000,035,232 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe -- (HPConnectedRemote)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/07/04 12:38:30 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/07/04 00:38:04 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/07/04 00:38:04 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/07/04 00:38:04 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/07/04 00:38:04 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/07/04 00:38:04 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/07/04 00:38:04 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/07/04 00:38:02 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/06/19 23:06:46 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/06/19 23:04:36 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/06/19 23:04:34 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/06/19 23:04:34 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/06/19 23:04:34 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/06/19 22:57:31 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/06/19 22:57:31 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/06/19 22:57:31 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/06/19 22:55:57 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/06/17 09:55:07 | 000,870,104 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2014/06/10 00:52:30 | 013,209,088 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2014/06/10 00:52:30 | 000,626,688 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2014/03/18 06:13:19 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/03/18 06:13:15 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/18 06:13:15 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/03/18 06:13:02 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/03/18 06:13:01 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/03/18 06:13:01 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/03/18 06:13:01 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/03/18 06:13:01 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/03/18 06:13:01 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/03/18 06:13:00 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/03/18 06:13:00 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/03/18 06:13:00 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/03/18 05:45:47 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/03/18 05:45:41 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/12/04 11:02:30 | 002,505,904 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2013/11/19 21:47:01 | 000,353,864 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2013/08/22 09:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 09:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 08:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 08:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 08:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 08:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 08:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 08:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 08:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 08:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 08:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 08:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 08:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 08:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 08:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 08:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 08:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 08:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 08:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 08:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 08:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 08:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 08:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 08:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 08:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 08:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 08:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 08:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 08:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 07:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 07:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 07:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 07:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 07:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 07:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 07:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 07:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 07:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 07:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 07:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 07:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 07:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 07:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 07:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 07:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 07:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 07:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 07:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 07:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 07:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 07:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 04:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 19:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 20:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 14:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 15:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2012/06/25 13:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/03/31 02:49:08 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/02/11 17:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPDTDFJS
IE:64bit: - HKLM\..\SearchScopes\{84B29D74-CDD6-47A8-9ECE-278809800D63}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/...=AVASDF&PC=AV01
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1584447337-3020926857-578221619-1001\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPDSK13/1
IE - HKU\S-1-5-21-1584447337-3020926857-578221619-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKU\S-1-5-21-1584447337-3020926857-578221619-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKU\S-1-5-21-1584447337-3020926857-578221619-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
IE - HKU\S-1-5-21-1584447337-3020926857-578221619-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-1584447337-3020926857-578221619-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPDTDFJS
IE - HKU\S-1-5-21-1584447337-3020926857-578221619-1001\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKU\S-1-5-21-1584447337-3020926857-578221619-1001\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKU\S-1-5-21-1584447337-3020926857-578221619-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0
FF - prefs.js..browser.search.selectedEngine: "Microsoft (Bing)"
FF - prefs.js..browser.search.defaultengine: "Microsoft (Bing)"
FF - prefs.js..browser.search.defaultenginename: "Microsoft (Bing)"
FF - prefs.js..browser.search.defaultthis.engineName: "Microsoft (Bing)"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search"
FF - prefs.js..browser.search.order.1: "Microsoft (Bing)"
FF - prefs.js..keyword.URL: "http://www.bing.com/search"
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?pc=AV01"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@startmeeting.com/launcher: C:\Users\Martha\AppData\Local\SMPlugins\npsmlauncher.dll (Start Meeting)
FF - HKCU\Software\MozillaPlugins\gamevenus.com/CertifiedBrowser: C:\Users\Martha\AppData\Roaming\GVU Technologies\YouTubeDownloaderConverter\npCertifiedBrowser.dll (GVU Technologies)
FF - HKCU\Software\MozillaPlugins\hp.com/HPDetect: C:\Users\Martha\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected]\ [2014/01/13 21:49:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected]\ [2014/01/13 21:49:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/07/04 00:38:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
 
[2014/05/09 14:11:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martha\AppData\Roaming\mozilla\Extensions
[2014/05/09 14:19:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martha\AppData\Roaming\mozilla\Firefox\Profiles\ad89ajwx.default\extensions
[2014/07/04 00:44:49 | 000,005,830 | ---- | M] () -- C:\Users\Martha\AppData\Roaming\mozilla\firefox\profiles\ad89ajwx.default\searchplugins\bing-avast.xml
[2014/05/09 14:10:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/09 14:10:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Ixquick (Enabled)
CHR - default_search_provider: search_url = http://ixquick.com/d...anguage=english
CHR - default_search_provider: suggest_url = ,
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: LastPass: Free Password Manager = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.1.41_0\
CHR - Extension: Skype Click to Call = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15747.10003_0\
CHR - Extension: Google Wallet = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014/07/09 00:55:54 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1584447337-3020926857-578221619-1001..\Run: [FreeScreenSharing] C:\Users\Martha\AppData\Local\FreeScreenSharing\FreeScreenSharing.exe ()
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9:64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{29B5CF79-3278-41A1-86F5-B3673D2C956F}: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBC4812E-DD0B-4C8B-9F7F-46C2962A294B}: DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/09 01:28:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/07/09 01:10:02 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014/07/09 01:04:39 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/07/09 00:51:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/07/07 22:38:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Martha\Desktop\OTL.exe
[2014/07/04 00:39:21 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Roaming\AVAST Software
[2014/07/04 00:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/07/04 00:38:14 | 001,041,168 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2014/07/04 00:38:14 | 000,427,360 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys
[2014/07/04 00:38:14 | 000,093,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2014/07/04 00:38:14 | 000,092,008 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2014/07/04 00:38:14 | 000,079,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2014/07/04 00:38:11 | 000,307,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2014/07/04 00:38:00 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/07/04 00:36:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/07/04 00:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/07/02 00:08:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/07/01 18:08:04 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/01 18:07:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/01 18:07:29 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/07/01 18:07:29 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014/07/01 18:07:29 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/07/01 18:07:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/07/01 18:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/06/21 19:58:34 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Roaming\Oracle
[2014/06/21 18:56:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/06/21 18:56:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/06/21 18:56:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/06/19 23:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2014/06/19 23:12:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2014/06/19 22:49:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014/06/19 22:49:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014/06/19 22:49:33 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/06/19 22:49:33 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/06/19 22:49:33 | 000,000,000 | ---D | C] -- C:\inetpub
[2014/06/19 20:24:00 | 000,000,000 | R--D | C] -- C:\Users\Martha\OneDrive
[2014/06/19 20:19:06 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Roaming\Identities
[2014/06/19 20:19:02 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\assembly
[2014/06/19 19:28:44 | 000,000,000 | --SD | C] -- C:\Users\Martha\AppData\Roaming\Microsoft
[2014/06/19 19:28:44 | 000,000,000 | R--D | C] -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/06/19 19:28:44 | 000,000,000 | R--D | C] -- C:\Users\Martha\Favorites
[2014/06/19 19:28:44 | 000,000,000 | R--D | C] -- C:\Users\Martha\Documents
[2014/06/19 19:28:44 | 000,000,000 | R--D | C] -- C:\Users\Martha\Desktop
[2014/06/19 19:28:44 | 000,000,000 | R--D | C] -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/06/19 19:28:44 | 000,000,000 | R--D | C] -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\AppData\Local\Temporary Internet Files
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Templates
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Start Menu
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\SendTo
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Recent
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\PrintHood
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\NetHood
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Documents\My Videos
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Documents\My Pictures
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Documents\My Music
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\My Documents
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Local Settings
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\AppData\Local\History
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Cookies
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\Application Data
[2014/06/19 19:28:44 | 000,000,000 | -HSD | C] -- C:\Users\Martha\AppData\Local\Application Data
[2014/06/19 19:28:44 | 000,000,000 | -H-D | C] -- C:\Users\Martha\AppData
[2014/06/19 19:28:44 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\Temp
[2014/06/19 19:28:44 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\Microsoft
[2014/06/19 19:28:44 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/06/19 19:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2014/06/19 19:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014/06/19 19:16:31 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/06/19 19:16:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2014/06/19 19:16:14 | 000,000,000 | ---D | C] -- C:\AMD
[2014/06/19 19:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2014/06/19 19:14:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014/06/18 00:50:50 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Roaming\HewlettPackard
[2014/06/17 17:48:51 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2014/06/17 17:44:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2014/06/17 09:55:48 | 000,870,104 | ---- | C] (Realtek                                            ) -- C:\WINDOWS\SysNative\drivers\Rt630x64.sys
[2014/06/10 00:52:46 | 000,129,536 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\coinst_13.251.9001.dll
[2014/06/10 00:52:34 | 000,190,976 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atitmm64.dll
[2014/06/10 00:52:30 | 000,588,288 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atieclxx.exe
[2014/06/10 00:52:30 | 000,239,616 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atiesrxx.exe
[2014/06/10 00:52:30 | 000,031,232 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atimuixx.dll
[2014/06/10 00:52:24 | 000,063,488 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2014/06/10 00:52:24 | 000,057,344 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2014/04/10 23:43:38 | 014,883,840 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/09 01:38:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\HP Photo Creations Communicator.job
[2014/07/09 01:27:32 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForMartha.job
[2014/07/09 01:27:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/09 01:26:53 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/07/09 01:25:41 | 000,000,918 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/09 01:23:06 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/07/09 01:21:02 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/07/09 01:21:00 | 3075,129,344 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/09 00:55:54 | 000,000,098 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\Hosts
[2014/07/08 11:43:04 | 000,091,520 | ---- | M] () -- C:\Users\Martha\Desktop\Fixlist.one
[2014/07/08 11:41:32 | 000,001,310 | ---- | M] () -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2014/07/07 22:38:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martha\Desktop\OTL.exe
[2014/07/07 20:31:14 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/04 12:38:30 | 000,427,360 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys
[2014/07/04 00:44:49 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/07/04 00:38:54 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/07/04 00:38:04 | 001,041,168 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2014/07/04 00:38:04 | 000,224,896 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2014/07/04 00:38:04 | 000,092,008 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2014/07/04 00:38:04 | 000,079,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2014/07/04 00:38:04 | 000,065,776 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2014/07/04 00:38:04 | 000,029,208 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2014/07/04 00:38:03 | 000,307,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2014/07/04 00:38:02 | 000,093,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2014/07/04 00:38:00 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/07/01 18:07:52 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/21 19:59:07 | 000,956,476 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/06/21 19:59:07 | 000,794,884 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/06/21 19:59:07 | 000,161,140 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/06/19 23:04:34 | 000,387,210 | ---- | M] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/06/19 19:58:21 | 000,041,913 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2014/06/19 19:58:21 | 000,041,913 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2014/06/19 19:57:53 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/06/19 19:45:29 | 000,419,792 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/06/19 19:22:35 | 000,930,400 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/06/19 19:16:17 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/06/19 19:16:05 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2014/06/17 09:55:07 | 000,870,104 | ---- | M] (Realtek                                            ) -- C:\WINDOWS\SysNative\drivers\Rt630x64.sys
[2014/06/10 00:52:46 | 000,230,912 | ---- | M] () -- C:\WINDOWS\SysNative\clinfo.exe
[2014/06/10 00:52:46 | 000,129,536 | ---- | M] (AMD) -- C:\WINDOWS\SysNative\coinst_13.251.9001.dll
[2014/06/10 00:52:38 | 000,234,036 | ---- | M] () -- C:\WINDOWS\SysNative\ativvaxy_cik.dat
[2014/06/10 00:52:38 | 000,233,776 | ---- | M] () -- C:\WINDOWS\SysNative\ativvaxy_cik_nd.dat
[2014/06/10 00:52:38 | 000,204,952 | ---- | M] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2014/06/10 00:52:38 | 000,204,952 | ---- | M] () -- C:\WINDOWS\SysNative\ativvsvl.dat
[2014/06/10 00:52:38 | 000,157,144 | ---- | M] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2014/06/10 00:52:38 | 000,157,144 | ---- | M] () -- C:\WINDOWS\SysNative\ativvsva.dat
[2014/06/10 00:52:38 | 000,083,552 | ---- | M] () -- C:\WINDOWS\SysNative\ativce02.dat
[2014/06/10 00:52:36 | 003,461,040 | ---- | M] () -- C:\WINDOWS\SysWow64\atiumdva.cap
[2014/06/10 00:52:36 | 003,426,688 | ---- | M] () -- C:\WINDOWS\SysNative\atiumd6a.cap
[2014/06/10 00:52:34 | 000,190,976 | ---- | M] (AMD) -- C:\WINDOWS\SysNative\atitmm64.dll
[2014/06/10 00:52:34 | 000,003,917 | ---- | M] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2014/06/10 00:52:34 | 000,003,917 | ---- | M] () -- C:\WINDOWS\SysNative\atipblag.dat
[2014/06/10 00:52:32 | 000,047,887 | ---- | M] () -- C:\WINDOWS\atiogl.xml
[2014/06/10 00:52:30 | 000,721,296 | ---- | M] () -- C:\WINDOWS\SysNative\atiicdxx.dat
[2014/06/10 00:52:30 | 000,588,288 | ---- | M] (AMD) -- C:\WINDOWS\SysNative\atieclxx.exe
[2014/06/10 00:52:30 | 000,239,616 | ---- | M] (AMD) -- C:\WINDOWS\SysNative\atiesrxx.exe
[2014/06/10 00:52:30 | 000,031,232 | ---- | M] (AMD) -- C:\WINDOWS\SysNative\atimuixx.dll
[2014/06/10 00:52:24 | 001,187,342 | ---- | M] () -- C:\WINDOWS\SysNative\amdocl_as64.exe
[2014/06/10 00:52:24 | 001,061,902 | ---- | M] () -- C:\WINDOWS\SysNative\amdocl_ld64.exe
[2014/06/10 00:52:24 | 000,995,342 | ---- | M] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2014/06/10 00:52:24 | 000,798,734 | ---- | M] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2014/06/10 00:52:24 | 000,550,464 | ---- | M] () -- C:\WINDOWS\SysWow64\atiapfxx.blb
[2014/06/10 00:52:24 | 000,550,464 | ---- | M] () -- C:\WINDOWS\SysNative\atiapfxx.blb
[2014/06/10 00:52:24 | 000,063,488 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2014/06/10 00:52:24 | 000,057,344 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2014/06/10 00:52:18 | 000,412,672 | ---- | M] () -- C:\WINDOWS\SysNative\amdmiracast.dll
[2014/06/10 00:52:18 | 000,134,656 | ---- | M] () -- C:\WINDOWS\SysNative\amdhdl64.dll
[2014/06/10 00:52:18 | 000,123,392 | ---- | M] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
 
========== Files Created - No Company Name ==========
 
[2014/07/08 11:43:01 | 000,091,520 | ---- | C] () -- C:\Users\Martha\Desktop\Fixlist.one
[2014/07/04 00:38:54 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/07/04 00:38:14 | 000,224,896 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2014/07/04 00:38:14 | 000,065,776 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2014/07/04 00:38:14 | 000,029,208 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswHwid.sys
[2014/07/01 18:07:52 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/19 23:04:34 | 000,387,210 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/06/19 20:19:12 | 000,001,444 | ---- | C] () -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/06/19 19:57:53 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/06/19 19:41:41 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2014/06/19 19:28:44 | 000,000,369 | ---- | C] () -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2014/06/19 19:28:44 | 000,000,369 | ---- | C] () -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2014/06/19 19:28:44 | 000,000,352 | ---- | C] () -- C:\Users\Martha\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/06/19 19:28:44 | 000,000,334 | ---- | C] () -- C:\Users\Martha\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/06/19 19:28:19 | 000,041,913 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2014/06/19 19:28:19 | 000,041,913 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2014/06/19 19:22:35 | 000,930,400 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/06/19 19:16:17 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/06/19 19:16:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2014/06/10 00:52:46 | 000,230,912 | ---- | C] () -- C:\WINDOWS\SysNative\clinfo.exe
[2014/06/10 00:52:38 | 000,234,036 | ---- | C] () -- C:\WINDOWS\SysNative\ativvaxy_cik.dat
[2014/06/10 00:52:38 | 000,233,776 | ---- | C] () -- C:\WINDOWS\SysNative\ativvaxy_cik_nd.dat
[2014/06/10 00:52:38 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2014/06/10 00:52:38 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysNative\ativvsvl.dat
[2014/06/10 00:52:38 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2014/06/10 00:52:38 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysNative\ativvsva.dat
[2014/06/10 00:52:38 | 000,083,552 | ---- | C] () -- C:\WINDOWS\SysNative\ativce02.dat
[2014/06/10 00:52:36 | 003,461,040 | ---- | C] () -- C:\WINDOWS\SysWow64\atiumdva.cap
[2014/06/10 00:52:36 | 003,426,688 | ---- | C] () -- C:\WINDOWS\SysNative\atiumd6a.cap
[2014/06/10 00:52:34 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2014/06/10 00:52:34 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysNative\atipblag.dat
[2014/06/10 00:52:32 | 000,047,887 | ---- | C] () -- C:\WINDOWS\atiogl.xml
[2014/06/10 00:52:30 | 000,721,296 | ---- | C] () -- C:\WINDOWS\SysNative\atiicdxx.dat
[2014/06/10 00:52:24 | 001,187,342 | ---- | C] () -- C:\WINDOWS\SysNative\amdocl_as64.exe
[2014/06/10 00:52:24 | 001,061,902 | ---- | C] () -- C:\WINDOWS\SysNative\amdocl_ld64.exe
[2014/06/10 00:52:24 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2014/06/10 00:52:24 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2014/06/10 00:52:24 | 000,550,464 | ---- | C] () -- C:\WINDOWS\SysWow64\atiapfxx.blb
[2014/06/10 00:52:24 | 000,550,464 | ---- | C] () -- C:\WINDOWS\SysNative\atiapfxx.blb
[2014/06/10 00:52:18 | 000,412,672 | ---- | C] () -- C:\WINDOWS\SysNative\amdmiracast.dll
[2014/06/10 00:52:18 | 000,134,656 | ---- | C] () -- C:\WINDOWS\SysNative\amdhdl64.dll
[2014/06/10 00:52:18 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2014/03/18 06:13:28 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 06:13:03 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/02/11 01:39:49 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/10/17 21:39:23 | 000,188,041 | ---- | C] () -- C:\WINDOWS\hpoins13.dat
[2013/10/17 21:39:23 | 000,000,462 | ---- | C] () -- C:\WINDOWS\hpomdl13.dat
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/09/11 10:34:27 | 000,000,141 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2012/07/25 16:22:54 | 000,982,240 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng500.bin
[2012/07/25 16:22:54 | 000,439,308 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng500.bin
[2012/07/25 16:22:54 | 000,092,356 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg500m.bin
 
========== ZeroAccess Check ==========
 
[2014/06/19 20:27:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/19 22:55:58 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/19 22:55:59 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012/09/11 09:46:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\FFSJ
[2014/07/04 00:39:21 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\AVAST Software
[2014/05/20 10:27:38 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\ESET
[2014/03/23 23:34:21 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\GVU Technologies
[2014/06/18 00:50:50 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\HewlettPackard
[2014/06/21 19:58:34 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\Oracle
[2014/02/12 02:30:29 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\Visan
[2013/11/19 21:21:23 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\WinBatch
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: EXPLORER.EXE  >
[2014/06/19 23:04:35 | 002,088,160 | ---- | M] (Microsoft Corporation) MD5=119E091B5386379BC5AA598BE9440C75 -- C:\Windows\SysWOW64\explorer.exe
[2014/06/19 23:04:35 | 002,088,160 | ---- | M] (Microsoft Corporation) MD5=119E091B5386379BC5AA598BE9440C75 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2014/06/26 14:57:11 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2014/06/26 12:47:24 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014/06/19 23:04:35 | 002,373,784 | ---- | M] (Microsoft Corporation) MD5=81394C91B7B5A7C799E249AE82491F13 -- C:\Windows\explorer.exe
[2014/06/19 23:04:35 | 002,373,784 | ---- | M] (Microsoft Corporation) MD5=81394C91B7B5A7C799E249AE82491F13 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
 
< MD5 for: RPCSS.DLL  >
[2014/03/18 06:13:02 | 000,753,664 | ---- | M] (Microsoft Corporation) MD5=81979817943D830BF24571B7C1B28A1A -- C:\WINDOWS\SysNative\rpcss.dll
[2014/03/18 06:13:02 | 000,753,664 | ---- | M] (Microsoft Corporation) MD5=81979817943D830BF24571B7C1B28A1A -- C:\Windows\WinSxS\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.3.9600.17031_none_5abc2e4b11b14f22\rpcss.dll
 
< MD5 for: SERVICES  >
[2013/08/22 11:04:54 | 000,003,777 | ---- | M] () MD5=5EE2D65841D1985E8C1BC68B2EB4357B -- C:\Windows\WinSxS\amd64_microsoft-windows-w..ucture-other-minwin_31bf3856ad364e35_6.3.9600.16384_none_25fdfd813908f8a6\services
 
< MD5 for: SERVICES.CFG  >
[2014/05/08 09:48:48 | 000,560,495 | ---- | M] () MD5=12A7DDA9C7CA1AAA2C6F36BB1E24528B -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg
[2012/09/23 21:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
 
< MD5 for: SERVICES.DAT  >
[2014/04/06 00:32:27 | 000,004,173 | ---- | M] () MD5=ED018DB6916ACAB46011A330B4B116AA -- C:\Users\Martha\AppData\Local\Temp\jrt\services.dat
 
< MD5 for: SERVICES.EXE  >
[2014/06/19 22:55:57 | 000,407,016 | ---- | M] (Microsoft Corporation) MD5=067CB90C277DB4A737D5DEABA3055972 -- C:\WINDOWS\SysNative\services.exe
[2014/06/19 22:55:57 | 000,407,016 | ---- | M] (Microsoft Corporation) MD5=067CB90C277DB4A737D5DEABA3055972 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.17084_none_2fd708ffd09a6815\services.exe
[2014/06/26 13:34:02 | 000,082,895 | ---- | M] () MD5=892D1838D0C77D4734F7E21F064CD06C -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe
 
< MD5 for: SERVICES.EXE.MUI  >
[2014/03/18 05:31:50 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=0626E9CF9F010A5E5D5A8E200A59DDDC -- C:\WINDOWS\SysNative\en-US\services.exe.mui
[2014/03/18 05:31:50 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=0626E9CF9F010A5E5D5A8E200A59DDDC -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.3.9600.16384_en-us_5abba721f9ec3435\services.exe.mui
 
< MD5 for: SERVICES.JS  >
[2014/06/20 20:24:00 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/06/20 20:24:00 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/06/20 20:24:00 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/06/20 20:24:00 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.2.261_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/06/20 20:24:50 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/06/20 20:24:00 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/06/20 20:24:01 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
 
< MD5 for: SERVICES.LNK  >
[2013/08/22 02:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/22 02:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/22 02:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.lnk
 
< MD5 for: SERVICES.MOF  >
[2013/06/18 10:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\SysNative\wbem\services.mof
[2013/06/18 10:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\services.mof
 
< MD5 for: SERVICES.MSC  >
[2014/03/18 05:31:51 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\WINDOWS\SysNative\en-US\services.msc
[2013/06/18 10:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\WINDOWS\SysNative\services.msc
[2014/03/18 05:31:51 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\en-US\services.msc
[2013/06/18 08:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\services.msc
[2014/03/18 05:31:51 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_94fd770dd055ce28\services.msc
[2013/06/18 10:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.msc
[2013/06/18 08:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\wow64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_ca76ed014e12ad52\services.msc
[2014/03/18 05:31:51 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_38dedb8a17f85cf2\services.msc
 
< MD5 for: SERVICES.PTXML  >
[2013/08/22 02:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\WINDOWS\SysNative\wdi\perftrack\Services.ptxml
[2013/08/22 02:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\Services.ptxml
 
< MD5 for: SVCHOST.EXE  >
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2013/08/22 01:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\SysWOW64\svchost.exe
[2013/08/22 01:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2013/08/22 08:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\WINDOWS\SysNative\svchost.exe
[2013/08/22 08:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe
 
< MD5 for: USERINIT.EXE  >
[2013/08/22 06:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\WINDOWS\SysNative\userinit.exe
[2013/08/22 06:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2013/08/21 22:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\SysWOW64\userinit.exe
[2013/08/21 22:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2014/03/18 06:13:15 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\WINDOWS\SysNative\winlogon.exe
[2014/03/18 06:13:15 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C is OS
 Volume Serial Number is 56EA-B758
 Directory of C:\
08/22/2013  10:45 AM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 Directory of C:\ProgramData
08/22/2013  10:45 AM    <JUNCTION>     Application Data [C:\ProgramData]
08/22/2013  10:45 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
08/22/2013  10:45 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
08/22/2013  10:45 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
08/22/2013  10:45 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\SYSTEM.SAV\LOGS\SymLogs
09/11/2012  10:23 AM    <SYMLINKD>     cclog [C:\$SysReset\Image\Users\Public\Symantec\SymSilent\cclog]
               0 File(s)              0 bytes
 Directory of C:\Users
08/22/2013  10:45 AM    <SYMLINKD>     All Users [C:\ProgramData]
08/22/2013  10:45 AM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 Directory of C:\Users\Administrator
06/19/2014  07:28 PM    <JUNCTION>     Application Data [C:\Users\Administrator\AppData\Roaming]
06/19/2014  07:28 PM    <JUNCTION>     Cookies [C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCookies]
06/19/2014  07:28 PM    <JUNCTION>     Local Settings [C:\Users\Administrator\AppData\Local]
06/19/2014  07:28 PM    <JUNCTION>     My Documents [C:\Users\Administrator\Documents]
06/19/2014  07:28 PM    <JUNCTION>     NetHood [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
06/19/2014  07:28 PM    <JUNCTION>     PrintHood [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
06/19/2014  07:28 PM    <JUNCTION>     Recent [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent]
06/19/2014  07:28 PM    <JUNCTION>     SendTo [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo]
06/19/2014  07:28 PM    <JUNCTION>     Start Menu [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu]
06/19/2014  07:28 PM    <JUNCTION>     Templates [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Administrator\AppData\Local
06/19/2014  07:28 PM    <JUNCTION>     Application Data [C:\Users\Administrator\AppData\Local]
06/19/2014  07:28 PM    <JUNCTION>     History [C:\Users\Administrator\AppData\Local\Microsoft\Windows\History]
06/19/2014  07:28 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\Administrator\AppData\Local\Microsoft\Windows
06/19/2014  07:28 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\Administrator\Documents
06/19/2014  07:28 PM    <JUNCTION>     My Music [C:\Users\Administrator\Music]
06/19/2014  07:28 PM    <JUNCTION>     My Pictures [C:\Users\Administrator\Pictures]
06/19/2014  07:28 PM    <JUNCTION>     My Videos [C:\Users\Administrator\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users
08/22/2013  10:45 AM    <JUNCTION>     Application Data [C:\ProgramData]
08/22/2013  10:45 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
08/22/2013  10:45 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
08/22/2013  10:45 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
08/22/2013  10:45 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Betty
06/19/2014  07:28 PM    <JUNCTION>     Application Data [C:\Users\Betty\AppData\Roaming]
06/19/2014  07:28 PM    <JUNCTION>     Cookies [C:\Users\Betty\AppData\Local\Microsoft\Windows\INetCookies]
06/19/2014  07:28 PM    <JUNCTION>     Local Settings [C:\Users\Betty\AppData\Local]
06/19/2014  07:28 PM    <JUNCTION>     My Documents [C:\Users\Betty\Documents]
06/19/2014  07:28 PM    <JUNCTION>     NetHood [C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
06/19/2014  07:28 PM    <JUNCTION>     PrintHood [C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
06/19/2014  07:28 PM    <JUNCTION>     Recent [C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Recent]
06/19/2014  07:28 PM    <JUNCTION>     SendTo [C:\Users\Betty\AppData\Roaming\Microsoft\Windows\SendTo]
06/19/2014  07:28 PM    <JUNCTION>     Start Menu [C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu]
06/19/2014  07:28 PM    <JUNCTION>     Templates [C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Betty\AppData\Local
06/19/2014  07:28 PM    <JUNCTION>     Application Data [C:\Users\Betty\AppData\Local]
06/19/2014  07:28 PM    <JUNCTION>     History [C:\Users\Betty\AppData\Local\Microsoft\Windows\History]
06/19/2014  07:28 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Betty\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\Betty\AppData\Local\Microsoft\Windows
06/19/2014  07:28 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Betty\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\Betty\Documents
06/19/2014  07:28 PM    <JUNCTION>     My Music [C:\Users\Betty\Music]
06/19/2014  07:28 PM    <JUNCTION>     My Pictures [C:\Users\Betty\Pictures]
06/19/2014  07:28 PM    <JUNCTION>     My Videos [C:\Users\Betty\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Default
08/22/2013  10:45 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
08/22/2013  10:45 AM    <JUNCTION>     Cookies [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies]
08/22/2013  10:45 AM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
08/22/2013  10:45 AM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
08/22/2013  10:45 AM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08/22/2013  10:45 AM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/22/2013  10:45 AM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
08/22/2013  10:45 AM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
08/22/2013  10:45 AM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
08/22/2013  10:45 AM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local
08/22/2013  10:45 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
08/22/2013  10:45 AM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
08/22/2013  10:45 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local\Microsoft\Windows
08/22/2013  10:45 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\Documents
08/22/2013  10:45 AM    <JUNCTION>     My Music [C:\Users\Default\Music]
08/22/2013  10:45 AM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
08/22/2013  10:45 AM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Default.migrated\Documents
07/26/2012  03:22 AM    <JUNCTION>     My Music [C:\$SysReset\Image\Users\Default\Music]
07/26/2012  03:22 AM    <JUNCTION>     My Pictures [C:\$SysReset\Image\Users\Default\Pictures]
07/26/2012  03:22 AM    <JUNCTION>     My Videos [C:\$SysReset\Image\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Martha
06/19/2014  07:28 PM    <JUNCTION>     Application Data [C:\Users\Martha\AppData\Roaming]
06/19/2014  07:28 PM    <JUNCTION>     Cookies [C:\Users\Martha\AppData\Local\Microsoft\Windows\INetCookies]
06/19/2014  07:28 PM    <JUNCTION>     Local Settings [C:\Users\Martha\AppData\Local]
06/19/2014  07:28 PM    <JUNCTION>     My Documents [C:\Users\Martha\Documents]
06/19/2014  07:28 PM    <JUNCTION>     NetHood [C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
06/19/2014  07:28 PM    <JUNCTION>     PrintHood [C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
06/19/2014  07:28 PM    <JUNCTION>     Recent [C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Recent]
06/19/2014  07:28 PM    <JUNCTION>     SendTo [C:\Users\Martha\AppData\Roaming\Microsoft\Windows\SendTo]
06/19/2014  07:28 PM    <JUNCTION>     Start Menu [C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu]
06/19/2014  07:28 PM    <JUNCTION>     Templates [C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Martha\AppData\Local
06/19/2014  07:28 PM    <JUNCTION>     Application Data [C:\Users\Martha\AppData\Local]
06/19/2014  07:28 PM    <JUNCTION>     History [C:\Users\Martha\AppData\Local\Microsoft\Windows\History]
06/19/2014  07:28 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Martha\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\Martha\AppData\Local\Microsoft\Windows
06/19/2014  07:28 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Martha\AppData\Local\Microsoft\Windows\INetCache]
               0 File(s)              0 bytes
 Directory of C:\Users\Martha\AppData\Local\Microsoft\Windows\INetCache
07/09/2014  12:58 AM    <JUNCTION>     Content.IE5 [C:\Users\Martha\AppData\Local\Microsoft\Windows\INetCache\IE\]
               0 File(s)              0 bytes
 Directory of C:\Users\Martha\Documents
06/19/2014  07:28 PM    <JUNCTION>     My Music [C:\Users\Martha\Music]
06/19/2014  07:28 PM    <JUNCTION>     My Pictures [C:\Users\Martha\Pictures]
06/19/2014  07:28 PM    <JUNCTION>     My Videos [C:\Users\Martha\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Martha\OneDrive
08/30/2007  06:53 AM             (374) Pictures.lnk
               1 File(s)            374 bytes
 Directory of C:\Users\Martha\OneDrive\MyPix
09/07/2011  07:37 PM         (197,251) Carter 1.jpg
09/07/2011  07:34 PM          (99,551) Carter Run Race.jpg
09/07/2011  08:54 PM          (30,734) Cathy & Martha 1.jpg
09/07/2011  07:30 PM         (105,054) Cathy & Martha.jpg
09/07/2011  07:43 PM          (13,318) Cathy's grandkids.jpg
09/18/2011  05:56 PM         (511,665) Dad'sPajamas.jpg
07/23/2008  09:19 AM          (20,705) Doc1Lorie'sPhoto.docx
08/10/2012  02:18 PM       (3,613,940) dt's grandson.JPG
08/10/2012  02:24 PM       (3,613,940) dt.grandson2
09/18/2011  06:09 PM         (168,300) Group 2 in costume.jpg
12/07/2011  05:01 PM          (28,672) Hope Ritter.doc
09/18/2011  05:57 PM         (644,229) HowDoIPose-Dee and Peter.jpg
09/07/2011  07:32 PM         (186,728) John & Libby.jpg
09/17/2011  10:32 AM          (79,882) John & Libby1.jpg
09/15/2011  05:13 PM         (720,612) Kats. pics. (2).htm
10/14/2012  01:21 PM          (14,869) Money Graphic.jpg
09/07/2011  07:10 PM          (43,411) Morgan in Pink.jpg
09/07/2011  07:06 PM         (120,448) Morgan.jpg
09/18/2011  05:58 PM         (850,973) Pieter and Caroline Ouwerkerk.jpg
09/07/2011  07:28 PM           (1,858) Robin & Roger.jpg
09/07/2011  07:19 PM           (4,598) S&S's grandchildren.jpg
09/07/2011  07:18 PM           (4,413) Sandra & Stuart's family.jpg
09/07/2011  07:19 PM           (2,871) Stuart McFarland.jpg
              23 File(s)     11,078,022 bytes
 Directory of C:\Users\Martha\OneDrive\MyPix\Biz.Laminine
11/19/2012  02:06 AM           (7,986) Life Pharm Global Distributor Site.htm
               1 File(s)          7,986 bytes
 Directory of C:\Users\Martha\OneDrive\MyPix\Biz.Laminine\Life Pharm Global Distributor Site_files
11/19/2012  02:06 AM           (2,310) contactable.css
11/19/2012  02:06 AM          (92,556) jquery.min.js
11/19/2012  02:06 AM          (11,486) logo.png
11/19/2012  02:06 AM           (1,911) menu.css
11/19/2012  02:06 AM           (8,733) style.css
               5 File(s)        116,996 bytes
 Directory of C:\Users\Martha\OneDrive\MyPix\HEarth
08/29/2012  04:29 PM         (219,154) 578827_401577566571221_1028446711_n.jpeg
08/29/2012  03:50 PM          (24,164) fig099.jpg
08/29/2012  03:49 PM          (26,722) fig100.jpg
08/29/2012  03:50 PM          (36,214) pl42.jpg
08/29/2012  03:50 PM          (51,158) pl43.jpg
08/29/2012  03:50 PM          (18,244) pl44.jpg
08/29/2012  03:50 PM          (76,730) pl45.jpg
08/29/2012  03:50 PM          (18,100) pl46.jpg
               8 File(s)        470,486 bytes
 Directory of C:\Users\Martha\OneDrive\MyPix\Kats. pics. (2)_files
09/15/2011  05:13 PM           (4,058) 11.htm
09/15/2011  05:13 PM          (17,047) 130143630560174309_1_7c97970e.jpg
09/15/2011  05:13 PM          (17,430) 13020692821891969701_1_5f532f63.jpg
09/15/2011  05:13 PM          (12,017) 1310745328251381285_1_2c498da2.jpg
09/15/2011  05:13 PM           (5,932) 1315503137429292999_1_75be754a.jpg
09/15/2011  05:13 PM           (2,745) 161422_100001860278159_5649488_q.jpg
09/15/2011  05:13 PM           (2,421) 161427_100000152760326_4221001_q.jpg
09/15/2011  05:13 PM           (2,441) 161591_100001685518288_7247679_q.jpg
09/15/2011  05:13 PM           (2,152) 173433_100001376111248_4219152_q.jpg
09/15/2011  05:13 PM           (2,193) 174381_100001826247183_4350517_q.jpg
09/15/2011  05:13 PM           (2,650) 174455_100001645804299_7903044_q.jpg
09/15/2011  05:13 PM           (2,690) 187143_100002434780460_680334_q.jpg
09/15/2011  05:13 PM           (2,275) 187200_100000142399087_4874456_q.jpg
09/15/2011  05:13 PM           (8,459) 195361_1535924630_1911258_s.jpg
09/15/2011  05:13 PM           (2,886) 1iO7XjW7Qh8.css
09/15/2011  05:13 PM           (2,186) 202855_598435341_248051_q.jpg
09/15/2011  05:13 PM           (2,142) 203040_100002201841858_6973097_q.jpg
09/15/2011  05:13 PM           (2,271) 203042_667377738_4252690_q.jpg
09/15/2011  05:13 PM           (2,859) 203069_100001194740039_5117609_q.jpg
09/15/2011  05:13 PM           (2,702) 203263_1553209163_5853393_q.jpg
09/15/2011  05:13 PM           (3,012) 203306_100001606492332_6633518_q.jpg
09/15/2011  05:13 PM           (2,578) 203413_100000877882864_7294532_q.jpg
09/15/2011  05:13 PM           (2,590) 211073_7126051465_1541419_q.jpg
09/15/2011  05:13 PM           (2,047) 211224_100002138670872_4382303_q.jpg
09/15/2011  05:13 PM           (2,950) 211580_543428090_1109082_q.jpg
09/15/2011  05:13 PM           (3,077) 211668_100001722488709_4377044_q.jpg
09/15/2011  05:13 PM           (2,706) 260921_100000181767839_1707459422_q.jpg
09/15/2011  05:13 PM           (2,169) 261032_1344841853_2612839_q.jpg
09/15/2011  05:13 PM           (2,784) 273249_100001771345765_7011265_q.jpg
09/15/2011  05:13 PM           (3,002) 273374_100002031916362_1096822109_q.jpg
09/15/2011  05:13 PM           (2,479) 273403_1491061380_616629743_q.jpg
09/15/2011  05:13 PM           (2,279) 273463_1529634629_2005240524_q.jpg
09/15/2011  05:13 PM           (2,886) 273502_100000009259897_1669771_q.jpg
09/15/2011  05:13 PM           (6,209) 273598_100000136656885_614920902_s.jpg
09/15/2011  05:13 PM           (2,522) 273656_100001125940800_1952961995_q.jpg
09/15/2011  05:13 PM           (7,043) 274017_1294533038_433348425_s.jpg
09/15/2011  05:13 PM           (2,524) 274090_1763214619_928814907_q.jpg
09/15/2011  05:13 PM           (2,624) 274113_1380415786_1136265825_q.jpg
09/15/2011  05:13 PM           (2,449) 274155_100000377583833_7150190_q.jpg
09/15/2011  05:13 PM           (2,274) 274291_571871900_8214107_q.jpg
09/15/2011  05:13 PM           (2,547) 27443_100000110315201_3983_q.jpg
09/15/2011  05:13 PM           (2,775) 274501_100002493065201_8251596_q.jpg
09/15/2011  05:13 PM           (3,228) 274829_1167377781_2130218197_q.jpg
09/15/2011  05:13 PM           (2,377) 274863_100002754633359_1721828841_q.jpg
09/15/2011  05:13 PM           (2,261) 274864_100001282371352_1727467_q.jpg
09/15/2011  05:13 PM           (2,232) 274882_100001750366869_5342855_q.jpg
09/15/2011  05:13 PM           (2,310) 274972_100002003995484_7706146_q.jpg
09/15/2011  05:13 PM           (2,992) 275002_100002515736823_1196558036_q.jpg
09/15/2011  05:13 PM           (2,327) 275107_1685184425_1295075345_q.jpg
09/15/2011  05:13 PM           (2,178) 275138_1339955348_1699137919_q.jpg
09/15/2011  05:13 PM           (1,987) 275144_1018628734_2650907_q.jpg
09/15/2011  05:13 PM           (2,493) 275160_100000411257275_2022991324_q.jpg
09/15/2011  05:13 PM           (1,948) 275222_687112235_1050218057_q.jpg
09/15/2011  05:13 PM           (2,606) 275239_100002486814847_245391114_q.jpg
09/15/2011  05:13 PM           (2,556) 275259_100001166008690_343443188_q.jpg
09/15/2011  05:13 PM           (2,487) 275266_100000674758361_1627822611_q.jpg
09/15/2011  05:13 PM           (2,608) 275774_100002836563800_1756066_q.jpg
09/15/2011  05:13 PM           (2,653) 275796_100000132684158_124791_q.jpg
09/15/2011  05:13 PM           (2,217) 275804_100000212853543_813995329_q.jpg
09/15/2011  05:13 PM           (2,620) 275805_1270445239_1275662592_q.jpg
09/15/2011  05:13 PM           (2,937) 275908_642822890_588578813_q.jpg
09/15/2011  05:13 PM           (2,165) 275962_100002598277013_1844722873_q.jpg
09/15/2011  05:13 PM           (3,022) 275979_100002005802000_782975_q.jpg
09/15/2011  05:13 PM           (2,078) 275986_100001422366461_1505870418_q.jpg
09/15/2011  05:13 PM           (2,290) 276008_100000982006184_1903812_q.jpg
09/15/2011  05:13 PM           (2,418) 276155_1540343392_299173_q.jpg
09/15/2011  05:13 PM           (2,390) 276328_555292941_7518184_q.jpg
09/15/2011  05:13 PM           (2,515) 276372_100001927838162_397061700_q.jpg
09/15/2011  05:13 PM           (2,310) 276384_100000483641663_565979146_q.jpg
09/15/2011  05:13 PM          (15,957) 276449_194996263899358_1813144626_n.jpg
09/15/2011  05:13 PM           (2,524) 276449_194996263899358_1813144626_q.jpg
09/15/2011  05:13 PM          (88,499) 34227_1483137129483_1565503996_31171680_567783_n.jpg
09/15/2011  05:13 PM           (2,846) 368715_100000656077315_756552285_q.jpg
09/15/2011  05:13 PM           (2,482) 41380_1538073206_6614_q.jpg
09/15/2011  05:13 PM           (2,565) 41465_617172160_3330_q.jpg
09/15/2011  05:13 PM           (2,902) 41648_1565503996_1744_q.jpg
09/15/2011  05:13 PM           (2,627) 41654_17822042_9943_q.jpg
09/15/2011  05:13 PM           (2,980) 48829_1773672826_1600908_q.jpg
09/15/2011  05:13 PM          (22,485) 49ZEvl0J59B.js
09/15/2011  05:13 PM           (2,650) 6XmnaitHlx3.css
09/15/2011  05:13 PM           (3,574) 86cnPEsAWZL.css
09/15/2011  05:13 PM          (13,744) 8rx6EKXQ3an.js
09/15/2011  05:13 PM           (3,795) 9RgUs_Rl8Xb.css
09/15/2011  05:13 PM          (16,938) 9X-hGjmmC19.js
09/15/2011  05:13 PM             (833) ACea-r4voNi.js
09/15/2011  05:13 PM           (4,443) ai.htm
09/15/2011  05:13 PM          (41,985) ARLeeAfa0UF.js
09/15/2011  05:13 PM          (10,866) Auo4xRDh0AB.js
09/15/2011  05:13 PM          (12,941) bFn_CfUCNis.js
09/15/2011  05:13 PM           (1,627) cjAyy1CvslA.js
09/15/2011  05:13 PM           (4,064) cwoTiMvsJVq.css
09/15/2011  05:13 PM             (463) D-4QGnNagV6.css
09/15/2011  05:13 PM             (631) DctbpD_3p6K.css
09/15/2011  05:13 PM          (18,641) elwwSDjKYPa.css
09/15/2011  05:13 PM          (54,284) F57s6wDufOo.js
09/15/2011  05:13 PM             (916) GF0E58SOjIv.js
09/15/2011  05:13 PM             (522) GsNJNwuI-UM.gif
09/15/2011  05:13 PM          (39,800) GSWlTj9_bcb.css
09/15/2011  05:13 PM          (42,874) i9AGFgh-UYl.js
09/15/2011  05:13 PM           (2,327) jLGM_hK_GG8.js
09/15/2011  05:13 PM           (3,029) JNhgJHRSgRa.js
09/15/2011  05:13 PM           (2,369) J_uJNmop3Kb.js
09/15/2011  05:13 PM           (7,634) lGTiTHkFAXa.js
09/15/2011  05:13 PM           (2,693) ll2e8o3LN1b.css
09/15/2011  05:13 PM           (1,609) LzAFHbTKrbn.js
09/15/2011  05:13 PM          (29,341) mk10WD4vhr5.js
09/15/2011  05:13 PM         (132,758) mQAEtpsJHMS.js
09/15/2011  05:13 PM          (56,558) nAKcE2Qpm5m.js
09/15/2011  05:13 PM           (3,121) nEIPmGFoo-9.css
09/15/2011  05:13 PM             (174) o19N6EzzbUm.png
09/15/2011  05:13 PM          (22,059) PaC9KMo9WRY.css
09/15/2011  05:13 PM          (12,019) PMAtTpNCeUF.js
09/15/2011  05:13 PM         (112,385) pMhXeuprfua.js
09/15/2011  05:13 PM          (26,618) qe1s9xllv43.js
09/15/2011  05:13 PM           (4,705) QvpLvwoXm8z.css
09/15/2011  05:13 PM           (6,911) RhVKYDrCd-L.js
09/15/2011  05:13 PM          (24,101) rj2Ho_VO4gR.js
09/15/2011  05:13 PM           (2,609) safe_image(1).php
09/15/2011  05:13 PM           (2,974) safe_image(2).php
09/15/2011  05:13 PM           (2,220) safe_image.php
09/15/2011  05:13 PM           (7,207) scqqDOEkQXU.js
09/15/2011  05:13 PM           (3,208) sG0qjs5ttcy.css
09/15/2011  05:13 PM          (27,110) S_yNEYNlo3l.css
09/15/2011  05:13 PM             (931) T6cbLf9xS-k.js
09/15/2011  05:13 PM           (6,831) T9Gk5cHOu4E.js
09/15/2011  05:13 PM             (722) tFdTwQZN9MQ.css
09/15/2011  05:13 PM          (11,488) VpFzEKdwiwB.css
09/15/2011  05:13 PM           (3,177) VYb-iUbxVJR.css
09/15/2011  05:13 PM           (6,454) X8Gh5SlCU_J.css
09/15/2011  05:13 PM          (28,962) X9pS24eprp8.css
09/15/2011  05:13 PM           (4,826) Xa0vi1BoHo6.js
09/15/2011  05:13 PM         (127,127) XKvsPakHO7S.js
09/15/2011  05:13 PM           (3,241) xPn6-VxuH6b.css
09/15/2011  05:13 PM             (530) xrEeXUiCo9E.js
09/15/2011  05:13 PM          (96,191) xX1D36Nug3D.js
09/15/2011  05:13 PM           (4,159) ZdrurAdHfp1.css
             136 File(s)      1,443,123 bytes
 Directory of C:\Users\Martha\OneDrive\MyPix\Psychological
08/29/2012  06:52 PM           (6,542) beinggrounded.jpg
               1 File(s)          6,542 bytes
 Directory of C:\Users\Public\Documents
08/22/2013  10:45 AM    <JUNCTION>     My Music [C:\Users\Public\Music]
08/22/2013  10:45 AM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
08/22/2013  10:45 AM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
07/04/2014  12:38 PM    <JUNCTION>     Content.IE5 [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
               0 File(s)              0 bytes
 Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
07/04/2014  12:38 PM    <JUNCTION>     Content.IE5 [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
               0 File(s)              0 bytes
     Total Files Listed:
             175 File(s)     13,123,529 bytes
              91 Dir(s)  417,561,755,648 bytes free
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 969 bytes -> C:\Users\Martha\Documents\ME Trng_ Thurs_ 6_14_07 w_Mike Harris on NM HAP Tips.eml:OECustomProperty
@Alternate Data Stream - 935 bytes -> C:\Users\Martha\Documents\KTFA26 4_5_2012___Frank's Post.eml:OECustomProperty
@Alternate Data Stream - 809 bytes -> C:\Users\Martha\Documents\RE_ Request Rental Agreement.eml:OECustomProperty
@Alternate Data Stream - 220 bytes -> C:\Users\Martha\OneDrive:ms-properties
 
< End of report >
 

  • 0

#4
pystryker
Posted 09 July 2014 - 05:55 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

Howdy Pystryker, Am I glad to see you. Okkkay...I did all of the above and have the logs below! I will put them in the order as listed above. Here's hoping I did them correctly. LESI :geek:


Hello :) the logs look good except for one setting in Chrome. It's still showing search.conduit.com as your home page. Please follow the instructions below to change it and remove search.conduit.com from your list of pages.

After that, we'll run some scans for remnants. :thumbsup:


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Chrome Homepage Change


We need to change your homepage in Chrome. Please follow the instructions below.
  • Open Chrome and type this in the address bar: chrome:settings
  • When the Settings page opens, look under On Startup and then click Open a specific set of pages and click Set Pages
  • When the window opens, type in any page you wish as your new start page.
  • Once you have typed in your new home page, close the window.
Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 2: Scan with Malwarebytes


Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings_zpsb6b9ada0.jpg

Go back to the Dashboard and select Scan Now

MBAMScan_zps8ba7d192.jpg

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot_zps9089ab30.jpg

MBAMLog_zpsade07f42.jpg

On completion of the scan (or after the reboot), start MBAM,

Click History, then Application Logs, then check the Select box by the first Scan Log in the list.

Click View, then click Export, select text file and save to the desktop as MBAM.txt and post in your next reply.



Step 3: Scan with ESET Online Scanner


Please note: You can use Internet Explorer or Firefox for this step. Either browser used will have to be ran in admin mode.

Right click on either the Internet Explorer icon or the Firefox icon in the Start Menu or Quick Launch Bar on the Task bar and select Run as Administrator from the menu.

If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.

Please click on this link and then click the ESET Online Scanner bar ---->esetbar_zps93905f48.jpg
  • Select the option YES, I accept the Terms of Use then click on Start
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • Now click on Finish
  • Use notepad to open the logfile located at C:\Program Files(x86)\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Step 4: SecurityCheck Scan


Download Security Checksecuritycheck_zpsb7736812.jpg by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Things I need to see in your next post:
  • ESET Scan Log
  • MBAM Log
  • SecurityCheck Log
  • Question: How is the computer running?

  • 0

#5
LESI
Posted 10 July 2014 - 08:40 AM

LESI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Pystryker,....hi again...I've done all that, and am listing my logs....it was slow to type in chats yesterday still....and slow to load the browser tabs, and the videos stop/start frequently...do I need to live with that if I have say, 5 tabs open?

 

Wow...that was an overnight job with ESET and I am hoping that I've done it well enough here.  Forward March, LESI  :wave:

 

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=96609ab176f50a4ab0f4da20fe9e06ea
# engine=19106
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-07-10 07:34:55
# local_time=2014-07-10 03:34:55 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 0 0 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 0 2101217 0 0
# scanned=230055
# found=0
# cleaned=0
# scan_time=5089
 
=====================================================================================================
 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 7/10/2014
Scan Time: 12:46:15 AM
Logfile: MBAM.07.10.14.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.07.09.13
Rootkit Database: v2014.07.09.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Martha
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 353700
Time Elapsed: 34 min, 4 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
PUP.Optional.Conduit.A, C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (   "homepage": "http://search.condui...49F281233&SSPV=",), Replaced,[89f6c7d6a9d267cf530db910a85c33cd]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
======================================================================================================================================
 

 Results of screen317's Security Check version 0.99.85  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender   
avast! Antivirus   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 60  
 Adobe Reader XI  
 Mozilla Firefox (29.0) 
 Google Chrome 35.0.1916.114  
 Google Chrome 35.0.1916.153  
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 

  • 0

#6
pystryker
Posted 10 July 2014 - 06:18 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

Pystryker,....hi again...I've done all that, and am listing my logs....it was slow to type in chats yesterday still....and slow to load the browser tabs, and the videos stop/start frequently...do I need to live with that if I have say, 5 tabs open?


Hello :)

It's a possibility that you have a lot going on that's consuming system resources and slowing things down, but let's take a deeper look with a couple of different tools and make sure there's nothing left. The MBAM and ESET scans were very good, in that only one item was found and eliminated. :thumbsup:



Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Scan with TDSSKiller


Please download TDSSKiller to the desktop.

Alternate download is here.
  • Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
  • When the main GUI(graphical user interface) window opens, click on Change Parameters
  • Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • A Report will have been created by TDSSKiller in your root directory C:\
  • To find the log go to Start(Windows 7 Orb) > Computer > C: >> TDSSKiller.V.V.V.VV_DD.DD.YYYY_TT.TT.TT_log <-- The letters denote the version and date & time etc.
  • Post the contents of that log in your next reply please.
Note: Do not have TDSSKiller remove anything if found at this point in time!


Step 2: Scan with Farbar's Recovery Scan Tool


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Place a check in the box marked Addition.txt

    farbarmainpanel_zps77bf9e25.jpg
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Things I need to see in your next post:

TDSSKiller Log

FRST Log

Addition.txt Log
  • 0

#7
LESI
Posted 11 July 2014 - 09:51 AM

LESI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Pystryker: The logs copy/pasted into this box are not allowing me to post ...so if this one log posts, I'll post the other 2 separately too. LESI

Here's the FRST log


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-07-2014 01
Ran by Martha (administrator) on HP-ALLINONE on 11-07-2014 01:21:30
Running from C:\Users\Martha\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Farbar) C:\Users\Martha\Downloads\FRST64 (2).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6844560 2013-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-04] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-07-08] (Hewlett-Packard)
HKU\S-1-5-21-1584447337-3020926857-578221619-1001\...\Run: [FreeScreenSharing] => C:\Users\Martha\AppData\Local\FreeScreenSharing\FreeScreenSharing.exe [2266104 2013-06-26] ()
HKU\S-1-5-21-1584447337-3020926857-578221619-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPDSK13/1
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM - {84B29D74-CDD6-47A8-9ECE-278809800D63} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - URL http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.searc...x={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\ad89ajwx.default
FF DefaultSearchEngine: Microsoft (Bing)
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Microsoft (Bing)
FF Homepage: hxxp://www.msn.com/?pc=AV01
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @startmeeting.com/launcher - C:\Users\Martha\AppData\Local\SMPlugins\npsmlauncher.dll (Start Meeting)
FF Plugin HKCU: gamevenus.com/CertifiedBrowser - C:\Users\Martha\AppData\Roaming\GVU Technologies\YouTubeDownloaderConverter\npCertifiedBrowser.dll (GVU Technologies)
FF Plugin HKCU: hp.com/HPDetect - C:\Users\Martha\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)
FF SearchPlugin: C:\Users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\ad89ajwx.default\searchplugins\bing-avast.xml
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected]
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected] [2014-01-13]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected]
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected] [2014-01-13]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-04]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3321972&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SP2360F13D-99DE-423C-9AFA-E7849F281233&SSPV=
CHR StartupUrls: "hxxp://solidtrustnews.com/help-centre/", "hxxp://www.geekstogo.com/forum/topic/340422-pupconduita-and-more/", "hxxp://www.aboutads.info/choices/#completed"
CHR DefaultSearchKeyword: ixquick.com
CHR DefaultSearchProvider: Ixquick
CHR DefaultSearchURL: http://ixquick.com/d...anguage=english
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-15]
CHR Extension: (Google Drive) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (YouTube) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-15]
CHR Extension: (Google Search) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-15]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-04-10]
CHR Extension: (Skype Click to Call) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-14]
CHR Extension: (Google Wallet) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-15]
CHR Extension: (Gmail) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-04]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-04] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [103936 2014-01-13] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-01-13] (Ellora Assets Corp.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-07-19] (Hewlett-Packard)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-06-19] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-19] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-19] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-04] ()
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-19] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-11 01:21 - 2014-07-11 01:22 - 00020434 _____ () C:\Users\Martha\Downloads\FRST.txt
2014-07-11 01:20 - 2014-07-11 01:21 - 00000000 ____D () C:\FRST
2014-07-11 01:19 - 2014-07-11 01:19 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (2).exe
2014-07-11 01:18 - 2014-07-11 01:18 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64.exe
2014-07-11 01:18 - 2014-07-11 01:18 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (1).exe
2014-07-11 01:16 - 2014-07-11 01:16 - 00558856 _____ () C:\Users\Martha\Desktop\TDSKiller.07.11.14.txt.one
2014-07-11 01:03 - 2014-07-11 01:04 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Martha\Downloads\tdsskiller.exe
2014-07-10 10:30 - 2014-07-10 10:30 - 00000829 _____ () C:\Users\Martha\Desktop\checkup.0710.14.txt
2014-07-10 10:25 - 2014-07-10 10:25 - 00854390 _____ () C:\Users\Martha\Downloads\SecurityCheck.exe
2014-07-10 01:59 - 2014-07-10 01:59 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(3).exe
2014-07-10 01:58 - 2014-07-10 01:58 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(2).exe
2014-07-10 01:56 - 2014-07-10 01:56 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(1).exe
2014-07-10 01:35 - 2014-07-10 01:35 - 00001341 _____ () C:\Users\Martha\Desktop\MBAM.07.10.14.txt
2014-07-10 01:26 - 2014-06-26 16:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-07-10 01:26 - 2014-06-26 16:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 19:31 - 2014-04-13 23:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-09 19:29 - 2014-07-09 19:29 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 19:07 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-09 19:07 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-09 19:07 - 2014-06-18 19:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-09 19:07 - 2014-06-18 18:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-09 19:07 - 2014-06-16 18:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-09 19:07 - 2014-06-16 18:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-09 19:07 - 2014-06-06 10:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-09 19:06 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-09 19:06 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-09 19:06 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-09 19:06 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-09 19:06 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-09 19:06 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-09 19:06 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-09 19:06 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-09 19:06 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-09 19:06 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-09 19:06 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-09 19:06 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-09 19:06 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-09 19:06 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-09 19:06 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-09 19:06 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-09 19:06 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-09 19:06 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-09 19:06 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-09 19:06 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-09 19:06 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-09 19:06 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-09 19:06 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-09 19:06 - 2014-05-29 23:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-09 19:06 - 2014-05-29 08:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-09 19:06 - 2014-05-29 03:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-09 19:06 - 2014-05-29 02:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-09 19:06 - 2014-05-29 02:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-09 19:06 - 2014-05-29 01:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-09 19:06 - 2014-05-29 01:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 19:05 - 2014-06-30 18:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-09 19:05 - 2014-06-28 03:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-09 19:05 - 2014-06-28 03:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-09 19:05 - 2014-06-06 09:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-09 19:05 - 2014-06-06 08:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-09 19:05 - 2014-05-31 06:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-09 19:05 - 2014-05-31 06:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-09 19:05 - 2014-05-30 23:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-09 19:05 - 2014-05-30 23:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-09 19:05 - 2014-05-30 23:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 19:05 - 2014-05-30 23:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-09 19:05 - 2014-05-30 23:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-09 19:05 - 2014-05-30 23:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 19:05 - 2014-05-30 22:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-09 19:05 - 2014-05-30 22:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-09 19:05 - 2014-05-30 22:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-09 19:05 - 2014-05-30 22:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-09 19:05 - 2014-05-30 22:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-09 19:05 - 2014-05-30 22:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-09 19:05 - 2014-05-30 22:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-09 19:00 - 2014-07-09 19:00 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 18:58 - 2014-07-10 01:25 - 00000360 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForMartha.job
2014-07-09 18:58 - 2014-07-09 18:58 - 00003176 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForMartha
2014-07-09 09:03 - 2014-07-09 09:03 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT (2).exe
2014-07-09 09:01 - 2014-07-09 09:01 - 00215740 _____ () C:\Users\Martha\Desktop\OTL.07.09.14.Txt
2014-07-09 02:51 - 2014-07-09 02:51 - 00215738 _____ () C:\Users\Martha\Desktop\OTL.Txt
2014-07-09 01:59 - 2014-07-09 01:59 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT (1).exe
2014-07-09 01:56 - 2014-07-09 01:56 - 00002993 _____ () C:\Users\Martha\Desktop\JRT.07.09.14.txt
2014-07-09 01:53 - 2014-07-09 01:53 - 00002993 _____ () C:\Users\Martha\Desktop\JRT.txt
2014-07-09 01:28 - 2014-07-09 01:28 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-09 01:26 - 2014-07-09 01:26 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT.exe
2014-07-09 01:25 - 2014-07-09 01:25 - 01348263 _____ () C:\Users\Martha\Downloads\AdwCleaner (2).exe
2014-07-09 01:23 - 2014-07-09 01:23 - 00003189 _____ () C:\Users\Martha\Desktop\AdwCleaner.07.09.14[S0].txt
2014-07-09 01:10 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-09 01:04 - 2014-07-09 01:15 - 00000000 ____D () C:\AdwCleaner
2014-07-09 01:03 - 2014-07-09 01:03 - 01348263 _____ () C:\Users\Martha\Downloads\AdwCleaner (1).exe
2014-07-09 01:00 - 2014-07-09 01:00 - 00007978 _____ () C:\Users\Martha\Desktop\07092014_005154.log
2014-07-09 00:51 - 2014-07-09 00:51 - 00000000 ____D () C:\_OTL
2014-07-08 11:43 - 2014-07-08 11:43 - 00091520 _____ () C:\Users\Martha\Desktop\Fixlist.one
2014-07-07 23:14 - 2014-07-07 23:14 - 00151692 _____ () C:\Users\Martha\Desktop\OTL.07.07.14.Txt
2014-07-07 23:14 - 2014-07-07 23:14 - 00090754 _____ () C:\Users\Martha\Desktop\Extras.07.07.14.Txt
2014-07-07 23:08 - 2014-07-07 23:08 - 00090754 _____ () C:\Users\Martha\Downloads\Extras.Txt
2014-07-07 23:05 - 2014-07-07 23:05 - 00151692 _____ () C:\Users\Martha\Downloads\OTL.Txt
2014-07-07 22:38 - 2014-07-07 22:38 - 00602112 _____ (OldTimer Tools) C:\Users\Martha\Desktop\OTL.exe
2014-07-04 00:39 - 2014-07-04 00:39 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\AVAST Software
2014-07-04 00:38 - 2014-07-04 12:38 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-04 00:38 - 2014-07-04 00:38 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-04 00:38 - 2014-07-04 00:38 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-07-04 00:38 - 2014-07-04 00:38 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-04 00:38 - 2014-07-04 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-04 00:36 - 2014-07-04 00:36 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-04 00:33 - 2014-07-04 00:36 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-04 00:32 - 2014-07-04 00:33 - 91906368 _____ (AVAST Software) C:\Users\Martha\Downloads\avast_free_antivirus_setup.exe
2014-07-02 08:24 - 2014-07-02 08:24 - 00000746 _____ () C:\Users\Martha\Desktop\ESET.07.01.14.txt
2014-07-02 00:08 - 2014-07-02 00:08 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 00:07 - 2014-07-02 00:07 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu.exe
2014-07-01 18:08 - 2014-07-10 01:32 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-01 18:07 - 2014-07-01 18:07 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-01 18:07 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-01 18:07 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-01 18:07 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-01 18:05 - 2014-07-01 18:06 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Martha\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 17:46 - 2014-07-01 17:46 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Martha\Downloads\mbam-clean-2.0.2.0.exe
2014-06-23 12:21 - 2014-06-23 12:21 - 00134448 _____ () C:\Users\Martha\Desktop\TDSKiller(1).txt.one
2014-06-21 19:58 - 2014-06-21 19:58 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Oracle
2014-06-21 18:56 - 2014-06-21 18:56 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-06-21 18:56 - 2014-06-21 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-21 18:56 - 2014-06-21 18:56 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-21 18:52 - 2014-06-21 18:52 - 00918952 _____ (Oracle Corporation) C:\Users\Martha\Downloads\chromeinstall-7u60.exe
2014-06-21 11:29 - 2014-05-19 02:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-21 11:29 - 2014-05-19 02:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-21 11:29 - 2014-05-19 01:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-19 23:56 - 2014-06-19 23:56 - 00000000 ____D () C:\ProgramData\Recovery
2014-06-19 23:12 - 2014-06-21 00:00 - 00000000 ___DC () C:\WINDOWS\Panther
2014-06-19 23:09 - 2014-06-19 23:09 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-06-19 23:09 - 2014-06-19 23:09 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-19 23:07 - 2014-06-19 23:07 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-19 23:06 - 2014-06-19 23:06 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-19 23:06 - 2014-06-19 23:06 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-19 23:06 - 2014-06-19 23:06 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-19 23:06 - 2014-06-19 23:06 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-19 23:05 - 2014-06-19 23:05 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-19 23:05 - 2014-06-19 23:05 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-06-19 23:04 - 2014-06-19 23:04 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-06-19 23:04 - 2014-06-19 23:04 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-06-19 22:59 - 2014-06-19 22:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-06-19 22:59 - 2014-06-19 22:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-06-19 22:57 - 2014-06-19 22:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-06-19 22:57 - 2014-06-19 22:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-06-19 22:57 - 2014-06-19 22:57 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-06-19 22:57 - 2014-06-19 22:57 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-06-19 22:57 - 2014-06-19 22:57 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-19 22:55 - 2014-06-19 22:55 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-19 22:55 - 2014-06-19 22:55 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-19 22:52 - 2014-06-19 22:52 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-06-19 22:49 - 2014-06-19 22:49 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-06-19 22:49 - 2014-06-19 22:49 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-06-19 22:49 - 2014-06-19 22:49 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files\MSBuild
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\inetpub
2014-06-19 22:48 - 2013-08-03 00:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-06-19 22:48 - 2013-08-03 00:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-19 22:48 - 2013-08-03 00:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-06-19 22:48 - 2013-08-03 00:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-06-19 22:48 - 2013-08-03 00:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-19 22:48 - 2013-08-03 00:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-06-19 20:24 - 2014-07-10 16:42 - 00000000 __RDO () C:\Users\Martha\OneDrive
2014-06-19 20:19 - 2014-06-19 20:19 - 00001444 _____ () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-19 20:18 - 2014-06-19 20:18 - 00000020 ___SH () C:\Users\Martha\ntuser.ini
2014-06-19 19:57 - 2014-06-19 19:57 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-06-19 19:49 - 2014-07-11 00:20 - 02007015 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-19 19:41 - 2014-06-19 19:41 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-06-19 19:32 - 2014-06-19 19:32 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-06-19 19:28 - 2014-06-19 20:24 - 00000000 ____D () C:\Users\Martha
2014-06-19 19:28 - 2014-06-19 19:58 - 00041913 _____ () C:\WINDOWS\diagwrn.xml
2014-06-19 19:28 - 2014-06-19 19:58 - 00041913 _____ () C:\WINDOWS\diagerr.xml
2014-06-19 19:28 - 2014-06-19 19:50 - 00000000 ____D () C:\Users\Betty
2014-06-19 19:28 - 2014-06-19 19:49 - 00000000 ____D () C:\Users\Administrator
2014-06-19 19:28 - 2014-06-19 19:32 - 00000000 ___RD () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:28 - 2014-06-19 19:32 - 00000000 ___RD () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:28 - 2014-06-19 19:30 - 00000000 ___RD () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:28 - 2014-06-19 19:30 - 00000000 ___RD () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:28 - 2014-06-19 19:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:28 - 2014-06-19 19:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:28 - 2014-06-19 19:30 - 00000000 ____D () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-06-19 19:28 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-19 19:28 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-19 19:28 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-19 19:28 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-19 19:28 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-19 19:22 - 2014-06-19 19:22 - 00930400 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-06-19 19:20 - 2014-06-19 19:32 - 00012096 _____ () C:\WINDOWS\iis.log
2014-06-19 19:17 - 2014-07-10 01:27 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-06-19 19:16 - 2014-06-19 19:16 - 00001370 _____ () C:\WINDOWS\system32\RaCoInst.log
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\Program Files\Realtek
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\AMD
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-06-19 19:15 - 2014-06-19 19:15 - 00000000 ____D () C:\Program Files\AMD
2014-06-19 18:05 - 2014-06-19 19:58 - 00006589 _____ () C:\WINDOWS\comsetup.log
2014-06-18 01:03 - 2014-06-18 01:03 - 06431728 _____ (Microsoft Corporation) C:\Users\Martha\Downloads\OSGS14-WindowsUpgradeAssistant-32bitand64bit-ClientSKU-4141411.exe
2014-06-18 00:50 - 2014-06-18 00:50 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\HewlettPackard
2014-06-17 17:48 - 2014-06-17 17:48 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-17 09:55 - 2014-06-17 09:55 - 00870104 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-06-17 09:55 - 2014-06-17 09:55 - 00073800 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll

==================== One Month Modified Files and Folders =======

2014-07-11 01:22 - 2014-07-11 01:21 - 00020434 _____ () C:\Users\Martha\Downloads\FRST.txt
2014-07-11 01:21 - 2014-07-11 01:20 - 00000000 ____D () C:\FRST
2014-07-11 01:19 - 2014-07-11 01:19 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (2).exe
2014-07-11 01:18 - 2014-07-11 01:18 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64.exe
2014-07-11 01:18 - 2014-07-11 01:18 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (1).exe
2014-07-11 01:16 - 2014-07-11 01:16 - 00558856 _____ () C:\Users\Martha\Desktop\TDSKiller.07.11.14.txt.one
2014-07-11 01:07 - 2013-10-15 00:47 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Skype
2014-07-11 01:04 - 2014-07-11 01:03 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Martha\Downloads\tdsskiller.exe
2014-07-11 01:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-11 00:38 - 2014-02-12 02:29 - 00000364 _____ () C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2014-07-11 00:32 - 2013-10-14 14:07 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1584447337-3020926857-578221619-1001
2014-07-11 00:27 - 2013-10-15 01:34 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-11 00:27 - 2013-10-15 01:34 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-11 00:27 - 2013-10-15 01:34 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-11 00:20 - 2014-06-19 19:49 - 02007015 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-10 16:42 - 2014-06-19 20:24 - 00000000 __RDO () C:\Users\Martha\OneDrive
2014-07-10 10:30 - 2014-07-10 10:30 - 00000829 _____ () C:\Users\Martha\Desktop\checkup.0710.14.txt
2014-07-10 10:25 - 2014-07-10 10:25 - 00854390 _____ () C:\Users\Martha\Downloads\SecurityCheck.exe
2014-07-10 04:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-10 01:59 - 2014-07-10 01:59 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(3).exe
2014-07-10 01:58 - 2014-07-10 01:58 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(2).exe
2014-07-10 01:56 - 2014-07-10 01:56 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(1).exe
2014-07-10 01:56 - 2014-05-09 14:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-10 01:35 - 2014-07-10 01:35 - 00001341 _____ () C:\Users\Martha\Desktop\MBAM.07.10.14.txt
2014-07-10 01:32 - 2014-07-01 18:08 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-10 01:27 - 2014-06-19 19:17 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-07-10 01:25 - 2014-07-09 18:58 - 00000360 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForMartha.job
2014-07-10 01:25 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-10 01:24 - 2013-08-22 10:44 - 00419792 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-10 01:23 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-10 01:22 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-10 01:22 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 01:22 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 01:22 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-09 19:42 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-09 19:40 - 2013-10-15 18:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 19:39 - 2013-10-16 02:04 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 19:35 - 2013-10-16 02:04 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-09 19:35 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-09 19:30 - 2014-03-18 05:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 19:29 - 2014-07-09 19:29 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 19:00 - 2014-07-09 19:00 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 18:58 - 2014-07-09 18:58 - 00003176 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForMartha
2014-07-09 09:03 - 2014-07-09 09:03 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT (2).exe
2014-07-09 09:01 - 2014-07-09 09:01 - 00215740 _____ () C:\Users\Martha\Desktop\OTL.07.09.14.Txt
2014-07-09 02:51 - 2014-07-09 02:51 - 00215738 _____ () C:\Users\Martha\Desktop\OTL.Txt
2014-07-09 01:59 - 2014-07-09 01:59 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT (1).exe
2014-07-09 01:56 - 2014-07-09 01:56 - 00002993 _____ () C:\Users\Martha\Desktop\JRT.07.09.14.txt
2014-07-09 01:53 - 2014-07-09 01:53 - 00002993 _____ () C:\Users\Martha\Desktop\JRT.txt
2014-07-09 01:28 - 2014-07-09 01:28 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-09 01:26 - 2014-07-09 01:26 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT.exe
2014-07-09 01:25 - 2014-07-09 01:25 - 01348263 _____ () C:\Users\Martha\Downloads\AdwCleaner (2).exe
2014-07-09 01:23 - 2014-07-09 01:23 - 00003189 _____ () C:\Users\Martha\Desktop\AdwCleaner.07.09.14[S0].txt
2014-07-09 01:20 - 2014-03-18 05:54 - 00063870 _____ () C:\WINDOWS\PFRO.log
2014-07-09 01:15 - 2014-07-09 01:04 - 00000000 ____D () C:\AdwCleaner
2014-07-09 01:08 - 2013-11-19 17:14 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-07-09 01:07 - 2013-11-19 17:14 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-09 01:03 - 2014-07-09 01:03 - 01348263 _____ () C:\Users\Martha\Downloads\AdwCleaner (1).exe
2014-07-09 01:00 - 2014-07-09 01:00 - 00007978 _____ () C:\Users\Martha\Desktop\07092014_005154.log
2014-07-09 00:51 - 2014-07-09 00:51 - 00000000 ____D () C:\_OTL
2014-07-08 11:43 - 2014-07-08 11:43 - 00091520 _____ () C:\Users\Martha\Desktop\Fixlist.one
2014-07-08 08:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-07 23:14 - 2014-07-07 23:14 - 00151692 _____ () C:\Users\Martha\Desktop\OTL.07.07.14.Txt
2014-07-07 23:14 - 2014-07-07 23:14 - 00090754 _____ () C:\Users\Martha\Desktop\Extras.07.07.14.Txt
2014-07-07 23:08 - 2014-07-07 23:08 - 00090754 _____ () C:\Users\Martha\Downloads\Extras.Txt
2014-07-07 23:05 - 2014-07-07 23:05 - 00151692 _____ () C:\Users\Martha\Downloads\OTL.Txt
2014-07-07 22:38 - 2014-07-07 22:38 - 00602112 _____ (OldTimer Tools) C:\Users\Martha\Desktop\OTL.exe
2014-07-04 12:38 - 2014-07-04 00:38 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-04 00:44 - 2014-05-09 14:11 - 00001097 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-04 00:44 - 2014-05-09 14:11 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-04 00:39 - 2014-07-04 00:39 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\AVAST Software
2014-07-04 00:38 - 2014-07-04 00:38 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-04 00:38 - 2014-07-04 00:38 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-04 00:38 - 2014-07-04 00:38 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-07-04 00:38 - 2014-07-04 00:38 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-04 00:38 - 2014-07-04 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-04 00:36 - 2014-07-04 00:36 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-04 00:36 - 2014-07-04 00:33 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-04 00:33 - 2014-07-04 00:32 - 91906368 _____ (AVAST Software) C:\Users\Martha\Downloads\avast_free_antivirus_setup.exe
2014-07-02 08:24 - 2014-07-02 08:24 - 00000746 _____ () C:\Users\Martha\Desktop\ESET.07.01.14.txt
2014-07-02 00:08 - 2014-07-02 00:08 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 00:07 - 2014-07-02 00:07 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu.exe
2014-07-01 20:07 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\schemas
2014-07-01 18:07 - 2014-07-01 18:07 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-01 18:06 - 2014-07-01 18:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Martha\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 17:46 - 2014-07-01 17:46 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Martha\Downloads\mbam-clean-2.0.2.0.exe
2014-06-30 18:45 - 2014-07-09 19:05 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-28 03:48 - 2014-07-09 19:05 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-28 03:07 - 2014-07-09 19:05 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-06-26 16:55 - 2014-07-10 01:26 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 16:55 - 2014-07-10 01:26 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-23 12:21 - 2014-06-23 12:21 - 00134448 _____ () C:\Users\Martha\Desktop\TDSKiller(1).txt.one
2014-06-21 19:59 - 2014-03-18 06:03 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-21 19:58 - 2014-06-21 19:58 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Oracle
2014-06-21 19:21 - 2013-10-15 13:43 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-21 18:56 - 2014-06-21 18:56 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-06-21 18:56 - 2014-06-21 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-21 18:56 - 2014-06-21 18:56 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-21 18:54 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-06-21 18:52 - 2014-06-21 18:52 - 00918952 _____ (Oracle Corporation) C:\Users\Martha\Downloads\chromeinstall-7u60.exe
2014-06-21 00:22 - 2013-10-15 01:34 - 00003894 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-21 00:22 - 2013-10-15 01:34 - 00003658 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-21 00:05 - 2013-08-22 10:46 - 00368331 _____ () C:\WINDOWS\setupact.log
2014-06-21 00:00 - 2014-06-19 23:12 - 00000000 ___DC () C:\WINDOWS\Panther
2014-06-19 23:56 - 2014-06-19 23:56 - 00000000 ____D () C:\ProgramData\Recovery
2014-06-19 23:11 - 2013-08-22 11:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-06-19 23:09 - 2014-06-19 23:09 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-06-19 23:09 - 2014-06-19 23:09 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-19 23:07 - 2014-06-19 23:07 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-19 23:06 - 2014-06-19 23:06 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-19 23:06 - 2014-06-19 23:06 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-19 23:06 - 2014-06-19 23:06 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-19 23:06 - 2014-06-19 23:06 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-19 23:05 - 2014-06-19 23:05 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-19 23:05 - 2014-06-19 23:05 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-19 23:05 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-06-19 23:04 - 2014-06-19 23:04 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-06-19 23:04 - 2014-06-19 23:04 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-06-19 23:04 - 2014-06-19 23:04 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-06-19 23:01 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-06-19 23:00 - 2014-06-19 23:00 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-06-19 22:59 - 2014-06-19 22:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-06-19 22:59 - 2014-06-19 22:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-06-19 22:57 - 2014-06-19 22:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-06-19 22:57 - 2014-06-19 22:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-06-19 22:57 - 2014-06-19 22:57 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-06-19 22:57 - 2014-06-19 22:57 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-06-19 22:57 - 2014-06-19 22:57 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-19 22:55 - 2014-06-19 22:55 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-19 22:55 - 2014-06-19 22:55 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-19 22:55 - 2014-06-19 22:55 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-19 22:52 - 2014-06-19 22:52 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-06-19 22:49 - 2014-06-19 22:49 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-06-19 22:49 - 2014-06-19 22:49 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-06-19 22:49 - 2014-06-19 22:49 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files\MSBuild
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\inetpub
2014-06-19 20:24 - 2014-06-19 19:28 - 00000000 ____D () C:\Users\Martha
2014-06-19 20:23 - 2013-02-25 19:42 - 00000000 ____D () C:\Users\Martha\AppData\Local\Packages
2014-06-19 20:19 - 2014-06-19 20:19 - 00001444 _____ () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-19 20:18 - 2014-06-19 20:18 - 00000020 ___SH () C:\Users\Martha\ntuser.ini
2014-06-19 19:58 - 2014-06-19 19:28 - 00041913 _____ () C:\WINDOWS\diagwrn.xml
2014-06-19 19:58 - 2014-06-19 19:28 - 00041913 _____ () C:\WINDOWS\diagerr.xml
2014-06-19 19:58 - 2014-06-19 18:05 - 00006589 _____ () C:\WINDOWS\comsetup.log
2014-06-19 19:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-06-19 19:57 - 2014-06-19 19:57 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-06-19 19:54 - 2013-08-22 11:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-06-19 19:53 - 2013-08-22 11:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-19 19:50 - 2014-06-19 19:28 - 00000000 ____D () C:\Users\Betty
2014-06-19 19:49 - 2014-06-19 19:28 - 00000000 ____D () C:\Users\Administrator
2014-06-19 19:44 - 2014-04-17 12:01 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-06-19 19:44 - 2014-04-17 12:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2014-06-19 19:44 - 2014-04-01 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unseen App
2014-06-19 19:44 - 2014-03-18 05:45 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-06-19 19:44 - 2014-03-14 08:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-19 19:44 - 2014-02-27 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-19 19:44 - 2014-02-01 12:03 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartMeeting
2014-06-19 19:44 - 2014-01-13 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-19 19:44 - 2013-11-21 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-06-19 19:44 - 2013-11-01 11:57 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeScreenSharing
2014-06-19 19:44 - 2013-10-17 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-06-19 19:44 - 2013-10-15 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-06-19 19:44 - 2013-10-15 01:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-19 19:44 - 2012-09-11 10:20 - 00000000 ____D () C:\WINDOWS\en
2014-06-19 19:44 - 2012-09-11 10:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-06-19 19:44 - 2012-09-11 09:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-19 19:44 - 2012-09-11 09:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-06-19 19:44 - 2012-09-11 09:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-06-19 19:44 - 2012-09-11 09:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-19 19:42 - 2013-08-22 11:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-06-19 19:42 - 2012-07-26 01:37 - 00000000 ____D () C:\Users\Default.migrated
2014-06-19 19:41 - 2014-06-19 19:41 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-06-19 19:41 - 2014-03-18 05:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-06-19 19:41 - 2014-03-18 05:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-06-19 19:41 - 2014-03-18 05:32 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-06-19 19:41 - 2013-11-19 21:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-06-19 19:41 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-06-19 19:41 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-19 19:40 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-06-19 19:39 - 2013-10-14 13:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2014-06-19 19:39 - 2013-08-22 11:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-06-19 19:39 - 2013-08-22 11:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-06-19 19:39 - 2013-08-22 11:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-06-19 19:39 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Help
2014-06-19 19:39 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-19 19:39 - 2012-09-11 09:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2014-06-19 19:39 - 2012-09-11 09:12 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-06-19 19:39 - 2012-08-01 22:05 - 00000000 ____D () C:\ProgramData\PRICache
2014-06-19 19:32 - 2014-06-19 19:32 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-06-19 19:32 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:32 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:32 - 2014-06-19 19:20 - 00012096 _____ () C:\WINDOWS\iis.log
2014-06-19 19:32 - 2014-01-13 21:46 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-19 19:32 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-06-19 19:30 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:30 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:30 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:30 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:30 - 2014-06-19 19:28 - 00000000 ____D () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-19 19:30 - 2014-05-20 18:02 - 00000000 ____D () C:\Users\Betty\AppData\Local\Packages
2014-06-19 19:30 - 2012-08-01 22:05 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2014-06-19 19:22 - 2014-06-19 19:22 - 00930400 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-06-19 19:20 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-06-19 19:20 - 2012-08-01 22:05 - 00000000 __SHD () C:\Recovery
2014-06-19 19:16 - 2014-06-19 19:16 - 00001370 _____ () C:\WINDOWS\system32\RaCoInst.log
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\Program Files\Realtek
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\AMD
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-06-19 19:15 - 2014-06-19 19:15 - 00000000 ____D () C:\Program Files\AMD
2014-06-19 19:14 - 2013-08-22 09:36 - 00000000 __RHD () C:\Users\Default
2014-06-19 18:37 - 2013-10-14 14:40 - 01509799 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-06-19 17:36 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-06-18 21:39 - 2014-07-09 19:07 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-18 20:48 - 2014-07-09 19:06 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-18 20:16 - 2014-07-09 19:07 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-18 20:09 - 2014-07-09 19:06 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-18 19:51 - 2014-07-09 19:06 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-18 19:50 - 2014-07-09 19:06 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-18 19:48 - 2014-07-09 19:06 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-18 19:46 - 2014-07-09 19:07 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-06-18 19:39 - 2014-07-09 19:06 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-18 19:33 - 2014-07-09 19:06 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-18 19:32 - 2014-07-09 19:06 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-18 19:27 - 2014-07-09 19:06 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-18 19:12 - 2014-07-09 19:06 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-18 18:59 - 2014-07-09 19:06 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-18 18:58 - 2014-07-09 19:06 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-18 18:58 - 2014-07-09 19:06 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-18 18:57 - 2014-07-09 19:07 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-06-18 18:52 - 2014-07-09 19:06 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-18 18:51 - 2014-07-09 19:06 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-18 18:49 - 2014-07-09 19:06 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-18 18:45 - 2014-07-09 19:06 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-18 18:35 - 2014-07-09 19:06 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-18 18:34 - 2014-07-09 19:06 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-18 18:15 - 2014-07-09 19:06 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-18 18:13 - 2014-07-09 19:06 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-18 18:09 - 2014-07-09 19:06 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-18 18:07 - 2014-07-09 19:06 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-18 01:03 - 2014-06-18 01:03 - 06431728 _____ (Microsoft Corporation) C:\Users\Martha\Downloads\OSGS14-WindowsUpgradeAssistant-32bitand64bit-ClientSKU-4141411.exe
2014-06-18 00:50 - 2014-06-18 00:50 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\HewlettPackard
2014-06-18 00:43 - 2014-02-12 02:30 - 00000000 ___RD () C:\Users\Martha\Documents\HP Photo Creations
2014-06-18 00:43 - 2013-10-17 22:04 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-06-17 17:48 - 2014-06-17 17:48 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-17 13:07 - 2014-03-01 13:17 - 00000000 ____D () C:\Users\Martha\Desktop\Kannaway
2014-06-17 09:55 - 2014-06-17 09:55 - 00870104 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-06-17 09:55 - 2014-06-17 09:55 - 00073800 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2014-06-17 09:55 - 2012-09-11 09:22 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-17 09:55 - 2012-08-01 23:15 - 00000000 ____D () C:\SWSETUP
2014-06-16 18:26 - 2014-07-09 19:07 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-06-16 18:24 - 2014-07-09 19:07 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe

Some content of TEMP:
====================
C:\Users\Martha\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-10 03:35

==================== End Of Log ============================
  • 0

#8
LESI
Posted 11 July 2014 - 09:53 AM

LESI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Pystryker,

Here's the Addition log. LESI


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-07-2014 01
Ran by Martha at 2014-07-11 01:24:18
Running from C:\Users\Martha\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
C4200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
c4200_Help (x32 Version: 82.0.210.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5510 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3109 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1902 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.8.5511 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.2 - Ellora Assets Corporation)
Freemake Youtube Mp3 Converter (HKLM-x32\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.6.2 - Ellora Assets Corporation)
FreeScreenSharing (HKCU\...\FreeScreenSharing) (Version: 0.56.22.0 - Free Conferencing Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 87) hp - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1202 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 12.0.13351.1658 - Hewlett-Packard)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Photosmart C4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{276C40A7-8110-4976-80D2-39C669B84D32}) (Version: 14.0 - HP)
HP Postscript Converter (Version: 4.6.12747 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Unified IO (Version: 2.0.0.434 - HP) Hidden
HP Unified IO (x32 Version: 2.0.0.434 - HP) Hidden
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDetect (HKLM-x32\...\{CCCDD476-98F9-4B06-91DB-23F27CEC3BE1}) (Version: 1.0.0.0 - HP)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
LiveUpload to YouTube (HKLM-x32\...\{9B2FBA60-AF4A-11DD-AD8B-0800200C9A66}) (Version: 1.1.0.0 - William Duff)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 29.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 en-US)) (Version: 29.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
PS_AIO_Software_min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.0.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6777 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28137 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
StartMeeting (HKCU\...\StartMeeting) (Version: 1.3.3080.1001 - Start Meeting LLC)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Unseen App version 0.1.6 (HKLM-x32\...\{F2456876-05A8-440D-83D1-7BA229F68411}_is1) (Version: 0.1.6 - Unseen.is)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
YouTubeDownloaderConverter (HKLM-x32\...\{974A1DB5-D3B2-4491-B28F-3AA4045DBCE4}) (Version: 1.0.0 - GVU Technologies)

==================== Restore Points =========================

21-06-2014 22:54:44 Installed Java 7 Update 60
29-06-2014 13:33:02 Scheduled Checkpoint
04-07-2014 04:35:57 avast! antivirus system restore point
09-07-2014 04:52:06 OTL Restore Point - 7/9/2014 12:52:06 AM

==================== Hosts content: ==========================

2013-08-22 09:25 - 2014-07-09 00:55 - 00000098 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {18065B37-9DC0-4116-BB64-08678F6D8DEE} - System32\Tasks\HPCeeScheduleForMartha => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {19A0C5DA-14B7-4648-9A41-F5AA2ACF7C36} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {1BA85BE3-051C-45C0-B475-B1FC55319E81} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {35424841-6AF3-4A27-8412-B73BA2466AB1} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {38F858FC-2D2A-4E04-A460-BE909B7C6B88} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3DFF9AC5-FAC1-43DC-BAEA-4C58950AD937} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-04] (AVAST Software)
Task: {3EE49150-BEB3-4155-AC88-3193F5ECCC1F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {4434C001-972C-4F84-A1DA-C4298BB49536} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {56C886AA-0429-44D3-955D-4171FB32542C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7D753C45-778E-4D99-8935-493E7F07EDEF} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2011-09-20] ()
Task: {7DD3ED2F-2EB3-41A8-BD17-885385648377} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8F06F746-29F4-4642-BADE-141A6ECA8039} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A13688A5-2878-4233-89C2-A630D6572134} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {BA60BDB4-309D-41D5-B6AC-C185B6BC9510} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-15] (Google Inc.)
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D072EC4F-856D-460F-97B1-268818AC049A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DABBA08D-C74C-42AD-8326-052C8E26011F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-15] (Google Inc.)
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3014866-00E5-4F64-B398-679AD48C3C94} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EF18A7C7-41EE-45B4-B6C0-12D31100A158} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {F5B6249C-09CA-457F-94D5-BA5460BEF478} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForMartha.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2012-07-19 21:06 - 2012-07-19 21:06 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-07-19 21:06 - 2012-07-19 21:06 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-07-19 21:07 - 2012-07-19 21:07 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2014-06-19 20:19 - 2014-06-19 20:19 - 00120224 _____ () C:\Users\Martha\AppData\Local\assembly\dl3\OMM0704G.Y7R\B5EGOV8W.EZT\2368187e\0038bcf4_1366cd01\HPItunesModule.DLL
2012-05-04 19:42 - 2012-05-04 19:42 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2014-07-04 00:37 - 2014-07-04 00:37 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-10 19:55 - 2014-07-10 19:55 - 02792448 _____ () C:\Program Files\AVAST Software\Avast\defs\14071001\algo.dll
2012-09-11 09:44 - 2012-06-07 23:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 14:34 - 2012-06-08 14:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-07-04 00:37 - 2014-07-04 00:37 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Martha\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Martha\Documents\KTFA26 4_5_2012___Frank's Post.eml:OECustomProperty
AlternateDataStreams: C:\Users\Martha\Documents\ME Trng_ Thurs_ 6_14_07 w_Mike Harris on NM HAP Tips.eml:OECustomProperty
AlternateDataStreams: C:\Users\Martha\Documents\RE_ Request Rental Agreement.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKCU\...\StartupApproved\StartupFolder: => "OneNote 2010 Screen Clipper and Launcher.lnk"
HKCU\...\StartupApproved\Run: => "FreeScreenSharing"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/10/2014 08:36:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 440

Start Time: 01cf9c9dba369917

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 6cf758aa-0893-11e4-be90-4c72b9dfcdd8

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (07/10/2014 10:21:07 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/10/2014 04:39:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/10/2014 04:33:21 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/10/2014 01:57:00 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/10/2014 01:57:00 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/10/2014 01:28:10 AM) (Source: HP Connected Remote) (EventID: 0) (User: )
Description: Unable to download the update: ValidationError

Error: (07/09/2014 05:37:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP-ALLINONE)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/09/2014 05:23:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP-ALLINONE)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/09/2014 05:07:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP-ALLINONE)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (07/10/2014 01:25:16 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (07/09/2014 02:00:06 AM) (Source: DCOM) (EventID: 10010) (User: HP-ALLINONE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (07/09/2014 01:59:35 AM) (Source: DCOM) (EventID: 10010) (User: HP-ALLINONE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (07/09/2014 01:59:05 AM) (Source: DCOM) (EventID: 10010) (User: HP-ALLINONE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (07/09/2014 01:58:33 AM) (Source: DCOM) (EventID: 10010) (User: HP-ALLINONE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (07/09/2014 01:58:03 AM) (Source: DCOM) (EventID: 10010) (User: HP-ALLINONE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (07/09/2014 01:57:33 AM) (Source: DCOM) (EventID: 10010) (User: HP-ALLINONE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================
Error: (07/10/2014 08:36:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2049844001cf9c9dba3699174294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe6cf758aa-0893-11e4-be90-4c72b9dfcdd8microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (07/10/2014 10:21:07 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (07/10/2014 04:39:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Martha\Downloads\esetsmartinstaller_enu(1).exe

Error: (07/10/2014 04:33:21 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (07/10/2014 01:57:00 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Martha\Downloads\esetsmartinstaller_enu(1).exe

Error: (07/10/2014 01:57:00 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Martha\Downloads\esetsmartinstaller_enu(1).exe

Error: (07/10/2014 01:28:10 AM) (Source: HP Connected Remote) (EventID: 0) (User: )
Description: Unable to download the update: ValidationError

Error: (07/09/2014 05:37:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP-ALLINONE)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927151

Error: (07/09/2014 05:23:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP-ALLINONE)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927151

Error: (07/09/2014 05:07:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP-ALLINONE)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927151


CodeIntegrity Errors:
===================================
Date: 2014-07-03 22:44:34.390
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-07-03 22:44:34.148
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-07-03 22:44:33.915
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-07-03 22:44:33.717
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-07-03 22:44:33.515
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-07-03 22:44:33.305
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-07-03 22:44:33.089
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-07-03 22:44:32.887
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-07-03 22:44:32.675
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-07-03 22:44:32.473
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Percentage of memory in use: 32%
Total physical RAM: 3665.84 MB
Available physical RAM: 2456.51 MB
Total Pagefile: 4301.03 MB
Available Pagefile: 2832.54 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:444.06 GB) (Free:386.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:19.78 GB) (Free:2.47 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 4A1F8D9C)

Partition: GPT Partition Type.

==================== End Of Log ============================
  • 0

#9
LESI
Posted 11 July 2014 - 09:55 AM

LESI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Pystryker, Here's the TDSKiller log.
Things are loading faster on browser tabs. But let's see how this log posting goes. Typing in chats going better too! LESI


01:04:13.0927 0x03a0 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
01:04:13.0927 0x03a0 UEFI system
01:04:28.0692 0x03a0 ============================================================
01:04:28.0692 0x03a0 Current date / time: 2014/07/11 01:04:28.0692
01:04:28.0693 0x03a0 SystemInfo:
01:04:28.0693 0x03a0
01:04:28.0693 0x03a0 OS Version: 6.3.9600 ServicePack: 0.0
01:04:28.0693 0x03a0 Product type: Workstation
01:04:28.0693 0x03a0 ComputerName: HP-ALLINONE
01:04:28.0693 0x03a0 UserName: Martha
01:04:28.0693 0x03a0 Windows directory: C:\WINDOWS
01:04:28.0693 0x03a0 System windows directory: C:\WINDOWS
01:04:28.0693 0x03a0 Running under WOW64
01:04:28.0693 0x03a0 Processor architecture: Intel x64
01:04:28.0693 0x03a0 Number of processors: 2
01:04:28.0693 0x03a0 Page size: 0x1000
01:04:28.0693 0x03a0 Boot type: Normal boot
01:04:28.0694 0x03a0 ============================================================
01:04:28.0982 0x03a0 KLMD registered as C:\WINDOWS\system32\drivers\80518420.sys
01:04:29.0906 0x03a0 System UUID: {891D42F1-DAB2-8347-1809-9895DB9D5446}
01:04:31.0263 0x03a0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:04:31.0296 0x03a0 ============================================================
01:04:31.0297 0x03a0 \Device\Harddisk0\DR0:
01:04:31.0297 0x03a0 GPT partitions:
01:04:31.0298 0x03a0 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {CBCA6F44-838B-460A-ADC8-3375BB6A49D8}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1FF800
01:04:31.0298 0x03a0 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {76B7D528-9EEF-4F33-AAC7-86DADBF85E76}, Name: EFI system partition, StartLBA 0x200000, BlocksNum 0xB4000
01:04:31.0298 0x03a0 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {B45A6FF5-CEE0-4F11-860E-4A77B9ECE92E}, Name: Microsoft reserved partition, StartLBA 0x2B4000, BlocksNum 0x40000
01:04:31.0298 0x03a0 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {51F30970-20C9-435A-8BBC-6780C058EFA0}, Name: Basic data partition, StartLBA 0x2F4000, BlocksNum 0x37820800
01:04:31.0298 0x03a0 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {ACE4545E-63DD-480C-9C80-F2C14B2FF3E6}, Name: , StartLBA 0x37B14800, BlocksNum 0xE1000
01:04:31.0298 0x03a0 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {63BFBA69-8426-41E1-B533-77572EE95C0C}, Name: Basic data partition, StartLBA 0x37BF5800, BlocksNum 0x2790800
01:04:31.0299 0x03a0 MBR partitions:
01:04:31.0299 0x03a0 ============================================================
01:04:31.0328 0x03a0 C: <-> \Device\Harddisk0\DR0\Partition4
01:04:31.0363 0x03a0 D: <-> \Device\Harddisk0\DR0\Partition6
01:04:31.0363 0x03a0 ============================================================
01:04:31.0363 0x03a0 Initialize success
01:04:31.0363 0x03a0 ============================================================
01:07:56.0146 0x0b34 ============================================================
01:07:56.0146 0x0b34 Scan started
01:07:56.0146 0x0b34 Mode: Manual; SigCheck; TDLFS;
01:07:56.0146 0x0b34 ============================================================
01:07:56.0146 0x0b34 KSN ping started
01:07:58.0761 0x0b34 KSN ping finished: true
01:08:00.0349 0x0b34 ================ Scan system memory ========================
01:08:00.0349 0x0b34 System memory - ok
01:08:00.0351 0x0b34 ================ Scan services =============================
01:08:00.0595 0x0b34 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
01:08:00.0849 0x0b34 1394ohci - ok
01:08:00.0899 0x0b34 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
01:08:00.0941 0x0b34 3ware - ok
01:08:00.0999 0x0b34 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
01:08:01.0078 0x0b34 ACPI - ok
01:08:01.0096 0x0b34 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
01:08:01.0135 0x0b34 acpiex - ok
01:08:01.0157 0x0b34 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
01:08:01.0239 0x0b34 acpipagr - ok
01:08:01.0308 0x0b34 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
01:08:01.0383 0x0b34 AcpiPmi - ok
01:08:01.0402 0x0b34 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
01:08:01.0452 0x0b34 acpitime - ok
01:08:01.0529 0x0b34 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:08:01.0563 0x0b34 AdobeARMservice - ok
01:08:01.0631 0x0b34 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
01:08:01.0727 0x0b34 ADP80XX - ok
01:08:01.0778 0x0b34 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
01:08:01.0869 0x0b34 AeLookupSvc - ok
01:08:01.0922 0x0b34 [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
01:08:01.0948 0x0b34 AERTFilters - ok
01:08:02.0015 0x0b34 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
01:08:02.0128 0x0b34 AFD - ok
01:08:02.0169 0x0b34 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
01:08:02.0204 0x0b34 agp440 - ok
01:08:02.0243 0x0b34 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
01:08:02.0311 0x0b34 ahcache - ok
01:08:02.0348 0x0b34 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe
01:08:02.0429 0x0b34 ALG - ok
01:08:02.0475 0x0b34 [ D018A3F6010E644595BE139FBB827D5E, D224D9B289C4E7BE733B86E6D7E2D1605207B14AC2DB1AE9394EF835C0D5B101 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
01:08:02.0599 0x0b34 AMD External Events Utility - ok
01:08:02.0630 0x0b34 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
01:08:02.0695 0x0b34 AmdK8 - ok
01:08:03.0460 0x0b34 [ 64F79795D91CCA5FFC2694975AAED35F, 5B6A0004EA051FB3195BE060697300540D03EF18041D369E78814E6E12BBF700 ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
01:08:04.0407 0x0b34 amdkmdag - ok
01:08:04.0495 0x0b34 [ DDB6A787E34A158B684CE2389894EB96, 1610A9BB301889AA4DD7CE256EF710CDEB03F01B4DF23D01495515740CE44BC6 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
01:08:04.0588 0x0b34 amdkmdap - ok
01:08:04.0620 0x0b34 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
01:08:04.0672 0x0b34 AmdPPM - ok
01:08:04.0708 0x0b34 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
01:08:04.0746 0x0b34 amdsata - ok
01:08:04.0783 0x0b34 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
01:08:04.0843 0x0b34 amdsbs - ok
01:08:04.0866 0x0b34 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
01:08:04.0899 0x0b34 amdxata - ok
01:08:04.0958 0x0b34 [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
01:08:05.0062 0x0b34 AppHostSvc - ok
01:08:05.0101 0x0b34 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys
01:08:05.0165 0x0b34 AppID - ok
01:08:05.0197 0x0b34 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
01:08:05.0260 0x0b34 AppIDSvc - ok
01:08:05.0288 0x0b34 [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo C:\WINDOWS\System32\appinfo.dll
01:08:05.0355 0x0b34 Appinfo - ok
01:08:05.0403 0x0b34 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
01:08:05.0518 0x0b34 AppReadiness - ok
01:08:05.0629 0x0b34 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
01:08:05.0768 0x0b34 AppXSvc - ok
01:08:05.0810 0x0b34 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
01:08:05.0850 0x0b34 arcsas - ok
01:08:05.0958 0x0b34 [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:08:06.0010 0x0b34 aspnet_state - ok
01:08:06.0049 0x0b34 [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
01:08:06.0101 0x0b34 aswHwid - ok
01:08:06.0128 0x0b34 [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
01:08:06.0158 0x0b34 aswMonFlt - ok
01:08:06.0185 0x0b34 [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys
01:08:06.0215 0x0b34 aswRdr - ok
01:08:06.0238 0x0b34 [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
01:08:06.0267 0x0b34 aswRvrt - ok
01:08:06.0350 0x0b34 [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
01:08:06.0452 0x0b34 aswSnx - ok
01:08:06.0512 0x0b34 [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
01:08:06.0564 0x0b34 aswSP - ok
01:08:06.0593 0x0b34 [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys
01:08:06.0624 0x0b34 aswStm - ok
01:08:06.0659 0x0b34 [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
01:08:06.0700 0x0b34 aswVmm - ok
01:08:06.0729 0x0b34 [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:08:06.0797 0x0b34 AsyncMac - ok
01:08:06.0818 0x0b34 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
01:08:06.0851 0x0b34 atapi - ok
01:08:06.0899 0x0b34 [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
01:08:06.0973 0x0b34 AudioEndpointBuilder - ok
01:08:07.0043 0x0b34 [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
01:08:07.0165 0x0b34 Audiosrv - ok
01:08:07.0225 0x0b34 [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
01:08:07.0252 0x0b34 avast! Antivirus - ok
01:08:07.0284 0x0b34 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
01:08:07.0351 0x0b34 AxInstSV - ok
01:08:07.0409 0x0b34 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
01:08:07.0484 0x0b34 b06bdrv - ok
01:08:07.0514 0x0b34 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
01:08:07.0580 0x0b34 BasicDisplay - ok
01:08:07.0604 0x0b34 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
01:08:07.0674 0x0b34 BasicRender - ok
01:08:07.0698 0x0b34 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
01:08:07.0724 0x0b34 bcmfn2 - ok
01:08:07.0841 0x0b34 [ 5BD3A2351BEFCAC8757626271F8EFA89, 6508673210129CF7EFCA93EC7874208FAD361E37814EB4FE9E0EC034E73D5F16 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
01:08:07.0958 0x0b34 BDESVC - ok
01:08:07.0986 0x0b34 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
01:08:08.0068 0x0b34 Beep - ok
01:08:08.0145 0x0b34 [ BBE15881FE11BE37112F8320C41DAFB9, 5CE92563628812FF6E00556D8E2DAD6ADCAAF0F4C3B90123F1D98ED6E3BB6DAD ] BFE C:\WINDOWS\System32\bfe.dll
01:08:08.0267 0x0b34 BFE - ok
01:08:08.0368 0x0b34 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll
01:08:08.0702 0x0b34 BITS - ok
01:08:08.0770 0x0b34 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
01:08:08.0829 0x0b34 Bonjour Service - ok
01:08:08.0869 0x0b34 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
01:08:08.0924 0x0b34 bowser - ok
01:08:08.0980 0x0b34 [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
01:08:09.0069 0x0b34 BrokerInfrastructure - ok
01:08:09.0097 0x0b34 [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser C:\WINDOWS\System32\browser.dll
01:08:09.0172 0x0b34 Browser - ok
01:08:09.0214 0x0b34 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
01:08:09.0309 0x0b34 BthAvrcpTg - ok
01:08:09.0346 0x0b34 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
01:08:09.0419 0x0b34 BthHFEnum - ok
01:08:09.0433 0x0b34 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
01:08:09.0486 0x0b34 bthhfhid - ok
01:08:09.0514 0x0b34 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
01:08:09.0572 0x0b34 BTHMODEM - ok
01:08:09.0608 0x0b34 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll
01:08:09.0676 0x0b34 bthserv - ok
01:08:09.0806 0x0b34 [ 72551A9AE5F68905DFC3CBA0D5242566, 15C273519C3AD1B2AF68F669125AFE607A86A60D680E299631D5E893C3CAA7E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
01:08:09.0931 0x0b34 c2cautoupdatesvc - ok
01:08:10.0060 0x0b34 [ 6B669A00A431FF6CDCE67458933F5F0F, 81419EB18BB4EB96E48C99A1D45B0267E779E135427B3AEC872A1A5DD810B23F ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
01:08:10.0215 0x0b34 c2cpnrsvc - ok
01:08:10.0260 0x0b34 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
01:08:10.0313 0x0b34 cdfs - ok
01:08:10.0337 0x0b34 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
01:08:10.0409 0x0b34 cdrom - ok
01:08:10.0454 0x0b34 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
01:08:10.0560 0x0b34 CertPropSvc - ok
01:08:10.0601 0x0b34 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
01:08:10.0666 0x0b34 circlass - ok
01:08:10.0716 0x0b34 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
01:08:10.0778 0x0b34 CLFS - ok
01:08:10.0835 0x0b34 [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
01:08:10.0866 0x0b34 CLVirtualDrive - ok
01:08:10.0900 0x0b34 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
01:08:10.0958 0x0b34 CmBatt - ok
01:08:11.0022 0x0b34 [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
01:08:11.0108 0x0b34 CNG - ok
01:08:11.0142 0x0b34 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
01:08:11.0197 0x0b34 CompositeBus - ok
01:08:11.0209 0x0b34 COMSysApp - ok
01:08:11.0233 0x0b34 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
01:08:11.0322 0x0b34 condrv - ok
01:08:11.0357 0x0b34 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
01:08:11.0456 0x0b34 CryptSvc - ok
01:08:11.0491 0x0b34 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
01:08:11.0527 0x0b34 dam - ok
01:08:11.0605 0x0b34 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
01:08:11.0757 0x0b34 DcomLaunch - ok
01:08:11.0813 0x0b34 [ AF3FF97AC2A73E70F8A8D11FB694175B, 3AA25BF9DED08056F52ACF246118C13C8816B5E8AA4D8606DB7DAB4E4E6A9169 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
01:08:11.0909 0x0b34 defragsvc - ok
01:08:11.0967 0x0b34 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
01:08:12.0042 0x0b34 DeviceAssociationService - ok
01:08:12.0092 0x0b34 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
01:08:12.0170 0x0b34 DeviceInstall - ok
01:08:12.0211 0x0b34 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
01:08:12.0275 0x0b34 Dfsc - ok
01:08:12.0322 0x0b34 [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
01:08:12.0422 0x0b34 Dhcp - ok
01:08:12.0458 0x0b34 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
01:08:12.0498 0x0b34 disk - ok
01:08:12.0519 0x0b34 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
01:08:12.0580 0x0b34 dmvsc - ok
01:08:12.0631 0x0b34 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
01:08:12.0710 0x0b34 Dnscache - ok
01:08:12.0754 0x0b34 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll
01:08:12.0825 0x0b34 dot3svc - ok
01:08:12.0857 0x0b34 [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
01:08:12.0889 0x0b34 dot4 - ok
01:08:12.0902 0x0b34 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys
01:08:12.0927 0x0b34 Dot4Print - ok
01:08:12.0942 0x0b34 [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
01:08:12.0967 0x0b34 dot4usb - ok
01:08:12.0996 0x0b34 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll
01:08:13.0103 0x0b34 DPS - ok
01:08:13.0137 0x0b34 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
01:08:13.0170 0x0b34 drmkaud - ok
01:08:13.0221 0x0b34 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
01:08:13.0298 0x0b34 DsmSvc - ok
01:08:13.0417 0x0b34 [ C7D252742946DD395670649742FBD73D, 333CC984CF318D36EA8C5867077A1732A214445EB6B7CF7AC2E8F1C8259CD9C7 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
01:08:13.0580 0x0b34 DXGKrnl - ok
01:08:13.0622 0x0b34 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll
01:08:13.0694 0x0b34 Eaphost - ok
01:08:13.0914 0x0b34 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
01:08:14.0234 0x0b34 ebdrv - ok
01:08:14.0276 0x0b34 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe
01:08:14.0346 0x0b34 EFS - ok
01:08:14.0372 0x0b34 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
01:08:14.0411 0x0b34 EhStorClass - ok
01:08:14.0443 0x0b34 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
01:08:14.0485 0x0b34 EhStorTcgDrv - ok
01:08:14.0510 0x0b34 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
01:08:14.0556 0x0b34 ErrDev - ok
01:08:14.0622 0x0b34 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll
01:08:14.0744 0x0b34 EventSystem - ok
01:08:14.0774 0x0b34 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
01:08:14.0858 0x0b34 exfat - ok
01:08:14.0888 0x0b34 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
01:08:14.0940 0x0b34 fastfat - ok
01:08:15.0003 0x0b34 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe
01:08:15.0118 0x0b34 Fax - ok
01:08:15.0150 0x0b34 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
01:08:15.0201 0x0b34 fdc - ok
01:08:15.0232 0x0b34 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll
01:08:15.0298 0x0b34 fdPHost - ok
01:08:15.0320 0x0b34 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll
01:08:15.0388 0x0b34 FDResPub - ok
01:08:15.0417 0x0b34 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll
01:08:15.0492 0x0b34 fhsvc - ok
01:08:15.0525 0x0b34 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
01:08:15.0563 0x0b34 FileInfo - ok
01:08:15.0587 0x0b34 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
01:08:15.0651 0x0b34 Filetrace - ok
01:08:15.0673 0x0b34 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
01:08:15.0731 0x0b34 flpydisk - ok
01:08:15.0783 0x0b34 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
01:08:15.0846 0x0b34 FltMgr - ok
01:08:15.0956 0x0b34 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\WINDOWS\system32\FntCache.dll
01:08:16.0108 0x0b34 FontCache - ok
01:08:16.0165 0x0b34 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:08:16.0191 0x0b34 FontCache3.0.0.0 - ok
01:08:16.0246 0x0b34 [ 4A91450950FC3EAB1EE295C0A3703B59, 5A8C91B1AD6E67B904B0D032FC0C75760AD7FCED4A1A8FA6AEB10B9DA30DD617 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
01:08:16.0277 0x0b34 Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
01:08:18.0898 0x0b34 Detect skipped due to KSN trusted
01:08:18.0899 0x0b34 Freemake Improver - ok
01:08:18.0932 0x0b34 [ E54DA03A8EEB8C002C6F2E709B08651A, 82B46688494AD687D1256D6B48F86699467419D0D0A980E9F639764EA4792CE7 ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
01:08:18.0961 0x0b34 FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )
01:08:21.0854 0x0b34 Detect skipped due to KSN trusted
01:08:21.0855 0x0b34 FreemakeVideoCapture - ok
01:08:21.0898 0x0b34 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
01:08:21.0934 0x0b34 FsDepends - ok
01:08:21.0958 0x0b34 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:08:21.0992 0x0b34 Fs_Rec - ok
01:08:22.0057 0x0b34 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
01:08:22.0143 0x0b34 fvevol - ok
01:08:22.0172 0x0b34 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
01:08:22.0215 0x0b34 FxPPM - ok
01:08:22.0240 0x0b34 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
01:08:22.0277 0x0b34 gagp30kx - ok
01:08:22.0309 0x0b34 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
01:08:22.0357 0x0b34 gencounter - ok
01:08:22.0384 0x0b34 [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
01:08:22.0427 0x0b34 GPIOClx0101 - ok
01:08:22.0534 0x0b34 [ 383DA813409316D69603C1D849834D24, E1AAD3AB567457B00B8A378D5BA37ED653EE451FF79D071A8815FB8B1EB90DAF ] gpsvc C:\WINDOWS\System32\gpsvc.dll
01:08:22.0693 0x0b34 gpsvc - ok
01:08:22.0740 0x0b34 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:08:22.0768 0x0b34 gupdate - ok
01:08:22.0783 0x0b34 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:08:22.0810 0x0b34 gupdatem - ok
01:08:22.0852 0x0b34 [ 498288DD5CA42C2D36D125893E968C53, 03B62FA51F9195D77170DCEFF3A93A6898AA96FB610044DDAE83767DA12745C5 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
01:08:22.0910 0x0b34 HDAudBus - ok
01:08:22.0951 0x0b34 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
01:08:23.0002 0x0b34 HidBatt - ok
01:08:23.0050 0x0b34 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
01:08:23.0104 0x0b34 HidBth - ok
01:08:23.0127 0x0b34 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
01:08:23.0178 0x0b34 hidi2c - ok
01:08:23.0198 0x0b34 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
01:08:23.0244 0x0b34 HidIr - ok
01:08:23.0278 0x0b34 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll
01:08:23.0326 0x0b34 hidserv - ok
01:08:23.0368 0x0b34 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
01:08:23.0424 0x0b34 HidUsb - ok
01:08:23.0463 0x0b34 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
01:08:23.0529 0x0b34 hkmsvc - ok
01:08:23.0564 0x0b34 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
01:08:23.0655 0x0b34 HomeGroupListener - ok
01:08:23.0707 0x0b34 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
01:08:23.0799 0x0b34 HomeGroupProvider - ok
01:08:23.0853 0x0b34 [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
01:08:23.0881 0x0b34 HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
01:08:26.0489 0x0b34 Detect skipped due to KSN trusted
01:08:26.0489 0x0b34 HP Support Assistant Service - ok
01:08:26.0546 0x0b34 [ 949B6D4F2FEFDE409D1D73DA56739EA4, 31739AD0F7B01C081EC7933A912B29FA8C9EA189FC13287B967F44AC53681C4D ] HPConnectedRemote c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
01:08:26.0569 0x0b34 HPConnectedRemote - ok
01:08:26.0643 0x0b34 [ 930370725FA0FE272346583A7A7D6BDB, 98195638D548A6E5E574E062FDCF4E5833DDE834399787EC51C340699B6E5E64 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
01:08:26.0689 0x0b34 hpqcxs08 - ok
01:08:26.0706 0x0b34 [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
01:08:26.0735 0x0b34 hpqddsvc - ok
01:08:26.0848 0x0b34 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
01:08:26.0948 0x0b34 hpqwmiex - ok
01:08:26.0981 0x0b34 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
01:08:27.0018 0x0b34 HpSAMD - ok
01:08:27.0094 0x0b34 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
01:08:27.0205 0x0b34 HTTP - ok
01:08:27.0237 0x0b34 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
01:08:27.0271 0x0b34 hwpolicy - ok
01:08:27.0290 0x0b34 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
01:08:27.0342 0x0b34 hyperkbd - ok
01:08:27.0363 0x0b34 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
01:08:27.0407 0x0b34 HyperVideo - ok
01:08:27.0431 0x0b34 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
01:08:27.0495 0x0b34 i8042prt - ok
01:08:27.0517 0x0b34 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
01:08:27.0544 0x0b34 iaLPSSi_GPIO - ok
01:08:27.0567 0x0b34 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
01:08:27.0598 0x0b34 iaLPSSi_I2C - ok
01:08:27.0653 0x0b34 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
01:08:27.0722 0x0b34 iaStorAV - ok
01:08:27.0765 0x0b34 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
01:08:27.0845 0x0b34 iaStorV - ok
01:08:28.0047 0x0b34 [ DEA2F976E7327716AA0038EBF550003A, 5EA4666874F1D03879EA95F28228AC9EA3D7DF0F2E199EEE9B5BC6C81CA290B3 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
01:08:28.0235 0x0b34 IconMan_R - ok
01:08:28.0255 0x0b34 IEEtwCollectorService - ok
01:08:28.0334 0x0b34 [ CFE7F0267B0C3077042FF291949B5546, 7B8C432632D0210119BFF57D4994F2B8F75307A9D6867353AF93BBA3F561595B ] IKEEXT C:\WINDOWS\System32\ikeext.dll
01:08:28.0450 0x0b34 IKEEXT - ok
01:08:28.0751 0x0b34 [ 5AB35054EC837E5E2196CA91BCDF8232, 25D881B076162420742B2E0919E0950D05101E7F3127A65BD4B6D9E8507B1150 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
01:08:29.0055 0x0b34 IntcAzAudAddService - ok
01:08:29.0094 0x0b34 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
01:08:29.0127 0x0b34 intelide - ok
01:08:29.0151 0x0b34 [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
01:08:29.0188 0x0b34 intelpep - ok
01:08:29.0227 0x0b34 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
01:08:29.0283 0x0b34 intelppm - ok
01:08:29.0322 0x0b34 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:08:29.0395 0x0b34 IpFilterDriver - ok
01:08:29.0478 0x0b34 [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
01:08:29.0623 0x0b34 iphlpsvc - ok
01:08:29.0656 0x0b34 [ FD9C9E9E3F0ED51502C7E8C066BE26B9, 290E74380F1543DD22C9F3821513B3E2FB42E995724238D8779CBBCB4FC386C8 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
01:08:29.0718 0x0b34 IPMIDRV - ok
01:08:29.0744 0x0b34 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
01:08:29.0810 0x0b34 IPNAT - ok
01:08:29.0833 0x0b34 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
01:08:29.0892 0x0b34 IRENUM - ok
01:08:29.0917 0x0b34 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
01:08:29.0951 0x0b34 isapnp - ok
01:08:30.0018 0x0b34 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
01:08:30.0073 0x0b34 iScsiPrt - ok
01:08:30.0109 0x0b34 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
01:08:30.0145 0x0b34 kbdclass - ok
01:08:30.0160 0x0b34 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
01:08:30.0212 0x0b34 kbdhid - ok
01:08:30.0225 0x0b34 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
01:08:30.0282 0x0b34 kdnic - ok
01:08:30.0308 0x0b34 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe
01:08:30.0348 0x0b34 KeyIso - ok
01:08:30.0365 0x0b34 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
01:08:30.0404 0x0b34 KSecDD - ok
01:08:30.0431 0x0b34 [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
01:08:30.0482 0x0b34 KSecPkg - ok
01:08:30.0503 0x0b34 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
01:08:30.0552 0x0b34 ksthunk - ok
01:08:30.0641 0x0b34 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
01:08:30.0736 0x0b34 KtmRm - ok
01:08:30.0778 0x0b34 [ 46378ECCB4A29AA81BF296641C2501EF, 5AB79BD824C00EF1338FDB8450692318AB14E0AE4145C30B37136767DFC1E4F9 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
01:08:30.0869 0x0b34 LanmanServer - ok
01:08:30.0911 0x0b34 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
01:08:31.0018 0x0b34 LanmanWorkstation - ok
01:08:31.0079 0x0b34 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
01:08:31.0187 0x0b34 lfsvc - ok
01:08:31.0226 0x0b34 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
01:08:31.0276 0x0b34 lltdio - ok
01:08:31.0314 0x0b34 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
01:08:31.0401 0x0b34 lltdsvc - ok
01:08:31.0434 0x0b34 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
01:08:31.0487 0x0b34 lmhosts - ok
01:08:31.0526 0x0b34 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
01:08:31.0569 0x0b34 LSI_SAS - ok
01:08:31.0590 0x0b34 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
01:08:31.0630 0x0b34 LSI_SAS2 - ok
01:08:31.0648 0x0b34 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
01:08:31.0689 0x0b34 LSI_SAS3 - ok
01:08:31.0713 0x0b34 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
01:08:31.0751 0x0b34 LSI_SSS - ok
01:08:31.0799 0x0b34 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll
01:08:31.0908 0x0b34 LSM - ok
01:08:31.0938 0x0b34 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
01:08:31.0994 0x0b34 luafv - ok
01:08:32.0014 0x0b34 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
01:08:32.0053 0x0b34 megasas - ok
01:08:32.0103 0x0b34 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
01:08:32.0187 0x0b34 megasr - ok
01:08:32.0220 0x0b34 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll
01:08:32.0278 0x0b34 MMCSS - ok
01:08:32.0320 0x0b34 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
01:08:32.0369 0x0b34 Modem - ok
01:08:32.0395 0x0b34 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
01:08:32.0454 0x0b34 monitor - ok
01:08:32.0477 0x0b34 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
01:08:32.0514 0x0b34 mouclass - ok
01:08:32.0528 0x0b34 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
01:08:32.0572 0x0b34 mouhid - ok
01:08:32.0589 0x0b34 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
01:08:32.0628 0x0b34 mountmgr - ok
01:08:32.0676 0x0b34 [ 4F65CBD93B9807BFD4C95598CAA390EE, 1AB3332F401A98A7E3CE99E6126D63E103B360C947BD73735B32C24FCD673D25 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:08:32.0712 0x0b34 MozillaMaintenance - ok
01:08:32.0727 0x0b34 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
01:08:32.0783 0x0b34 mpsdrv - ok
01:08:32.0869 0x0b34 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
01:08:32.0989 0x0b34 MpsSvc - ok
01:08:33.0042 0x0b34 [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
01:08:33.0104 0x0b34 MRxDAV - ok
01:08:33.0160 0x0b34 [ 0696F66E4D423793951A60562F794D14, E808E4E160C019F2F10762758F48C4565037974775CD267DF06B8B4A2CE26705 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:08:33.0238 0x0b34 mrxsmb - ok
01:08:33.0276 0x0b34 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
01:08:33.0354 0x0b34 mrxsmb10 - ok
01:08:33.0385 0x0b34 [ DBA635C6398782C549E3BE45CF1D0411, E9806E075F401D3E7357E876C7F941F7DAFFBBEE065DC3FE556014F5D92EDAC0 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
01:08:33.0441 0x0b34 mrxsmb20 - ok
01:08:33.0468 0x0b34 [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
01:08:33.0528 0x0b34 MsBridge - ok
01:08:33.0562 0x0b34 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe
01:08:33.0625 0x0b34 MSDTC - ok
01:08:33.0653 0x0b34 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
01:08:33.0700 0x0b34 Msfs - ok
01:08:33.0730 0x0b34 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
01:08:33.0765 0x0b34 msgpiowin32 - ok
01:08:33.0805 0x0b34 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
01:08:33.0846 0x0b34 mshidkmdf - ok
01:08:33.0867 0x0b34 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
01:08:33.0914 0x0b34 mshidumdf - ok
01:08:33.0936 0x0b34 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
01:08:33.0970 0x0b34 msisadrv - ok
01:08:34.0010 0x0b34 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
01:08:34.0082 0x0b34 MSiSCSI - ok
01:08:34.0094 0x0b34 msiserver - ok
01:08:34.0117 0x0b34 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:08:34.0164 0x0b34 MSKSSRV - ok
01:08:34.0188 0x0b34 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
01:08:34.0249 0x0b34 MsLldp - ok
01:08:34.0270 0x0b34 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:08:34.0312 0x0b34 MSPCLOCK - ok
01:08:34.0330 0x0b34 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
01:08:34.0380 0x0b34 MSPQM - ok
01:08:34.0420 0x0b34 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
01:08:34.0483 0x0b34 MsRPC - ok
01:08:34.0506 0x0b34 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
01:08:34.0542 0x0b34 mssmbios - ok
01:08:34.0564 0x0b34 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
01:08:34.0604 0x0b34 MSTEE - ok
01:08:34.0631 0x0b34 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
01:08:34.0686 0x0b34 MTConfig - ok
01:08:34.0701 0x0b34 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
01:08:34.0740 0x0b34 Mup - ok
01:08:34.0767 0x0b34 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
01:08:34.0803 0x0b34 mvumis - ok
01:08:34.0857 0x0b34 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll
01:08:34.0946 0x0b34 napagent - ok
01:08:34.0993 0x0b34 [ 78514B073CC5775800A65BFB82A0D66B, DCD18E277569F23921E899F508860F89ABD417C74A7776152A4463284A989488 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
01:08:35.0086 0x0b34 NativeWifiP - ok
01:08:35.0128 0x0b34 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
01:08:35.0206 0x0b34 NcaSvc - ok
01:08:35.0235 0x0b34 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll
01:08:35.0314 0x0b34 NcbService - ok
01:08:35.0330 0x0b34 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
01:08:35.0445 0x0b34 NcdAutoSetup - ok
01:08:35.0524 0x0b34 [ F21B77B4D74092A543807D3CEB711A88, 5C3C17A10E990070FAB317C0C5333DE768E408CAF43EC4FA9D18116C6EE3B3DC ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
01:08:35.0646 0x0b34 NDIS - ok
01:08:35.0683 0x0b34 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
01:08:35.0736 0x0b34 NdisCap - ok
01:08:35.0763 0x0b34 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
01:08:35.0823 0x0b34 NdisImPlatform - ok
01:08:35.0858 0x0b34 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:08:35.0918 0x0b34 NdisTapi - ok
01:08:35.0945 0x0b34 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:08:36.0005 0x0b34 Ndisuio - ok
01:08:36.0027 0x0b34 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
01:08:36.0086 0x0b34 NdisVirtualBus - ok
01:08:36.0122 0x0b34 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:08:36.0195 0x0b34 NdisWan - ok
01:08:36.0221 0x0b34 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:08:36.0284 0x0b34 NdisWanLegacy - ok
01:08:36.0307 0x0b34 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
01:08:36.0364 0x0b34 NDProxy - ok
01:08:36.0386 0x0b34 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
01:08:36.0446 0x0b34 Ndu - ok
01:08:36.0477 0x0b34 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
01:08:36.0511 0x0b34 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
01:08:38.0894 0x0b34 Detect skipped due to KSN trusted
01:08:38.0894 0x0b34 Net Driver HPZ12 - ok
01:08:38.0927 0x0b34 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
01:08:38.0976 0x0b34 NetBIOS - ok
01:08:39.0013 0x0b34 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
01:08:39.0098 0x0b34 NetBT - ok
01:08:39.0126 0x0b34 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe
01:08:39.0166 0x0b34 Netlogon - ok
01:08:39.0236 0x0b34 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll
01:08:39.0359 0x0b34 Netman - ok
01:08:39.0421 0x0b34 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
01:08:39.0517 0x0b34 netprofm - ok
01:08:39.0692 0x0b34 [ 735E4E58539FA0F0B96B7D9599C6C041, 43B603C7EF5B1819FC99776984326C5AA6D2915BA70E12E5366BB456D1F2B7E3 ] netr28x C:\WINDOWS\system32\DRIVERS\netr28x.sys
01:08:39.0902 0x0b34 netr28x - ok
01:08:39.0970 0x0b34 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:08:40.0034 0x0b34 NetTcpPortSharing - ok
01:08:40.0069 0x0b34 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
01:08:40.0127 0x0b34 netvsc - ok
01:08:40.0175 0x0b34 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
01:08:40.0264 0x0b34 NlaSvc - ok
01:08:40.0295 0x0b34 [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf C:\WINDOWS\system32\drivers\npf.sys
01:08:40.0319 0x0b34 npf - ok
01:08:40.0340 0x0b34 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
01:08:40.0387 0x0b34 Npfs - ok
01:08:40.0421 0x0b34 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
01:08:40.0475 0x0b34 npsvctrig - ok
01:08:40.0491 0x0b34 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll
01:08:40.0548 0x0b34 nsi - ok
01:08:40.0571 0x0b34 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
01:08:40.0617 0x0b34 nsiproxy - ok
01:08:40.0774 0x0b34 [ 1C80517BE6836A812F6A9B99B8321351, 7DBED4633820E201C9C242D961EF6F25BA2B1D5593BA60F707CC71A4014C2D4B ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
01:08:40.0968 0x0b34 Ntfs - ok
01:08:40.0996 0x0b34 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
01:08:41.0038 0x0b34 Null - ok
01:08:41.0070 0x0b34 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
01:08:41.0119 0x0b34 nvraid - ok
01:08:41.0153 0x0b34 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
01:08:41.0202 0x0b34 nvstor - ok
01:08:41.0227 0x0b34 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
01:08:41.0270 0x0b34 nv_agp - ok
01:08:41.0326 0x0b34 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:08:41.0362 0x0b34 ose - ok
01:08:41.0719 0x0b34 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:08:42.0071 0x0b34 osppsvc - ok
01:08:42.0136 0x0b34 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
01:08:42.0232 0x0b34 p2pimsvc - ok
01:08:42.0289 0x0b34 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
01:08:42.0393 0x0b34 p2psvc - ok
01:08:42.0441 0x0b34 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
01:08:42.0493 0x0b34 Parport - ok
01:08:42.0517 0x0b34 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
01:08:42.0556 0x0b34 partmgr - ok
01:08:42.0604 0x0b34 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
01:08:42.0692 0x0b34 PcaSvc - ok
01:08:42.0725 0x0b34 [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci C:\WINDOWS\system32\drivers\pci.sys
01:08:42.0781 0x0b34 pci - ok
01:08:42.0801 0x0b34 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
01:08:42.0834 0x0b34 pciide - ok
01:08:42.0860 0x0b34 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
01:08:42.0902 0x0b34 pcmcia - ok
01:08:42.0917 0x0b34 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
01:08:42.0955 0x0b34 pcw - ok
01:08:42.0970 0x0b34 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
01:08:43.0008 0x0b34 pdc - ok
01:08:43.0075 0x0b34 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
01:08:43.0175 0x0b34 PEAUTH - ok
01:08:43.0287 0x0b34 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
01:08:43.0394 0x0b34 PerfHost - ok
01:08:43.0518 0x0b34 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll
01:08:43.0689 0x0b34 pla - ok
01:08:43.0733 0x0b34 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
01:08:43.0789 0x0b34 PlugPlay - ok
01:08:43.0820 0x0b34 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
01:08:43.0856 0x0b34 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
01:08:46.0412 0x0b34 Detect skipped due to KSN trusted
01:08:46.0413 0x0b34 Pml Driver HPZ12 - ok
01:08:46.0440 0x0b34 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
01:08:46.0493 0x0b34 PNRPAutoReg - ok
01:08:46.0534 0x0b34 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
01:08:46.0603 0x0b34 PNRPsvc - ok
01:08:46.0651 0x0b34 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
01:08:46.0742 0x0b34 PolicyAgent - ok
01:08:46.0775 0x0b34 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll
01:08:46.0850 0x0b34 Power - ok
01:08:46.0903 0x0b34 [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:08:46.0967 0x0b34 PptpMiniport - ok
01:08:47.0191 0x0b34 [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
01:08:47.0452 0x0b34 PrintNotify - ok
01:08:47.0486 0x0b34 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
01:08:47.0542 0x0b34 Processor - ok
01:08:47.0580 0x0b34 [ B2A890D96C05E33FDD2BF3F3D4D0DF92, 3A29E17424429A5654D906E420D938148F09F57457356EFA72DA003B73F2D81E ] ProfSvc C:\WINDOWS\system32\profsvc.dll
01:08:47.0712 0x0b34 ProfSvc - ok
01:08:47.0760 0x0b34 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
01:08:47.0849 0x0b34 Psched - ok
01:08:47.0891 0x0b34 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll
01:08:47.0978 0x0b34 QWAVE - ok
01:08:48.0021 0x0b34 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
01:08:48.0075 0x0b34 QWAVEdrv - ok
01:08:48.0105 0x0b34 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:08:48.0154 0x0b34 RasAcd - ok
01:08:48.0192 0x0b34 [ 55FE43112F61836D0581D615C72AA113, 35665E09BD74BD078A0BC49BF98102B5F3679A3FA2AC25FB629D448652D9938F ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
01:08:48.0251 0x0b34 RasAgileVpn - ok
01:08:48.0283 0x0b34 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
01:08:48.0349 0x0b34 RasAuto - ok
01:08:48.0381 0x0b34 [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:08:48.0439 0x0b34 Rasl2tp - ok
01:08:48.0492 0x0b34 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll
01:08:48.0591 0x0b34 RasMan - ok
01:08:48.0628 0x0b34 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:08:48.0717 0x0b34 RasPppoe - ok
01:08:48.0758 0x0b34 [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
01:08:48.0811 0x0b34 RasSstp - ok
01:08:48.0866 0x0b34 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:08:48.0949 0x0b34 rdbss - ok
01:08:48.0979 0x0b34 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
01:08:49.0037 0x0b34 rdpbus - ok
01:08:49.0067 0x0b34 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
01:08:49.0132 0x0b34 RDPDR - ok
01:08:49.0177 0x0b34 [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
01:08:49.0210 0x0b34 RdpVideoMiniport - ok
01:08:49.0254 0x0b34 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
01:08:49.0313 0x0b34 rdyboost - ok
01:08:49.0396 0x0b34 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
01:08:49.0514 0x0b34 ReFS - ok
01:08:49.0558 0x0b34 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
01:08:49.0639 0x0b34 RemoteAccess - ok
01:08:49.0675 0x0b34 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
01:08:49.0763 0x0b34 RemoteRegistry - ok
01:08:49.0794 0x0b34 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
01:08:49.0855 0x0b34 RpcEptMapper - ok
01:08:49.0883 0x0b34 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe
01:08:49.0936 0x0b34 RpcLocator - ok
01:08:49.0998 0x0b34 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll
01:08:50.0090 0x0b34 RpcSs - ok
01:08:50.0138 0x0b34 [ E050D0FC9B7240CED318B56E387AA7A9, 92362253ED8F57BF75912B5B5CE6D89F4C1B0A86016E85A15C8092480F29623E ] RSPCIESTOR C:\WINDOWS\system32\DRIVERS\RtsPStor.sys
01:08:50.0186 0x0b34 RSPCIESTOR - ok
01:08:50.0235 0x0b34 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
01:08:50.0293 0x0b34 rspndr - ok
01:08:50.0369 0x0b34 [ 3AB1AA5155684F40E2F5215A258D2471, 3D6A5F603FA6809651A006EA31F57920A45642B6B9E8EC80E5399D1301F635E4 ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
01:08:50.0459 0x0b34 RTL8168 - ok
01:08:50.0480 0x0b34 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
01:08:50.0531 0x0b34 s3cap - ok
01:08:50.0559 0x0b34 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe
01:08:50.0599 0x0b34 SamSs - ok
01:08:50.0640 0x0b34 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
01:08:50.0681 0x0b34 sbp2port - ok
01:08:50.0722 0x0b34 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
01:08:50.0794 0x0b34 SCardSvr - ok
01:08:50.0819 0x0b34 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
01:08:50.0890 0x0b34 ScDeviceEnum - ok
01:08:50.0916 0x0b34 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
01:08:50.0972 0x0b34 scfilter - ok
01:08:51.0059 0x0b34 [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule C:\WINDOWS\system32\schedsvc.dll
01:08:51.0206 0x0b34 Schedule - ok
01:08:51.0254 0x0b34 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
01:08:51.0311 0x0b34 SCPolicySvc - ok
01:08:51.0358 0x0b34 [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
01:08:51.0410 0x0b34 sdbus - ok
01:08:51.0443 0x0b34 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
01:08:51.0482 0x0b34 sdstor - ok
01:08:51.0503 0x0b34 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
01:08:51.0547 0x0b34 secdrv - ok
01:08:51.0578 0x0b34 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll
01:08:51.0643 0x0b34 seclogon - ok
01:08:51.0667 0x0b34 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll
01:08:51.0745 0x0b34 SENS - ok
01:08:51.0780 0x0b34 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
01:08:51.0855 0x0b34 SensrSvc - ok
01:08:51.0875 0x0b34 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
01:08:51.0912 0x0b34 SerCx - ok
01:08:51.0954 0x0b34 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
01:08:51.0997 0x0b34 SerCx2 - ok
01:08:52.0020 0x0b34 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
01:08:52.0074 0x0b34 Serenum - ok
01:08:52.0099 0x0b34 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
01:08:52.0148 0x0b34 Serial - ok
01:08:52.0172 0x0b34 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
01:08:52.0224 0x0b34 sermouse - ok
01:08:52.0337 0x0b34 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
01:08:52.0440 0x0b34 SessionEnv - ok
01:08:52.0473 0x0b34 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
01:08:52.0525 0x0b34 sfloppy - ok
01:08:52.0601 0x0b34 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
01:08:52.0686 0x0b34 SharedAccess - ok
01:08:52.0758 0x0b34 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
01:08:52.0871 0x0b34 ShellHWDetection - ok
01:08:52.0894 0x0b34 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
01:08:52.0929 0x0b34 SiSRaid2 - ok
01:08:52.0957 0x0b34 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
01:08:52.0996 0x0b34 SiSRaid4 - ok
01:08:53.0062 0x0b34 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
01:08:53.0098 0x0b34 SkypeUpdate - ok
01:08:53.0128 0x0b34 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll
01:08:53.0187 0x0b34 smphost - ok
01:08:53.0231 0x0b34 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
01:08:53.0298 0x0b34 SNMPTRAP - ok
01:08:53.0354 0x0b34 [ 33977549C2CED09936E05BEE7659EAFF, EB95C72ED0EAC59A50E6882B2501049191A796542C42414FAF0028907C669B21 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
01:08:53.0421 0x0b34 spaceport - ok
01:08:53.0451 0x0b34 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
01:08:53.0490 0x0b34 SpbCx - ok
01:08:53.0552 0x0b34 [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler C:\WINDOWS\System32\spoolsv.exe
01:08:53.0673 0x0b34 Spooler - ok
01:08:54.0044 0x0b34 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
01:08:54.0654 0x0b34 sppsvc - ok
01:08:54.0722 0x0b34 [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
01:08:54.0805 0x0b34 srv - ok
01:08:54.0874 0x0b34 [ FD163F487CBA9C98AFFEB546C80F49A2, 18DAAD173C0517F7BBF5D0C914302D98931E3BA6DAA36DC91D8DB0743EC40563 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
01:08:54.0970 0x0b34 srv2 - ok
01:08:55.0006 0x0b34 [ 716059F37BCCB1ABEDE99EBE82E8E362, 05F27B0FABBBC0E324F06D20ABEF51EDA3316C9F7F85C1AD24639CD6DE1BC8AC ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
01:08:55.0070 0x0b34 srvnet - ok
01:08:55.0128 0x0b34 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
01:08:55.0208 0x0b34 SSDPSRV - ok
01:08:55.0245 0x0b34 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
01:08:55.0324 0x0b34 SstpSvc - ok
01:08:55.0358 0x0b34 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
01:08:55.0392 0x0b34 stexstor - ok
01:08:55.0463 0x0b34 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll
01:08:55.0583 0x0b34 stisvc - ok
01:08:55.0612 0x0b34 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
01:08:55.0652 0x0b34 storahci - ok
01:08:55.0673 0x0b34 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
01:08:55.0710 0x0b34 storflt - ok
01:08:55.0737 0x0b34 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
01:08:55.0775 0x0b34 stornvme - ok
01:08:55.0819 0x0b34 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll
01:08:55.0905 0x0b34 StorSvc - ok
01:08:55.0927 0x0b34 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
01:08:55.0963 0x0b34 storvsc - ok
01:08:55.0990 0x0b34 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll
01:08:56.0063 0x0b34 svsvc - ok
01:08:56.0082 0x0b34 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
01:08:56.0116 0x0b34 swenum - ok
01:08:56.0199 0x0b34 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\WINDOWS\System32\swprv.dll
01:08:56.0312 0x0b34 swprv - ok
01:08:56.0405 0x0b34 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll
01:08:56.0560 0x0b34 SysMain - ok
01:08:56.0610 0x0b34 [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
01:08:56.0693 0x0b34 SystemEventsBroker - ok
01:08:56.0732 0x0b34 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
01:08:56.0797 0x0b34 TabletInputService - ok
01:08:56.0832 0x0b34 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
01:08:56.0907 0x0b34 TapiSrv - ok
01:08:57.0078 0x0b34 [ 4B666AE119D2ADBAC816BEA7DB4D6881, FCF90241548B893B01CE016D1F0B3D1564B6A4B39ADFBAE077A52F5D8240C8C4 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
01:08:57.0309 0x0b34 Tcpip - ok
01:08:57.0470 0x0b34 [ 4B666AE119D2ADBAC816BEA7DB4D6881, FCF90241548B893B01CE016D1F0B3D1564B6A4B39ADFBAE077A52F5D8240C8C4 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:08:57.0679 0x0b34 TCPIP6 - ok
01:08:57.0724 0x0b34 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
01:08:57.0784 0x0b34 tcpipreg - ok
01:08:57.0823 0x0b34 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
01:08:57.0874 0x0b34 tdx - ok
01:08:57.0910 0x0b34 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
01:08:57.0946 0x0b34 terminpt - ok
01:08:58.0037 0x0b34 [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\WINDOWS\System32\termsrv.dll
01:08:58.0179 0x0b34 TermService - ok
01:08:58.0220 0x0b34 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll
01:08:58.0301 0x0b34 Themes - ok
01:08:58.0337 0x0b34 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
01:08:58.0387 0x0b34 THREADORDER - ok
01:08:58.0418 0x0b34 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
01:08:58.0518 0x0b34 TimeBroker - ok
01:08:58.0561 0x0b34 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
01:08:58.0607 0x0b34 TPM - ok
01:08:58.0639 0x0b34 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll
01:08:58.0698 0x0b34 TrkWks - ok
01:08:58.0753 0x0b34 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
01:08:58.0810 0x0b34 TrustedInstaller - ok
01:08:58.0849 0x0b34 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
01:08:58.0911 0x0b34 TsUsbFlt - ok
01:08:58.0935 0x0b34 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
01:08:58.0989 0x0b34 TsUsbGD - ok
01:08:59.0021 0x0b34 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
01:08:59.0083 0x0b34 tunnel - ok
01:08:59.0105 0x0b34 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
01:08:59.0142 0x0b34 uagp35 - ok
01:08:59.0176 0x0b34 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
01:08:59.0214 0x0b34 UASPStor - ok
01:08:59.0248 0x0b34 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
01:08:59.0296 0x0b34 UCX01000 - ok
01:08:59.0338 0x0b34 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
01:08:59.0424 0x0b34 udfs - ok
01:08:59.0449 0x0b34 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
01:08:59.0484 0x0b34 UEFI - ok
01:08:59.0531 0x0b34 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
01:08:59.0595 0x0b34 UI0Detect - ok
01:08:59.0617 0x0b34 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
01:08:59.0655 0x0b34 uliagpkx - ok
01:08:59.0679 0x0b34 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
01:08:59.0723 0x0b34 umbus - ok
01:08:59.0740 0x0b34 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
01:08:59.0783 0x0b34 UmPass - ok
01:08:59.0834 0x0b34 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
01:08:59.0914 0x0b34 UmRdpService - ok
01:08:59.0958 0x0b34 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll
01:09:00.0049 0x0b34 upnphost - ok
01:09:00.0081 0x0b34 [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
01:09:00.0126 0x0b34 usbccgp - ok
01:09:00.0168 0x0b34 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
01:09:00.0216 0x0b34 usbcir - ok
01:09:00.0235 0x0b34 [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
01:09:00.0276 0x0b34 usbehci - ok
01:09:00.0313 0x0b34 [ 5AE9C87A1ED4B243942B3FDDD902134B, E19657C637B354F968099755DD311A159E57C4BD5ED89D81BDA1C70A62DC732E ] usbfilter C:\WINDOWS\System32\drivers\usbfilter.sys
01:09:00.0338 0x0b34 usbfilter - ok
01:09:00.0380 0x0b34 [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
01:09:00.0449 0x0b34 usbhub - ok
01:09:00.0512 0x0b34 [ CFC52C49BEFE4D70D87FFA900EAB9777, 09A2F5D8AB07C3AE3F2B092F4DD7AE5838736CDC263016F188B442B32EC928F8 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
01:09:00.0585 0x0b34 USBHUB3 - ok
01:09:00.0608 0x0b34 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
01:09:00.0653 0x0b34 usbohci - ok
01:09:00.0678 0x0b34 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
01:09:00.0731 0x0b34 usbprint - ok
01:09:00.0757 0x0b34 [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:09:00.0809 0x0b34 usbscan - ok
01:09:00.0832 0x0b34 [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
01:09:00.0877 0x0b34 USBSTOR - ok
01:09:00.0905 0x0b34 [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
01:09:00.0949 0x0b34 usbuhci - ok
01:09:01.0031 0x0b34 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
01:09:01.0089 0x0b34 usbvideo - ok
01:09:01.0123 0x0b34 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
01:09:01.0183 0x0b34 USBXHCI - ok
01:09:01.0208 0x0b34 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe
01:09:01.0248 0x0b34 VaultSvc - ok
01:09:01.0270 0x0b34 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
01:09:01.0305 0x0b34 vdrvroot - ok
01:09:01.0405 0x0b34 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe
01:09:01.0551 0x0b34 vds - ok
01:09:01.0589 0x0b34 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
01:09:01.0635 0x0b34 VerifierExt - ok
01:09:01.0695 0x0b34 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
01:09:01.0775 0x0b34 vhdmp - ok
01:09:01.0792 0x0b34 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
01:09:01.0826 0x0b34 viaide - ok
01:09:01.0852 0x0b34 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
01:09:01.0890 0x0b34 vmbus - ok
01:09:01.0915 0x0b34 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
01:09:01.0969 0x0b34 VMBusHID - ok
01:09:02.0030 0x0b34 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
01:09:02.0121 0x0b34 vmicguestinterface - ok
01:09:02.0160 0x0b34 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
01:09:02.0233 0x0b34 vmicheartbeat - ok
01:09:02.0270 0x0b34 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
01:09:02.0356 0x0b34 vmickvpexchange - ok
01:09:02.0392 0x0b34 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
01:09:02.0466 0x0b34 vmicrdv - ok
01:09:02.0504 0x0b34 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
01:09:02.0578 0x0b34 vmicshutdown - ok
01:09:02.0616 0x0b34 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
01:09:02.0691 0x0b34 vmictimesync - ok
01:09:02.0727 0x0b34 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
01:09:02.0801 0x0b34 vmicvss - ok
01:09:02.0827 0x0b34 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
01:09:02.0867 0x0b34 volmgr - ok
01:09:02.0898 0x0b34 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
01:09:02.0958 0x0b34 volmgrx - ok
01:09:02.0998 0x0b34 [ 4BB9BC49DEE1A319EC58274A7BBED663, 624491089623A5B68C01A6A000E60D450E8E467619ACEBB90C6FDED0CF670F95 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
01:09:03.0056 0x0b34 volsnap - ok
01:09:03.0096 0x0b34 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
01:09:03.0133 0x0b34 vpci - ok
01:09:03.0167 0x0b34 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
01:09:03.0218 0x0b34 vsmraid - ok
01:09:03.0321 0x0b34 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\WINDOWS\system32\vssvc.exe
01:09:03.0476 0x0b34 VSS - ok
01:09:03.0534 0x0b34 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
01:09:03.0596 0x0b34 VSTXRAID - ok
01:09:03.0621 0x0b34 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
01:09:03.0682 0x0b34 vwifibus - ok
01:09:03.0715 0x0b34 [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
01:09:03.0766 0x0b34 vwififlt - ok
01:09:03.0785 0x0b34 [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
01:09:03.0842 0x0b34 vwifimp - ok
01:09:03.0890 0x0b34 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll
01:09:03.0981 0x0b34 W32Time - ok
01:09:04.0043 0x0b34 [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
01:09:04.0103 0x0b34 w3logsvc - ok
01:09:04.0133 0x0b34 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
01:09:04.0177 0x0b34 WacomPen - ok
01:09:04.0200 0x0b34 [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:09:04.0257 0x0b34 Wanarp - ok
01:09:04.0270 0x0b34 [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:09:04.0321 0x0b34 Wanarpv6 - ok
01:09:04.0384 0x0b34 [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
01:09:04.0478 0x0b34 WAS - ok
01:09:04.0592 0x0b34 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe
01:09:04.0753 0x0b34 wbengine - ok
01:09:04.0808 0x0b34 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
01:09:04.0908 0x0b34 WbioSrvc - ok
01:09:04.0940 0x0b34 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
01:09:05.0020 0x0b34 Wcmsvc - ok
01:09:05.0074 0x0b34 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
01:09:05.0177 0x0b34 wcncsvc - ok
01:09:05.0197 0x0b34 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
01:09:05.0274 0x0b34 WcsPlugInService - ok
01:09:05.0306 0x0b34 [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
01:09:05.0342 0x0b34 WdBoot - ok
01:09:05.0419 0x0b34 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
01:09:05.0507 0x0b34 Wdf01000 - ok
01:09:05.0551 0x0b34 [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
01:09:05.0611 0x0b34 WdFilter - ok
01:09:05.0640 0x0b34 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
01:09:05.0722 0x0b34 WdiServiceHost - ok
01:09:05.0734 0x0b34 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
01:09:05.0805 0x0b34 WdiSystemHost - ok
01:09:05.0843 0x0b34 [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
01:09:05.0885 0x0b34 WdNisDrv - ok
01:09:05.0904 0x0b34 WdNisSvc - ok
01:09:05.0935 0x0b34 [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient C:\WINDOWS\System32\webclnt.dll
01:09:06.0035 0x0b34 WebClient - ok
01:09:06.0068 0x0b34 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
01:09:06.0158 0x0b34 Wecsvc - ok
01:09:06.0179 0x0b34 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
01:09:06.0246 0x0b34 WEPHOSTSVC - ok
01:09:06.0270 0x0b34 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
01:09:06.0346 0x0b34 wercplsupport - ok
01:09:06.0375 0x0b34 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
01:09:06.0435 0x0b34 WerSvc - ok
01:09:06.0476 0x0b34 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
01:09:06.0517 0x0b34 WFPLWFS - ok
01:09:06.0545 0x0b34 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
01:09:06.0601 0x0b34 WiaRpc - ok
01:09:06.0631 0x0b34 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
01:09:06.0667 0x0b34 WIMMount - ok
01:09:06.0676 0x0b34 WinDefend - ok
01:09:06.0764 0x0b34 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
01:09:06.0869 0x0b34 WinHttpAutoProxySvc - ok
01:09:06.0924 0x0b34 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
01:09:06.0995 0x0b34 Winmgmt - ok
01:09:07.0165 0x0b34 [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM C:\WINDOWS\system32\WsmSvc.dll
01:09:07.0401 0x0b34 WinRM - ok
01:09:07.0550 0x0b34 [ EF252510DB6C3511E30418BD2AC95A2D, 75B496F5C611129D9D19B382503830FDB0E2E61D4880D2821AE381DF578C5E56 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
01:09:07.0723 0x0b34 WlanSvc - ok
01:09:07.0840 0x0b34 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
01:09:08.0006 0x0b34 wlidsvc - ok
01:09:08.0040 0x0b34 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
01:09:08.0094 0x0b34 WmiAcpi - ok
01:09:08.0142 0x0b34 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
01:09:08.0203 0x0b34 wmiApSrv - ok
01:09:08.0236 0x0b34 WMPNetworkSvc - ok
01:09:08.0282 0x0b34 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
01:09:08.0331 0x0b34 Wof - ok
01:09:08.0465 0x0b34 [ 5071E71CC05346D88C5A08EB8B5A05E3, EA2B14130EDD1846B2E25D310B0D49253CFB43C22D3DC7B3179DF7349CC4AEFB ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
01:09:08.0657 0x0b34 workfolderssvc - ok
01:09:08.0713 0x0b34 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
01:09:08.0762 0x0b34 wpcfltr - ok
01:09:08.0798 0x0b34 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
01:09:08.0858 0x0b34 WPCSvc - ok
01:09:08.0886 0x0b34 [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
01:09:08.0960 0x0b34 WPDBusEnum - ok
01:09:08.0995 0x0b34 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
01:09:09.0029 0x0b34 WpdUpFltr - ok
01:09:09.0064 0x0b34 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
01:09:09.0120 0x0b34 ws2ifsl - ok
01:09:09.0162 0x0b34 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\WINDOWS\System32\wscsvc.dll
01:09:09.0244 0x0b34 wscsvc - ok
01:09:09.0255 0x0b34 WSearch - ok
01:09:09.0486 0x0b34 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll
01:09:09.0813 0x0b34 WSService - ok
01:09:10.0051 0x0b34 [ E66AC3CA92FC471BFE69F61549193A64, E2DD7EA4ED164EE8FB07546896BE743734B04DE4C9480E84231901CB2C63F31C ] wuauserv C:\WINDOWS\system32\wuaueng.dll
01:09:10.0353 0x0b34 wuauserv - ok
01:09:10.0410 0x0b34 [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
01:09:10.0466 0x0b34 WudfPf - ok
01:09:10.0502 0x0b34 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
01:09:10.0569 0x0b34 WUDFRd - ok
01:09:10.0594 0x0b34 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
01:09:10.0651 0x0b34 WUDFSensorLP - ok
01:09:10.0691 0x0b34 [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
01:09:10.0761 0x0b34 wudfsvc - ok
01:09:10.0784 0x0b34 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
01:09:10.0838 0x0b34 WUDFWpdFs - ok
01:09:10.0887 0x0b34 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
01:09:11.0003 0x0b34 WwanSvc - ok
01:09:11.0036 0x0b34 ================ Scan global ===============================
01:09:11.0076 0x0b34 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
01:09:11.0117 0x0b34 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
01:09:11.0179 0x0b34 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
01:09:11.0248 0x0b34 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
01:09:11.0290 0x0b34 [ Global ] - ok
01:09:11.0292 0x0b34 ================ Scan MBR ==================================
01:09:11.0309 0x0b34 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
01:09:11.0427 0x0b34 \Device\Harddisk0\DR0 - ok
01:09:11.0429 0x0b34 ================ Scan VBR ==================================
01:09:11.0436 0x0b34 [ C1C71E9B7469A021C16DD5D0D9DBC3B9 ] \Device\Harddisk0\DR0\Partition1
01:09:11.0468 0x0b34 \Device\Harddisk0\DR0\Partition1 - ok
01:09:11.0481 0x0b34 [ 077217A50B6FC2B7EE5A7A38EFA4CFF1 ] \Device\Harddisk0\DR0\Partition2
01:09:11.0497 0x0b34 \Device\Harddisk0\DR0\Partition2 - ok
01:09:11.0513 0x0b34 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
01:09:11.0513 0x0b34 \Device\Harddisk0\DR0\Partition3 - ok
01:09:11.0531 0x0b34 [ 3BE88EBE3216F093AE2869F291BB3333 ] \Device\Harddisk0\DR0\Partition4
01:09:11.0545 0x0b34 \Device\Harddisk0\DR0\Partition4 - ok
01:09:11.0582 0x0b34 [ E3A94F20B0B0E3345315A42DB63B5109 ] \Device\Harddisk0\DR0\Partition5
01:09:11.0600 0x0b34 \Device\Harddisk0\DR0\Partition5 - ok
01:09:11.0622 0x0b34 [ E1FD71D4675285E151B47117ACB826BE ] \Device\Harddisk0\DR0\Partition6
01:09:11.0636 0x0b34 \Device\Harddisk0\DR0\Partition6 - ok
01:09:11.0637 0x0b34 ================ Scan generic autorun ======================
01:09:12.0082 0x0b34 [ D066F5D95B5AC708CD39AD4AB64A244C, B7817CFC3AC33B6C8C0295E0F809E3AC4E33CFDC341524B73C853A15F605D96B ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
01:09:12.0484 0x0b34 RTHDVCPL - ok
01:09:12.0598 0x0b34 [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
01:09:12.0635 0x0b34 NCPluginUpdater - ok
01:09:12.0736 0x0b34 [ 38161F642AA7A2882914DDB0E90FF41C, 76236F618A6646BFD286641543E068285B71169FBF44381BB7EE6396EA67EC24 ] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
01:09:12.0795 0x0b34 StartCCC - ok
01:09:12.0889 0x0b34 [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
01:09:12.0924 0x0b34 CLMLServer_For_P2G8 - ok
01:09:12.0963 0x0b34 [ B35B97FC934A9A7D02232094128CD636, 08F9E36F7DB86325986712210DF1B235DAC4F76FB599D2756E863A9FAFEBD57B ] c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
01:09:13.0012 0x0b34 CLVirtualDrive - ok
01:09:13.0073 0x0b34 [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
01:09:13.0103 0x0b34 HP Software Update - ok
01:09:13.0201 0x0b34 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
01:09:13.0295 0x0b34 Adobe ARM - ok
01:09:13.0372 0x0b34 [ EDAD4A8A1D46AFCF9E76B996D55116EB, 937549E6FBF5D7282E56866C705539646F2CB6839FD74BF7AA8FB2BA5CCEE940 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
01:09:13.0407 0x0b34 SunJavaUpdateSched - ok
01:09:13.0679 0x0b34 [ 26AFC1F16494FFE66F2197153B342A27, 817436E38F832500E120F196941F2F8392B192262E16D5E52CD5DFAC34749C15 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
01:09:13.0984 0x0b34 AvastUI.exe - ok
01:09:14.0224 0x0b34 [ 36580EBF8BA2090399D1EC439F398B62, 2CE622BA8D384A8E83F7A672FF3D9B6A44423E38F1AAB60B3FB9AABC646547E3 ] C:\Users\Martha\AppData\Local\FreeScreenSharing\FreeScreenSharing.exe
01:09:14.0398 0x0b34 FreeScreenSharing - ok
01:09:14.0443 0x0b34 Skype - ok
01:09:14.0510 0x0b34 [ 2A65AE735E0C439762072787AD61FA07, 19E4A96924BBD51F45DD5D34D18B16D614779F508B3DF5895DF2218043BEF0E0 ] C:\Program Files (x86)\Windows Mail\wab.exe
01:09:14.0608 0x0b34 WAB Migrate - ok
01:09:14.0625 0x0b34 Skype - ok
01:09:14.0755 0x0b34 [ 36580EBF8BA2090399D1EC439F398B62, 2CE622BA8D384A8E83F7A672FF3D9B6A44423E38F1AAB60B3FB9AABC646547E3 ] C:\Users\Martha\AppData\Local\FreeScreenSharing\FreeScreenSharing.exe
01:09:14.0898 0x0b34 FreeScreenSharing - ok
01:09:14.0941 0x0b34 [ 2A65AE735E0C439762072787AD61FA07, 19E4A96924BBD51F45DD5D34D18B16D614779F508B3DF5895DF2218043BEF0E0 ] C:\Program Files (x86)\Windows Mail\wab.exe
01:09:15.0010 0x0b34 WAB Migrate - ok
01:09:15.0014 0x0b34 Waiting for KSN requests completion. In queue: 236
01:09:16.0016 0x0b34 Waiting for KSN requests completion. In queue: 236
01:09:17.0016 0x0b34 Waiting for KSN requests completion. In queue: 236
01:09:18.0088 0x0b34 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
01:09:18.0104 0x0b34 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x42000 ( disabled : updated )
01:09:18.0130 0x0b34 Win FW state via NFP2: enabled
01:09:20.0594 0x0b34 ============================================================
01:09:20.0594 0x0b34 Scan finished
01:09:20.0594 0x0b34 ============================================================
01:09:20.0624 0x1574 Detected object count: 0
01:09:20.0624 0x1574 Actual detected object count: 0
  • 0

#10
pystryker
Posted 11 July 2014 - 04:50 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

Things are loading faster on browser tabs. But let's see how this log posting goes. Typing in chats going better too! LESI


Hello :)

That's good to hear. :thumbsup:


I see a couple things in the FRST log, but Chrome is still giving us issues regarding the start pages. We'll remove all the start pages and if this doesn't work, then we'll reset Chrome completely.


Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.



Step 1: Change Chrome Startup Pages


We need to change your homepage in Chrome. Please follow the instructions below.
  • Open Chrome and type this in the address bar: chrome:settings
  • When the Settings page opens, look under On Startup and then click Open a specific set of pages and click Set Pages
  • When the window opens, remove all of the pages, and type in just one as a start page.
  • Once you have typed in your new home page, close the window.
Step 2: Fix with FRST

Once you run this fix, the machine should reboot. If it doesn't, please reboot manually.
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

Start
SearchScopes: HKCU - URL http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.searc...x={searchTerms}
Reboot:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Step 3: Fresh FRST Scan
  • Start Farbar's Recovery Scan Tool and press the Scan button.
  • FRST will scan your system and produce one log this time. Please post it in your next reply.
Things I need to see in your next post:

Fixlog.txt Log

Fresh FRST Scan
  • 0

Advertisements

#11
LESI
Posted 11 July 2014 - 11:06 PM

LESI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Pystryker, Ok, I think I handled this correctly. My two logs are below: LESI
Fixlog.txt log
FRST Scan log

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-07-2014
Ran by Martha at 2014-07-12 00:45:10 Run:1
Running from C:\Users\Martha\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
SearchScopes: HKCU - URL http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.searc...x={searchTerms}
Reboot:
End
*****************

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => value deleted successfully.


The system needed a reboot.

==== End of Fixlog ====

===========================================================================================================================================================

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by Martha (administrator) on HP-ALLINONE on 12-07-2014 00:53:58
Running from C:\Users\Martha\Desktop
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6844560 2013-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-04] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-07-08] (Hewlett-Packard)
HKU\S-1-5-21-1584447337-3020926857-578221619-1001\...\Run: [FreeScreenSharing] => C:\Users\Martha\AppData\Local\FreeScreenSharing\FreeScreenSharing.exe [2266104 2013-06-26] ()
HKU\S-1-5-21-1584447337-3020926857-578221619-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPDSK13/1
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM - {84B29D74-CDD6-47A8-9ECE-278809800D63} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\ad89ajwx.default
FF DefaultSearchEngine: Microsoft (Bing)
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Microsoft (Bing)
FF Homepage: hxxp://www.msn.com/?pc=AV01
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @startmeeting.com/launcher - C:\Users\Martha\AppData\Local\SMPlugins\npsmlauncher.dll (Start Meeting)
FF Plugin HKCU: gamevenus.com/CertifiedBrowser - C:\Users\Martha\AppData\Roaming\GVU Technologies\YouTubeDownloaderConverter\npCertifiedBrowser.dll (GVU Technologies)
FF Plugin HKCU: hp.com/HPDetect - C:\Users\Martha\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)
FF SearchPlugin: C:\Users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\ad89ajwx.default\searchplugins\bing-avast.xml
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected]
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected] [2014-01-13]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected]
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected] [2014-01-13]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-04]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3321972&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SP2360F13D-99DE-423C-9AFA-E7849F281233&SSPV=
CHR StartupUrls: "hxxp://beyondorganics.ning.com/group/dinar"
CHR DefaultSearchKeyword: ixquick.com
CHR DefaultSearchProvider: Ixquick
CHR DefaultSearchURL: http://ixquick.com/d...anguage=english
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-15]
CHR Extension: (Google Drive) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (YouTube) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-15]
CHR Extension: (Google Search) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-15]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-04-10]
CHR Extension: (Skype Click to Call) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-14]
CHR Extension: (Google Wallet) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-15]
CHR Extension: (Gmail) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-04]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-04] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [103936 2014-01-13] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-01-13] (Ellora Assets Corp.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-07-19] (Hewlett-Packard)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-06-19] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-19] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-19] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-04] ()
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-19] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-12 00:53 - 2014-07-12 00:53 - 00019519 _____ () C:\Users\Martha\Desktop\FRST.txt
2014-07-12 00:44 - 2014-07-12 00:44 - 02084864 _____ (Farbar) C:\Users\Martha\Desktop\FRST64.exe
2014-07-12 00:39 - 2014-07-12 00:39 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (4).exe
2014-07-11 01:37 - 2014-07-11 01:37 - 00141201 _____ () C:\Users\Martha\Desktop\FRST.07.11.14.txt
2014-07-11 01:36 - 2014-07-11 01:36 - 00049580 _____ () C:\Users\Martha\Desktop\Addition.07.11.14.txt
2014-07-11 01:35 - 2014-07-11 01:35 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Martha\Downloads\tdsskiller (1).exe
2014-07-11 01:34 - 2014-07-11 01:34 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (3).exe
2014-07-11 01:24 - 2014-07-11 01:25 - 00049580 _____ () C:\Users\Martha\Downloads\Addition.txt
2014-07-11 01:21 - 2014-07-11 01:25 - 00141201 _____ () C:\Users\Martha\Downloads\FRST.txt
2014-07-11 01:20 - 2014-07-12 00:54 - 00000000 ____D () C:\FRST
2014-07-11 01:19 - 2014-07-11 01:19 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (2).exe
2014-07-11 01:18 - 2014-07-11 01:18 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64.exe
2014-07-11 01:18 - 2014-07-11 01:18 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (1).exe
2014-07-11 01:16 - 2014-07-11 01:16 - 00558856 _____ () C:\Users\Martha\Desktop\TDSKiller.07.11.14.txt.one
2014-07-11 01:03 - 2014-07-11 01:04 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Martha\Downloads\tdsskiller.exe
2014-07-10 10:30 - 2014-07-10 10:30 - 00000829 _____ () C:\Users\Martha\Desktop\checkup.0710.14.txt
2014-07-10 10:25 - 2014-07-10 10:25 - 00854390 _____ () C:\Users\Martha\Downloads\SecurityCheck.exe
2014-07-10 01:59 - 2014-07-10 01:59 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(3).exe
2014-07-10 01:58 - 2014-07-10 01:58 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(2).exe
2014-07-10 01:56 - 2014-07-10 01:56 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(1).exe
2014-07-10 01:35 - 2014-07-10 01:35 - 00001341 _____ () C:\Users\Martha\Desktop\MBAM.07.10.14.txt
2014-07-10 01:26 - 2014-06-26 16:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-07-10 01:26 - 2014-06-26 16:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 19:31 - 2014-04-13 23:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-09 19:29 - 2014-07-09 19:29 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 19:07 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-09 19:07 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-09 19:07 - 2014-06-18 19:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-09 19:07 - 2014-06-18 18:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-09 19:07 - 2014-06-16 18:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-09 19:07 - 2014-06-16 18:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-09 19:07 - 2014-06-06 10:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-09 19:06 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-09 19:06 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-09 19:06 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-09 19:06 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-09 19:06 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-09 19:06 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-09 19:06 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-09 19:06 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-09 19:06 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-09 19:06 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-09 19:06 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-09 19:06 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-09 19:06 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-09 19:06 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-09 19:06 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-09 19:06 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-09 19:06 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-09 19:06 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-09 19:06 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-09 19:06 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-09 19:06 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-09 19:06 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-09 19:06 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-09 19:06 - 2014-05-29 23:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-09 19:06 - 2014-05-29 08:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-09 19:06 - 2014-05-29 03:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-09 19:06 - 2014-05-29 02:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-09 19:06 - 2014-05-29 02:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-09 19:06 - 2014-05-29 01:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-09 19:06 - 2014-05-29 01:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 19:05 - 2014-06-30 18:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-09 19:05 - 2014-06-28 03:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-09 19:05 - 2014-06-28 03:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-09 19:05 - 2014-06-06 09:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-09 19:05 - 2014-06-06 08:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-09 19:05 - 2014-05-31 06:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-09 19:05 - 2014-05-31 06:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-09 19:05 - 2014-05-30 23:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-09 19:05 - 2014-05-30 23:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-09 19:05 - 2014-05-30 23:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 19:05 - 2014-05-30 23:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-09 19:05 - 2014-05-30 23:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-09 19:05 - 2014-05-30 23:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 19:05 - 2014-05-30 22:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-09 19:05 - 2014-05-30 22:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-09 19:05 - 2014-05-30 22:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-09 19:05 - 2014-05-30 22:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-09 19:05 - 2014-05-30 22:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-09 19:05 - 2014-05-30 22:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-09 19:05 - 2014-05-30 22:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-09 19:00 - 2014-07-09 19:00 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 18:58 - 2014-07-10 01:25 - 00000360 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForMartha.job
2014-07-09 18:58 - 2014-07-09 18:58 - 00003176 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForMartha
2014-07-09 09:03 - 2014-07-09 09:03 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT (2).exe
2014-07-09 09:01 - 2014-07-09 09:01 - 00215740 _____ () C:\Users\Martha\Desktop\OTL.07.09.14.Txt
2014-07-09 02:51 - 2014-07-09 02:51 - 00215738 _____ () C:\Users\Martha\Desktop\OTL.Txt
2014-07-09 01:59 - 2014-07-09 01:59 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT (1).exe
2014-07-09 01:56 - 2014-07-09 01:56 - 00002993 _____ () C:\Users\Martha\Desktop\JRT.07.09.14.txt
2014-07-09 01:53 - 2014-07-09 01:53 - 00002993 _____ () C:\Users\Martha\Desktop\JRT.txt
2014-07-09 01:28 - 2014-07-09 01:28 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-09 01:26 - 2014-07-09 01:26 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT.exe
2014-07-09 01:25 - 2014-07-09 01:25 - 01348263 _____ () C:\Users\Martha\Downloads\AdwCleaner (2).exe
2014-07-09 01:23 - 2014-07-09 01:23 - 00003189 _____ () C:\Users\Martha\Desktop\AdwCleaner.07.09.14[S0].txt
2014-07-09 01:10 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-09 01:04 - 2014-07-09 01:15 - 00000000 ____D () C:\AdwCleaner
2014-07-09 01:03 - 2014-07-09 01:03 - 01348263 _____ () C:\Users\Martha\Downloads\AdwCleaner (1).exe
2014-07-09 01:00 - 2014-07-09 01:00 - 00007978 _____ () C:\Users\Martha\Desktop\07092014_005154.log
2014-07-09 00:51 - 2014-07-09 00:51 - 00000000 ____D () C:\_OTL
2014-07-07 23:14 - 2014-07-07 23:14 - 00151692 _____ () C:\Users\Martha\Desktop\OTL.07.07.14.Txt
2014-07-07 23:14 - 2014-07-07 23:14 - 00090754 _____ () C:\Users\Martha\Desktop\Extras.07.07.14.Txt
2014-07-07 23:08 - 2014-07-07 23:08 - 00090754 _____ () C:\Users\Martha\Downloads\Extras.Txt
2014-07-07 23:05 - 2014-07-07 23:05 - 00151692 _____ () C:\Users\Martha\Downloads\OTL.Txt
2014-07-07 22:38 - 2014-07-07 22:38 - 00602112 _____ (OldTimer Tools) C:\Users\Martha\Desktop\OTL.exe
2014-07-04 00:39 - 2014-07-04 00:39 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\AVAST Software
2014-07-04 00:38 - 2014-07-04 12:38 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-04 00:38 - 2014-07-04 00:38 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-04 00:38 - 2014-07-04 00:38 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-07-04 00:38 - 2014-07-04 00:38 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-04 00:38 - 2014-07-04 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-04 00:36 - 2014-07-04 00:36 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-04 00:33 - 2014-07-04 00:36 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-04 00:32 - 2014-07-04 00:33 - 91906368 _____ (AVAST Software) C:\Users\Martha\Downloads\avast_free_antivirus_setup.exe
2014-07-02 08:24 - 2014-07-02 08:24 - 00000746 _____ () C:\Users\Martha\Desktop\ESET.07.01.14.txt
2014-07-02 00:08 - 2014-07-02 00:08 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 00:07 - 2014-07-02 00:07 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu.exe
2014-07-01 18:08 - 2014-07-10 01:32 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-01 18:07 - 2014-07-01 18:07 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-01 18:07 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-01 18:07 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-01 18:07 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-01 18:05 - 2014-07-01 18:06 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Martha\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 17:46 - 2014-07-01 17:46 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Martha\Downloads\mbam-clean-2.0.2.0.exe
2014-06-23 12:21 - 2014-06-23 12:21 - 00134448 _____ () C:\Users\Martha\Desktop\TDSKiller(1).txt.one
2014-06-21 19:58 - 2014-06-21 19:58 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Oracle
2014-06-21 18:56 - 2014-06-21 18:56 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-06-21 18:56 - 2014-06-21 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-21 18:56 - 2014-06-21 18:56 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-21 18:52 - 2014-06-21 18:52 - 00918952 _____ (Oracle Corporation) C:\Users\Martha\Downloads\chromeinstall-7u60.exe
2014-06-21 11:29 - 2014-05-19 02:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-21 11:29 - 2014-05-19 02:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-21 11:29 - 2014-05-19 01:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-19 23:56 - 2014-06-19 23:56 - 00000000 ____D () C:\ProgramData\Recovery
2014-06-19 23:12 - 2014-06-21 00:00 - 00000000 ___DC () C:\WINDOWS\Panther
2014-06-19 23:09 - 2014-06-19 23:09 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-06-19 23:09 - 2014-06-19 23:09 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-19 23:07 - 2014-06-19 23:07 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-19 23:06 - 2014-06-19 23:06 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-19 23:06 - 2014-06-19 23:06 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-19 23:06 - 2014-06-19 23:06 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-19 23:06 - 2014-06-19 23:06 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-19 23:05 - 2014-06-19 23:05 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-19 23:05 - 2014-06-19 23:05 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-06-19 23:04 - 2014-06-19 23:04 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-06-19 23:04 - 2014-06-19 23:04 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-06-19 22:59 - 2014-06-19 22:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-06-19 22:59 - 2014-06-19 22:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-06-19 22:57 - 2014-06-19 22:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-06-19 22:57 - 2014-06-19 22:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-06-19 22:57 - 2014-06-19 22:57 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-06-19 22:57 - 2014-06-19 22:57 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-06-19 22:57 - 2014-06-19 22:57 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-19 22:55 - 2014-06-19 22:55 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-19 22:55 - 2014-06-19 22:55 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-19 22:52 - 2014-06-19 22:52 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-06-19 22:49 - 2014-06-19 22:49 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-06-19 22:49 - 2014-06-19 22:49 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-06-19 22:49 - 2014-06-19 22:49 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files\MSBuild
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\inetpub
2014-06-19 22:48 - 2013-08-03 00:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-06-19 22:48 - 2013-08-03 00:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-19 22:48 - 2013-08-03 00:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-06-19 22:48 - 2013-08-03 00:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-06-19 22:48 - 2013-08-03 00:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-19 22:48 - 2013-08-03 00:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-06-19 20:24 - 2014-07-12 00:47 - 00000000 __RDO () C:\Users\Martha\OneDrive
2014-06-19 20:19 - 2014-06-19 20:19 - 00001444 _____ () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-19 20:18 - 2014-06-19 20:18 - 00000020 ___SH () C:\Users\Martha\ntuser.ini
2014-06-19 19:57 - 2014-06-19 19:57 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-06-19 19:49 - 2014-07-11 21:10 - 02047025 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-19 19:41 - 2014-06-19 19:41 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-06-19 19:32 - 2014-06-19 19:32 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-06-19 19:28 - 2014-06-19 20:24 - 00000000 ____D () C:\Users\Martha
2014-06-19 19:28 - 2014-06-19 19:58 - 00041913 _____ () C:\WINDOWS\diagwrn.xml
2014-06-19 19:28 - 2014-06-19 19:58 - 00041913 _____ () C:\WINDOWS\diagerr.xml
2014-06-19 19:28 - 2014-06-19 19:50 - 00000000 ____D () C:\Users\Betty
2014-06-19 19:28 - 2014-06-19 19:49 - 00000000 ____D () C:\Users\Administrator
2014-06-19 19:28 - 2014-06-19 19:32 - 00000000 ___RD () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:28 - 2014-06-19 19:32 - 00000000 ___RD () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:28 - 2014-06-19 19:30 - 00000000 ___RD () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:28 - 2014-06-19 19:30 - 00000000 ___RD () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:28 - 2014-06-19 19:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:28 - 2014-06-19 19:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:28 - 2014-06-19 19:30 - 00000000 ____D () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-06-19 19:28 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-19 19:28 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-19 19:28 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-19 19:28 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-19 19:28 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-19 19:22 - 2014-06-19 19:22 - 00930400 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-06-19 19:20 - 2014-06-19 19:32 - 00012096 _____ () C:\WINDOWS\iis.log
2014-06-19 19:17 - 2014-07-12 00:49 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-06-19 19:16 - 2014-06-19 19:16 - 00001370 _____ () C:\WINDOWS\system32\RaCoInst.log
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\Program Files\Realtek
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\AMD
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-06-19 19:15 - 2014-06-19 19:15 - 00000000 ____D () C:\Program Files\AMD
2014-06-19 18:05 - 2014-06-19 19:58 - 00006589 _____ () C:\WINDOWS\comsetup.log
2014-06-18 01:03 - 2014-06-18 01:03 - 06431728 _____ (Microsoft Corporation) C:\Users\Martha\Downloads\OSGS14-WindowsUpgradeAssistant-32bitand64bit-ClientSKU-4141411.exe
2014-06-18 00:50 - 2014-06-18 00:50 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\HewlettPackard
2014-06-17 17:48 - 2014-06-17 17:48 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-17 09:55 - 2014-06-17 09:55 - 00870104 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-06-17 09:55 - 2014-06-17 09:55 - 00073800 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll

==================== One Month Modified Files and Folders =======

2014-07-12 00:54 - 2014-07-12 00:53 - 00019519 _____ () C:\Users\Martha\Desktop\FRST.txt
2014-07-12 00:54 - 2014-07-11 01:20 - 00000000 ____D () C:\FRST
2014-07-12 00:52 - 2013-10-14 14:07 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1584447337-3020926857-578221619-1001
2014-07-12 00:51 - 2013-10-15 01:34 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-12 00:50 - 2013-10-15 01:34 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-12 00:49 - 2014-06-19 19:17 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-07-12 00:49 - 2013-10-15 00:47 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Skype
2014-07-12 00:47 - 2014-06-19 20:24 - 00000000 __RDO () C:\Users\Martha\OneDrive
2014-07-12 00:46 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-12 00:46 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-12 00:44 - 2014-07-12 00:44 - 02084864 _____ (Farbar) C:\Users\Martha\Desktop\FRST64.exe
2014-07-12 00:39 - 2014-07-12 00:39 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (4).exe
2014-07-12 00:38 - 2014-02-12 02:29 - 00000364 _____ () C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2014-07-12 00:27 - 2013-10-15 01:34 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-12 00:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-11 21:10 - 2014-06-19 19:49 - 02047025 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-11 01:37 - 2014-07-11 01:37 - 00141201 _____ () C:\Users\Martha\Desktop\FRST.07.11.14.txt
2014-07-11 01:36 - 2014-07-11 01:36 - 00049580 _____ () C:\Users\Martha\Desktop\Addition.07.11.14.txt
2014-07-11 01:35 - 2014-07-11 01:35 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Martha\Downloads\tdsskiller (1).exe
2014-07-11 01:34 - 2014-07-11 01:34 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (3).exe
2014-07-11 01:25 - 2014-07-11 01:24 - 00049580 _____ () C:\Users\Martha\Downloads\Addition.txt
2014-07-11 01:25 - 2014-07-11 01:21 - 00141201 _____ () C:\Users\Martha\Downloads\FRST.txt
2014-07-11 01:19 - 2014-07-11 01:19 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (2).exe
2014-07-11 01:18 - 2014-07-11 01:18 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64.exe
2014-07-11 01:18 - 2014-07-11 01:18 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (1).exe
2014-07-11 01:16 - 2014-07-11 01:16 - 00558856 _____ () C:\Users\Martha\Desktop\TDSKiller.07.11.14.txt.one
2014-07-11 01:04 - 2014-07-11 01:03 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Martha\Downloads\tdsskiller.exe
2014-07-10 10:30 - 2014-07-10 10:30 - 00000829 _____ () C:\Users\Martha\Desktop\checkup.0710.14.txt
2014-07-10 10:25 - 2014-07-10 10:25 - 00854390 _____ () C:\Users\Martha\Downloads\SecurityCheck.exe
2014-07-10 04:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-10 01:59 - 2014-07-10 01:59 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(3).exe
2014-07-10 01:58 - 2014-07-10 01:58 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(2).exe
2014-07-10 01:56 - 2014-07-10 01:56 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(1).exe
2014-07-10 01:56 - 2014-05-09 14:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-10 01:35 - 2014-07-10 01:35 - 00001341 _____ () C:\Users\Martha\Desktop\MBAM.07.10.14.txt
2014-07-10 01:32 - 2014-07-01 18:08 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-10 01:25 - 2014-07-09 18:58 - 00000360 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForMartha.job
2014-07-10 01:24 - 2013-08-22 10:44 - 00419792 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-10 01:22 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-10 01:22 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 01:22 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 01:22 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-09 19:42 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-09 19:40 - 2013-10-15 18:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 19:39 - 2013-10-16 02:04 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 19:35 - 2013-10-16 02:04 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-09 19:35 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-09 19:30 - 2014-03-18 05:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 19:29 - 2014-07-09 19:29 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 19:00 - 2014-07-09 19:00 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 18:58 - 2014-07-09 18:58 - 00003176 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForMartha
2014-07-09 09:03 - 2014-07-09 09:03 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT (2).exe
2014-07-09 09:01 - 2014-07-09 09:01 - 00215740 _____ () C:\Users\Martha\Desktop\OTL.07.09.14.Txt
2014-07-09 02:51 - 2014-07-09 02:51 - 00215738 _____ () C:\Users\Martha\Desktop\OTL.Txt
2014-07-09 01:59 - 2014-07-09 01:59 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT (1).exe
2014-07-09 01:56 - 2014-07-09 01:56 - 00002993 _____ () C:\Users\Martha\Desktop\JRT.07.09.14.txt
2014-07-09 01:53 - 2014-07-09 01:53 - 00002993 _____ () C:\Users\Martha\Desktop\JRT.txt
2014-07-09 01:28 - 2014-07-09 01:28 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-09 01:26 - 2014-07-09 01:26 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT.exe
2014-07-09 01:25 - 2014-07-09 01:25 - 01348263 _____ () C:\Users\Martha\Downloads\AdwCleaner (2).exe
2014-07-09 01:23 - 2014-07-09 01:23 - 00003189 _____ () C:\Users\Martha\Desktop\AdwCleaner.07.09.14[S0].txt
2014-07-09 01:20 - 2014-03-18 05:54 - 00063870 _____ () C:\WINDOWS\PFRO.log
2014-07-09 01:15 - 2014-07-09 01:04 - 00000000 ____D () C:\AdwCleaner
2014-07-09 01:08 - 2013-11-19 17:14 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-07-09 01:07 - 2013-11-19 17:14 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-09 01:03 - 2014-07-09 01:03 - 01348263 _____ () C:\Users\Martha\Downloads\AdwCleaner (1).exe
2014-07-09 01:00 - 2014-07-09 01:00 - 00007978 _____ () C:\Users\Martha\Desktop\07092014_005154.log
2014-07-09 00:51 - 2014-07-09 00:51 - 00000000 ____D () C:\_OTL
2014-07-08 08:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-07 23:14 - 2014-07-07 23:14 - 00151692 _____ () C:\Users\Martha\Desktop\OTL.07.07.14.Txt
2014-07-07 23:14 - 2014-07-07 23:14 - 00090754 _____ () C:\Users\Martha\Desktop\Extras.07.07.14.Txt
2014-07-07 23:08 - 2014-07-07 23:08 - 00090754 _____ () C:\Users\Martha\Downloads\Extras.Txt
2014-07-07 23:05 - 2014-07-07 23:05 - 00151692 _____ () C:\Users\Martha\Downloads\OTL.Txt
2014-07-07 22:38 - 2014-07-07 22:38 - 00602112 _____ (OldTimer Tools) C:\Users\Martha\Desktop\OTL.exe
2014-07-04 12:38 - 2014-07-04 00:38 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-04 00:44 - 2014-05-09 14:11 - 00001097 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-04 00:44 - 2014-05-09 14:11 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-04 00:39 - 2014-07-04 00:39 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\AVAST Software
2014-07-04 00:38 - 2014-07-04 00:38 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-04 00:38 - 2014-07-04 00:38 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-04 00:38 - 2014-07-04 00:38 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-07-04 00:38 - 2014-07-04 00:38 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-04 00:38 - 2014-07-04 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-04 00:36 - 2014-07-04 00:36 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-04 00:36 - 2014-07-04 00:33 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-04 00:33 - 2014-07-04 00:32 - 91906368 _____ (AVAST Software) C:\Users\Martha\Downloads\avast_free_antivirus_setup.exe
2014-07-02 08:24 - 2014-07-02 08:24 - 00000746 _____ () C:\Users\Martha\Desktop\ESET.07.01.14.txt
2014-07-02 00:08 - 2014-07-02 00:08 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 00:07 - 2014-07-02 00:07 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu.exe
2014-07-01 20:07 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\schemas
2014-07-01 18:07 - 2014-07-01 18:07 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-01 18:06 - 2014-07-01 18:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Martha\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 17:46 - 2014-07-01 17:46 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Martha\Downloads\mbam-clean-2.0.2.0.exe
2014-06-30 18:45 - 2014-07-09 19:05 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-28 03:48 - 2014-07-09 19:05 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-28 03:07 - 2014-07-09 19:05 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-06-26 16:55 - 2014-07-10 01:26 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 16:55 - 2014-07-10 01:26 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-23 12:21 - 2014-06-23 12:21 - 00134448 _____ () C:\Users\Martha\Desktop\TDSKiller(1).txt.one
2014-06-21 19:59 - 2014-03-18 06:03 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-21 19:58 - 2014-06-21 19:58 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Oracle
2014-06-21 19:21 - 2013-10-15 13:43 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-21 18:56 - 2014-06-21 18:56 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-06-21 18:56 - 2014-06-21 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-21 18:56 - 2014-06-21 18:56 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-21 18:54 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-06-21 18:52 - 2014-06-21 18:52 - 00918952 _____ (Oracle Corporation) C:\Users\Martha\Downloads\chromeinstall-7u60.exe
2014-06-21 00:22 - 2013-10-15 01:34 - 00003894 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-21 00:22 - 2013-10-15 01:34 - 00003658 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-21 00:05 - 2013-08-22 10:46 - 00368331 _____ () C:\WINDOWS\setupact.log
2014-06-21 00:00 - 2014-06-19 23:12 - 00000000 ___DC () C:\WINDOWS\Panther
2014-06-19 23:56 - 2014-06-19 23:56 - 00000000 ____D () C:\ProgramData\Recovery
2014-06-19 23:11 - 2013-08-22 11:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-06-19 23:09 - 2014-06-19 23:09 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-06-19 23:09 - 2014-06-19 23:09 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-19 23:07 - 2014-06-19 23:07 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-19 23:06 - 2014-06-19 23:06 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-19 23:06 - 2014-06-19 23:06 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-19 23:06 - 2014-06-19 23:06 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-19 23:06 - 2014-06-19 23:06 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-19 23:05 - 2014-06-19 23:05 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-19 23:05 - 2014-06-19 23:05 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-19 23:05 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-06-19 23:04 - 2014-06-19 23:04 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-06-19 23:04 - 2014-06-19 23:04 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-06-19 23:04 - 2014-06-19 23:04 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-06-19 23:01 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-06-19 23:00 - 2014-06-19 23:00 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-06-19 22:59 - 2014-06-19 22:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-06-19 22:59 - 2014-06-19 22:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-06-19 22:57 - 2014-06-19 22:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-06-19 22:57 - 2014-06-19 22:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-06-19 22:57 - 2014-06-19 22:57 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-06-19 22:57 - 2014-06-19 22:57 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-06-19 22:57 - 2014-06-19 22:57 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-19 22:55 - 2014-06-19 22:55 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-19 22:55 - 2014-06-19 22:55 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-19 22:55 - 2014-06-19 22:55 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-19 22:52 - 2014-06-19 22:52 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-06-19 22:49 - 2014-06-19 22:49 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-06-19 22:49 - 2014-06-19 22:49 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-06-19 22:49 - 2014-06-19 22:49 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files\MSBuild
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\inetpub
2014-06-19 20:24 - 2014-06-19 19:28 - 00000000 ____D () C:\Users\Martha
2014-06-19 20:23 - 2013-02-25 19:42 - 00000000 ____D () C:\Users\Martha\AppData\Local\Packages
2014-06-19 20:19 - 2014-06-19 20:19 - 00001444 _____ () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-19 20:18 - 2014-06-19 20:18 - 00000020 ___SH () C:\Users\Martha\ntuser.ini
2014-06-19 19:58 - 2014-06-19 19:28 - 00041913 _____ () C:\WINDOWS\diagwrn.xml
2014-06-19 19:58 - 2014-06-19 19:28 - 00041913 _____ () C:\WINDOWS\diagerr.xml
2014-06-19 19:58 - 2014-06-19 18:05 - 00006589 _____ () C:\WINDOWS\comsetup.log
2014-06-19 19:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-06-19 19:57 - 2014-06-19 19:57 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-06-19 19:54 - 2013-08-22 11:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-06-19 19:53 - 2013-08-22 11:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-19 19:50 - 2014-06-19 19:28 - 00000000 ____D () C:\Users\Betty
2014-06-19 19:49 - 2014-06-19 19:28 - 00000000 ____D () C:\Users\Administrator
2014-06-19 19:44 - 2014-04-17 12:01 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-06-19 19:44 - 2014-04-17 12:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2014-06-19 19:44 - 2014-04-01 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unseen App
2014-06-19 19:44 - 2014-03-18 05:45 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-06-19 19:44 - 2014-03-14 08:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-19 19:44 - 2014-02-27 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-19 19:44 - 2014-02-01 12:03 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartMeeting
2014-06-19 19:44 - 2014-01-13 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-19 19:44 - 2013-11-21 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-06-19 19:44 - 2013-11-01 11:57 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeScreenSharing
2014-06-19 19:44 - 2013-10-17 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-06-19 19:44 - 2013-10-15 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-06-19 19:44 - 2013-10-15 01:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-19 19:44 - 2012-09-11 10:20 - 00000000 ____D () C:\WINDOWS\en
2014-06-19 19:44 - 2012-09-11 10:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-06-19 19:44 - 2012-09-11 09:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-19 19:44 - 2012-09-11 09:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-06-19 19:44 - 2012-09-11 09:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-06-19 19:44 - 2012-09-11 09:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-19 19:42 - 2013-08-22 11:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-06-19 19:42 - 2012-07-26 01:37 - 00000000 ____D () C:\Users\Default.migrated
2014-06-19 19:41 - 2014-06-19 19:41 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-06-19 19:41 - 2014-03-18 05:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-06-19 19:41 - 2014-03-18 05:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-06-19 19:41 - 2014-03-18 05:32 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-06-19 19:41 - 2013-11-19 21:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-06-19 19:41 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-06-19 19:41 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-19 19:40 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-06-19 19:39 - 2013-10-14 13:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2014-06-19 19:39 - 2013-08-22 11:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-06-19 19:39 - 2013-08-22 11:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-06-19 19:39 - 2013-08-22 11:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-06-19 19:39 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Help
2014-06-19 19:39 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-19 19:39 - 2012-09-11 09:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2014-06-19 19:39 - 2012-09-11 09:12 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-06-19 19:39 - 2012-08-01 22:05 - 00000000 ____D () C:\ProgramData\PRICache
2014-06-19 19:32 - 2014-06-19 19:32 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-06-19 19:32 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:32 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:32 - 2014-06-19 19:20 - 00012096 _____ () C:\WINDOWS\iis.log
2014-06-19 19:32 - 2014-01-13 21:46 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-19 19:32 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-06-19 19:30 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:30 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:30 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:30 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:30 - 2014-06-19 19:28 - 00000000 ____D () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-19 19:30 - 2014-05-20 18:02 - 00000000 ____D () C:\Users\Betty\AppData\Local\Packages
2014-06-19 19:30 - 2012-08-01 22:05 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2014-06-19 19:22 - 2014-06-19 19:22 - 00930400 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-06-19 19:20 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-06-19 19:20 - 2012-08-01 22:05 - 00000000 __SHD () C:\Recovery
2014-06-19 19:16 - 2014-06-19 19:16 - 00001370 _____ () C:\WINDOWS\system32\RaCoInst.log
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\Program Files\Realtek
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\AMD
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-06-19 19:15 - 2014-06-19 19:15 - 00000000 ____D () C:\Program Files\AMD
2014-06-19 19:14 - 2013-08-22 09:36 - 00000000 __RHD () C:\Users\Default
2014-06-19 18:37 - 2013-10-14 14:40 - 01509799 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-06-19 17:36 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-06-18 21:39 - 2014-07-09 19:07 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-18 20:48 - 2014-07-09 19:06 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-18 20:16 - 2014-07-09 19:07 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-18 20:09 - 2014-07-09 19:06 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-18 19:51 - 2014-07-09 19:06 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-18 19:50 - 2014-07-09 19:06 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-18 19:48 - 2014-07-09 19:06 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-18 19:46 - 2014-07-09 19:07 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-06-18 19:39 - 2014-07-09 19:06 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-18 19:33 - 2014-07-09 19:06 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-18 19:32 - 2014-07-09 19:06 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-18 19:27 - 2014-07-09 19:06 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-18 19:12 - 2014-07-09 19:06 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-18 18:59 - 2014-07-09 19:06 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-18 18:58 - 2014-07-09 19:06 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-18 18:58 - 2014-07-09 19:06 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-18 18:57 - 2014-07-09 19:07 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-06-18 18:52 - 2014-07-09 19:06 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-18 18:51 - 2014-07-09 19:06 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-18 18:49 - 2014-07-09 19:06 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-18 18:45 - 2014-07-09 19:06 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-18 18:35 - 2014-07-09 19:06 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-18 18:34 - 2014-07-09 19:06 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-18 18:15 - 2014-07-09 19:06 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-18 18:13 - 2014-07-09 19:06 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-18 18:09 - 2014-07-09 19:06 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-18 18:07 - 2014-07-09 19:06 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-18 01:03 - 2014-06-18 01:03 - 06431728 _____ (Microsoft Corporation) C:\Users\Martha\Downloads\OSGS14-WindowsUpgradeAssistant-32bitand64bit-ClientSKU-4141411.exe
2014-06-18 00:50 - 2014-06-18 00:50 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\HewlettPackard
2014-06-18 00:43 - 2014-02-12 02:30 - 00000000 ___RD () C:\Users\Martha\Documents\HP Photo Creations
2014-06-18 00:43 - 2013-10-17 22:04 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-06-17 17:48 - 2014-06-17 17:48 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-17 13:07 - 2014-03-01 13:17 - 00000000 ____D () C:\Users\Martha\Desktop\Kannaway
2014-06-17 09:55 - 2014-06-17 09:55 - 00870104 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-06-17 09:55 - 2014-06-17 09:55 - 00073800 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2014-06-17 09:55 - 2012-09-11 09:22 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-17 09:55 - 2012-08-01 23:15 - 00000000 ____D () C:\SWSETUP
2014-06-16 18:26 - 2014-07-09 19:07 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-06-16 18:24 - 2014-07-09 19:07 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe

Some content of TEMP:
====================
C:\Users\Martha\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-10 03:35

==================== End Of Log ============================
  • 0

#12
pystryker
Posted 12 July 2014 - 05:39 AM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

Pystryker, Ok, I think I handled this correctly. My two logs are below: LESI


You're doing quite well. :)


Step 1: Reset Chrome


Chrome is still showing conduit as the startup page. As we've tried a couple of times to reset it and it's still there, we're going to reset Chrome to it's default settings to remove that item.


Please follow the instructions at this link to reset Chrome. This will remove all of Chrome's current settings and replace them with the default settings.

https://support.goog...765944?hl=en-GB


When you click on the link, skip down to Step 2 of the steps listed on the page. Below is a list of items that will be reset when you reset Chrome:

Default search engine and saved search engines will be reset to their original defaults.
Homepage button will be hidden and the URL that you previously set will be removed.
Default start-up pages will be cleared.
New Tab page will be empty unless you have a version of Chrome with an extension that controls it. In that case your page may be preserved.
Pinned tabs will be unpinned.
Content settings will be cleared and reset to their installation defaults.
Cookies and site data will be cleared.
Extensions will be turned off.
Customised themes will be removed.
Chrome desktop shortcut path will be cleared.


Step 2: Fresh FRST Scan

  • Start Farbar's Recovery Scan Tool and press the Scan button.
  • FRST will scan your system and produce one log this time. Please post it in your next reply.

Things I need to see in your next post

Fresh FRST Log


  • 0

#13
LESI
Posted 14 July 2014 - 05:46 PM

LESI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

ok, Pystryker,

I've gotcha covered.. Here's my FRSTLog... LESI

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014 01
Ran by Martha (administrator) on HP-ALLINONE on 14-07-2014 19:32:46
Running from C:\Users\Martha\Desktop
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6844560 2013-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-04] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-07-08] (Hewlett-Packard)
HKU\S-1-5-21-1584447337-3020926857-578221619-1001\...\Run: [FreeScreenSharing] => C:\Users\Martha\AppData\Local\FreeScreenSharing\FreeScreenSharing.exe [2266104 2013-06-26] ()
HKU\S-1-5-21-1584447337-3020926857-578221619-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPDSK13/1
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM - {84B29D74-CDD6-47A8-9ECE-278809800D63} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\ad89ajwx.default
FF DefaultSearchEngine: Microsoft (Bing)
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Microsoft (Bing)
FF Homepage: hxxp://www.msn.com/?pc=AV01
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @startmeeting.com/launcher - C:\Users\Martha\AppData\Local\SMPlugins\npsmlauncher.dll (Start Meeting)
FF Plugin HKCU: gamevenus.com/CertifiedBrowser - C:\Users\Martha\AppData\Roaming\GVU Technologies\YouTubeDownloaderConverter\npCertifiedBrowser.dll (GVU Technologies)
FF Plugin HKCU: hp.com/HPDetect - C:\Users\Martha\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)
FF SearchPlugin: C:\Users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\ad89ajwx.default\searchplugins\bing-avast.xml
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected]
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected] [2014-01-13]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected]
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected] [2014-01-13]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-04]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
 
Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3321972&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SP2360F13D-99DE-423C-9AFA-E7849F281233&SSPV=
CHR StartupUrls: "hxxp://beyondorganics.ning.com/group/dinar"
CHR Extension: (Google Docs) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-15]
CHR Extension: (Google Drive) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (YouTube) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-15]
CHR Extension: (Google Search) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-15]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-04-10]
CHR Extension: (Skype Click to Call) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-14]
CHR Extension: (Google Wallet) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-15]
CHR Extension: (Gmail) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-04]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
 
==================== Services (Whitelisted) =================
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-04] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [103936 2014-01-13] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-01-13] (Ellora Assets Corp.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-07-19] (Hewlett-Packard)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-06-19] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-19] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-19] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-04] ()
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-19] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-14 19:32 - 2014-07-14 19:32 - 00000000 ____D () C:\Users\Martha\Desktop\FRST-OlderVersion
2014-07-12 00:53 - 2014-07-14 19:32 - 00019724 _____ () C:\Users\Martha\Desktop\FRST.txt
2014-07-12 00:44 - 2014-07-14 19:32 - 02086912 _____ (Farbar) C:\Users\Martha\Desktop\FRST64.exe
2014-07-12 00:39 - 2014-07-12 00:39 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (4).exe
2014-07-11 01:37 - 2014-07-11 01:37 - 00141201 _____ () C:\Users\Martha\Desktop\FRST.07.11.14.txt
2014-07-11 01:36 - 2014-07-11 01:36 - 00049580 _____ () C:\Users\Martha\Desktop\Addition.07.11.14.txt
2014-07-11 01:35 - 2014-07-11 01:35 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Martha\Downloads\tdsskiller (1).exe
2014-07-11 01:34 - 2014-07-11 01:34 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (3).exe
2014-07-11 01:24 - 2014-07-11 01:25 - 00049580 _____ () C:\Users\Martha\Downloads\Addition.txt
2014-07-11 01:21 - 2014-07-11 01:25 - 00141201 _____ () C:\Users\Martha\Downloads\FRST.txt
2014-07-11 01:20 - 2014-07-14 19:32 - 00000000 ____D () C:\FRST
2014-07-11 01:19 - 2014-07-11 01:19 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (2).exe
2014-07-11 01:18 - 2014-07-11 01:18 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64.exe
2014-07-11 01:18 - 2014-07-11 01:18 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (1).exe
2014-07-11 01:16 - 2014-07-11 01:16 - 00558856 _____ () C:\Users\Martha\Desktop\TDSKiller.07.11.14.txt.one
2014-07-11 01:03 - 2014-07-11 01:04 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Martha\Downloads\tdsskiller.exe
2014-07-10 10:30 - 2014-07-10 10:30 - 00000829 _____ () C:\Users\Martha\Desktop\checkup.0710.14.txt
2014-07-10 10:25 - 2014-07-10 10:25 - 00854390 _____ () C:\Users\Martha\Downloads\SecurityCheck.exe
2014-07-10 01:59 - 2014-07-10 01:59 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(3).exe
2014-07-10 01:58 - 2014-07-10 01:58 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(2).exe
2014-07-10 01:56 - 2014-07-10 01:56 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(1).exe
2014-07-10 01:35 - 2014-07-10 01:35 - 00001341 _____ () C:\Users\Martha\Desktop\MBAM.07.10.14.txt
2014-07-10 01:26 - 2014-06-26 16:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-07-10 01:26 - 2014-06-26 16:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 19:31 - 2014-04-13 23:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-09 19:29 - 2014-07-09 19:29 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 19:07 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-09 19:07 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-09 19:07 - 2014-06-18 19:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-09 19:07 - 2014-06-18 18:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-09 19:07 - 2014-06-16 18:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-09 19:07 - 2014-06-16 18:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-09 19:07 - 2014-06-06 10:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-09 19:06 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-09 19:06 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-09 19:06 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-09 19:06 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-09 19:06 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-09 19:06 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-09 19:06 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-09 19:06 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-09 19:06 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-09 19:06 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-09 19:06 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-09 19:06 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-09 19:06 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-09 19:06 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-09 19:06 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-09 19:06 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-09 19:06 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-09 19:06 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-09 19:06 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-09 19:06 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-09 19:06 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-09 19:06 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-09 19:06 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-09 19:06 - 2014-05-29 23:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-09 19:06 - 2014-05-29 08:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-09 19:06 - 2014-05-29 03:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-09 19:06 - 2014-05-29 02:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-09 19:06 - 2014-05-29 02:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-09 19:06 - 2014-05-29 01:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-09 19:06 - 2014-05-29 01:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 19:05 - 2014-06-30 18:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-09 19:05 - 2014-06-28 03:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-09 19:05 - 2014-06-28 03:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-09 19:05 - 2014-06-06 09:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-09 19:05 - 2014-06-06 08:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-09 19:05 - 2014-05-31 06:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-09 19:05 - 2014-05-31 06:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-09 19:05 - 2014-05-30 23:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-09 19:05 - 2014-05-30 23:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-09 19:05 - 2014-05-30 23:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 19:05 - 2014-05-30 23:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-09 19:05 - 2014-05-30 23:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-09 19:05 - 2014-05-30 23:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 19:05 - 2014-05-30 22:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-09 19:05 - 2014-05-30 22:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-09 19:05 - 2014-05-30 22:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-09 19:05 - 2014-05-30 22:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-09 19:05 - 2014-05-30 22:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-09 19:05 - 2014-05-30 22:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-09 19:05 - 2014-05-30 22:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-09 19:00 - 2014-07-09 19:00 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 18:58 - 2014-07-14 19:23 - 00003176 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForMartha
2014-07-09 18:58 - 2014-07-14 19:23 - 00000360 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForMartha.job
2014-07-09 09:03 - 2014-07-09 09:03 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT (2).exe
2014-07-09 09:01 - 2014-07-09 09:01 - 00215740 _____ () C:\Users\Martha\Desktop\OTL.07.09.14.Txt
2014-07-09 02:51 - 2014-07-09 02:51 - 00215738 _____ () C:\Users\Martha\Desktop\OTL.Txt
2014-07-09 01:59 - 2014-07-09 01:59 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT (1).exe
2014-07-09 01:56 - 2014-07-09 01:56 - 00002993 _____ () C:\Users\Martha\Desktop\JRT.07.09.14.txt
2014-07-09 01:53 - 2014-07-09 01:53 - 00002993 _____ () C:\Users\Martha\Desktop\JRT.txt
2014-07-09 01:28 - 2014-07-09 01:28 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-09 01:26 - 2014-07-09 01:26 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT.exe
2014-07-09 01:25 - 2014-07-09 01:25 - 01348263 _____ () C:\Users\Martha\Downloads\AdwCleaner (2).exe
2014-07-09 01:23 - 2014-07-09 01:23 - 00003189 _____ () C:\Users\Martha\Desktop\AdwCleaner.07.09.14[S0].txt
2014-07-09 01:10 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-09 01:04 - 2014-07-09 01:15 - 00000000 ____D () C:\AdwCleaner
2014-07-09 01:03 - 2014-07-09 01:03 - 01348263 _____ () C:\Users\Martha\Downloads\AdwCleaner (1).exe
2014-07-09 01:00 - 2014-07-09 01:00 - 00007978 _____ () C:\Users\Martha\Desktop\07092014_005154.log
2014-07-09 00:51 - 2014-07-09 00:51 - 00000000 ____D () C:\_OTL
2014-07-07 23:14 - 2014-07-07 23:14 - 00151692 _____ () C:\Users\Martha\Desktop\OTL.07.07.14.Txt
2014-07-07 23:14 - 2014-07-07 23:14 - 00090754 _____ () C:\Users\Martha\Desktop\Extras.07.07.14.Txt
2014-07-07 23:08 - 2014-07-07 23:08 - 00090754 _____ () C:\Users\Martha\Downloads\Extras.Txt
2014-07-07 23:05 - 2014-07-07 23:05 - 00151692 _____ () C:\Users\Martha\Downloads\OTL.Txt
2014-07-07 22:38 - 2014-07-07 22:38 - 00602112 _____ (OldTimer Tools) C:\Users\Martha\Desktop\OTL.exe
2014-07-04 00:39 - 2014-07-04 00:39 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\AVAST Software
2014-07-04 00:38 - 2014-07-04 12:38 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-04 00:38 - 2014-07-04 00:38 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-04 00:38 - 2014-07-04 00:38 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-07-04 00:38 - 2014-07-04 00:38 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-04 00:38 - 2014-07-04 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-04 00:36 - 2014-07-04 00:36 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-04 00:33 - 2014-07-04 00:36 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-04 00:32 - 2014-07-04 00:33 - 91906368 _____ (AVAST Software) C:\Users\Martha\Downloads\avast_free_antivirus_setup.exe
2014-07-02 08:24 - 2014-07-02 08:24 - 00000746 _____ () C:\Users\Martha\Desktop\ESET.07.01.14.txt
2014-07-02 00:08 - 2014-07-02 00:08 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 00:07 - 2014-07-02 00:07 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu.exe
2014-07-01 18:08 - 2014-07-10 01:32 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-01 18:07 - 2014-07-01 18:07 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-01 18:07 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-01 18:07 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-01 18:07 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-01 18:05 - 2014-07-01 18:06 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Martha\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 17:46 - 2014-07-01 17:46 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Martha\Downloads\mbam-clean-2.0.2.0.exe
2014-06-23 12:21 - 2014-06-23 12:21 - 00134448 _____ () C:\Users\Martha\Desktop\TDSKiller(1).txt.one
2014-06-21 19:58 - 2014-06-21 19:58 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Oracle
2014-06-21 18:56 - 2014-06-21 18:56 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-06-21 18:56 - 2014-06-21 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-21 18:56 - 2014-06-21 18:56 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-21 18:52 - 2014-06-21 18:52 - 00918952 _____ (Oracle Corporation) C:\Users\Martha\Downloads\chromeinstall-7u60.exe
2014-06-21 11:29 - 2014-05-19 02:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-21 11:29 - 2014-05-19 02:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-21 11:29 - 2014-05-19 01:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-19 23:56 - 2014-06-19 23:56 - 00000000 ____D () C:\ProgramData\Recovery
2014-06-19 23:12 - 2014-06-21 00:00 - 00000000 ___DC () C:\WINDOWS\Panther
2014-06-19 23:09 - 2014-06-19 23:09 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-06-19 23:09 - 2014-06-19 23:09 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-19 23:07 - 2014-06-19 23:07 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-19 23:06 - 2014-06-19 23:06 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-19 23:06 - 2014-06-19 23:06 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-19 23:06 - 2014-06-19 23:06 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-19 23:06 - 2014-06-19 23:06 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-19 23:05 - 2014-06-19 23:05 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-19 23:05 - 2014-06-19 23:05 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-06-19 23:04 - 2014-06-19 23:04 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-06-19 23:04 - 2014-06-19 23:04 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-06-19 22:59 - 2014-06-19 22:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-06-19 22:59 - 2014-06-19 22:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-06-19 22:57 - 2014-06-19 22:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-06-19 22:57 - 2014-06-19 22:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-06-19 22:57 - 2014-06-19 22:57 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-06-19 22:57 - 2014-06-19 22:57 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-06-19 22:57 - 2014-06-19 22:57 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-19 22:55 - 2014-06-19 22:55 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-19 22:55 - 2014-06-19 22:55 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-19 22:52 - 2014-06-19 22:52 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-06-19 22:49 - 2014-06-19 22:49 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-06-19 22:49 - 2014-06-19 22:49 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-06-19 22:49 - 2014-06-19 22:49 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files\MSBuild
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\inetpub
2014-06-19 22:48 - 2013-08-03 00:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-06-19 22:48 - 2013-08-03 00:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-19 22:48 - 2013-08-03 00:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-06-19 22:48 - 2013-08-03 00:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-06-19 22:48 - 2013-08-03 00:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-19 22:48 - 2013-08-03 00:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-06-19 20:24 - 2014-07-14 19:19 - 00000000 __RDO () C:\Users\Martha\OneDrive
2014-06-19 20:19 - 2014-06-19 20:19 - 00001444 _____ () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-19 20:18 - 2014-06-19 20:18 - 00000020 ___SH () C:\Users\Martha\ntuser.ini
2014-06-19 19:57 - 2014-06-19 19:57 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-06-19 19:49 - 2014-07-14 17:36 - 01135038 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-19 19:41 - 2014-06-19 19:41 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-06-19 19:32 - 2014-06-19 19:32 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-06-19 19:28 - 2014-06-19 20:24 - 00000000 ____D () C:\Users\Martha
2014-06-19 19:28 - 2014-06-19 19:58 - 00041913 _____ () C:\WINDOWS\diagwrn.xml
2014-06-19 19:28 - 2014-06-19 19:58 - 00041913 _____ () C:\WINDOWS\diagerr.xml
2014-06-19 19:28 - 2014-06-19 19:50 - 00000000 ____D () C:\Users\Betty
2014-06-19 19:28 - 2014-06-19 19:49 - 00000000 ____D () C:\Users\Administrator
2014-06-19 19:28 - 2014-06-19 19:32 - 00000000 ___RD () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:28 - 2014-06-19 19:32 - 00000000 ___RD () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:28 - 2014-06-19 19:30 - 00000000 ___RD () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:28 - 2014-06-19 19:30 - 00000000 ___RD () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:28 - 2014-06-19 19:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:28 - 2014-06-19 19:30 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:28 - 2014-06-19 19:30 - 00000000 ____D () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-06-19 19:28 - 2014-03-18 06:13 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-06-19 19:28 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-19 19:28 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-19 19:28 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-19 19:28 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-19 19:28 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-19 19:22 - 2014-06-19 19:22 - 00930400 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-06-19 19:20 - 2014-06-19 19:32 - 00012096 _____ () C:\WINDOWS\iis.log
2014-06-19 19:17 - 2014-07-12 00:49 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-06-19 19:16 - 2014-06-19 19:16 - 00001370 _____ () C:\WINDOWS\system32\RaCoInst.log
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\Program Files\Realtek
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\AMD
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-06-19 19:15 - 2014-06-19 19:15 - 00000000 ____D () C:\Program Files\AMD
2014-06-19 18:05 - 2014-06-19 19:58 - 00006589 _____ () C:\WINDOWS\comsetup.log
2014-06-18 01:03 - 2014-06-18 01:03 - 06431728 _____ (Microsoft Corporation) C:\Users\Martha\Downloads\OSGS14-WindowsUpgradeAssistant-32bitand64bit-ClientSKU-4141411.exe
2014-06-18 00:50 - 2014-06-18 00:50 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\HewlettPackard
2014-06-17 17:48 - 2014-06-17 17:48 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-17 09:55 - 2014-06-17 09:55 - 00870104 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-06-17 09:55 - 2014-06-17 09:55 - 00073800 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
 
==================== One Month Modified Files and Folders =======
 
2014-07-14 19:33 - 2014-07-12 00:53 - 00019724 _____ () C:\Users\Martha\Desktop\FRST.txt
2014-07-14 19:32 - 2014-07-14 19:32 - 00000000 ____D () C:\Users\Martha\Desktop\FRST-OlderVersion
2014-07-14 19:32 - 2014-07-12 00:44 - 02086912 _____ (Farbar) C:\Users\Martha\Desktop\FRST64.exe
2014-07-14 19:32 - 2014-07-11 01:20 - 00000000 ____D () C:\FRST
2014-07-14 19:29 - 2014-06-19 19:49 - 01135038 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-14 19:27 - 2013-10-15 01:34 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-14 19:27 - 2013-10-14 14:07 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1584447337-3020926857-578221619-1001
2014-07-14 19:24 - 2013-10-15 00:47 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Skype
2014-07-14 19:23 - 2014-07-09 18:58 - 00003176 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForMartha
2014-07-14 19:23 - 2014-07-09 18:58 - 00000360 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForMartha.job
2014-07-14 19:22 - 2013-10-15 01:34 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-14 19:22 - 2013-10-15 01:34 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-14 19:19 - 2014-06-19 20:24 - 00000000 __RDO () C:\Users\Martha\OneDrive
2014-07-14 19:18 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-14 17:38 - 2014-02-12 02:29 - 00000364 _____ () C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2014-07-12 00:49 - 2014-06-19 19:17 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-07-12 00:46 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-12 00:46 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-12 00:39 - 2014-07-12 00:39 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (4).exe
2014-07-11 01:37 - 2014-07-11 01:37 - 00141201 _____ () C:\Users\Martha\Desktop\FRST.07.11.14.txt
2014-07-11 01:36 - 2014-07-11 01:36 - 00049580 _____ () C:\Users\Martha\Desktop\Addition.07.11.14.txt
2014-07-11 01:35 - 2014-07-11 01:35 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Martha\Downloads\tdsskiller (1).exe
2014-07-11 01:34 - 2014-07-11 01:34 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (3).exe
2014-07-11 01:25 - 2014-07-11 01:24 - 00049580 _____ () C:\Users\Martha\Downloads\Addition.txt
2014-07-11 01:25 - 2014-07-11 01:21 - 00141201 _____ () C:\Users\Martha\Downloads\FRST.txt
2014-07-11 01:19 - 2014-07-11 01:19 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (2).exe
2014-07-11 01:18 - 2014-07-11 01:18 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64.exe
2014-07-11 01:18 - 2014-07-11 01:18 - 02084864 _____ (Farbar) C:\Users\Martha\Downloads\FRST64 (1).exe
2014-07-11 01:16 - 2014-07-11 01:16 - 00558856 _____ () C:\Users\Martha\Desktop\TDSKiller.07.11.14.txt.one
2014-07-11 01:04 - 2014-07-11 01:03 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Martha\Downloads\tdsskiller.exe
2014-07-10 10:30 - 2014-07-10 10:30 - 00000829 _____ () C:\Users\Martha\Desktop\checkup.0710.14.txt
2014-07-10 10:25 - 2014-07-10 10:25 - 00854390 _____ () C:\Users\Martha\Downloads\SecurityCheck.exe
2014-07-10 04:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-10 01:59 - 2014-07-10 01:59 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(3).exe
2014-07-10 01:58 - 2014-07-10 01:58 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(2).exe
2014-07-10 01:56 - 2014-07-10 01:56 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu(1).exe
2014-07-10 01:56 - 2014-05-09 14:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-10 01:35 - 2014-07-10 01:35 - 00001341 _____ () C:\Users\Martha\Desktop\MBAM.07.10.14.txt
2014-07-10 01:32 - 2014-07-01 18:08 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-10 01:24 - 2013-08-22 10:44 - 00419792 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-10 01:22 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-10 01:22 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 01:22 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 01:22 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-09 19:42 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-09 19:40 - 2013-10-15 18:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 19:39 - 2013-10-16 02:04 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 19:35 - 2013-10-16 02:04 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-09 19:35 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-09 19:30 - 2014-03-18 05:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 19:29 - 2014-07-09 19:29 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 19:00 - 2014-07-09 19:00 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 09:03 - 2014-07-09 09:03 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT (2).exe
2014-07-09 09:01 - 2014-07-09 09:01 - 00215740 _____ () C:\Users\Martha\Desktop\OTL.07.09.14.Txt
2014-07-09 02:51 - 2014-07-09 02:51 - 00215738 _____ () C:\Users\Martha\Desktop\OTL.Txt
2014-07-09 01:59 - 2014-07-09 01:59 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT (1).exe
2014-07-09 01:56 - 2014-07-09 01:56 - 00002993 _____ () C:\Users\Martha\Desktop\JRT.07.09.14.txt
2014-07-09 01:53 - 2014-07-09 01:53 - 00002993 _____ () C:\Users\Martha\Desktop\JRT.txt
2014-07-09 01:28 - 2014-07-09 01:28 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-09 01:26 - 2014-07-09 01:26 - 01016261 _____ (Thisisu) C:\Users\Martha\Downloads\JRT.exe
2014-07-09 01:25 - 2014-07-09 01:25 - 01348263 _____ () C:\Users\Martha\Downloads\AdwCleaner (2).exe
2014-07-09 01:23 - 2014-07-09 01:23 - 00003189 _____ () C:\Users\Martha\Desktop\AdwCleaner.07.09.14[S0].txt
2014-07-09 01:20 - 2014-03-18 05:54 - 00063870 _____ () C:\WINDOWS\PFRO.log
2014-07-09 01:15 - 2014-07-09 01:04 - 00000000 ____D () C:\AdwCleaner
2014-07-09 01:08 - 2013-11-19 17:14 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-07-09 01:07 - 2013-11-19 17:14 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-09 01:03 - 2014-07-09 01:03 - 01348263 _____ () C:\Users\Martha\Downloads\AdwCleaner (1).exe
2014-07-09 01:00 - 2014-07-09 01:00 - 00007978 _____ () C:\Users\Martha\Desktop\07092014_005154.log
2014-07-09 00:51 - 2014-07-09 00:51 - 00000000 ____D () C:\_OTL
2014-07-08 08:44 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-07 23:14 - 2014-07-07 23:14 - 00151692 _____ () C:\Users\Martha\Desktop\OTL.07.07.14.Txt
2014-07-07 23:14 - 2014-07-07 23:14 - 00090754 _____ () C:\Users\Martha\Desktop\Extras.07.07.14.Txt
2014-07-07 23:08 - 2014-07-07 23:08 - 00090754 _____ () C:\Users\Martha\Downloads\Extras.Txt
2014-07-07 23:05 - 2014-07-07 23:05 - 00151692 _____ () C:\Users\Martha\Downloads\OTL.Txt
2014-07-07 22:38 - 2014-07-07 22:38 - 00602112 _____ (OldTimer Tools) C:\Users\Martha\Desktop\OTL.exe
2014-07-04 12:38 - 2014-07-04 00:38 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-04 00:44 - 2014-05-09 14:11 - 00001097 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-04 00:44 - 2014-05-09 14:11 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-04 00:39 - 2014-07-04 00:39 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\AVAST Software
2014-07-04 00:38 - 2014-07-04 00:38 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-04 00:38 - 2014-07-04 00:38 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-04 00:38 - 2014-07-04 00:38 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-04 00:38 - 2014-07-04 00:38 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-07-04 00:38 - 2014-07-04 00:38 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-04 00:38 - 2014-07-04 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-04 00:36 - 2014-07-04 00:36 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-04 00:36 - 2014-07-04 00:33 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-04 00:33 - 2014-07-04 00:32 - 91906368 _____ (AVAST Software) C:\Users\Martha\Downloads\avast_free_antivirus_setup.exe
2014-07-02 08:24 - 2014-07-02 08:24 - 00000746 _____ () C:\Users\Martha\Desktop\ESET.07.01.14.txt
2014-07-02 00:08 - 2014-07-02 00:08 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-02 00:07 - 2014-07-02 00:07 - 02347384 _____ (ESET) C:\Users\Martha\Downloads\esetsmartinstaller_enu.exe
2014-07-01 20:07 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\schemas
2014-07-01 18:07 - 2014-07-01 18:07 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 18:07 - 2014-07-01 18:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-01 18:06 - 2014-07-01 18:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Martha\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 17:46 - 2014-07-01 17:46 - 00315392 _____ (Malwarebytes Corporation) C:\Users\Martha\Downloads\mbam-clean-2.0.2.0.exe
2014-06-30 18:45 - 2014-07-09 19:05 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-28 03:48 - 2014-07-09 19:05 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-28 03:07 - 2014-07-09 19:05 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-06-26 16:55 - 2014-07-10 01:26 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 16:55 - 2014-07-10 01:26 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-23 12:21 - 2014-06-23 12:21 - 00134448 _____ () C:\Users\Martha\Desktop\TDSKiller(1).txt.one
2014-06-21 19:59 - 2014-03-18 06:03 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-21 19:58 - 2014-06-21 19:58 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Oracle
2014-06-21 19:21 - 2013-10-15 13:43 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-21 18:56 - 2014-06-21 18:56 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-06-21 18:56 - 2014-06-21 18:56 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-06-21 18:56 - 2014-06-21 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-21 18:56 - 2014-06-21 18:56 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-21 18:54 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-06-21 18:52 - 2014-06-21 18:52 - 00918952 _____ (Oracle Corporation) C:\Users\Martha\Downloads\chromeinstall-7u60.exe
2014-06-21 00:22 - 2013-10-15 01:34 - 00003894 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-21 00:22 - 2013-10-15 01:34 - 00003658 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-21 00:05 - 2013-08-22 10:46 - 00368331 _____ () C:\WINDOWS\setupact.log
2014-06-21 00:00 - 2014-06-19 23:12 - 00000000 ___DC () C:\WINDOWS\Panther
2014-06-19 23:56 - 2014-06-19 23:56 - 00000000 ____D () C:\ProgramData\Recovery
2014-06-19 23:11 - 2013-08-22 11:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-06-19 23:09 - 2014-06-19 23:09 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-06-19 23:09 - 2014-06-19 23:09 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-19 23:08 - 2014-06-19 23:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-19 23:08 - 2014-06-19 23:08 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-19 23:07 - 2014-06-19 23:07 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-19 23:06 - 2014-06-19 23:06 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-19 23:06 - 2014-06-19 23:06 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-19 23:06 - 2014-06-19 23:06 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-19 23:06 - 2014-06-19 23:06 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-19 23:06 - 2014-06-19 23:06 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-19 23:05 - 2014-06-19 23:05 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-19 23:05 - 2014-06-19 23:05 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-19 23:05 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-06-19 23:04 - 2014-06-19 23:04 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-06-19 23:04 - 2014-06-19 23:04 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-06-19 23:04 - 2014-06-19 23:04 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-06-19 23:04 - 2014-06-19 23:04 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-06-19 23:04 - 2014-06-19 23:04 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-06-19 23:04 - 2014-06-19 23:04 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-06-19 23:04 - 2014-06-19 23:04 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-06-19 23:01 - 2014-06-19 23:01 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-06-19 23:01 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-06-19 23:00 - 2014-06-19 23:00 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-19 23:00 - 2014-06-19 23:00 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-06-19 22:59 - 2014-06-19 22:59 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-06-19 22:59 - 2014-06-19 22:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-06-19 22:59 - 2014-06-19 22:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-06-19 22:57 - 2014-06-19 22:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-06-19 22:57 - 2014-06-19 22:57 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-06-19 22:57 - 2014-06-19 22:57 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-06-19 22:57 - 2014-06-19 22:57 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-06-19 22:57 - 2014-06-19 22:57 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-19 22:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-19 22:55 - 2014-06-19 22:55 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-19 22:55 - 2014-06-19 22:55 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-19 22:55 - 2014-06-19 22:55 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-19 22:55 - 2014-06-19 22:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-19 22:55 - 2014-06-19 22:55 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-19 22:55 - 2014-06-19 22:55 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-19 22:52 - 2014-06-19 22:52 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-06-19 22:49 - 2014-06-19 22:49 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-06-19 22:49 - 2014-06-19 22:49 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-06-19 22:49 - 2014-06-19 22:49 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files\MSBuild
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-06-19 22:49 - 2014-06-19 22:49 - 00000000 ____D () C:\inetpub
2014-06-19 20:24 - 2014-06-19 19:28 - 00000000 ____D () C:\Users\Martha
2014-06-19 20:23 - 2013-02-25 19:42 - 00000000 ____D () C:\Users\Martha\AppData\Local\Packages
2014-06-19 20:19 - 2014-06-19 20:19 - 00001444 _____ () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-19 20:18 - 2014-06-19 20:18 - 00000020 ___SH () C:\Users\Martha\ntuser.ini
2014-06-19 19:58 - 2014-06-19 19:28 - 00041913 _____ () C:\WINDOWS\diagwrn.xml
2014-06-19 19:58 - 2014-06-19 19:28 - 00041913 _____ () C:\WINDOWS\diagerr.xml
2014-06-19 19:58 - 2014-06-19 18:05 - 00006589 _____ () C:\WINDOWS\comsetup.log
2014-06-19 19:58 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-06-19 19:57 - 2014-06-19 19:57 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-06-19 19:54 - 2013-08-22 11:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-06-19 19:53 - 2013-08-22 11:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-19 19:50 - 2014-06-19 19:28 - 00000000 ____D () C:\Users\Betty
2014-06-19 19:49 - 2014-06-19 19:28 - 00000000 ____D () C:\Users\Administrator
2014-06-19 19:44 - 2014-04-17 12:01 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-06-19 19:44 - 2014-04-17 12:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2014-06-19 19:44 - 2014-04-01 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unseen App
2014-06-19 19:44 - 2014-03-18 05:45 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-06-19 19:44 - 2014-03-14 08:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-19 19:44 - 2014-02-27 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-19 19:44 - 2014-02-01 12:03 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartMeeting
2014-06-19 19:44 - 2014-01-13 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-19 19:44 - 2013-11-21 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-06-19 19:44 - 2013-11-01 11:57 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeScreenSharing
2014-06-19 19:44 - 2013-10-17 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-06-19 19:44 - 2013-10-15 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-06-19 19:44 - 2013-10-15 01:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-19 19:44 - 2012-09-11 10:20 - 00000000 ____D () C:\WINDOWS\en
2014-06-19 19:44 - 2012-09-11 10:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-06-19 19:44 - 2012-09-11 09:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-19 19:44 - 2012-09-11 09:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-06-19 19:44 - 2012-09-11 09:35 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-06-19 19:44 - 2012-09-11 09:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-06-19 19:42 - 2014-06-19 19:42 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-19 19:42 - 2013-08-22 11:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-06-19 19:42 - 2012-07-26 01:37 - 00000000 ____D () C:\Users\Default.migrated
2014-06-19 19:41 - 2014-06-19 19:41 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-06-19 19:41 - 2014-03-18 05:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-06-19 19:41 - 2014-03-18 05:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-06-19 19:41 - 2014-03-18 05:32 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-06-19 19:41 - 2013-11-19 21:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-06-19 19:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-06-19 19:41 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-06-19 19:41 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-19 19:40 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-06-19 19:39 - 2013-10-14 13:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2014-06-19 19:39 - 2013-08-22 11:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-06-19 19:39 - 2013-08-22 11:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-06-19 19:39 - 2013-08-22 11:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-06-19 19:39 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Help
2014-06-19 19:39 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-19 19:39 - 2012-09-11 09:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2014-06-19 19:39 - 2012-09-11 09:12 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-06-19 19:39 - 2012-08-01 22:05 - 00000000 ____D () C:\ProgramData\PRICache
2014-06-19 19:32 - 2014-06-19 19:32 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-06-19 19:32 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:32 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:32 - 2014-06-19 19:20 - 00012096 _____ () C:\WINDOWS\iis.log
2014-06-19 19:32 - 2014-01-13 21:46 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-19 19:32 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-06-19 19:30 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:30 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:30 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-19 19:30 - 2014-06-19 19:28 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-19 19:30 - 2014-06-19 19:28 - 00000000 ____D () C:\Users\Betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-19 19:30 - 2014-05-20 18:02 - 00000000 ____D () C:\Users\Betty\AppData\Local\Packages
2014-06-19 19:30 - 2012-08-01 22:05 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2014-06-19 19:22 - 2014-06-19 19:22 - 00930400 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-06-19 19:20 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-06-19 19:20 - 2012-08-01 22:05 - 00000000 __SHD () C:\Recovery
2014-06-19 19:16 - 2014-06-19 19:16 - 00001370 _____ () C:\WINDOWS\system32\RaCoInst.log
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\Program Files\Realtek
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 ____D () C:\AMD
2014-06-19 19:16 - 2014-06-19 19:16 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-06-19 19:15 - 2014-06-19 19:15 - 00000000 ____D () C:\Program Files\AMD
2014-06-19 19:14 - 2013-08-22 09:36 - 00000000 __RHD () C:\Users\Default
2014-06-19 18:37 - 2013-10-14 14:40 - 01509799 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-06-19 17:36 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-06-18 21:39 - 2014-07-09 19:07 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-18 20:48 - 2014-07-09 19:06 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-18 20:16 - 2014-07-09 19:07 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-18 20:09 - 2014-07-09 19:06 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-18 19:51 - 2014-07-09 19:06 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-18 19:50 - 2014-07-09 19:06 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-18 19:48 - 2014-07-09 19:06 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-18 19:46 - 2014-07-09 19:07 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-06-18 19:39 - 2014-07-09 19:06 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-18 19:33 - 2014-07-09 19:06 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-18 19:32 - 2014-07-09 19:06 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-18 19:27 - 2014-07-09 19:06 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-18 19:12 - 2014-07-09 19:06 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-18 18:59 - 2014-07-09 19:06 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-18 18:58 - 2014-07-09 19:06 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-18 18:58 - 2014-07-09 19:06 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-18 18:57 - 2014-07-09 19:07 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-06-18 18:52 - 2014-07-09 19:06 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-18 18:51 - 2014-07-09 19:06 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-18 18:49 - 2014-07-09 19:06 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-18 18:45 - 2014-07-09 19:06 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-18 18:35 - 2014-07-09 19:06 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-18 18:34 - 2014-07-09 19:06 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-18 18:15 - 2014-07-09 19:06 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-18 18:13 - 2014-07-09 19:06 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-18 18:09 - 2014-07-09 19:06 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-18 18:07 - 2014-07-09 19:06 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-18 01:03 - 2014-06-18 01:03 - 06431728 _____ (Microsoft Corporation) C:\Users\Martha\Downloads\OSGS14-WindowsUpgradeAssistant-32bitand64bit-ClientSKU-4141411.exe
2014-06-18 00:50 - 2014-06-18 00:50 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\HewlettPackard
2014-06-18 00:43 - 2014-02-12 02:30 - 00000000 ___RD () C:\Users\Martha\Documents\HP Photo Creations
2014-06-18 00:43 - 2013-10-17 22:04 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-06-17 17:48 - 2014-06-17 17:48 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-17 13:07 - 2014-03-01 13:17 - 00000000 ____D () C:\Users\Martha\Desktop\Kannaway
2014-06-17 09:55 - 2014-06-17 09:55 - 00870104 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-06-17 09:55 - 2014-06-17 09:55 - 00073800 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2014-06-17 09:55 - 2012-09-11 09:22 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-17 09:55 - 2012-08-01 23:15 - 00000000 ____D () C:\SWSETUP
2014-06-16 18:26 - 2014-07-09 19:07 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-06-16 18:24 - 2014-07-09 19:07 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
 
Some content of TEMP:
====================
C:\Users\Martha\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-12 01:11
 
==================== End Of Log ============================

  • 0

#14
pystryker
Posted 14 July 2014 - 06:32 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hi :)

Looking good, although I think Chrome's homepage is possessed. :)


Start Chrome and type this in: chrome:settings

When the Settings page opens, look under On Startup and then click Open a specific set of pages and click Set Pages

Please tell me what your homepage is set to.
  • 0

#15
LESI
Posted 15 July 2014 - 08:42 AM

LESI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Pystryker,

 

Here's the URL in that location of Chrome/setting the homepage:

 

http://BeyondOrganic...com/group/dinar

 

Thanks,

LESI  :geek:

 

The PUP.Conduit.A is still on my PC and MBAM still showing it.  The chatroom typing feature is really slow again.  What am I doing wrong?

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 7/18/2014
Scan Time: 10:27:41 AM
Logfile: MBAM.07.18.14.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.07.18.06
Rootkit Database: v2014.07.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Martha
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 361579
Time Elapsed: 34 min, 14 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
PUP.Optional.Conduit.A, C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (   "homepage": "http://search.condui...49F281233&SSPV=",), Replaced,[c3de178996e50630a1628b4ce81c5ca4]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

Edited by LESI, 18 July 2014 - 11:05 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP