Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
OTL logfile created on: 5/14/2014 5:01:27 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Steve\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.46 Gb Total Physical Memory | 1.84 Gb Available Physical Memory | 53.10% Memory free
4.77 Gb Paging File | 2.61 Gb Available in Paging File | 54.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444.65 Gb Total Space | 354.27 Gb Free Space | 79.67% Space Free | Partition Type: NTFS
Drive D: | 20.34 Gb Total Space | 2.03 Gb Free Space | 9.99% Space Free | Partition Type: NTFS
Drive G: | 29.80 Gb Total Space | 29.76 Gb Free Space | 99.87% Space Free | Partition Type: FAT32
Drive K: | 3.69 Gb Total Space | 3.28 Gb Free Space | 88.99% Space Free | Partition Type: NTFS
Computer Name: STEVE | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Steve\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
PRC - C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.0\ABService.exe (AOMEI Tech Co., Ltd.)
PRC - C:\Program Files (x86)\Norton Security Suite\Engine\21.2.0.38\n360.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (IObit)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\chrome_elf.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AdaptiveSleepService) -- C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe ()
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (w3logsvc) -- C:\Windows\SysNative\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV - (LiveUpdateSvc) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
SRV - (Backupper Service) -- C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.0\ABService.exe (AOMEI Tech Co., Ltd.)
SRV - (N360) -- C:\Program Files (x86)\Norton Security Suite\Engine\21.2.0.38\N360.exe (Symantec Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (IMFservice) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SRV - (AdvancedSystemCareService7) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (IObit)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (w3logsvc) -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (SMR410) -- C:\Windows\SysNative\drivers\SMR410.SYS (Symantec Corporation)
DRV:64bit: - (RSP2STOR) -- C:\Windows\SysNative\drivers\RtsP2Stor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdWB6.sys (Advanced Micro Devices)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symefa64.sys (Symantec Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symnets.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (RTWlanE) -- C:\Windows\SysNative\drivers\rtwlane.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys (IObit)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (pwdrvio) -- C:\Windows\SysNative\pwdrvio.sys ()
DRV:64bit: - (pwdspio) -- C:\Windows\SysNative\pwdspio.sys ()
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\ironx64.sys (Symantec Corporation)
DRV:64bit: - (ccSet_N360) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\ccsetx64.sys (Symantec Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys (Synaptics Incorporated)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (SymELAM) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symelam.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\symds64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\1502000.026\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard)
DRV:64bit: - (WirelessButtonDriver) -- C:\Windows\SysNative\drivers\WirelessButtonDriver64.sys (Hewlett-Packard Development Company, L.P.)
DRV:64bit: - (ammntdrv) -- C:\Windows\SysNative\ammntdrv.sys ()
DRV:64bit: - (ambakdrv) -- C:\Windows\SysNative\ambakdrv.sys ()
DRV:64bit: - (AmdAS4) -- C:\Windows\SysNative\drivers\AmdAS4.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (amwrtdrv) -- C:\Windows\SysNative\amwrtdrv.sys ()
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (IDSVia64) -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140513.002\IDSviA64.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140514.001\ex64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140514.001\eng64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx64.sys (Symantec Corporation)
DRV - (RegFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys (IObit.com)
DRV - (UrlFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys (IObit.com)
DRV - (RTWlanE) -- C:\Windows\SysWOW64\drivers\rtwlane.sys (Realtek Semiconductor Corporation )
DRV - (FileMonitor) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys (IObit)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT14/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
IE:64bit: - HKLM\..\SearchScopes\{CEEE2E67-7307-4531-98DA-6605048B5D40}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT14/1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
IE - HKLM\..\SearchScopes\{CEEE2E67-7307-4531-98DA-6605048B5D40}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
IE - HKCU\..\SearchScopes\{CEEE2E67-7307-4531-98DA-6605048B5D40}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014/05/13 20:19:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/05/14 16:52:38 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://www.yahoo.com/
CHR - plugin: Shockwave for Director (Disabled) = C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
CHR - plugin: Photo Gallery (Disabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Disabled) = C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
CHR - plugin: NP_wtapp.dll (Disabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Advanced SystemCare 7 (Disabled) = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd\\1.0.0_0\Plugin\ASCPlugin_Protect.dll
CHR - Extension: Dr.Web Anti-Virus Link Checker = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleggpabliehgbeagmfhnodcijcmbonb\3.4_0\
CHR - Extension: Google Docs = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\
CHR - Extension: Adguard AdBlocker = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg\1.0.1.8_0\
CHR - Extension: YouTube = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.1_0\
CHR - Extension: Google Search = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Box - 10GB of FREE storage = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl\1.1.7_0\
CHR - Extension: AVG Do Not Track = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\epojjbofkhffmihobdncmbhdocjljhpi\13.0.0.2718_0\
CHR - Extension: avast! Online Security = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2018.95_0\
CHR - Extension: ScriptBlock = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcdjknjpbnhdoabbngpmfekaecnpajba\1.0_0\
CHR - Extension: Extension Defender = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkakdehcmmnojcdalpkfgmhphnicaonm\1.0.2_0\
CHR - Extension: Norton Identity Safe for Google Chromeâ„¢ = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.0.44_0\
CHR - Extension: OneDrive = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk\1.0.4_0\
CHR - Extension: Gmail = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Privacy Badger = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp\2014.5.12_0\
O1 HOSTS File: ([2013/08/22 06:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.2.0.38\ips\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58DEECF8-B1C9-46E4-A316-3213B9B6F94A}: DhcpNameServer = 100.100.12.24
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0F2A4C4-C409-4F08-9F38-089B4DA113C8}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/05/14 17:04:52 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Steve\Desktop\HiJackThis.exe
[2014/05/14 16:45:25 | 000,096,856 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SMR410.SYS
[2014/05/14 16:45:14 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\NPE
[2014/05/14 16:44:55 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys
[2014/05/14 16:44:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\DRVSTORE
[2014/05/14 16:44:35 | 000,125,872 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysNative\GEARAspi64.dll
[2014/05/14 16:44:35 | 000,106,928 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysWow64\GEARAspi.dll
[2014/05/14 16:43:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NBRTWizardx64
[2014/05/14 16:43:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NBRTWizardx64\0600000.04A
[2014/05/14 16:43:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
[2014/05/14 16:43:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
[2014/05/14 11:53:10 | 000,693,240 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/05/14 11:53:10 | 000,105,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/14 11:07:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\tasks\ImCleanDisabled
[2014/05/14 10:14:43 | 003,394,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2014/05/14 10:14:25 | 011,742,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glcndFilter.dll
[2014/05/14 10:14:18 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/05/14 10:14:05 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OobeFldr.dll
[2014/05/14 10:14:05 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OobeFldr.dll
[2014/05/14 10:14:02 | 000,000,000 | ---D | C] -- C:\hotfix
[2014/05/14 10:13:59 | 008,946,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glcndFilter.dll
[2014/05/14 10:13:48 | 013,933,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2014/05/14 10:13:44 | 001,435,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2014/05/14 10:13:41 | 003,494,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2014/05/14 10:13:39 | 011,776,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2014/05/14 10:13:32 | 002,368,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2014/05/14 10:13:28 | 012,027,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2014/05/14 10:13:27 | 002,643,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2014/05/14 10:13:25 | 002,943,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll
[2014/05/14 10:13:23 | 001,716,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2014/05/14 10:13:22 | 002,574,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2014/05/14 10:13:21 | 001,927,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014/05/14 10:13:18 | 001,445,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webservices.dll
[2014/05/14 10:13:16 | 002,843,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/05/14 10:13:14 | 002,588,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2014/05/14 10:13:14 | 002,100,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlowUI.dll
[2014/05/14 10:13:14 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2014/05/14 10:13:13 | 002,142,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/05/14 10:13:12 | 001,728,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dui70.dll
[2014/05/14 10:13:11 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msTextPrediction.dll
[2014/05/14 10:13:07 | 002,144,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/05/14 10:13:03 | 001,215,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2014/05/14 10:13:02 | 002,648,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebSync.dll
[2014/05/14 10:12:59 | 001,374,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014/05/14 10:12:59 | 001,132,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2014/05/14 10:12:57 | 001,077,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webservices.dll
[2014/05/14 10:12:56 | 000,800,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2014/05/14 10:12:54 | 002,825,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2014/05/14 10:12:54 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2014/05/14 10:12:53 | 002,410,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2014/05/14 10:12:53 | 000,791,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014/05/14 10:12:53 | 000,584,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2014/05/14 10:12:51 | 001,929,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll
[2014/05/14 10:12:51 | 001,640,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2014/05/14 10:12:51 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014/05/14 10:12:51 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DfpCommon.dll
[2014/05/14 10:12:51 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WofTasks.dll
[2014/05/14 10:12:49 | 001,727,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014/05/14 10:12:49 | 001,341,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dui70.dll
[2014/05/14 10:12:48 | 001,621,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RacEngn.dll
[2014/05/14 10:12:48 | 000,609,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2014/05/14 10:12:46 | 001,290,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2014/05/14 10:12:46 | 001,011,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2014/05/14 10:12:43 | 001,653,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2014/05/14 10:12:42 | 000,645,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2014/05/14 10:12:40 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/05/14 10:12:40 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2014/05/14 10:12:40 | 000,650,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2014/05/14 10:12:39 | 000,526,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2014/05/14 10:12:38 | 002,760,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpccpl.dll
[2014/05/14 10:12:38 | 001,496,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2014/05/14 10:12:37 | 002,220,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll
[2014/05/14 10:12:36 | 002,428,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2014/05/14 10:12:35 | 008,874,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2014/05/14 10:12:34 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2014/05/14 10:12:34 | 000,825,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2014/05/14 10:12:34 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll
[2014/05/14 10:12:34 | 000,422,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2014/05/14 10:12:33 | 001,519,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2014/05/14 10:12:33 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2014/05/14 10:12:33 | 000,518,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2014/05/14 10:12:32 | 001,399,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014/05/14 10:12:32 | 000,881,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2014/05/14 10:12:30 | 002,395,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2014/05/14 10:12:29 | 000,391,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MMDevAPI.dll
[2014/05/14 10:12:28 | 001,206,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2014/05/14 10:12:28 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/05/14 10:12:28 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2014/05/14 10:12:28 | 000,477,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2014/05/14 10:12:27 | 001,000,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2014/05/14 10:12:27 | 000,997,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2014/05/14 10:12:27 | 000,555,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2014/05/14 10:12:26 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2014/05/14 10:12:26 | 001,063,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2014/05/14 10:12:26 | 000,698,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/05/14 10:12:25 | 001,258,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RacEngn.dll
[2014/05/14 10:12:25 | 000,707,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2014/05/14 10:12:25 | 000,569,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2014/05/14 10:12:24 | 001,287,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014/05/14 10:12:24 | 001,107,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perftrack.dll
[2014/05/14 10:12:23 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2014/05/14 10:12:23 | 000,669,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll
[2014/05/14 10:12:23 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2014/05/14 10:12:22 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014/05/14 10:12:22 | 000,424,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2014/05/14 10:12:21 | 001,428,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe
[2014/05/14 10:12:21 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\energy.dll
[2014/05/14 10:12:21 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2014/05/14 10:12:20 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2014/05/14 10:12:20 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll
[2014/05/14 10:12:20 | 000,307,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2014/05/14 10:12:19 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2014/05/14 10:12:19 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014/05/14 10:12:19 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2014/05/14 10:12:19 | 000,419,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2014/05/14 10:12:18 | 001,659,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014/05/14 10:12:18 | 001,374,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014/05/14 10:12:18 | 000,854,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/05/14 10:12:16 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2014/05/14 10:12:15 | 001,519,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014/05/14 10:12:15 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DismApi.dll
[2014/05/14 10:12:15 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/05/14 10:12:14 | 001,403,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2014/05/14 10:12:14 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/05/14 10:12:14 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2014/05/14 10:12:14 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2014/05/14 10:12:13 | 001,487,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014/05/14 10:12:12 | 001,356,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014/05/14 10:12:11 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2014/05/14 10:12:11 | 000,441,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2014/05/14 10:12:11 | 000,388,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2014/05/14 10:12:10 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/05/14 10:12:10 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werconcpl.dll
[2014/05/14 10:12:10 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActionCenter.dll
[2014/05/14 10:12:09 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/05/14 10:12:08 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2014/05/14 10:12:07 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2014/05/14 10:12:06 | 001,791,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMALFXGFXDSP.dll
[2014/05/14 10:12:06 | 000,824,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014/05/14 10:12:06 | 000,556,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2014/05/14 10:12:06 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2014/05/14 10:12:05 | 001,206,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014/05/14 10:12:05 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2014/05/14 10:12:03 | 000,716,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll
[2014/05/14 10:12:03 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2014/05/14 10:12:03 | 000,244,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2014/05/14 10:12:03 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WofUtil.dll
[2014/05/14 10:12:02 | 000,761,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2014/05/14 10:12:02 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2014/05/14 10:12:02 | 000,747,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2014/05/14 10:12:02 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014/05/14 10:12:02 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\recimg.exe
[2014/05/14 10:12:02 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\thumbcache.dll
[2014/05/14 10:12:02 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dfp.exe
[2014/05/14 10:12:01 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActionCenter.dll
[2014/05/14 10:12:00 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/05/14 10:12:00 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmIndexer.dll
[2014/05/14 10:12:00 | 000,336,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2014/05/14 10:12:00 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\slc.dll
[2014/05/14 10:11:59 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2014/05/14 10:11:59 | 000,551,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2014/05/14 10:11:59 | 000,546,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll
[2014/05/14 10:11:59 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Dism.exe
[2014/05/14 10:11:59 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/05/14 10:11:58 | 000,912,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nettrace.dll
[2014/05/14 10:11:58 | 000,530,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2014/05/14 10:11:57 | 000,609,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2014/05/14 10:11:57 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2014/05/14 10:11:56 | 001,757,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2014/05/14 10:11:56 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmredir.dll
[2014/05/14 10:11:54 | 000,324,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2014/05/14 10:11:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2014/05/14 10:11:53 | 001,008,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WlanMM.dll
[2014/05/14 10:11:53 | 000,834,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\osk.exe
[2014/05/14 10:11:53 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VAN.dll
[2014/05/14 10:11:53 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ninput.dll
[2014/05/14 10:11:53 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2014/05/14 10:11:52 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2014/05/14 10:11:52 | 000,372,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2014/05/14 10:11:52 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authz.dll
[2014/05/14 10:11:51 | 000,384,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014/05/14 10:11:51 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys
[2014/05/14 10:11:50 | 002,288,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncCenter.dll
[2014/05/14 10:11:50 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2014/05/14 10:11:49 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/05/14 10:11:49 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskeng.exe
[2014/05/14 10:11:48 | 002,862,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll
[2014/05/14 10:11:48 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/05/14 10:11:47 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcredprov.dll
[2014/05/14 10:11:46 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdbui.dll
[2014/05/14 10:11:46 | 000,317,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2014/05/14 10:11:46 | 000,258,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2014/05/14 10:11:45 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DismApi.dll
[2014/05/14 10:11:45 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2014/05/14 10:11:45 | 000,289,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sqmapi.dll
[2014/05/14 10:11:44 | 003,596,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcore.dll
[2014/05/14 10:11:43 | 002,811,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themeui.dll
[2014/05/14 10:11:43 | 000,285,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2014/05/14 10:11:43 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll
[2014/05/14 10:11:43 | 000,105,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2014/05/14 10:11:42 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmIndexer.dll
[2014/05/14 10:11:42 | 000,210,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVol.exe
[2014/05/14 10:11:42 | 000,089,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2014/05/14 10:11:41 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivity.dll
[2014/05/14 10:11:41 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/05/14 10:11:40 | 000,745,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/05/14 10:11:40 | 000,461,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2014/05/14 10:11:40 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Dism.exe
[2014/05/14 10:11:38 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014/05/14 10:11:37 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppc.dll
[2014/05/14 10:11:36 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctfuimanager.dll
[2014/05/14 10:11:36 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll
[2014/05/14 10:11:36 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2014/05/14 10:11:35 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll
[2014/05/14 10:11:34 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2014/05/14 10:11:34 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014/05/14 10:11:34 | 000,123,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmapi.dll
[2014/05/14 10:11:33 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PkgMgr.exe
[2014/05/14 10:11:33 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2014/05/14 10:11:33 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppc.dll
[2014/05/14 10:11:32 | 001,144,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanmm.dll
[2014/05/14 10:11:32 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\osk.exe
[2014/05/14 10:11:32 | 000,531,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2014/05/14 10:11:32 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2014/05/14 10:11:32 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WLanConn.dll
[2014/05/14 10:11:32 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2014/05/14 10:11:32 | 000,448,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VAN.dll
[2014/05/14 10:11:32 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2014/05/14 10:11:32 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscinterop.dll
[2014/05/14 10:11:32 | 000,032,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2014/05/14 10:11:31 | 002,165,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncCenter.dll
[2014/05/14 10:11:31 | 000,797,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PurchaseWindowsLicense.dll
[2014/05/14 10:11:31 | 000,410,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2014/05/14 10:11:31 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014/05/14 10:11:30 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gameux.dll
[2014/05/14 10:11:30 | 000,943,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WlanMM.dll
[2014/05/14 10:11:30 | 000,722,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsAnytimeUpgradeui.exe
[2014/05/14 10:11:30 | 000,693,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcfg.dll
[2014/05/14 10:11:30 | 000,180,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SndVol.exe
[2014/05/14 10:11:29 | 000,709,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msctfuimanager.dll
[2014/05/14 10:11:29 | 000,506,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2014/05/14 10:11:29 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwm.exe
[2014/05/14 10:11:28 | 000,935,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasgcw.dll
[2014/05/14 10:11:28 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2014/05/14 10:11:28 | 000,083,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhost.exe
[2014/05/14 10:11:27 | 000,407,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2014/05/14 10:11:27 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmdskmgr.dll
[2014/05/14 10:11:26 | 003,085,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpcore.dll
[2014/05/14 10:11:26 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srchadmin.dll
[2014/05/14 10:11:26 | 000,170,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2014/05/14 10:11:26 | 000,139,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2014/05/14 10:11:25 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2014/05/14 10:11:25 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ninput.dll
[2014/05/14 10:11:25 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2014/05/14 10:11:25 | 000,236,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2014/05/14 10:11:24 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsqmcons.exe
[2014/05/14 10:11:24 | 000,142,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smss.exe
[2014/05/14 10:11:23 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RASMM.dll
[2014/05/14 10:11:23 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2014/05/14 10:11:23 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmrdvcore.dll
[2014/05/14 10:11:23 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BioCredProv.dll
[2014/05/14 10:11:23 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsbas.dll
[2014/05/14 10:11:23 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVolSSO.dll
[2014/05/14 10:11:23 | 000,209,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imm32.dll
[2014/05/14 10:11:23 | 000,188,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2014/05/14 10:11:23 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AltTab.dll
[2014/05/14 10:11:22 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\timedate.cpl
[2014/05/14 10:11:22 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcpl.dll
[2014/05/14 10:11:22 | 000,232,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sqmapi.dll
[2014/05/14 10:11:22 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToManager.dll
[2014/05/14 10:11:22 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fsutil.exe
[2014/05/14 10:11:21 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\das.dll
[2014/05/14 10:11:21 | 000,397,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sharemediacpl.dll
[2014/05/14 10:11:21 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/05/14 10:11:21 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netid.dll
[2014/05/14 10:11:21 | 000,080,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostex.exe
[2014/05/14 10:11:20 | 001,185,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printui.dll
[2014/05/14 10:11:20 | 000,369,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2014/05/14 10:11:20 | 000,146,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys
[2014/05/14 10:11:20 | 000,043,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudNotifications.exe
[2014/05/14 10:11:19 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdclt.exe
[2014/05/14 10:11:19 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2014/05/14 10:11:18 | 000,660,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Bluetooth.dll
[2014/05/14 10:11:18 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserLanguagesCpl.dll
[2014/05/14 10:11:18 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fsutil.exe
[2014/05/14 10:11:18 | 000,041,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudNotifications.exe
[2014/05/14 10:11:17 | 000,924,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys
[2014/05/14 10:11:17 | 000,140,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2014/05/14 10:11:17 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2014/05/14 10:11:16 | 001,392,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2014/05/14 10:11:16 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\zipfldr.dll
[2014/05/14 10:11:16 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll
[2014/05/14 10:11:16 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2014/05/14 10:11:16 | 000,275,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powrprof.dll
[2014/05/14 10:11:16 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2014/05/14 10:11:16 | 000,151,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2014/05/14 10:11:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys
[2014/05/14 10:11:15 | 002,537,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gameux.dll
[2014/05/14 10:11:15 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wusa.exe
[2014/05/14 10:11:15 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SndVolSSO.dll
[2014/05/14 10:11:15 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmvdsitf.dll
[2014/05/14 10:11:15 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2014/05/14 10:11:15 | 000,079,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdstor.sys
[2014/05/14 10:11:14 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\timedate.cpl
[2014/05/14 10:11:14 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spwizeng.dll
[2014/05/14 10:11:14 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2014/05/14 10:11:14 | 000,137,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2014/05/14 10:11:14 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContent.dll
[2014/05/14 10:11:14 | 000,101,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RestoreOptIn.exe
[2014/05/14 10:11:13 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2014/05/14 10:11:13 | 000,336,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeApiPublic.dll
[2014/05/14 10:11:13 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MicrosoftAccountTokenProvider.dll
[2014/05/14 10:11:13 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-kernel-power-events.dll
[2014/05/14 10:11:13 | 000,032,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserAccountBroker.exe
[2014/05/14 10:11:12 | 000,835,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasgcw.dll
[2014/05/14 10:11:12 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WLanConn.dll
[2014/05/14 10:11:12 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Vpn.dll
[2014/05/14 10:11:12 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2014/05/14 10:11:12 | 000,089,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RestoreOptIn.exe
[2014/05/14 10:11:11 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.HumanInterfaceDevice.dll
[2014/05/14 10:11:11 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dot3mm.dll
[2014/05/14 10:11:11 | 000,094,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcd.dll
[2014/05/14 10:11:11 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2014/05/14 10:11:11 | 000,029,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserAccountBroker.exe
[2014/05/14 10:11:11 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clrhost.dll
[2014/05/14 10:11:10 | 003,312,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bootux.dll
[2014/05/14 10:11:10 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srchadmin.dll
[2014/05/14 10:11:10 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2014/05/14 10:11:10 | 000,131,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easinvoker.exe
[2014/05/14 10:11:10 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAMM.dll
[2014/05/14 10:11:10 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscinterop.dll
[2014/05/14 10:11:09 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2014/05/14 10:11:09 | 000,079,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcd.dll
[2014/05/14 10:11:09 | 000,071,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys
[2014/05/14 10:11:09 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srclient.dll
[2014/05/14 10:11:07 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cleanmgr.exe
[2014/05/14 10:11:06 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2014/05/14 10:11:06 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cleanmgr.exe
[2014/05/14 10:11:06 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2014/05/14 10:11:06 | 000,054,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wpcfltr.sys
[2014/05/14 10:11:05 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpchttp.dll
[2014/05/14 10:11:04 | 000,189,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS
[2014/05/14 10:11:04 | 000,162,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2014/05/14 10:11:03 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netiohlp.dll
[2014/05/14 10:11:03 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceaccess.dll
[2014/05/14 10:11:02 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BioCredProv.dll
[2014/05/14 10:11:02 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\korwbrkr.dll
[2014/05/14 10:11:02 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmvdsitf.dll
[2014/05/14 10:11:02 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netid.dll
[2014/05/14 10:11:02 | 000,036,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2014/05/14 10:11:02 | 000,033,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2014/05/14 10:11:01 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2014/05/14 10:11:00 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srcore.dll
[2014/05/14 10:11:00 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easwrt.dll
[2014/05/14 10:11:00 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netiohlp.dll
[2014/05/14 10:11:00 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.HumanInterfaceDevice.dll
[2014/05/14 10:11:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clrhost.dll
[2014/05/14 10:10:59 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrobj.dll
[2014/05/14 10:10:59 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmdskmgr.dll
[2014/05/14 10:10:59 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netplwiz.dll
[2014/05/14 10:10:59 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudStorageWizard.exe
[2014/05/14 10:10:59 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acppage.dll
[2014/05/14 10:10:59 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014/05/14 10:10:58 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rpchttp.dll
[2014/05/14 10:10:58 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2014/05/14 10:10:57 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2014/05/14 10:10:57 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthBroker.dll
[2014/05/14 10:10:57 | 000,038,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContentServer.exe
[2014/05/14 10:10:57 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbrand.dll
[2014/05/14 10:10:56 | 001,152,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscui.cpl
[2014/05/14 10:10:56 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2014/05/14 10:10:56 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014/05/14 10:10:56 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MicrosoftAccountTokenProvider.dll
[2014/05/14 10:10:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\slpts.dll
[2014/05/14 10:10:55 | 000,557,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintDialogs.dll
[2014/05/14 10:10:55 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdedit.exe
[2014/05/14 10:10:55 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MbaeApiPublic.dll
[2014/05/14 10:10:55 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceaccess.dll
[2014/05/14 10:10:54 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autoconv.exe
[2014/05/14 10:10:54 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wbadmin.exe
[2014/05/14 10:10:54 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnprv.dll
[2014/05/14 10:10:54 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netplwiz.dll
[2014/05/14 10:10:54 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\acppage.dll
[2014/05/14 10:10:53 | 000,874,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autofmt.exe
[2014/05/14 10:10:53 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sud.dll
[2014/05/14 10:10:53 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BootMenuUX.dll
[2014/05/14 10:10:53 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Sockets.PushEnabledApplication.dll
[2014/05/14 10:10:53 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Renewal.dll
[2014/05/14 10:10:53 | 000,028,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfpmp.exe
[2014/05/14 10:10:53 | 000,027,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SysResetErr.exe
[2014/05/14 10:10:52 | 001,057,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\printui.dll
[2014/05/14 10:10:52 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2014/05/14 10:10:52 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcredprov.dll
[2014/05/14 10:10:52 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrobj.dll
[2014/05/14 10:10:52 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdboot.exe
[2014/05/14 10:10:52 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppnp.dll
[2014/05/14 10:10:51 | 000,890,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2014/05/14 10:10:51 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014/05/14 10:10:51 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spbcd.dll
[2014/05/14 10:10:51 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setbcdlocale.dll
[2014/05/14 10:10:51 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014/05/14 10:10:51 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\slpts.dll
[2014/05/14 10:10:50 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autoconv.exe
[2014/05/14 10:10:50 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2014/05/14 10:10:50 | 000,780,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autofmt.exe
[2014/05/14 10:10:50 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2014/05/14 10:10:50 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PkgMgr.exe
[2014/05/14 10:10:50 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\migisol.dll
[2014/05/14 10:10:50 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAConn.dll
[2014/05/14 10:10:50 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winbrand.dll
[2014/05/14 10:10:49 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Bluetooth.dll
[2014/05/14 10:10:49 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014/05/14 10:10:49 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IdCtrls.dll
[2014/05/14 10:10:49 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafBth.dll
[2014/05/14 10:10:49 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsAnytimeUpgradeResults.exe
[2014/05/14 10:10:49 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014/05/14 10:10:49 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhevents.dll
[2014/05/14 10:10:49 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2014/05/14 10:10:48 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cscript.exe
[2014/05/14 10:10:48 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2014/05/14 10:10:48 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsutil.dll
[2014/05/14 10:10:48 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AuthBroker.dll
[2014/05/14 10:10:48 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spcompat.dll
[2014/05/14 10:10:48 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Sockets.PushEnabledApplication.dll
[2014/05/14 10:10:48 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StorageContextHandler.dll
[2014/05/14 10:10:48 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\watchdog.sys
[2014/05/14 10:10:47 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsAnytimeUpgrade.exe
[2014/05/14 10:10:46 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2014/05/14 10:10:46 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spwizeng.dll
[2014/05/14 10:10:46 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2014/05/14 10:10:46 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diskpart.exe
[2014/05/14 10:10:46 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spbcd.dll
[2014/05/14 10:10:46 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\energytask.dll
[2014/05/14 10:10:45 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.exe
[2014/05/14 10:10:44 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sud.dll
[2014/05/14 10:10:44 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rstrui.exe
[2014/05/14 10:10:44 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RelPost.exe
[2014/05/14 10:10:44 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnpclean.dll
[2014/05/14 10:10:43 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2014/05/14 10:10:43 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingMonitor.dll
[2014/05/14 10:10:43 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceassociation.dll
[2014/05/14 10:10:42 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToDevice.dll
[2014/05/14 10:10:42 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingMonitor.dll
[2014/05/14 10:10:42 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dasHost.exe
[2014/05/14 10:10:41 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2014/05/14 10:10:40 | 001,136,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscui.cpl
[2014/05/14 10:10:40 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2014/05/14 10:10:40 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srrstr.dll
[2014/05/14 10:10:40 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014/05/14 10:10:39 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintDialogs.dll
[2014/05/14 10:10:39 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2014/05/14 10:10:39 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActionQueue.dll
[2014/05/14 10:10:39 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offreg.dll
[2014/05/14 10:10:39 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offreg.dll
[2014/05/14 10:10:39 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014/05/14 10:10:39 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentc.exe
[2014/05/14 10:10:39 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2014/05/14 10:10:38 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dfrgui.exe
[2014/05/14 10:10:38 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winsku.dll
[2014/05/14 10:10:38 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToDevice.dll
[2014/05/14 10:10:38 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudStorageWizard.exe
[2014/05/14 10:10:38 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SSShim.dll
[2014/05/14 10:10:38 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IdCtrls.dll
[2014/05/14 10:10:38 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014/05/14 10:10:38 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceassociation.dll
[2014/05/14 10:10:37 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserLanguagesCpl.dll
[2014/05/14 10:10:37 | 000,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2014/05/14 10:10:37 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2014/05/14 10:10:37 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.exe
[2014/05/14 10:10:37 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf3216.dll
[2014/05/14 10:10:37 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\f3ahvoas.dll
[2014/05/14 10:10:37 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msshooks.dll
[2014/05/14 10:10:36 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dfrgui.exe
[2014/05/14 10:10:36 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsku.dll
[2014/05/14 10:10:36 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshom.ocx
[2014/05/14 10:10:36 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\migisol.dll
[2014/05/14 10:10:36 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SrTasks.exe
[2014/05/14 10:10:36 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgentc.exe
[2014/05/14 10:10:35 | 000,589,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsdyn.dll
[2014/05/14 10:10:35 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\easwrt.dll
[2014/05/14 10:10:35 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContentHost.dll
[2014/05/14 10:10:34 | 002,566,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themecpl.dll
[2014/05/14 10:10:34 | 000,504,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2014/05/14 10:10:34 | 000,183,808 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\SysNative\Defrag.exe
[2014/05/14 10:10:34 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AepRoam.dll
[2014/05/14 10:10:33 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\diskpart.exe
[2014/05/14 10:10:33 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cscript.exe
[2014/05/14 10:10:32 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2014/05/14 10:10:32 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ConfigureExpandedStorage.dll
[2014/05/14 10:10:32 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ConfigureExpandedStorage.dll
[2014/05/14 10:10:32 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxshared.dll
[2014/05/14 10:10:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msshooks.dll
[2014/05/14 10:10:31 | 000,304,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wusa.exe
[2014/05/14 10:10:31 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/14 10:10:31 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/05/14 10:10:31 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scavengeui.dll
[2014/05/14 10:10:31 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/05/14 10:10:30 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/05/14 10:10:29 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2014/05/14 10:10:28 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-session-winsta-l1-1-0.dll
[2014/05/14 10:10:27 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2014/05/14 10:10:27 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setupugc.exe
[2014/05/14 10:10:25 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\syncui.dll
[2014/05/14 10:10:25 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BulkOperationHost.exe
[2014/05/14 10:10:25 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2014/05/14 10:10:24 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2014/05/14 10:10:24 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/05/14 10:10:24 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncPolicy.dll
[2014/05/14 10:10:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\finger.exe
[2014/05/14 10:10:23 | 002,544,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themecpl.dll
[2014/05/14 10:10:23 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpdxm.dll
[2014/05/14 10:10:23 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncPolicy.dll
[2014/05/14 10:10:22 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GlobCollationHost.dll
[2014/05/14 10:10:22 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GlobCollationHost.dll
[2014/05/14 10:10:22 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ocsetapi.dll
[2014/05/14 10:10:22 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ocsetapi.dll
[2014/05/14 10:10:22 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitagent.exe
[2014/05/14 10:10:22 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StorageContextHandler.dll
[2014/05/14 10:10:22 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ext-ms-win-session-winsta-l1-1-0.dll
[2014/05/14 10:10:21 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\korwbrkr.dll
[2014/05/14 10:10:21 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dataclen.dll
[2014/05/14 10:10:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-kernel32-package-l1-1-1.dll
[2014/05/14 10:10:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ext-ms-win-kernel32-package-l1-1-1.dll
[2014/05/14 10:10:20 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bthprops.cpl
[2014/05/14 10:10:20 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shsetup.dll
[2014/05/14 10:10:20 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dataclen.dll
[2014/05/14 10:10:20 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsvcctl.dll
[2014/05/14 10:10:19 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2014/05/14 10:10:19 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/05/14 10:10:19 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpksetupproxyserv.dll
[2014/05/14 10:10:19 | 000,008,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-ntuser-private-l1-1-1.dll
[2014/05/14 10:10:19 | 000,008,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ext-ms-win-ntuser-private-l1-1-1.dll
[2014/05/14 10:10:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shimeng.dll
[2014/05/14 10:10:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdxm.ocx
[2014/05/14 10:10:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxmasf.dll
[2014/05/14 10:10:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ext-ms-win-ntuser-private-l1-1-0.dll
[2014/05/14 10:10:18 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll
[2014/05/14 10:10:18 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveskybackup.dll
[2014/05/14 10:10:18 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\finger.exe
[2014/05/14 10:10:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-ntuser-private-l1-1-0.dll
[2014/05/14 10:10:17 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll
[2014/05/14 10:10:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ext-ms-win-networking-wcmapi-l1-1-0.dll
[2014/05/14 10:10:16 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\f3ahvoas.dll
[2014/05/14 10:02:57 | 000,291,544 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\drivers\RtsP2Stor.sys
[2014/05/14 10:02:52 | 009,889,352 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysWow64\RsCRIcon.dll
[2014/05/14 10:00:03 | 002,825,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtPgEx64.dll
[2014/05/14 10:00:03 | 001,958,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTSnMg64.cpl
[2014/05/14 09:59:59 | 002,792,152 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkAPO64.dll
[2014/05/14 09:59:59 | 001,024,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkApi64.dll
[2014/05/14 09:59:58 | 000,624,344 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtDataProc64.dll
[2014/05/14 09:59:56 | 001,286,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTCOM64.dll
[2014/05/14 09:59:54 | 056,270,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoRes64.dat
[2014/05/14 09:59:53 | 000,946,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoInstII64.dll
[2014/05/14 09:59:20 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\WINDOWS\SysNative\CONEQMSAPOGUILibrary.dll
[2014/05/14 09:59:18 | 000,209,096 | ---- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAC64.dll
[2014/05/14 09:56:16 | 000,839,896 | ---- | C] (Realtek ) -- C:\WINDOWS\SysNative\drivers\Rt630x64.sys
[2014/05/14 09:56:16 | 000,073,800 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\SysNative\RtNicProp64.dll
[2014/05/14 09:54:19 | 000,222,720 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\AtihdWB6.sys
[2014/05/14 09:54:19 | 000,110,080 | ---- | C] (TODO: <Company name>) -- C:\WINDOWS\SysNative\DelayAPO.dll
[2014/05/14 09:54:18 | 000,141,312 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\amdacpksl.sys
[2014/05/14 09:42:15 | 016,875,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/05/14 09:41:45 | 012,732,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/05/14 09:41:28 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll
[2014/05/14 09:41:27 | 008,653,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/05/14 09:41:26 | 013,286,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/05/14 09:41:19 | 007,425,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/05/14 09:41:02 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll
[2014/05/14 09:41:01 | 005,833,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/05/14 09:40:59 | 011,791,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/05/14 09:40:54 | 004,268,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/05/14 09:40:46 | 002,900,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014/05/14 09:40:41 | 002,373,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2014/05/14 09:40:39 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014/05/14 09:40:38 | 002,088,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2014/05/14 09:40:33 | 002,133,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014/05/14 09:40:31 | 002,270,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014/05/14 09:40:30 | 002,141,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014/05/14 09:40:30 | 001,112,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/05/14 09:40:29 | 001,129,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/05/14 09:40:28 | 001,411,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/05/14 09:40:27 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2014/05/14 09:40:26 | 002,641,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/05/14 09:40:26 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/05/14 09:40:24 | 001,764,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014/05/14 09:40:24 | 001,542,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2014/05/14 09:40:23 | 001,023,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014/05/14 09:40:23 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2014/05/14 09:40:22 | 002,317,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/05/14 09:40:22 | 001,779,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014/05/14 09:40:21 | 001,466,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/05/14 09:40:19 | 001,339,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2014/05/14 09:40:18 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidprov.dll
[2014/05/14 09:40:17 | 001,291,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014/05/14 09:40:17 | 000,655,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2014/05/14 09:40:16 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/05/14 09:40:15 | 006,641,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/05/14 09:40:11 | 000,356,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2014/05/14 09:40:01 | 000,364,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2014/05/14 09:39:58 | 000,492,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2014/05/14 09:39:54 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2014/05/14 09:39:52 | 000,834,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2014/05/14 09:39:45 | 000,157,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wof.sys
[2014/05/14 09:39:40 | 000,518,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014/05/14 09:39:39 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/05/14 09:39:38 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidprov.dll
[2014/05/14 09:39:37 | 005,770,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/05/14 09:39:35 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2014/05/14 09:39:34 | 001,656,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2014/05/14 09:39:32 | 000,305,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014/05/14 09:39:31 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2014/05/14 09:39:30 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2014/05/14 09:39:30 | 000,388,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2014/05/14 09:39:29 | 000,376,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2014/05/14 09:39:29 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2014/05/14 09:39:28 | 000,379,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014/05/14 09:39:27 | 001,351,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2014/05/14 09:39:26 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/05/14 09:39:25 | 000,872,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/05/14 09:39:24 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/05/14 09:39:24 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsApi.dll
[2014/05/14 09:39:23 | 000,488,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2014/05/14 09:39:23 | 000,467,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014/05/14 09:39:22 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014/05/14 09:39:22 | 000,337,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2014/05/14 09:39:21 | 000,463,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014/05/14 09:39:20 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2014/05/14 09:39:20 | 000,390,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2014/05/14 09:39:20 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsApi.dll
[2014/05/14 09:39:18 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014/05/14 09:39:16 | 000,244,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014/05/14 09:39:15 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2014/05/14 09:39:15 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014/05/14 09:39:14 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2014/05/14 09:39:14 | 000,113,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\userenv.dll
[2014/05/14 09:39:13 | 000,299,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pdh.dll
[2014/05/14 09:39:13 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014/05/14 09:39:13 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\davclnt.dll
[2014/05/14 09:39:12 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2014/05/14 09:39:11 | 000,924,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014/05/14 09:39:10 | 000,360,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2014/05/14 09:39:10 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2014/05/14 09:39:08 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2014/05/14 09:39:07 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlangpui.dll
[2014/05/14 09:39:06 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2014/05/14 09:39:05 | 000,467,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014/05/14 09:39:05 | 000,412,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2014/05/14 09:39:05 | 000,355,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2014/05/14 09:39:04 | 001,015,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aclui.dll
[2014/05/14 09:39:04 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.dll
[2014/05/14 09:39:04 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWfdProvider.dll
[2014/05/14 09:39:03 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/05/14 09:39:03 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spp.dll
[2014/05/14 09:39:03 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2014/05/14 09:39:02 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDMon.dll
[2014/05/14 09:39:02 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pdh.dll
[2014/05/14 09:39:02 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2014/05/14 09:39:02 | 000,136,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2014/05/14 09:39:02 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2014/05/14 09:39:01 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\w32tm.exe
[2014/05/14 09:39:00 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2014/05/14 09:39:00 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2014/05/14 09:38:59 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2014/05/14 09:38:58 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2014/05/14 09:38:57 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014/05/14 09:38:56 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlangpui.dll
[2014/05/14 09:38:56 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2014/05/14 09:38:55 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2014/05/14 09:38:55 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvinst.exe
[2014/05/14 09:38:54 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014/05/14 09:38:54 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvcfg.exe
[2014/05/14 09:38:52 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2014/05/14 09:38:52 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014/05/14 09:38:51 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2014/05/14 09:38:50 | 000,887,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aclui.dll
[2014/05/14 09:38:50 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2014/05/14 09:38:50 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\w32tm.exe
[2014/05/14 09:38:50 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014/05/14 09:38:49 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReInfo.dll
[2014/05/14 09:38:49 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Scanners.dll
[2014/05/14 09:38:49 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RMapi.dll
[2014/05/14 09:38:48 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationApi.dll
[2014/05/14 09:38:47 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014/05/14 09:38:47 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.dll
[2014/05/14 09:38:47 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReInfo.dll
[2014/05/14 09:38:47 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BitLockerDeviceEncryption.exe
[2014/05/14 09:38:46 | 000,717,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2014/05/14 09:38:46 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2014/05/14 09:38:46 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll
[2014/05/14 09:38:46 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevPropMgr.dll
[2014/05/14 09:38:45 | 000,794,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvewiz.dll
[2014/05/14 09:38:45 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxproxy.dll
[2014/05/14 09:38:45 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2014/05/14 09:38:44 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LocationApi.dll
[2014/05/14 09:38:43 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2014/05/14 09:38:43 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SetNetworkLocation.dll
[2014/05/14 09:38:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxproxy.dll
[2014/05/14 09:38:41 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/05/14 09:38:40 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2014/05/14 09:38:40 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2014/05/14 09:38:40 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\l2gpstore.dll
[2014/05/14 09:38:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanhlp.dll
[2014/05/14 09:38:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanhlp.dll
[2014/05/14 09:38:39 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeHdCfgLib.dll
[2014/05/14 09:38:39 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\l2gpstore.dll
[2014/05/14 09:38:39 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2014/05/14 09:36:49 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\DriverToolkit
[2014/05/14 09:36:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DriverToolkit
[2014/05/14 09:31:50 | 002,678,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/05/14 09:31:03 | 001,705,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014/05/14 09:31:03 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2014/05/14 09:31:02 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/05/14 09:31:02 | 000,054,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014/05/14 07:41:09 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
[2014/05/14 07:41:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinDirStat
[2014/05/14 07:39:15 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
[2014/05/14 07:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Everything
[2014/05/14 04:57:50 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\CrashDumps
[2014/05/14 04:37:31 | 000,000,000 | ---D | C] -- C:\d4b1b519b84e77ec9bb401c26a
[2014/05/14 04:36:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2014/05/14 03:27:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Home Edition 8.1.1
[2014/05/14 03:26:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1
[2014/05/14 03:18:46 | 000,764,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2014/05/14 03:18:44 | 000,669,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2014/05/14 03:18:43 | 004,175,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2014/05/14 03:18:42 | 001,486,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2014/05/14 03:18:41 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2014/05/14 03:18:38 | 001,238,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2014/05/14 03:18:33 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpencom.dll
[2014/05/14 03:18:32 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpencom.dll
[2014/05/14 03:18:31 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcomapi.dll
[2014/05/14 01:31:37 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2014/05/14 01:31:21 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sti.dll
[2014/05/14 01:31:20 | 000,842,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsSpellCheckingFacility.dll
[2014/05/14 01:31:20 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2014/05/14 01:31:19 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsSpellCheckingFacility.dll
[2014/05/14 01:30:22 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Panda Security
[2014/05/14 01:28:01 | 000,051,496 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\stflt.sys
[2014/05/14 01:20:35 | 000,000,000 | ---D | C] -- C:\Users\Steve\Pavark
[2014/05/14 01:15:03 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSCollect.exe
[2014/05/14 01:13:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2014/05/14 01:10:33 | 000,236,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014/05/14 01:10:33 | 000,124,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014/05/14 01:10:33 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014/05/14 01:08:13 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2014/05/14 01:08:13 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2014/05/14 01:01:23 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaui.exe
[2014/05/14 01:01:23 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcaui.exe
[2014/05/14 00:56:26 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2014/05/14 00:56:26 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2014/05/14 00:53:25 | 003,210,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2014/05/14 00:53:25 | 002,804,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2014/05/14 00:53:25 | 000,809,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/05/14 00:53:25 | 000,663,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/05/14 00:53:25 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2014/05/14 00:53:25 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2014/05/14 00:53:25 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msieftp.dll
[2014/05/14 00:53:24 | 000,513,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/05/14 00:53:23 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msieftp.dll
[2014/05/14 00:53:23 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.dll
[2014/05/14 00:53:18 | 000,589,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/05/14 00:53:17 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceregistration.dll
[2014/05/14 00:53:17 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bi.dll
[2014/05/14 00:53:16 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014/05/14 00:53:16 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.dll
[2014/05/14 00:53:16 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014/05/14 00:53:14 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys
[2014/05/14 00:45:28 | 000,146,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys
[2014/05/14 00:45:27 | 000,086,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2014/05/14 00:45:27 | 000,039,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2014/05/14 00:42:15 | 000,570,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdrm.dll
[2014/05/14 00:40:35 | 004,604,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2014/05/14 00:40:34 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2014/05/14 00:39:20 | 000,075,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2014/05/14 00:18:31 | 000,027,456 | ---- | C] (IObit) -- C:\WINDOWS\SysNative\RegistryDefragBootTime.exe
[2014/05/13 23:50:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\tasks\TaskDisabled
[2014/05/13 23:32:29 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\AMD
[2014/05/13 23:17:39 | 000,000,000 | ---D | C] -- C:\ProgramData\AomeiBR
[2014/05/13 22:55:55 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\pinger.com
[2014/05/13 22:34:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper Standard Edition 2.0
[2014/05/13 22:33:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.0
[2014/05/13 22:32:54 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2014/05/13 22:32:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iolo
[2014/05/13 21:24:12 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\hpqLog
[2014/05/13 20:54:52 | 000,034,080 | ---- | C] (IObit) -- C:\WINDOWS\SysNative\SmartDefragBootTime.exe
[2014/05/13 20:51:28 | 000,128,288 | ---- | C] (IObit) -- C:\WINDOWS\SysNative\IObitSmartDefragExtension.dll
[2014/05/13 20:50:40 | 000,021,184 | ---- | C] (IObit) -- C:\WINDOWS\SysNative\drivers\SmartDefragDriver.sys
[2014/05/13 20:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
[2014/05/13 20:50:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2014/05/13 20:44:23 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2014/05/13 20:44:20 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Apple Computer
[2014/05/13 20:43:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2014/05/13 20:42:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
[2014/05/13 20:41:31 | 000,593,112 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\symnets.sys
[2014/05/13 20:41:31 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\symelam.sys
[2014/05/13 20:41:30 | 001,148,120 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\symefa64.sys
[2014/05/13 20:41:30 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\symds64.sys
[2014/05/13 20:41:30 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\srtspx64.sys
[2014/05/13 20:41:29 | 000,875,736 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\srtsp64.sys
[2014/05/13 20:41:29 | 000,264,280 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\ironx64.sys
[2014/05/13 20:41:29 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\ccsetx64.sys
[2014/05/13 20:38:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026
[2014/05/13 20:35:29 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/05/13 20:35:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/05/13 20:07:22 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS
[2014/05/13 20:07:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2014/05/13 20:01:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\N360x64
[2014/05/13 20:01:34 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
[2014/05/13 20:01:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Suite
[2014/05/13 19:59:40 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2014/05/13 19:59:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2014/05/13 19:57:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2014/05/13 19:46:27 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2014/05/13 19:36:23 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\ProductData
[2014/05/13 19:36:12 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2014/05/13 19:35:47 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\IObit
[2014/05/13 19:35:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2014/05/13 19:34:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2014/05/13 19:20:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\AdvUninstal
[2014/05/13 19:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Innovative Solutions
[2014/05/13 19:19:58 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Innovative Solutions
[2014/05/13 19:19:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Innovative Solutions
[2014/05/13 19:18:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/05/13 19:17:48 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Programs
[2014/05/13 19:15:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/05/13 19:15:38 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Google
[2014/05/13 19:12:43 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Deployment
[2014/05/13 19:12:43 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Apps
[2014/05/13 19:07:04 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Hewlett-Packard
[2014/05/13 18:55:57 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Macromedia
[2014/05/13 18:50:15 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\ATI
[2014/05/13 18:50:15 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\ATI
[2014/05/13 18:46:15 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Hewlett-Packard
[2014/05/13 18:46:03 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\CyberLink
[2014/05/13 18:44:44 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\PackageStaging
[2014/05/13 18:44:01 | 000,000,000 | R--D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/05/13 18:44:01 | 000,000,000 | R--D | C] -- C:\Users\Steve\Searches
[2014/05/13 18:44:01 | 000,000,000 | R--D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/05/13 18:44:00 | 000,000,000 | -H-D | C] -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/05/13 18:43:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics
[2014/05/13 18:43:44 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Synaptics
[2014/05/13 18:43:43 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Adobe
[2014/05/13 18:43:42 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\VirtualStore
[2014/05/13 18:43:24 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
[2014/05/13 18:39:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2014/05/13 18:37:35 | 000,000,000 | -HSD | C] -- C:\Users\Steve\AppData\Local\Temporary Internet Files
[2014/05/13 18:37:35 | 000,000,000 | -HSD | C] -- C:\Users\Steve\Templates
[2014/05/13 18:37:35 | 000,000,000 | -HSD | C] -- C:\Users\Steve\Start Menu
[2014/05/13 18:37:35 | 000,000,000 | -HSD | C] -- C:\Users\Steve\SendTo
[2014/05/13 18:37:35 | 000,000,000 | -HSD | C] -- C:\Users\Steve\Recent
[2014/05/13 18:37:35 | 000,000,000 | -HSD | C] -- C:\Users\Steve\PrintHood
[2014/05/13 18:37:35 | 000,000,000 | -HSD | C] -- C:\Users\Steve\NetHood
[2014/05/13 18:37:35 | 000,000,000 | -HSD | C] -- C:\Users\Steve\Documents\My Videos
[2014/05/13 18:37:35 | 000,000,000 | -HSD | C] -- C:\Users\Steve\Documents\My Pictures
[2014/05/13 18:37:35 | 000,000,000 | -HSD | C] -- C:\Users\Steve\Documents\My Music
[2014/05/13 18:37:35 | 000,000,000 | -HSD | C] -- C:\Users\Steve\My Documents
[2014/05/13 18:37:35 | 000,000,000 | -HSD | C] -- C:\Users\Steve\Local Settings
[2014/05/13 18:37:35 | 000,000,000 | -HSD | C] -- C:\Users\Steve\AppData\Local\History
[2014/05/13 18:37:35 | 000,000,000 | -HSD | C] -- C:\Users\Steve\Cookies
[2014/05/13 18:37:35 | 000,000,000 | -HSD | C] -- C:\Users\Steve\Application Data
[2014/05/13 18:37:35 | 000,000,000 | -HSD | C] -- C:\Users\Steve\AppData\Local\Application Data
[2014/05/13 18:37:35 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Temp
[2014/05/13 18:37:35 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Microsoft
[2014/05/13 18:37:34 | 000,000,000 | --SD | C] -- C:\Users\Steve\AppData\Roaming\Microsoft
[2014/05/13 18:37:34 | 000,000,000 | R--D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/05/13 18:37:34 | 000,000,000 | R--D | C] -- C:\Users\Steve\Favorites
[2014/05/13 18:37:34 | 000,000,000 | R--D | C] -- C:\Users\Steve\Documents
[2014/05/13 18:37:34 | 000,000,000 | R--D | C] -- C:\Users\Steve\Desktop
[2014/05/13 18:37:34 | 000,000,000 | R--D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/05/13 18:37:34 | 000,000,000 | R--D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/05/13 18:37:34 | 000,000,000 | -H-D | C] -- C:\Users\Steve\Documents\hp.system.package.metadata
[2014/05/13 18:37:34 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/05/13 18:37:34 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData
[2014/05/13 10:16:01 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/05/13 03:15:09 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\VAMT3
[2014/05/12 19:49:12 | 000,000,000 | ---D | C] -- C:\boot
[2014/05/12 18:18:49 | 005,487,040 | ---- | C] (Microsoft Corporation) -- C:\Users\Steve\Documents\Windows8-Setup.exe
[2014/05/12 18:18:49 | 004,954,736 | ---- | C] (Microsoft Corporation) -- C:\Users\Steve\Documents\WindowsSetupBox.exe
[2014/05/11 10:57:23 | 000,000,000 | ---D | C] -- C:\NPE
[2014/05/11 05:16:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2014/05/10 22:47:07 | 000,000,000 | ---D | C] -- C:\AMD
[2014/05/10 15:16:46 | 000,000,000 | ---D | C] -- C:\Documents
[2014/05/10 09:11:10 | 000,000,000 | --SD | C] -- C:\Box Sync
[2014/05/10 09:07:50 | 000,000,000 | ---D | C] -- C:\Users\Steve\albums
[2014/05/10 09:07:15 | 000,000,000 | ---D | C] -- C:\Users\Steve\youtube
[2014/05/10 06:38:28 | 000,000,000 | R--D | C] -- C:\Users\Steve\Documents\Scanned Documents
[2014/05/10 06:38:25 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\Fax
[2014/05/05 05:53:33 | 000,000,000 | ---D | C] -- C:\history
[2014/04/28 12:48:17 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\CyberLink
[2014/04/28 02:08:50 | 000,000,000 | ---D | C] -- C:\FFoutput
[2014/04/28 01:18:28 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\desktop
[2014/04/26 07:38:10 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\Symantec
[2014/04/26 07:12:03 | 000,000,000 | R--D | C] -- C:\Users\Steve\SkyDrive
[2014/04/26 07:09:52 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\Youcam
[2014/04/26 07:07:47 | 000,000,000 | R--D | C] -- C:\Users\Steve\Contacts
[2014/04/26 07:07:02 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Packages
[2014/04/26 07:06:32 | 000,000,000 | R--D | C] -- C:\Users\Steve\Videos
[2014/04/26 07:06:32 | 000,000,000 | R--D | C] -- C:\Users\Steve\Saved Games
[2014/04/26 07:06:32 | 000,000,000 | R--D | C] -- C:\Users\Steve\Pictures
[2014/04/26 07:06:32 | 000,000,000 | R--D | C] -- C:\Users\Steve\Music
[2014/04/26 07:06:32 | 000,000,000 | R--D | C] -- C:\Users\Steve\Links
[2014/04/26 07:06:32 | 000,000,000 | R--D | C] -- C:\Users\Steve\Downloads
[2014/04/26 07:06:32 | 000,000,000 | -H-D | C] -- C:\Users\Steve\Documents\hp.applications.package.appdata
[2014/04/26 01:28:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 30 Days ==========
[2014/05/14 17:22:15 | 005,200,050 | ---- | M] (Swearware) -- C:\Users\Steve\Desktop\ComboFix.exe
[2014/05/14 17:06:27 | 000,625,664 | ---- | M] () -- C:\Users\Steve\Desktop\dds.scr
[2014/05/14 17:05:00 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Steve\Desktop\HiJackThis.exe
[2014/05/14 16:56:55 | 000,956,412 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/05/14 16:56:55 | 000,796,126 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/05/14 16:56:55 | 000,161,346 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/05/14 16:53:47 | 000,002,163 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/14 16:49:00 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/05/14 16:48:55 | 2971,459,584 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/14 16:45:25 | 000,096,856 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SMR410.SYS
[2014/05/14 16:45:02 | 002,660,457 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\Cat.DB
[2014/05/14 16:40:22 | 000,001,331 | ---- | M] () -- C:\Users\Steve\Desktop\Norton Installation Files.lnk
[2014/05/14 14:32:39 | 000,000,254 | ---- | M] () -- C:\WINDOWS\tasks\ASC7_SkipUac_Steve.job
[2014/05/14 11:46:25 | 000,388,696 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/05/14 10:02:57 | 000,291,544 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\drivers\RtsP2Stor.sys
[2014/05/14 10:02:56 | 009,889,352 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysWow64\RsCRIcon.dll
[2014/05/14 10:00:04 | 001,958,616 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTSnMg64.cpl
[2014/05/14 10:00:03 | 002,825,432 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtPgEx64.dll
[2014/05/14 10:00:00 | 002,792,152 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkAPO64.dll
[2014/05/14 09:59:59 | 001,024,216 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkApi64.dll
[2014/05/14 09:59:58 | 000,624,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtDataProc64.dll
[2014/05/14 09:59:56 | 001,286,872 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTCOM64.dll
[2014/05/14 09:59:56 | 000,757,301 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2014/05/14 09:59:55 | 056,270,848 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoRes64.dat
[2014/05/14 09:59:54 | 000,946,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoInstII64.dll
[2014/05/14 09:59:20 | 000,113,576 | ---- | M] (Real Sound Lab SIA) -- C:\WINDOWS\SysNative\CONEQMSAPOGUILibrary.dll
[2014/05/14 09:59:19 | 000,209,096 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAC64.dll
[2014/05/14 09:56:16 | 000,839,896 | ---- | M] (Realtek ) -- C:\WINDOWS\SysNative\drivers\Rt630x64.sys
[2014/05/14 09:56:16 | 000,073,800 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\SysNative\RtNicProp64.dll
[2014/05/14 09:54:19 | 000,222,720 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\AtihdWB6.sys
[2014/05/14 09:54:19 | 000,141,312 | ---- | M] (Windows ® Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\amdacpksl.sys
[2014/05/14 09:54:19 | 000,110,080 | ---- | M] (TODO: <Company name>) -- C:\WINDOWS\SysNative\DelayAPO.dll
[2014/05/14 09:38:40 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\Driver Booster SkipUAC (Steve).job
[2014/05/14 07:41:09 | 000,001,007 | ---- | M] () -- C:\Users\Steve\Desktop\WinDirStat.lnk
[2014/05/14 07:39:15 | 000,001,007 | ---- | M] () -- C:\Users\Steve\Desktop\Search Everything.lnk
[2014/05/14 07:22:06 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Uninstaller_SkipUac_Administrator.job
[2014/05/14 06:55:54 | 000,002,221 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2014/05/14 05:55:40 | 000,001,024 | -H-- | M] () -- C:\AMTAG.BIN
[2014/05/14 05:36:53 | 000,012,288 | ---- | M] () -- C:\WINDOWS\SysNative\umstartup.etl
[2014/05/14 03:27:13 | 000,001,255 | ---- | M] () -- C:\Users\Public\Desktop\MiniTool Partition Wizard Home Edition.lnk
[2014/05/14 03:14:53 | 000,165,659 | ---- | M] () -- C:\MyXML.xml
[2014/05/14 01:53:48 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/05/14 01:31:37 | 000,336,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2014/05/14 01:31:21 | 000,461,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2014/05/14 01:31:21 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sti.dll
[2014/05/14 01:31:20 | 000,842,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsSpellCheckingFacility.dll
[2014/05/14 01:31:20 | 000,138,240 | ---- | M] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014/05/14 01:31:19 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsSpellCheckingFacility.dll
[2014/05/14 01:31:18 | 000,103,936 | ---- | M] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/05/14 01:31:17 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\LocationProvider.dll
[2014/05/14 01:28:01 | 000,051,496 | ---- | M] (Windows ® Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\stflt.sys
[2014/05/14 01:17:20 | 000,000,493 | ---- | M] () -- C:\ProgramData\Panda.Result
[2014/05/14 01:15:03 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSCollect.exe
[2014/05/14 01:10:33 | 000,236,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014/05/14 01:10:33 | 000,124,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014/05/14 01:10:33 | 000,035,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014/05/14 01:08:13 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2014/05/14 01:08:13 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2014/05/14 01:01:23 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaui.exe
[2014/05/14 01:01:23 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcaui.exe
[2014/05/14 00:56:26 | 000,393,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2014/05/14 00:56:26 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2014/05/14 00:56:07 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/05/14 00:53:25 | 003,210,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2014/05/14 00:53:25 | 002,804,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2014/05/14 00:53:25 | 000,809,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/05/14 00:53:25 | 000,663,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/05/14 00:53:25 | 000,470,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2014/05/14 00:53:25 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2014/05/14 00:53:25 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msieftp.dll
[2014/05/14 00:53:24 | 000,513,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/05/14 00:53:23 | 000,306,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msieftp.dll
[2014/05/14 00:53:23 | 000,273,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.dll
[2014/05/14 00:53:18 | 000,589,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/05/14 00:53:17 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceregistration.dll
[2014/05/14 00:53:17 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bi.dll
[2014/05/14 00:53:16 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014/05/14 00:53:16 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.dll
[2014/05/14 00:53:16 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014/05/14 00:53:14 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys
[2014/05/14 00:45:28 | 000,146,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys
[2014/05/14 00:45:27 | 000,086,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2014/05/14 00:45:27 | 000,039,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2014/05/14 00:42:15 | 000,570,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdrm.dll
[2014/05/14 00:40:35 | 004,604,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2014/05/14 00:40:34 | 002,397,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2014/05/14 00:39:20 | 000,075,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2014/05/13 23:31:10 | 000,001,024 | -H-- | M] () -- C:\SYSTAG.BIN
[2014/05/13 23:31:07 | 000,000,082 | ---- | M] () -- C:\WINDOWS\SysWow64\winsevr.dat
[2014/05/13 22:34:56 | 000,001,222 | ---- | M] () -- C:\Users\Public\Desktop\AOMEI Backupper Standard Edition 2.0.lnk
[2014/05/13 22:33:01 | 000,001,191 | ---- | M] () -- C:\Users\Steve\Desktop\System Checkup.lnk
[2014/05/13 22:32:55 | 000,074,703 | ---- | M] () -- C:\WINDOWS\SysWow64\mfc45.dat
[2014/05/13 21:20:00 | 000,002,460 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2014/05/13 21:18:16 | 000,002,299 | ---- | M] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/13 20:50:37 | 000,001,186 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 3.lnk
[2014/05/13 20:50:25 | 000,001,189 | ---- | M] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2014/05/13 20:43:56 | 000,001,244 | ---- | M] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2014/05/13 20:35:29 | 000,000,834 | ---- | M] () -- C:\Users\Steve\Desktop\CCleaner.lnk
[2014/05/13 20:07:16 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS
[2014/05/13 20:07:16 | 000,008,222 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT
[2014/05/13 20:07:16 | 000,000,854 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF
[2014/05/13 18:55:14 | 000,001,436 | ---- | M] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/05/13 18:44:44 | 000,011,754 | ---- | M] () -- C:\Users\Steve\Desktop\Removed Apps.html
[2014/05/13 18:39:09 | 000,024,768 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2014/05/13 18:39:09 | 000,024,768 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2014/05/13 02:01:13 | 000,000,000 | -H-- | M] () -- C:\Users\Steve\Documents\Default.rdp
[2014/05/13 00:04:16 | 3961,473,024 | ---- | M] () -- C:\Users\Steve\Documents\9600.17050.WINBLUE_REFRESH.140317-1640_X64FRE_ENTERPRISE_EVAL_EN-US-IR3_CENA_X64FREE_EN-US_DV9.ISO
[2014/05/12 22:44:41 | 806,676,480 | ---- | M] () -- C:\Users\Steve\Documents\OfficeProfessionalPlus_x64_en-us.img
[2014/05/12 19:56:09 | 000,120,493 | ---- | M] () -- C:\Users\Steve\Documents\ISO FOLDER.png
[2014/05/12 17:51:10 | 004,954,736 | ---- | M] (Microsoft Corporation) -- C:\Users\Steve\Documents\WindowsSetupBox.exe
[2014/05/12 17:43:39 | 005,487,040 | ---- | M] (Microsoft Corporation) -- C:\Users\Steve\Documents\Windows8-Setup.exe
[2014/05/12 17:17:13 | 000,022,528 | ---- | M] () -- C:\Users\Steve\Documents\pkeyui.exe
[2014/05/01 13:30:26 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/05/01 13:30:26 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/04/30 02:52:11 | 000,035,791 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\VT20140430.005
========== Files Created - No Company Name ==========
[2014/05/14 17:06:16 | 000,625,664 | ---- | C] () -- C:\Users\Steve\Desktop\dds.scr
[2014/05/14 16:43:54 | 000,000,172 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NBRTWizardx64\0600000.04A\isolate.ini
[2014/05/14 16:40:14 | 000,001,331 | ---- | C] () -- C:\Users\Steve\Desktop\Norton Installation Files.lnk
[2014/05/14 14:32:39 | 000,000,254 | ---- | C] () -- C:\WINDOWS\tasks\ASC7_SkipUac_Steve.job
[2014/05/14 14:29:24 | 000,019,152 | ---- | C] () -- C:\WINDOWS\SysNative\pwdrvio.sys
[2014/05/14 14:27:14 | 000,012,504 | ---- | C] () -- C:\WINDOWS\SysNative\pwdspio.sys
[2014/05/14 10:15:43 | 000,139,600 | ---- | C] () -- C:\WINDOWS\SysNative\systemsf.ebd
[2014/05/14 10:12:23 | 000,262,335 | ---- | C] () -- C:\WINDOWS\SysNative\dfpinc.dat
[2014/05/14 10:10:46 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/05/14 10:10:46 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysNative\WimBootCompress.ini
[2014/05/14 10:10:23 | 000,100,197 | ---- | C] () -- C:\WINDOWS\SysWow64\RacRules.xml
[2014/05/14 10:10:23 | 000,100,197 | ---- | C] () -- C:\WINDOWS\SysNative\RacRules.xml
[2014/05/14 10:10:22 | 000,007,762 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-suggestions.searchconnector-ms
[2014/05/14 10:10:22 | 000,007,762 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-suggestions.searchconnector-ms
[2014/05/14 10:10:22 | 000,007,130 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-zeroinput.searchconnector-ms
[2014/05/14 10:10:22 | 000,007,130 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-zeroinput.searchconnector-ms
[2014/05/14 10:10:16 | 000,011,109 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-results.searchconnector-ms
[2014/05/14 10:10:16 | 000,011,109 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-results.searchconnector-ms
[2014/05/14 10:10:14 | 000,050,053 | ---- | C] () -- C:\WINDOWS\SysNative\srms.dat
[2014/05/14 10:10:11 | 000,002,440 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
[2014/05/14 09:59:55 | 000,757,301 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2014/05/14 09:38:40 | 000,000,260 | ---- | C] () -- C:\WINDOWS\tasks\Driver Booster SkipUAC (Steve).job
[2014/05/14 09:38:39 | 000,387,210 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/05/14 07:41:09 | 000,001,007 | ---- | C] () -- C:\Users\Steve\Desktop\WinDirStat.lnk
[2014/05/14 07:39:15 | 000,001,007 | ---- | C] () -- C:\Users\Steve\Desktop\Search Everything.lnk
[2014/05/14 07:22:06 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\Uninstaller_SkipUac_Administrator.job
[2014/05/14 05:36:53 | 000,012,288 | ---- | C] () -- C:\WINDOWS\SysNative\umstartup.etl
[2014/05/14 03:27:29 | 003,050,808 | ---- | C] () -- C:\WINDOWS\SysNative\pwNative.exe
[2014/05/14 03:27:12 | 000,001,255 | ---- | C] () -- C:\Users\Public\Desktop\MiniTool Partition Wizard Home Edition.lnk
[2014/05/14 01:54:26 | 000,388,696 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/05/14 01:31:20 | 000,138,240 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014/05/14 01:31:18 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/05/14 01:16:57 | 000,000,493 | ---- | C] () -- C:\ProgramData\Panda.Result
[2014/05/14 00:56:07 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/05/13 22:35:23 | 000,000,082 | ---- | C] () -- C:\WINDOWS\SysWow64\winsevr.dat
[2014/05/13 22:34:55 | 000,001,222 | ---- | C] () -- C:\Users\Public\Desktop\AOMEI Backupper Standard Edition 2.0.lnk
[2014/05/13 22:34:09 | 000,151,480 | ---- | C] () -- C:\WINDOWS\SysNative\ammntdrv.sys
[2014/05/13 22:34:09 | 000,030,648 | ---- | C] () -- C:\WINDOWS\SysNative\ambakdrv.sys
[2014/05/13 22:34:09 | 000,017,848 | ---- | C] () -- C:\WINDOWS\SysNative\amwrtdrv.sys
[2014/05/13 22:33:00 | 000,001,191 | ---- | C] () -- C:\Users\Steve\Desktop\System Checkup.lnk
[2014/05/13 22:32:54 | 000,074,703 | ---- | C] () -- C:\WINDOWS\SysWow64\mfc45.dat
[2014/05/13 21:20:06 | 002,660,457 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\Cat.DB
[2014/05/13 21:16:25 | 000,035,791 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\VT20140430.005
[2014/05/13 20:51:52 | 000,165,659 | ---- | C] () -- C:\MyXML.xml
[2014/05/13 20:50:37 | 000,001,186 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag 3.lnk
[2014/05/13 20:50:24 | 000,001,189 | ---- | C] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2014/05/13 20:43:55 | 000,001,244 | ---- | C] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2014/05/13 20:42:15 | 000,002,221 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2014/05/13 20:41:31 | 000,009,939 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\symelam64.cat
[2014/05/13 20:41:31 | 000,008,192 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\symnet64.cat
[2014/05/13 20:41:31 | 000,001,440 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\symnet.inf
[2014/05/13 20:41:31 | 000,001,098 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\symelam.inf
[2014/05/13 20:41:30 | 000,008,196 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\srtspx64.cat
[2014/05/13 20:41:30 | 000,008,194 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\symefa64.cat
[2014/05/13 20:41:30 | 000,008,188 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\symds64.cat
[2014/05/13 20:41:30 | 000,003,433 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\symefa.inf
[2014/05/13 20:41:30 | 000,002,852 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\symds.inf
[2014/05/13 20:41:30 | 000,001,420 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\srtspx64.inf
[2014/05/13 20:41:29 | 000,008,202 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\ccsetx64.cat
[2014/05/13 20:41:29 | 000,008,192 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\srtsp64.cat
[2014/05/13 20:41:29 | 000,008,184 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\iron.cat
[2014/05/13 20:41:29 | 000,001,437 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\srtsp64.inf
[2014/05/13 20:41:29 | 000,000,855 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\ccsetx64.inf
[2014/05/13 20:41:29 | 000,000,767 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\iron.inf
[2014/05/13 20:38:15 | 000,000,172 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1502000.026\isolate.ini
[2014/05/13 20:35:27 | 000,000,834 | ---- | C] () -- C:\Users\Steve\Desktop\CCleaner.lnk
[2014/05/13 20:07:34 | 000,008,222 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT
[2014/05/13 20:07:26 | 000,000,854 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF
[2014/05/13 20:07:03 | 000,002,460 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2014/05/13 19:18:20 | 000,002,299 | ---- | C] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/13 19:18:19 | 000,002,163 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/13 18:55:14 | 000,001,436 | ---- | C] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/05/13 18:44:44 | 000,011,754 | ---- | C] () -- C:\Users\Steve\Desktop\Removed Apps.html
[2014/05/13 18:43:43 | 000,001,442 | ---- | C] () -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/05/13 18:37:35 | 000,000,352 | ---- | C] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/05/13 18:37:35 | 000,000,334 | ---- | C] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/05/13 18:37:07 | 000,024,768 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2014/05/13 18:37:07 | 000,024,768 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2014/05/13 02:34:49 | 000,001,024 | -H-- | C] () -- C:\SYSTAG.BIN
[2014/05/13 02:01:13 | 000,000,000 | -H-- | C] () -- C:\Users\Steve\Documents\Default.rdp
[2014/05/12 22:12:06 | 806,676,480 | ---- | C] () -- C:\Users\Steve\Documents\OfficeProfessionalPlus_x64_en-us.img
[2014/05/12 21:50:51 | 3961,473,024 | ---- | C] () -- C:\Users\Steve\Documents\9600.17050.WINBLUE_REFRESH.140317-1640_X64FRE_ENTERPRISE_EVAL_EN-US-IR3_CENA_X64FREE_EN-US_DV9.ISO
[2014/05/12 19:56:09 | 000,120,493 | ---- | C] () -- C:\Users\Steve\Documents\ISO FOLDER.png
[2014/05/12 17:17:13 | 000,022,528 | ---- | C] () -- C:\Users\Steve\Documents\pkeyui.exe
[2014/05/11 06:08:59 | 000,001,024 | -H-- | C] () -- C:\AMTAG.BIN
[2014/04/26 01:33:36 | 2971,459,584 | -HS- | C] () -- C:\hiberfil.sys
[2014/04/26 01:28:43 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2014/03/13 00:29:22 | 000,451,072 | ---- | C] () -- C:\WINDOWS\SysWow64\ISSRemoveSP.exe
[2014/03/13 00:23:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013/09/11 11:31:42 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013/09/11 11:31:42 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013/09/11 10:49:22 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013/09/11 10:49:22 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013/09/11 10:25:56 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013/09/10 22:37:58 | 000,038,912 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll
[2013/08/25 23:13:37 | 000,931,872 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/08/22 08:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 08:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 07:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 00:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 20:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 16:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 16:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
========== ZeroAccess Check ==========
[2013/10/09 13:01:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/19 20:48:41 | 021,232,792 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/19 18:20:53 | 018,679,216 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 02:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 19:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 02:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/05/13 20:52:21 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\IObit
[2014/05/14 06:55:33 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Panda Security
[2014/05/14 09:06:39 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\ProductData
[2014/05/13 18:43:44 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Synaptics
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.ADML >
[2013/08/22 12:09:58 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.3.9600.16384_en-us_13bedf9d3e4c78d1\Explorer.adml
[2013/08/22 12:09:58 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.3.9600.17031_en-us_13f1d1e13e26c343\Explorer.adml
< MD5 for: EXPLORER.ADMX >
[2013/06/18 07:57:40 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.3.9600.16384_none_067909bec4cce684\Explorer.admx
[2013/06/18 07:57:40 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.3.9600.17031_none_06abfc02c4a730f6\Explorer.admx
< MD5 for: EXPLORER.EXE >
[2014/03/04 04:16:50 | 002,088,160 | ---- | M] (Microsoft Corporation) MD5=119E091B5386379BC5AA598BE9440C75 -- C:\Windows\SysWOW64\explorer.exe
[2014/03/04 04:16:50 | 002,088,160 | ---- | M] (Microsoft Corporation) MD5=119E091B5386379BC5AA598BE9440C75 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2013/10/21 23:03:47 | 002,065,448 | ---- | M] (Microsoft Corporation) MD5=1A0BC9598E4A58FC84570FFF5A108E58 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2013/08/21 22:25:34 | 002,063,408 | ---- | M] (Microsoft Corporation) MD5=2CA8E3C9335C3C8BAEB335345E48364D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16384_none_4cc7b16f8214372e\explorer.exe
[2014/02/22 08:50:32 | 002,373,784 | ---- | M] (Microsoft Corporation) MD5=4CE0C733CDCF1D2F78532BBD9CE3441D -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2013/10/22 00:55:27 | 002,328,872 | ---- | M] (Microsoft Corporation) MD5=63DC38C3E4564B2405D562855643ABA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe
[2014/03/13 01:05:34 | 002,065,960 | ---- | M] (Microsoft Corporation) MD5=712B0D2ADE5297563168C997DDC2DD13 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
[2014/03/04 05:25:49 | 002,373,784 | ---- | M] (Microsoft Corporation) MD5=81394C91B7B5A7C799E249AE82491F13 -- C:\Windows\explorer.exe
[2014/03/04 05:25:49 | 002,373,784 | ---- | M] (Microsoft Corporation) MD5=81394C91B7B5A7C799E249AE82491F13 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2013/08/22 05:39:51 | 002,328,880 | ---- | M] (Microsoft Corporation) MD5=8479DC46E9A09015C0777A16BC22A15D -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16384_none_4273071d4db37533\explorer.exe
[2014/03/13 01:05:22 | 002,328,328 | ---- | M] (Microsoft Corporation) MD5=C1400519D76A364E974E47BBA62B95B0 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2014/02/22 07:18:25 | 002,088,160 | ---- | M] (Microsoft Corporation) MD5=E0C84A30581BC508E289E4371A723F58 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
< MD5 for: EXPLORER.EXE.MUI >
[2013/08/22 12:09:43 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.16384_en-us_f6b0e7284798d168\explorer.exe.mui
[2013/08/22 12:09:43 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=6B943F9892499269B3C4886C1F0BD843 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.16384_en-us_0105917a7bf99363\explorer.exe.mui
[2014/02/22 07:48:20 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\en-US\explorer.exe.mui
[2014/02/22 07:48:20 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2014/02/22 07:48:20 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.17031_en-us_f6e3d96c47731bda\explorer.exe.mui
[2014/02/22 07:48:20 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.3.9600.17031_en-us_013883be7bd3ddd5\explorer.exe.mui
< MD5 for: EXPLORER.EXE-03C49D11.PF >
[2014/05/14 09:59:03 | 000,284,568 | ---- | M] () MD5=3B40EAF78830731CC4251B329FB2EAF4 -- C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf
< MD5 for: EXPLORER.EXE-82BE1CD3.PF >
[2014/05/13 21:40:55 | 000,027,180 | ---- | M] () MD5=266B2941F7D8FB00494A0DC8AF05CFFF -- C:\Windows\Prefetch\EXPLORER.EXE-82BE1CD3.pf
< MD5 for: IEXPLORE.EXE >
[2013/08/22 05:34:04 | 000,804,464 | ---- | M] (Microsoft Corporation) MD5=1C39C41D50FF7113748D825F4327D406 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16384_none_9c7bbe6690ba5bc1\iexplore.exe
[2014/02/06 06:08:02 | 000,806,064 | ---- | M] (Microsoft Corporation) MD5=2E032281A818BCD191E3DD92000A8EAE -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\KB2925418.cab_Temp\C1B52EB4-9C5B-4FE7-BA4F-84FFEC537FE2\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16521_none_9c60612a90cfaeb6\iexplore.exe
[2014/05/14 01:46:46 | 000,806,064 | ---- | M] (Microsoft Corporation) MD5=2E032281A818BCD191E3DD92000A8EAE -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16521_none_9c60612a90cfaeb6\iexplore.exe
[2014/03/02 04:10:31 | 000,811,696 | ---- | M] (Microsoft Corporation) MD5=3EBF452B807F412EC0F19141ADA060E5 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2014/03/02 04:10:31 | 000,811,696 | ---- | M] (Microsoft Corporation) MD5=3EBF452B807F412EC0F19141ADA060E5 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.17037_none_a6eb9498c5079540\iexplore.exe
[2014/02/22 08:59:25 | 000,809,648 | ---- | M] (Microsoft Corporation) MD5=44679CD0BBD342844C117635404887DF -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.17031_none_9c9772f690a6397f\iexplore.exe
[2014/02/22 07:34:35 | 000,811,696 | ---- | M] (Microsoft Corporation) MD5=712D8DEBA203DBC92269295A06C22BAF -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.17031_none_a6ec1d48c506fb7a\iexplore.exe
[2014/02/06 04:18:16 | 000,808,112 | ---- | M] (Microsoft Corporation) MD5=9FBB2F038A2DDCE696BDEE7080241C0C -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\KB2925418.cab_Temp\C1B52EB4-9C5B-4FE7-BA4F-84FFEC537FE2\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16521_none_a6b50b7cc53070b1\iexplore.exe
[2014/05/14 01:46:46 | 000,808,112 | ---- | M] (Microsoft Corporation) MD5=9FBB2F038A2DDCE696BDEE7080241C0C -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16521_none_a6b50b7cc53070b1\iexplore.exe
[2014/03/02 05:11:57 | 000,809,648 | ---- | M] (Microsoft Corporation) MD5=B015ECD030DA9A979E6D1A3D25F8FD86 -- C:\Program Files\Internet Explorer\iexplore.exe
[2014/03/02 05:11:57 | 000,809,648 | ---- | M] (Microsoft Corporation) MD5=B015ECD030DA9A979E6D1A3D25F8FD86 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.17037_none_9c96ea4690a6d345\iexplore.exe
[2013/08/21 22:20:05 | 000,805,992 | ---- | M] (Microsoft Corporation) MD5=EE889775E0F9755C90FAEBFB93FBD781 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.0.9600.16384_none_a6d068b8c51b1dbc\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2013/08/22 12:10:00 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2013/08/22 12:10:00 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2013/08/22 12:10:00 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-us_962853ddc8679ca8\iexplore.exe.mui
[2013/08/22 12:10:00 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=25B70D28D1CE87B67EEC2BA899126244 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.0.9600.16384_en-us_a07cfe2ffcc85ea3\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE-7A9337F2.PF >
[2014/05/14 14:21:23 | 000,157,152 | ---- | M] () MD5=59A6E4C18F1E4EF905FA893B0198422A -- C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf
< MD5 for: IEXPLORE.EXE-F4FB5D2F.PF >
[2014/05/14 14:21:22 | 000,259,300 | ---- | M] () MD5=A3E694C6D43E3E9A4280A8BDD7695A56 -- C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf
< MD5 for: IEXPLORE.VISUALELEMENTSMANIFEST.XML >
[2013/06/18 07:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- C:\Program Files\Internet Explorer\iexplore.VisualElementsManifest.xml
[2013/06/18 07:48:46 | 000,000,340 | ---- | M] () MD5=2C776DCD91132FCC6A8C066DD529B307 -- C:\Windows\WinSxS\amd64_microsoft-windows-immersivebrowser_31bf3856ad364e35_11.0.9600.16384_none_c673d0d2f4ca87f4\iexplore.VisualElementsManifest.xml
< MD5 for: SERVICES >
[2013/08/22 08:04:54 | 000,003,777 | ---- | M] () MD5=5EE2D65841D1985E8C1BC68B2EB4357B -- C:\Windows\WinSxS\amd64_microsoft-windows-w..ucture-other-minwin_31bf3856ad364e35_6.3.9600.16384_none_25fdfd813908f8a6\services
[2014/05/14 10:09:22 | 000,093,530 | ---- | M] () MD5=760046D380F5613F6AA10D2AF787AD72 -- C:\Users\Steve\AppData\Roaming\Microsoft\MMC\services
< MD5 for: SERVICES.EXE >
[2013/08/22 06:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- C:\WINDOWS\SysNative\services.exe
[2013/08/22 06:25:40 | 000,405,488 | ---- | M] (Microsoft Corporation) MD5=B4B610BBCB002EC478C6FD80CF915697 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.16384_none_2fd72579d09a45e9\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2013/08/22 12:09:32 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SysNative\en-US\services.exe.mui
[2013/08/22 12:09:32 | 000,018,944 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.3.9600.16384_en-us_5abba721f9ec3435\services.exe.mui
< MD5 for: SERVICES.INI >
[2014/05/14 09:46:30 | 000,003,369 | ---- | M] () MD5=36025B5779F4FCE72213BC269606A9D5 -- C:\ProgramData\IObit\Advanced SystemCare V7\services.ini
< MD5 for: SERVICES.JS >
[2013/08/22 12:13:49 | 000,089,002 | ---- | M] () MD5=BCF4AD208163A961EEAF9F67C7DDA943 -- C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.1.174_x64__8wekyb3d8bbwe\common\js\services.js
[2013/08/22 12:13:49 | 000,089,002 | ---- | M] () MD5=BCF4AD208163A961EEAF9F67C7DDA943 -- C:\System Volume Information\SystemRestore\AppxStaging\Program Files\WindowsApps\Microsoft.BingFinance_3.0.1.174_x64__8wekyb3d8bbwe\common\js\services.js
[2014/05/14 03:30:07 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/04/26 09:26:31 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/04/26 09:26:31 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/04/26 09:26:31 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/04/26 09:26:31 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/04/26 09:26:31 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/04/26 09:26:31 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/04/26 09:26:31 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\System Volume Information\SystemRestore\AppxStaging\Program Files\WindowsApps\Microsoft.BingFinance_3.0.2.243_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/04/26 09:26:31 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\System Volume Information\SystemRestore\AppxStaging\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.2.243_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/04/26 09:26:31 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\System Volume Information\SystemRestore\AppxStaging\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/04/26 09:26:31 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\System Volume Information\SystemRestore\AppxStaging\Program Files\WindowsApps\Microsoft.BingNews_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/04/26 09:26:31 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\System Volume Information\SystemRestore\AppxStaging\Program Files\WindowsApps\Microsoft.BingSports_3.0.2.243_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/04/26 09:26:31 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\System Volume Information\SystemRestore\AppxStaging\Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.243_x64__8wekyb3d8bbwe\Common\js\services.js
[2014/04/26 09:26:31 | 000,079,602 | ---- | M] () MD5=FBC5971A250CA4BCA6BBEEF76C85B639 -- C:\System Volume Information\SystemRestore\AppxStaging\Program Files\WindowsApps\Microsoft.BingWeather_3.0.2.258_x64__8wekyb3d8bbwe\Common\js\services.js
< MD5 for: SERVICES.LNK >
[2013/08/21 23:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2013/08/21 23:54:57 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.lnk
< MD5 for: SERVICES.MOF >
[2013/06/18 07:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\SysNative\wbem\services.mof
[2013/06/18 07:51:33 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\services.mof
< MD5 for: SERVICES.MSC >
[2013/08/22 12:09:36 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\WINDOWS\SysNative\en-US\services.msc
[2013/06/18 07:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\WINDOWS\SysNative\services.msc
[2013/08/22 12:09:36 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\en-US\services.msc
[2013/06/18 05:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\services.msc
[2013/08/22 12:09:36 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_94fd770dd055ce28\services.msc
[2013/06/18 07:47:53 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_c02242af19b1eb57\services.msc
[2013/06/18 05:23:54 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\wow64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.3.9600.16384_none_ca76ed014e12ad52\services.msc
[2013/08/22 12:09:36 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.3.9600.16384_en-us_38dedb8a17f85cf2\services.msc
< MD5 for: SERVICES.PTXML >
[2013/08/21 23:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\WINDOWS\SysNative\wdi\perftrack\Services.ptxml
[2013/08/21 23:45:36 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.3.9600.16384_none_c01e2072a140077e\Services.ptxml
< MD5 for: WINLOGON.ADML >
[2013/08/22 12:09:57 | 000,008,978 | ---- | M] () MD5=AD266AC436809BBDC0A19A05E80904A8 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.3.9600.16384_en-us_85c27192b0d9003d\WinLogon.adml
< MD5 for: WINLOGON.ADMX >
[2013/08/22 07:57:15 | 000,001,101 | ---- | M] () MD5=513B8C31BC439F0A37EA44D540F98916 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.3.9600.16384_none_6bcbbccd4d39421a\WinLogon.admx
< MD5 for: WINLOGON.EXE >
[2014/02/22 02:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\WINDOWS\SysNative\winlogon.exe
[2014/02/22 02:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2013/08/22 02:55:08 | 000,564,736 | ---- | M] (Microsoft Corporation) MD5=7C94FDA3809015B8F2208D2E1C221F17 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2013/08/22 12:09:50 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=E1EA8FA8EDA1C8E5BFF41FCECE119841 -- C:\WINDOWS\SysNative\en-US\winlogon.exe.mui
[2013/08/22 12:09:50 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=E1EA8FA8EDA1C8E5BFF41FCECE119841 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.3.9600.16384_en-us_bbb6f195d80d78ae\winlogon.exe.mui
< MD5 for: WINLOGON.EXE-0D9AB72B.PF >
[2014/05/14 05:33:47 | 000,033,014 | ---- | M] () MD5=FE6F13F7619C58ABA960F80C7141BC6A -- C:\Windows\Prefetch\WINLOGON.EXE-0D9AB72B.pf
< MD5 for: WINLOGON.MFL >
[2013/08/22 12:09:50 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\WINDOWS\SysNative\wbem\en-US\winlogon.mfl
[2013/08/22 12:09:50 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.3.9600.16384_en-us_19794360f345d243\winlogon.mfl
< MD5 for: WINLOGON.MOF >
[2013/08/21 23:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\WINDOWS\SysNative\wbem\winlogon.mof
[2013/08/21 23:45:12 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.3.9600.16384_none_70f729db49dee3dc\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2014/05/14 05:55:40 | 000,001,024 | -H-- | M] () -- C:\AMTAG.BIN
[2013/08/21 22:31:45 | 000,427,680 | RHS- | M] () -- C:\bootmgr
[2013/06/18 05:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2014/05/14 16:48:55 | 2971,459,584 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/14 10:02:51 | 000,006,610 | ---- | M] () -- C:\log.txt
[2014/05/14 03:14:53 | 000,165,659 | ---- | M] () -- C:\MyXML.xml
[2014/05/14 16:49:00 | 1409,286,144 | -HS- | M] () -- C:\pagefile.sys
[2014/05/14 08:12:49 | 000,000,000 | ---- | M] () -- C:\Recovery.txt
[2014/05/14 16:49:00 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/05/13 23:31:10 | 000,001,024 | -H-- | M] () -- C:\SYSTAG.BIN
< %systemroot%\Fonts\*.com >
[2013/08/25 23:12:35 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2013/08/25 23:12:35 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2013/08/25 23:12:35 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2013/08/25 23:12:35 | 000,043,318 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2013/08/22 08:35:03 | 000,000,065 | ---- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2013/02/05 22:56:16 | 000,322,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2013/08/22 08:34:52 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is 4A2A-2DED
Directory of C:\
08/22/2013 07:45 AM <JUNCTION> Documents and Settings [C:\$WINDOWS.~BT\NewOS\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
08/22/2013 07:45 AM <JUNCTION> Application Data [C:\$WINDOWS.~BT\NewOS\ProgramData]
08/22/2013 07:45 AM <JUNCTION> Desktop [C:\$WINDOWS.~BT\NewOS\Users\Public\Desktop]
08/22/2013 07:45 AM <JUNCTION> Documents [C:\$WINDOWS.~BT\NewOS\Users\Public\Documents]
08/22/2013 07:45 AM <JUNCTION> Start Menu [C:\$WINDOWS.~BT\NewOS\ProgramData\Microsoft\Windows\Start Menu]
08/22/2013 07:45 AM <JUNCTION> Templates [C:\$WINDOWS.~BT\NewOS\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
08/22/2013 07:45 AM <SYMLINKD> All Users [C:\$WINDOWS.~BT\NewOS\ProgramData]
08/22/2013 07:45 AM <JUNCTION> Default User [C:\$WINDOWS.~BT\NewOS\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\Administrator
08/25/2013 11:04 PM <JUNCTION> Application Data [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Roaming]
08/25/2013 11:04 PM <JUNCTION> Cookies [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Local\Microsoft\Windows\INetCookies]
08/25/2013 11:04 PM <JUNCTION> Local Settings [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Local]
08/25/2013 11:04 PM <JUNCTION> My Documents [C:\$WINDOWS.~BT\NewOS\Users\Administrator\Documents]
08/25/2013 11:04 PM <JUNCTION> NetHood [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08/25/2013 11:04 PM <JUNCTION> PrintHood [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/25/2013 11:04 PM <JUNCTION> Recent [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent]
08/25/2013 11:04 PM <JUNCTION> SendTo [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo]
08/25/2013 11:04 PM <JUNCTION> Start Menu [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu]
08/25/2013 11:04 PM <JUNCTION> Templates [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Administrator\AppData\Local
08/25/2013 11:04 PM <JUNCTION> Application Data [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Local]
08/25/2013 11:04 PM <JUNCTION> History [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Local\Microsoft\Windows\History]
08/25/2013 11:04 PM <JUNCTION> Temporary Internet Files [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Administrator\AppData\Local\Microsoft\Windows
08/25/2013 11:04 PM <JUNCTION> Temporary Internet Files [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache
03/13/2014 01:51 AM <JUNCTION> Content.IE5 [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of C:\Users\Administrator\Documents
08/25/2013 11:04 PM <JUNCTION> My Music [C:\$WINDOWS.~BT\NewOS\Users\Administrator\Music]
08/25/2013 11:04 PM <JUNCTION> My Pictures [C:\$WINDOWS.~BT\NewOS\Users\Administrator\Pictures]
08/25/2013 11:04 PM <JUNCTION> My Videos [C:\$WINDOWS.~BT\NewOS\Users\Administrator\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Default
08/22/2013 07:45 AM <JUNCTION> Application Data [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Roaming]
08/22/2013 07:45 AM <JUNCTION> Cookies [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Local\Microsoft\Windows\INetCookies]
08/22/2013 07:45 AM <JUNCTION> Local Settings [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Local]
08/22/2013 07:45 AM <JUNCTION> My Documents [C:\$WINDOWS.~BT\NewOS\Users\Default\Documents]
08/22/2013 07:45 AM <JUNCTION> NetHood [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08/22/2013 07:45 AM <JUNCTION> PrintHood [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/22/2013 07:45 AM <JUNCTION> Recent [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
08/22/2013 07:45 AM <JUNCTION> SendTo [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
08/22/2013 07:45 AM <JUNCTION> Start Menu [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
08/22/2013 07:45 AM <JUNCTION> Templates [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
08/22/2013 07:45 AM <JUNCTION> Application Data [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Local]
08/22/2013 07:45 AM <JUNCTION> History [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Local\Microsoft\Windows\History]
08/22/2013 07:45 AM <JUNCTION> Temporary Internet Files [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local\Microsoft\Windows
08/22/2013 07:45 AM <JUNCTION> Temporary Internet Files [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
08/22/2013 07:45 AM <JUNCTION> My Music [C:\$WINDOWS.~BT\NewOS\Users\Default\Music]
08/22/2013 07:45 AM <JUNCTION> My Pictures [C:\$WINDOWS.~BT\NewOS\Users\Default\Pictures]
08/22/2013 07:45 AM <JUNCTION> My Videos [C:\$WINDOWS.~BT\NewOS\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
08/22/2013 07:45 AM <JUNCTION> My Music [C:\$WINDOWS.~BT\NewOS\Users\Public\Music]
08/22/2013 07:45 AM <JUNCTION> My Pictures [C:\$WINDOWS.~BT\NewOS\Users\Public\Pictures]
08/22/2013 07:45 AM <JUNCTION> My Videos [C:\$WINDOWS.~BT\NewOS\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Steve
05/13/2014 06:37 PM <JUNCTION> Application Data [C:\Users\Steve\AppData\Roaming]
05/13/2014 06:37 PM <JUNCTION> Cookies [C:\Users\Steve\AppData\Local\Microsoft\Windows\INetCookies]
05/13/2014 06:37 PM <JUNCTION> Local Settings [C:\Users\Steve\AppData\Local]
05/13/2014 06:37 PM <JUNCTION> My Documents [C:\Users\Steve\Documents]
05/13/2014 06:37 PM <JUNCTION> NetHood [C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
05/13/2014 06:37 PM <JUNCTION> PrintHood [C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
05/13/2014 06:37 PM <JUNCTION> Recent [C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Recent]
05/13/2014 06:37 PM <JUNCTION> SendTo [C:\Users\Steve\AppData\Roaming\Microsoft\Windows\SendTo]
05/13/2014 06:37 PM <JUNCTION> Start Menu [C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu]
05/13/2014 06:37 PM <JUNCTION> Templates [C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Steve\AppData\Local
05/13/2014 06:37 PM <JUNCTION> Application Data [C:\Users\Steve\AppData\Local]
05/13/2014 06:37 PM <JUNCTION> History [C:\Users\Steve\AppData\Local\Microsoft\Windows\History]
05/13/2014 06:37 PM <JUNCTION> Temporary Internet Files [C:\Users\Steve\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Steve\AppData\Local\Microsoft\Windows
05/13/2014 06:37 PM <JUNCTION> Temporary Internet Files [C:\Users\Steve\AppData\Local\Microsoft\Windows\INetCache]
0 File(s) 0 bytes
Directory of C:\Users\Steve\AppData\Local\Microsoft\Windows\INetCache
05/13/2014 06:43 PM <JUNCTION> Content.IE5 [C:\Users\Steve\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of C:\Users\Steve\AppData\Local\Microsoft\Windows\INetCache\Low
05/13/2014 06:55 PM <JUNCTION> Content.IE5 [C:\Users\Steve\AppData\Local\Microsoft\Windows\INetCache\Low\IE\]
0 File(s) 0 bytes
Directory of C:\Users\Steve\Documents
05/13/2014 06:37 PM <JUNCTION> My Music [C:\Users\Steve\Music]
05/13/2014 06:37 PM <JUNCTION> My Pictures [C:\Users\Steve\Pictures]
05/13/2014 06:37 PM <JUNCTION> My Videos [C:\Users\Steve\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
10/09/2013 01:07 PM <JUNCTION> Content.IE5 [C:\$WINDOWS.~BT\NewOS\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache
10/09/2013 01:07 PM <JUNCTION> Content.IE5 [C:\$WINDOWS.~BT\NewOS\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
67 Dir(s) 380,733,308,928 bytes free
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2014/05/13 18:55:14 | 000,000,223 | -HS- | M] () -- C:\Users\Steve\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2014/05/14 17:22:15 | 005,200,050 | ---- | M] (Swearware) -- C:\Users\Steve\Desktop\ComboFix.exe
[2014/05/14 17:05:00 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Steve\Desktop\HiJackThis.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
========== Alternate Data Streams ==========
@Alternate Data Stream - 220 bytes -> C:\Users\Steve\SkyDrive:ms-properties
< End of report >
OTL Extras logfile created on: 5/14/2014 5:01:27 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Steve\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.46 Gb Total Physical Memory | 1.84 Gb Available Physical Memory | 53.10% Memory free
4.77 Gb Paging File | 2.61 Gb Available in Paging File | 54.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444.65 Gb Total Space | 354.27 Gb Free Space | 79.67% Space Free | Partition Type: NTFS
Drive D: | 20.34 Gb Total Space | 2.03 Gb Free Space | 9.99% Space Free | Partition Type: NTFS
Drive G: | 29.80 Gb Total Space | 29.76 Gb Free Space | 99.87% Space Free | Partition Type: FAT32
Drive K: | 3.69 Gb Total Space | 3.28 Gb Free Space | 88.99% Space Free | Partition Type: NTFS
Computer Name: STEVE | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DE61212-842E-45EE-B3F9-EE1249DF30CB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{8BD9F012-D686-43A1-B6D7-B3D423E24357}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0406DD17-0825-4330-A3F0-DE0850B1A7E1}" = dir=out | name=*solitaire collection |
"{0F220018-A080-4B92-94E4-66409F786832}" = dir=out | name=@{microsoft.bingnews_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{1279BF8C-D403-4B70-A5D6-C2B7A6096DC2}" = dir=in | name=hp connected drive |
"{1AC4F96F-5543-478F-A55E-9454167DF4E2}" = dir=out | name=savings center featured offers |
"{1DD54BBC-F8C1-4F79-B873-824B25699B66}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{28CDFBF5-6A6D-4089-984C-D507DBF255E8}" = dir=out | name=@{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{30E1D639-EC8C-4C62-A03B-DCC96A774A50}" = dir=in | name=hp connected photo |
"{31A01701-BEDC-4160-9E6E-9FDABB20F3ED}" = dir=out | name=hp connected photo |
"{346B3344-609D-4678-ABC9-08DCCC642A5A}" = dir=in | name=hp all-in-one printer remote |
"{3567F61A-155B-4B55-B83D-8066FBF57C3C}" = dir=in | name=box |
"{398E2B3F-D1D1-460A-A89E-1B64E41BEE1B}" = dir=out | name=- games app - |
"{3A45C153-D47E-483D-9AD6-A6570A6503EE}" = dir=out | name=getting started with windows 8 |
"{3BE0F8EA-96DD-407D-8D3A-63B610DD0847}" = dir=out | name=hp connected drive |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{43F48114-BA54-4916-A550-C7508384230C}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{4956C725-0876-46B1-9EFE-F06F8B3A63F7}" = dir=out | name=cribbage classic |
"{4A042C35-93D2-4588-9065-8DFE2A205F37}" = dir=in | name=@{ad2f1837.hpscanandcapture_40.0.245.0_x64__v10z8vjag6ke6?ms-resource://ad2f1837.hpscanandcapture/resources/apptitle} |
"{4BA1E9C7-6152-43BC-A93B-44F7078EDB0E}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{50FE68AB-C2D6-4CFA-B0EE-C951E4677D93}" = dir=out | name=facebook |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5C30679A-5884-4377-A9D0-1136C06A63EF}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{5CB68619-7665-4D27-BA7C-1C248A039304}" = dir=out | name=kindle |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{63840804-BE18-4CC3-B780-D728530D4329}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{68CA31C8-2CD3-477B-BA6B-C42F59E2E6C5}" = dir=in | name=savings center featured offers |
"{6C2FA35A-68A4-4191-91A7-A4303265BB01}" = dir=out | name=@{49615adrianoalfaro.productkey_1.8.0.9_neutral__jhr5qf7hg7ntw?ms-resource://49615adrianoalfaro.productkey/resources/appdisplayname} |
"{6C7926CB-A9F8-410E-AC78-D51F6158E3AE}" = dir=out | name=mzip |
"{6C8EB14B-B1B3-469A-B803-8899DBD364DA}" = dir=in | name=mcafee® central for hp |
"{6EBC69B1-1F7E-4D73-9074-814A05DF04F4}" = dir=out | name=notepad 8 |
"{6FCBD2C7-342F-498F-B27F-518B2CE1010E}" = dir=out | name=hp all-in-one printer remote |
"{79F8AD63-9B49-4DE3-87FE-B5C6AF7EDC51}" = dir=out | name=windows_ie_ac_001 |
"{8072D2AE-940A-461A-85BA-3AF3DE45F451}" = dir=out | name=@{microsoft.zunevideo_2.2.886.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{814C056D-C464-4DF7-99A8-845EA6342A23}" = dir=out | name=multimedia 8 |
"{84392722-7588-411E-8BA1-A30A38AE1665}" = dir=out | name=wikipedia |
"{8528F18A-B24B-4E8F-909A-C1A5F8DA7881}" = dir=out | name=wordament |
"{8BEF77A8-8FFA-4F5E-AFE3-4300A5AC1D6A}" = dir=in | name=getting started with windows 8 |
"{8E9A8408-18FB-4CF8-9E4A-A3E35DFFA7F9}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{942E5625-D655-4D1B-A477-9BAD13562D8B}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{99CFA8AE-A19C-415D-8BE7-BA108FFB0177}" = dir=out | name=@{microsoft.zunemusic_2.2.886.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A19808D8-CE83-4BFA-BA5D-06A35312C83D}" = dir=out | name=word2pdf |
"{B02E9183-285F-4D82-A733-7EC3B91B74DC}" = dir=out | name=@{microsoft.bingweather_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{B61C50E7-9B40-421B-A90D-093D30907E3B}" = dir=out | name=hp registration |
"{B7AD5144-053C-4F65-867E-D5EA23707DD7}" = dir=out | name=@{ad2f1837.hpscanandcapture_40.0.245.0_x64__v10z8vjag6ke6?ms-resource://ad2f1837.hpscanandcapture/resources/apptitle} |
"{BA0B3C94-0782-416A-9B63-2DE67542469B}" = dir=out | name=taptiles |
"{BF30DEF7-001E-49CF-9755-924F1F67200D}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{C27261CF-93CC-4F61-AA45-9C1DC0121E03}" = dir=in | name=skype |
"{C5E86F02-F82E-48A4-B190-7801B7BE3AC2}" = dir=in | name=multimedia 8 |
"{C8F0BA52-BBD7-4ACB-B2BA-5CCA14E869B5}" = dir=out | name=ebay |
"{C919A09C-AB43-41BB-B57B-D2C378F1CD7D}" = dir=out | name=moviebox |
"{CBEE4C1B-A015-4F48-BD8D-58FBEA3F653F}" = dir=out | name=box |
"{CEB31564-59A6-4D4F-A7E7-A861C7ADD257}" = dir=out | name=skype |
"{D3733013-E450-41FB-AB51-3BEFA2DA7F1B}" = dir=out | name=youcam for hp |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D73B8CF1-1265-44B8-8152-518D0423F6DB}" = dir=out | name=fresh paint |
"{DAEF14A2-BABC-4343-B4F2-395872728E91}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EDFA7F3E-40C6-4E44-ABC4-BCEE078C7489}" = dir=out | name=mcafee® central for hp |
"{F208D143-D56A-4E52-8CB1-72914C025F4A}" = dir=in | name=taptiles |
"{F3270B32-2720-4C52-9E20-EDEA2C6B781F}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F8572B1C-26D9-45CE-9BB2-BA12039D6C21}" = dir=out | name=@{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{FA194384-7BA1-4D98-81B6-7DDC8F11AC51}" = dir=out | name=netflix |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04DC49FC-99C1-B96F-86F9-20DCD4C7A2E1}" = AMD Fuel
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{69EC6633-59F0-EDF0-CB68-DCD20E2F2B08}" = ccc-utility64
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{723085B0-93FB-0E5A-D936-ACECA3D5D4F5}" = AMD Catalyst Install Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{C623783E-74FC-17C8-5FFF-D8564D972574}" = AMD Accelerated Video Transcoding
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{FA5EDB8A-ECC8-C352-1230-F1E952BAA663}" = AMD Start Now
"CCleaner" = CCleaner
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Home Edition 8.1.1
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{118DD9F0-49FE-498E-A2EE-F33423C1394C}" = Catalyst Control Center - Branding
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{155A506E-8C14-5D53-44B3-041211DF9863}" = CCC Help Greek
"{1D507972-F0C8-7455-4205-576807A3EED0}" = Catalyst Control Center Localization All
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20594434-01D0-C34C-7759-2A9B49A3D470}" = CCC Help German
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{2949C66C-AC80-66FC-41F1-948A57742481}" = CCC Help Russian
"{2AC01935-3774-4981-98C8-14E93C14372C}" = Windows Live UX Platform Language Pack
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{308CBDB0-E869-D343-CB4B-6D69F6DC47F1}" = CCC Help Danish
"{333043E0-C186-CAF5-8120-4D1CA4A77FAB}" = Catalyst Control Center InstallProxy
"{3EB9602F-4536-B44E-AB99-61D345F48610}" = Catalyst Control Center Graphics Previews Common
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1" = System Checkup 3.5
"{5712CA7C-DBAD-1FAB-AE2E-1A31DA989686}" = CCC Help Spanish
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{5E094C92-6288-4F43-AA9A-D452D0218F3F}" = Windows Live Essentials
"{5F889FFA-EDD1-1E2A-55DB-A58436E77411}" = CCC Help Italian
"{60C2C138-D3DD-16C7-77A3-CE22EC1706AF}" = CCC Help English
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65342572-987A-B357-D81D-49F51FDD2465}" = CCC Help Dutch
"{6AFC817C-E032-A23E-DB46-9A33D72FDE30}" = CCC Help Finnish
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}" = OEM Application Profile
"{89C7E0A7-4D9D-4DCC-8834-A9A2B92D7EBB}" = Photo Gallery
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F08161A-E43C-B273-6511-6DE18B619D44}" = CCC Help Portuguese
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5107464-AA9B-4177-8129-5FF2F42DD322}" = REALTEK Wireless LAN Driver
"{A83692F5-3E9B-4E95-9E7E-B5DF5536C09F}_is1" = AOMEI Backupper Standard Edition 2.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}" = Movie Maker
"{B48C7687-4D60-E8DB-8A23-3287615A48EB}" = CCC Help Korean
"{B8FD16D3-9BDF-01CD-9D54-FA1C326D8B1C}" = AMD Catalyst Control Center
"{BE8D3491-43A2-AF18-D556-27E9B1BE3F4A}" = CCC Help Hungarian
"{C4E46809-1588-C074-11AA-C8D15031B700}" = CCC Help Chinese Standard
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C869A099-EA1C-4266-4269-3D2C1D31146C}" = CCC Help Swedish
"{D0A8F2AB-3307-65BD-659C-E5FE24DA0FDB}" = CCC Help French
"{D54252B7-3EB4-FB09-06A4-A3053D7ECE16}" = CCC Help Norwegian
"{D80BF9BA-EDF9-71DA-A7F3-9FE452B65155}" = CCC Help Chinese Traditional
"{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}" = Photo Common
"{DE050968-67B9-726D-D943-DBDFC620CA6A}" = CCC Help Turkish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10AD85B-7D74-0555-1AB3-AEE0930AF78D}" = CCC Help Thai
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E849965E-4771-440C-936F-AF5BFD144416}" = HP Recovery Manager
"{ED47400C-C2A8-C860-C61A-54F2DA541543}" = CCC Help Czech
"{EEFE9F39-6202-40CD-853A-80795499EDF9}" = CCC Help Japanese
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F92FF851-3A87-8AE7-FB2C-C400C4395C59}" = CCC Help Polish
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Advanced SystemCare 7_is1" = Advanced SystemCare 7
"Everything" = Everything 1.2.1.371
"Google Chrome" = Google Chrome
"IObit Malware Fighter_is1" = IObit Malware Fighter
"IObit Surfing Protection_is1" = Surfing Protection
"IObitUninstall" = IObit Uninstaller
"NBRTWizard" = Norton Bootable Recovery Tool Wizard
"Smart Defrag 3_is1" = Smart Defrag 3
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"WinDirStat" = WinDirStat 1.1.2
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5/14/2014 5:52:05 PM | Computer Name = Steve | Source = Application Hang | ID = 1002
Description = The program LiveComm.exe version 17.5.9600.20461 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: d38 Start
Time: 01cf6fbdff1c39aa Termination Time: 4294967295 Application Path: C:\Program
Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe
Report
Id: f45ddb7f-dbb1-11e3-8271-a0481cd43db8 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe
Faulting
package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Error - 5/14/2014 5:52:14 PM | Computer Name = Steve | Source = Application Hang | ID = 1002
Description = The program backgroundTaskHost.exe version 6.3.9600.16384 stopped
interacting with Windows and was closed. To see if more information about the problem
is available, check the problem history in the Action Center control panel. Process
ID: 1108 Start Time: 01cf6fbdff38d5f8 Termination Time: 4294967295 Application Path:
C:\WINDOWS\system32\backgroundTaskHost.exe Report Id: f45db46f-dbb1-11e3-8271-a0481cd43db8
Faulting
package full name: 134D4F5B.Box_2.0.0.12_neutral__2qk4zy5s3qmee Faulting package-relative
application ID: Box
Error - 5/14/2014 6:07:11 PM | Computer Name = Steve | Source = Application Hang | ID = 1002
Description = The program backgroundTaskHost.exe version 6.3.9600.16384 stopped
interacting with Windows and was closed. To see if more information about the problem
is available, check the problem history in the Action Center control panel. Process
ID: 101c Start Time: 01cf6fc0181047a3 Termination Time: 4294967295 Application Path:
C:\WINDOWS\system32\backgroundTaskHost.exe Report Id: 0c077b08-dbb4-11e3-8271-a0481cd43db8
Faulting
package full name: 134D4F5B.Box_2.0.0.12_neutral__2qk4zy5s3qmee Faulting package-relative
application ID: Box
Error - 5/14/2014 6:07:25 PM | Computer Name = Steve | Source = Application Hang | ID = 1002
Description = The program backgroundTaskHost.exe version 6.3.9600.16384 stopped
interacting with Windows and was closed. To see if more information about the problem
is available, check the problem history in the Action Center control panel. Process
ID: c28 Start Time: 01cf6fc0181047a3 Termination Time: 4294967295 Application Path:
C:\WINDOWS\system32\backgroundTaskHost.exe Report Id: 0c07a218-dbb4-11e3-8271-a0481cd43db8
Faulting
package full name: AD2F1837.HPFileViewer_1.0.11.54_x64__v10z8vjag6ke6 Faulting package-relative
application ID: App
Error - 5/14/2014 6:22:14 PM | Computer Name = Steve | Source = Application Hang | ID = 1002
Description = The program LiveComm.exe version 17.5.9600.20461 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 155c Start
Time: 01cf6fc230a7b15a Termination Time: 4294967295 Application Path: C:\Program
Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe
Report
Id: 248ad876-dbb6-11e3-8271-a0481cd43db8 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe
Faulting
package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Error - 5/14/2014 6:22:14 PM | Computer Name = Steve | Source = Application Hang | ID = 1002
Description = The program backgroundTaskHost.exe version 6.3.9600.16384 stopped
interacting with Windows and was closed. To see if more information about the problem
is available, check the problem history in the Action Center control panel. Process
ID: 14a0 Start Time: 01cf6fc2306bace1 Termination Time: 4294967295 Application Path:
C:\WINDOWS\system32\backgroundTaskHost.exe Report Id: 24ac3974-dbb6-11e3-8271-a0481cd43db8
Faulting
package full name: AD2F1837.HPFileViewer_1.0.11.54_x64__v10z8vjag6ke6 Faulting package-relative
application ID: App
Error - 5/14/2014 6:22:17 PM | Computer Name = Steve | Source = Application Hang | ID = 1002
Description = The program backgroundTaskHost.exe version 6.3.9600.16384 stopped
interacting with Windows and was closed. To see if more information about the problem
is available, check the problem history in the Action Center control panel. Process
ID: 1544 Start Time: 01cf6fc230779897 Termination Time: 4294967295 Application Path:
C:\WINDOWS\system32\backgroundTaskHost.exe Report Id: 24ac6084-dbb6-11e3-8271-a0481cd43db8
Faulting
package full name: 134D4F5B.Box_2.0.0.12_neutral__2qk4zy5s3qmee Faulting package-relative
application ID: Box
Error - 5/14/2014 6:40:16 PM | Computer Name = Steve | Source = Application Hang | ID = 1002
Description = The program backgroundTaskHost.exe version 6.3.9600.16384 stopped
interacting with Windows and was closed. To see if more information about the problem
is available, check the problem history in the Action Center control panel. Process
ID: a4 Start Time: 01cf6fbdff2360c5 Termination Time: 4294967295 Application Path:
C:\WINDOWS\system32\backgroundTaskHost.exe Report Id: f45d8d5f-dbb1-11e3-8271-a0481cd43db8
Faulting
package full name: AD2F1837.HPFileViewer_1.0.11.54_x64__v10z8vjag6ke6 Faulting package-relative
application ID: App
Error - 5/14/2014 7:54:54 PM | Computer Name = Steve | Source = Application Hang | ID = 1002
Description = The program LiveComm.exe version 17.5.9600.20461 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: aec Start
Time: 01cf6fcf2c387ff7 Termination Time: 4294967295 Application Path: C:\Program
Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe
Report
Id: 23c36ec4-dbc3-11e3-8272-a0481cd43db8 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe
Faulting
package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Error - 5/14/2014 7:54:54 PM | Computer Name = Steve | Source = Application Hang | ID = 1002
Description = The program wwahost.exe version 6.3.9600.17031 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 86c Start
Time: 01cf6fcf2e7f4f5b Termination Time: 4294967295 Application Path: C:\WINDOWS\system32\wwahost.exe
Report
Id: 23c3e3fc-dbc3-11e3-8272-a0481cd43db8 Faulting package full name: AD2F1837.GettingStartedwithWindows8_1.4.1.1_neutral__v10z8vjag6ke6
Faulting
package-relative application ID: App
[ System Events ]
Error - 5/14/2014 9:55:55 AM | Computer Name = Steve | Source = DCOM | ID = 10005
Description =
Error - 5/14/2014 9:55:55 AM | Computer Name = Steve | Source = DCOM | ID = 10005
Description =
Error - 5/14/2014 9:55:55 AM | Computer Name = Steve | Source = DCOM | ID = 10005
Description =
Error - 5/14/2014 9:55:55 AM | Computer Name = Steve | Source = DCOM | ID = 10005
Description =
Error - 5/14/2014 9:55:55 AM | Computer Name = Steve | Source = DCOM | ID = 10005
Description =
Error - 5/14/2014 9:55:55 AM | Computer Name = Steve | Source = DCOM | ID = 10005
Description =
Error - 5/14/2014 9:55:55 AM | Computer Name = Steve | Source = DCOM | ID = 10005
Description =
Error - 5/14/2014 9:55:55 AM | Computer Name = Steve | Source = DCOM | ID = 10005
Description =
Error - 5/14/2014 9:55:55 AM | Computer Name = Steve | Source = DCOM | ID = 10005
Description =
Error - 5/14/2014 9:55:57 AM | Computer Name = Steve | Source = DCOM | ID = 10005
Description =
< End of report >
