Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91682 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

browser hijack with trovi [Solved]


  • This topic is locked This topic is locked
19 replies to this topic

#1 lightbrite

lightbrite

    Authentic Member

  • Authentic Member
  • PipPip
  • 70 posts

Posted 29 May 2014 - 07:54 AM

Hi

Just got new laptop and Bam got hit with Trovi . Need help getting rid of it .

thanks

lightbrite

 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:43:10 AM, on 2014-05-29
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe
C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe
C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Users\Heather\Desktop\EXE. Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com...6BEFF077EB=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON13/4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [DFX] C:\Program Files (x86)\DFX\DFX.exe -startup
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Power2GoExpress8] "C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Search Protect Service (CltMngSvc) - Client Connect LTD - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem32.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 10507 bytes


    Advertisements

Register to Remove


#2 LiquidTension

LiquidTension

    SuperMember

  • Classroom Teacher
  • 2,566 posts

Posted 01 June 2014 - 03:30 PM

Hello lightbrite, welcome to WhatTheTech's Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that.  :)
 
======================================================
 
Important: I have laid out some "ground rules" I would very much appreciate you follow. Please read through the points below, to ensure this process moves as quickly and efficiently as possible.

  • Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
  • Please do not post logs using the CODEQUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.
  • Ensure you are subscribed to this topic to receive instant email notifications of my responses.
    • ​Scroll to the top of this page and ensure you see the following: 6hgDYJ6.png
    • If you are not set to follow this topic, click the Follow this topic button and follow the prompts.
  • Please attempt to backup important documents before proceeding with my instructions.
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.
  • Topics are locked if no response is made after 5 days. Please inform me if you will require additional time to complete my instructions.
     

======================================================
 
Please be advised that I am currently in training. My responses will need to be approved by one of our experts before I post them. This is only to ensure you are receiving accurate instructions. I will return as soon as possible.


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#3 LiquidTension

LiquidTension

    SuperMember

  • Classroom Teacher
  • 2,566 posts

Posted 01 June 2014 - 04:49 PM

Hello lightbrite,

 
STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your desktop.
  • Note: Run the version compatible with your system. Run both if you do not know your system's bit-type. One will run.  
  • Windows XP: Double-click FRST.exe / FRST64.exe to run the programme.
    Windows 8/7/Vista: Right-Click FRST.exe / FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your desktop. Copy the contents of both logs and paste in your next reply. 
     

STEP 2
iAdP9bf.png Malwarebytes Anti-Rootkit (MBAR)

  • Please download Malwarebytes Anti-Rootkit and save the file to your desktop.
  • Double-click MBAR.exe to run the installer.
  • Select a convenient location to extract the contents and click OK. Navigate to the location you selected.
  • Windows XP: Double-click MBAR.exe to run the programme.
    Winodws 8/7/Vista: Right-Click MBAR.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts to update the programme and scan your computer. 
  • Upon completion, click Cleanup and reboot your computer. 
  • After the reboot, rerun the programme to verify no threats remain. If threats are still detected, click the Cleanup button once more. 
  • Upon completion, two logs (mbar-log.txt and system-log.txt) will be created. Copy the contents of both logs and paste in your next reply.
  • Note: Both logs can be found in the MBAR folder
     

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • FRST.txt
  • Addition.txt
  • mbar-log.txt
  • system-log.txt

  • VigienLen likes this

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#4 lightbrite

lightbrite

    Authentic Member

  • Authentic Member
  • PipPip
  • 70 posts

Posted 03 June 2014 - 07:39 AM

Hi , While I was waiting for reply I did install Malwarebytes ,I did scan and quarantined items then rebooted as suggested by malwarebytes . Then downloaded Farbar ran scan posted results of all logs requested . ( Note :  Malwarebytes was running scan so just posted latest scan results . 

 

 

Here are log files

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by Heather (administrator) on HEATHER on 03-06-2014 07:50:05
Running from C:\Users\Heather\Desktop\EXE. Downloads
Platform: Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2014-05-27] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1266648 2014-04-07] ()
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-04-10] (CyberLink Corp.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1828264231-2059877326-2897248526-1001\...\Run: [IncrediMail] => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [444840 2014-05-27] (IncrediMail, Ltd.)
HKU\S-1-5-21-1828264231-2059877326-2897248526-1001\...\Run: [Power2GoExpress8] => NA
HKU\S-1-5-21-1828264231-2059877326-2897248526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [IncrediMail] => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [444840 2014-05-27] (IncrediMail, Ltd.)
HKU\S-1-5-21-1828264231-2059877326-2897248526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Power2GoExpress8] => NA

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPNTDFJS
SearchScopes: HKLM - {4DABDDBA-3607-487A-BF21-92E49C647822} URL = http://www.amazon.ca...ds={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...56705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {4DABDDBA-3607-487A-BF21-92E49C647822} URL = http://www.amazon.ca...ds={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...56705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPNTDFJS
SearchScopes: HKCU - {4DABDDBA-3607-487A-BF21-92E49C647822} URL = http://www.amazon.ca...ds={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...56705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: hp.com/HPDetect - C:\Users\Heather\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF [2014-06-01]

==================== Services (Whitelisted) =================

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-05-31] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20140602.001\IDSvia64.sys [525016 2014-05-30] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140602.049\ENG64.SYS [126040 2014-05-31] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140602.049\EX64.SYS [2099288 2014-05-31] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-09] (Intel Corporation)
R3 NMgamingmsFltr; C:\Windows\system32\drivers\NMgamingms.sys [13312 2013-12-09] (LXD Development, Inc.)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2014-05-28] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1503000.00C\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-01] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows ® Win 7 DDK provider)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-06-27] (Hewlett-Packard Development Company, L.P.)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows ® Win 7 DDK provider)
S3 btmaux; \SystemRoot\system32\DRIVERS\btmaux.sys [X]
S3 btmhsf; \SystemRoot\system32\DRIVERS\btmhsf.sys [X]
S3 iBtFltCoex; \SystemRoot\system32\DRIVERS\iBtFltCoex.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-03 07:49 - 2014-06-03 07:50 - 00000000 ____D () C:\FRST
2014-06-03 07:39 - 2014-06-03 07:39 - 00000000 ____D () C:\Users\Heather\Documents\Norton Identity Safe Backups
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-06-02 08:11 - 2014-06-02 08:11 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\WebApp
2014-06-02 08:08 - 2014-06-02 08:08 - 00000000 ____D () C:\Users\Heather\Documents\CyberLink
2014-06-01 14:54 - 2014-04-03 06:19 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-01 14:54 - 2014-04-02 22:44 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-01 14:54 - 2014-03-31 17:08 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml
2014-06-01 14:54 - 2014-03-24 18:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-06-01 14:54 - 2014-03-24 17:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-01 14:44 - 2014-06-01 14:44 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\HewlettPackard
2014-06-01 14:30 - 2014-06-01 14:30 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-06-01 14:29 - 2014-06-01 14:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-06-01 14:20 - 2014-06-01 14:20 - 00031744 ___SH () C:\Users\Heather\Desktop\Thumbs.db
2014-06-01 14:20 - 2014-06-01 14:20 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-06-01 11:30 - 2014-06-01 14:14 - 00000427 ____H () C:\Windows\system32\Rebecca.dat
2014-06-01 01:17 - 2014-06-03 07:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-01 01:17 - 2014-06-01 01:17 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-01 01:17 - 2014-06-01 01:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-01 01:17 - 2014-06-01 01:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 01:17 - 2014-06-01 01:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-01 01:17 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-01 01:17 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-01 01:17 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-01 01:06 - 2014-06-01 01:09 - 00000000 ____D () C:\AdwCleaner
2014-05-30 10:01 - 2014-05-30 10:01 - 00291288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-29 07:49 - 2014-05-29 07:49 - 00000000 ____D () C:\Users\Public\CyberLink
2014-05-28 11:11 - 2014-05-28 11:11 - 01060080 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00544496 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00495856 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2014-05-28 11:11 - 2014-05-28 11:11 - 00264432 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00192240 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo18.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00151280 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCom.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00033008 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2014-05-28 11:00 - 2014-05-28 11:00 - 00003160 _____ () C:\Windows\System32\Tasks\CLVDLauncher
2014-05-28 11:00 - 2014-05-28 11:00 - 00003160 _____ () C:\Windows\System32\Tasks\CLMLSvc_P2G8
2014-05-28 11:00 - 2012-06-25 10:24 - 00092536 _____ (CyberLink) C:\Windows\system32\Drivers\CLVirtualDrive.sys
2014-05-28 08:16 - 2014-05-28 08:16 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-05-28 07:36 - 2014-04-19 04:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-28 07:36 - 2014-04-19 03:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-28 07:36 - 2014-04-19 03:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-28 07:36 - 2014-04-19 01:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-28 07:36 - 2014-04-19 01:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-27 23:33 - 2014-02-03 18:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-27 23:33 - 2014-02-03 18:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-27 23:33 - 2014-01-30 19:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-05-27 23:33 - 2014-01-30 19:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-05-27 23:33 - 2014-01-30 19:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-05-27 23:33 - 2014-01-26 22:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-05-27 23:33 - 2014-01-26 22:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-27 23:33 - 2014-01-15 18:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-05-27 23:33 - 2014-01-11 01:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-27 23:33 - 2014-01-11 00:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-27 23:33 - 2014-01-02 18:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-05-27 23:33 - 2014-01-02 18:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-05-27 23:33 - 2013-06-16 17:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-05-27 23:33 - 2013-06-01 06:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-05-27 23:33 - 2013-06-01 06:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-05-27 23:33 - 2013-06-01 05:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-05-27 23:33 - 2013-06-01 04:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2014-05-27 23:33 - 2013-06-01 04:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-05-27 23:33 - 2013-06-01 04:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2014-05-27 23:33 - 2013-06-01 04:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2014-05-27 23:33 - 2013-06-01 04:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-05-27 23:33 - 2013-06-01 04:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-05-27 23:33 - 2013-06-01 04:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2014-05-27 23:33 - 2013-06-01 04:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2014-05-27 23:33 - 2013-06-01 04:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-05-27 23:33 - 2013-06-01 04:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2014-05-27 23:33 - 2013-06-01 04:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-05-27 23:33 - 2013-06-01 04:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-05-27 23:33 - 2013-06-01 04:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2014-05-27 23:33 - 2013-06-01 04:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2014-05-27 23:33 - 2013-06-01 04:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-05-27 23:33 - 2013-06-01 04:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2014-05-27 23:33 - 2013-05-31 22:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2014-05-27 23:33 - 2013-05-24 17:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-05-27 23:33 - 2013-05-24 17:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-05-27 23:33 - 2013-05-24 17:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-05-27 23:33 - 2013-05-24 17:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-05-27 23:33 - 2013-01-09 20:53 - 00028904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys
2014-05-27 23:33 - 2013-01-09 20:29 - 00091880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-05-27 23:33 - 2013-01-09 18:26 - 01752064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2014-05-27 23:33 - 2013-01-09 18:26 - 01611776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2014-05-27 23:33 - 2013-01-09 18:26 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2014-05-27 23:33 - 2013-01-09 18:26 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-05-27 23:33 - 2013-01-09 18:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
2014-05-27 23:33 - 2013-01-09 18:23 - 02094592 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2014-05-27 23:33 - 2013-01-09 18:23 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2014-05-27 23:33 - 2013-01-09 18:23 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-05-27 23:33 - 2013-01-09 18:23 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-05-27 23:33 - 2013-01-09 18:23 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-05-27 23:33 - 2013-01-09 18:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\wiaacmgr.exe
2014-05-27 23:33 - 2013-01-09 18:22 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-05-27 23:33 - 2013-01-09 18:22 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2014-05-27 23:33 - 2013-01-09 18:22 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2014-05-27 23:33 - 2012-11-02 00:19 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2014-05-27 23:33 - 2012-11-02 00:18 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2014-05-27 23:33 - 2012-11-02 00:18 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2014-05-27 23:33 - 2012-11-02 00:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\adhapi.dll
2014-05-27 23:33 - 2012-11-02 00:18 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2014-05-27 23:33 - 2012-11-02 00:18 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2014-05-27 23:33 - 2012-10-23 23:54 - 00396008 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-05-27 23:33 - 2012-10-16 23:32 - 01172992 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2014-05-27 23:33 - 2012-10-16 23:32 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2014-05-27 23:33 - 2012-10-16 23:32 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-05-27 23:33 - 2012-10-16 22:57 - 00929792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2014-05-27 23:33 - 2012-10-16 22:57 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2014-05-27 23:33 - 2012-10-16 22:57 - 00513024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-05-27 23:33 - 2012-10-12 01:13 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\dskquota.dll
2014-05-27 23:33 - 2012-10-12 00:39 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll
2014-05-27 23:32 - 2012-10-11 02:47 - 00793200 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-05-27 23:32 - 2012-10-11 02:25 - 00056552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2014-05-27 23:32 - 2012-10-11 02:23 - 00441576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-05-27 23:32 - 2012-10-11 02:13 - 00033512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys
2014-05-27 23:32 - 2012-10-11 00:46 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2014-05-27 23:32 - 2012-10-11 00:46 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Compression.dll
2014-05-27 23:32 - 2012-10-11 00:46 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\BdeUISrv.exe
2014-05-27 23:32 - 2012-10-11 00:45 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-05-27 23:32 - 2012-10-11 00:45 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2014-05-27 23:32 - 2012-10-11 00:45 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2014-05-27 23:32 - 2012-10-11 00:44 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-05-27 23:32 - 2012-10-11 00:44 - 00264704 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2014-05-27 23:32 - 2012-10-11 00:44 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2014-05-27 23:32 - 2012-10-11 00:43 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-05-27 23:32 - 2012-10-11 00:43 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-05-27 23:32 - 2012-10-11 00:43 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-05-27 23:32 - 2012-10-11 00:43 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-05-27 23:32 - 2012-10-11 00:43 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2014-05-27 23:32 - 2012-10-11 00:43 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-05-27 23:32 - 2012-10-11 00:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-05-27 23:32 - 2012-10-11 00:42 - 00612416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-05-27 23:32 - 2012-10-11 00:23 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-pdc.dll
2014-05-27 23:32 - 2012-10-11 00:23 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\kbdhebl3.dll
2014-05-27 23:32 - 2012-10-11 00:07 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2014-05-27 23:32 - 2012-10-11 00:07 - 00414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2014-05-27 23:32 - 2012-10-11 00:07 - 00116224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll
2014-05-27 23:32 - 2012-10-11 00:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2014-05-27 23:32 - 2012-10-11 00:06 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-05-27 23:32 - 2012-10-11 00:06 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-05-27 23:32 - 2012-10-11 00:06 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2014-05-27 23:32 - 2012-10-11 00:06 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-05-27 23:32 - 2012-10-11 00:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-05-27 23:32 - 2012-10-11 00:06 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-05-27 23:32 - 2012-10-11 00:05 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2014-05-27 23:32 - 2012-10-10 23:42 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll
2014-05-27 23:32 - 2012-10-10 19:45 - 00478424 _____ () C:\Windows\SysWOW64\locale.nls
2014-05-27 23:32 - 2012-10-10 19:44 - 00478424 _____ () C:\Windows\system32\locale.nls
2014-05-27 23:29 - 2012-09-20 04:08 - 00027280 _____ (Microsoft Corporation) C:\Windows\system32\avrt.dll
2014-05-27 23:29 - 2012-09-20 03:40 - 00389360 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2014-05-27 23:29 - 2012-09-20 03:31 - 00425192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-05-27 23:29 - 2012-09-20 02:55 - 03265256 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys
2014-05-27 23:29 - 2012-09-20 02:55 - 00533224 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys
2014-05-27 23:29 - 2012-09-20 01:47 - 00307192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 03964416 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2014-05-27 23:29 - 2012-09-20 01:33 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-05-27 23:29 - 2012-09-20 01:33 - 01513984 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 01342464 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 01304064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 00866304 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 00699392 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2014-05-27 23:29 - 2012-09-20 01:33 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 00545280 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-05-27 23:29 - 2012-09-20 01:33 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 00420352 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2014-05-27 23:29 - 2012-09-20 01:33 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-05-27 23:29 - 2012-09-20 01:33 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\wlidcredprov.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2014-05-27 23:29 - 2012-09-20 01:33 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2014-05-27 23:29 - 2012-09-20 01:33 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-05-27 23:29 - 2012-09-20 01:33 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2014-05-27 23:29 - 2012-09-20 01:33 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2014-05-27 23:29 - 2012-09-20 01:33 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\svchost.exe
2014-05-27 23:29 - 2012-09-20 01:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2014-05-27 23:29 - 2012-09-20 01:32 - 01739264 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2014-05-27 23:29 - 2012-09-20 01:32 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-05-27 23:29 - 2012-09-20 01:32 - 01019392 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2014-05-27 23:29 - 2012-09-20 01:32 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\provcore.dll
2014-05-27 23:29 - 2012-09-20 01:32 - 00256512 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2014-05-27 23:29 - 2012-09-20 01:32 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2014-05-27 23:29 - 2012-09-20 01:32 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\perfos.dll
2014-05-27 23:29 - 2012-09-20 01:32 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2014-05-27 23:29 - 2012-09-20 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\RpcEpMap.dll
2014-05-27 23:29 - 2012-09-20 01:32 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-05-27 23:29 - 2012-09-20 01:32 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\perfctrs.dll
2014-05-27 23:29 - 2012-09-20 01:32 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\perfproc.dll
2014-05-27 23:29 - 2012-09-20 01:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll
2014-05-27 23:29 - 2012-09-20 01:32 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\perfnet.dll
2014-05-27 23:29 - 2012-09-20 01:32 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\MUILanguageCleanup.dll
2014-05-27 23:29 - 2012-09-20 01:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2014-05-27 23:29 - 2012-09-20 01:31 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-05-27 23:29 - 2012-09-20 01:31 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2014-05-27 23:29 - 2012-09-20 01:31 - 00604672 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-05-27 23:29 - 2012-09-20 01:31 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-05-27 23:29 - 2012-09-20 01:31 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2014-05-27 23:29 - 2012-09-20 01:31 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-05-27 23:29 - 2012-09-20 01:31 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2014-05-27 23:29 - 2012-09-20 01:31 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2014-05-27 23:29 - 2012-09-20 01:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-05-27 23:29 - 2012-09-20 01:31 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2014-05-27 23:29 - 2012-09-20 01:31 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\DevPropMgr.dll
2014-05-27 23:29 - 2012-09-20 01:31 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\mmcss.dll
2014-05-27 23:29 - 2012-09-20 01:31 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\LangCleanupSysprepAction.dll
2014-05-27 23:29 - 2012-09-20 01:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2014-05-27 23:29 - 2012-09-20 01:31 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
2014-05-27 23:29 - 2012-09-20 01:30 - 02016256 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll
2014-05-27 23:29 - 2012-09-20 01:30 - 01743872 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2014-05-27 23:29 - 2012-09-20 01:30 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2014-05-27 23:29 - 2012-09-20 01:30 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-05-27 23:29 - 2012-09-20 01:30 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2014-05-27 23:29 - 2012-09-20 01:30 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll
2014-05-27 23:29 - 2012-09-20 01:30 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll
2014-05-27 23:29 - 2012-09-20 01:13 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-kernel-power-events.dll
2014-05-27 23:29 - 2012-09-20 01:13 - 00023656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avrt.dll
2014-05-27 23:29 - 2012-09-20 01:09 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys
2014-05-27 23:29 - 2012-09-20 01:08 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-05-27 23:29 - 2012-09-20 00:55 - 00995328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-05-27 23:29 - 2012-09-20 00:55 - 00465920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2014-05-27 23:29 - 2012-09-20 00:55 - 00417280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-05-27 23:29 - 2012-09-20 00:55 - 00333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2014-05-27 23:29 - 2012-09-20 00:55 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
2014-05-27 23:29 - 2012-09-20 00:55 - 00263168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll
2014-05-27 23:29 - 2012-09-20 00:55 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2014-05-27 23:29 - 2012-09-20 00:55 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-05-27 23:29 - 2012-09-20 00:55 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-05-27 23:29 - 2012-09-20 00:55 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
2014-05-27 23:29 - 2012-09-20 00:55 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2014-05-27 23:29 - 2012-09-20 00:54 - 01369600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 01196032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 01137152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00533504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provcore.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00480768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00449024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00413184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfctrs.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfproc.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfos.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfdisk.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfnet.dll
2014-05-27 23:29 - 2012-09-20 00:54 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2014-05-27 23:29 - 2012-09-20 00:53 - 02007040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
2014-05-27 23:29 - 2012-09-20 00:53 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-05-27 23:29 - 2012-09-20 00:53 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2014-05-27 23:29 - 2012-09-20 00:53 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2014-05-27 23:29 - 2012-09-20 00:53 - 00461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-05-27 23:29 - 2012-09-20 00:53 - 00366080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-05-27 23:29 - 2012-09-20 00:53 - 00119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2014-05-27 23:29 - 2012-09-20 00:53 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2014-05-27 23:29 - 2012-09-19 23:10 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-05-27 23:27 - 2012-09-27 02:17 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\newdev.exe
2014-05-27 23:27 - 2012-09-27 02:17 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\ndadmin.exe
2014-05-27 23:27 - 2012-09-27 02:15 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2014-05-27 23:27 - 2012-09-27 01:35 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.exe
2014-05-27 23:27 - 2012-09-27 01:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndadmin.exe
2014-05-27 23:27 - 2012-09-27 01:34 - 00275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2014-05-27 23:25 - 2013-09-13 17:36 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2014-05-27 23:25 - 2013-09-13 17:33 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-05-27 23:25 - 2013-08-30 00:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2014-05-27 23:25 - 2013-08-30 00:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2014-05-27 23:25 - 2013-08-29 18:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2014-05-27 23:25 - 2013-08-21 01:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-05-27 23:25 - 2013-08-10 01:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2014-05-27 23:25 - 2013-07-24 18:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-05-27 23:25 - 2013-07-24 18:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-05-27 23:25 - 2012-09-20 01:48 - 00062488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2014-05-27 23:24 - 2014-03-28 03:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-27 23:24 - 2014-03-28 01:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-27 23:23 - 2013-07-09 03:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2014-05-27 23:23 - 2013-07-09 01:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-05-27 23:23 - 2013-07-08 23:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-05-27 23:23 - 2013-07-08 22:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2014-05-27 23:23 - 2013-07-08 17:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2014-05-27 23:23 - 2013-07-08 17:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-05-27 23:23 - 2013-07-08 17:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2014-05-27 23:23 - 2013-07-08 17:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2014-05-27 23:23 - 2013-07-05 19:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-05-27 23:23 - 2013-07-02 19:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2014-05-27 23:23 - 2013-07-02 19:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-05-27 23:23 - 2013-07-02 19:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-05-27 23:23 - 2013-07-02 19:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-05-27 23:23 - 2013-06-30 17:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2014-05-27 23:23 - 2013-06-30 17:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2014-05-27 23:23 - 2013-06-29 01:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-05-27 23:23 - 2013-06-29 01:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-05-27 23:23 - 2013-06-25 22:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2014-05-27 23:23 - 2013-06-25 21:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2014-05-27 23:23 - 2013-06-24 17:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-05-27 23:23 - 2013-06-24 17:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2014-05-27 23:23 - 2013-06-24 17:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2014-05-27 23:23 - 2013-06-19 00:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2014-05-27 23:23 - 2013-06-19 00:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-05-27 23:23 - 2013-06-18 17:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2014-05-27 23:23 - 2013-06-18 17:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-05-27 23:23 - 2013-06-11 18:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2014-05-27 23:23 - 2013-06-11 18:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2014-05-27 23:23 - 2013-06-06 03:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-05-27 23:23 - 2012-10-02 02:34 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-05-27 23:22 - 2013-10-08 20:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-05-27 23:22 - 2013-10-08 17:30 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-05-27 23:22 - 2013-10-08 17:30 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-05-27 23:22 - 2013-10-08 17:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-05-27 23:22 - 2013-10-08 17:30 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-05-27 23:22 - 2013-10-08 17:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-05-27 23:22 - 2013-10-08 17:27 - 03279872 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-05-27 23:22 - 2013-10-08 17:27 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-05-27 23:22 - 2013-10-08 17:27 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-05-27 23:22 - 2013-10-08 17:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-05-27 23:22 - 2013-10-08 17:27 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-05-27 23:22 - 2013-10-08 17:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-05-27 23:22 - 2013-10-08 17:27 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-05-27 23:22 - 2013-10-05 01:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-05-27 23:22 - 2013-10-01 21:50 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-05-27 23:22 - 2013-09-28 00:48 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-05-27 23:22 - 2013-09-27 22:58 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-05-27 23:22 - 2013-09-19 02:32 - 01455448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-05-27 23:22 - 2013-08-30 00:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-05-27 23:22 - 2013-08-30 00:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-05-27 23:22 - 2013-08-29 18:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2014-05-27 23:22 - 2013-08-29 18:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2014-05-27 19:47 - 2014-05-27 19:47 - 00000000 ____D () C:\Users\Heather\AppData\Local\DFX
2014-05-27 19:45 - 2014-05-27 19:45 - 00001710 _____ () C:\Users\Public\Desktop\DFX.lnk
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Roaming\vlc
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\vlc
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\vlc
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Guest
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\vlc
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Administrator
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DFX Audio Enhancer
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Program Files (x86)\DFX
2014-05-27 18:54 - 2014-05-27 18:54 - 00000356 _____ () C:\Windows\Tasks\HPCeeScheduleForHeather.job
2014-05-27 10:10 - 2014-05-27 19:11 - 00000000 ____D () C:\Users\Heather\AppData\Local\IM
2014-05-27 10:10 - 2014-05-27 10:11 - 00000000 ____D () C:\ProgramData\IM
2014-05-27 10:10 - 2014-05-27 10:10 - 00002085 _____ () C:\Users\Public\Desktop\Secure passwords.lnk
2014-05-27 10:10 - 2014-05-27 10:10 - 00002025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
2014-05-27 10:10 - 2014-05-27 10:10 - 00002013 _____ () C:\Users\Public\Desktop\IncrediMail.lnk
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\ProgramData\Photo Notifier and Animation Creator
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\ProgramData\IncrediMail
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\Program Files (x86)\Photo Notifier and Animation Creator
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\Program Files (x86)\IncrediMail
2014-05-27 09:29 - 2014-05-27 09:29 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-05-27 09:29 - 2014-05-27 09:26 - 06085632 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2014-05-27 09:29 - 2014-05-27 09:26 - 03308376 _____ (Dolby Laboratories) C:\Windows\system32\EEP64A.dll
2014-05-27 09:29 - 2014-05-27 09:26 - 01821184 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl
2014-05-27 09:29 - 2014-05-27 09:26 - 01664000 _____ (IDT, Inc.) C:\Windows\sttray64.exe
2014-05-27 09:29 - 2014-05-27 09:26 - 00426328 _____ (Dolby Laboratories) C:\Windows\system32\EED64A.dll
2014-05-27 09:29 - 2014-05-27 09:26 - 00136024 _____ (Dolby Laboratories) C:\Windows\system32\EEL64A.dll
2014-05-27 09:29 - 2014-05-27 09:26 - 00118104 _____ (Dolby Laboratories) C:\Windows\system32\EEA64A.dll
2014-05-27 09:27 - 2014-05-27 09:26 - 02188800 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2014-05-27 09:27 - 2014-05-27 09:26 - 00671744 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2014-05-27 09:27 - 2014-05-27 09:26 - 00542208 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2014-05-27 09:27 - 2014-05-27 09:26 - 00499200 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2014-05-27 09:27 - 2014-05-27 09:26 - 00255488 _____ (IDT, Inc.) C:\Windows\system32\st646425.dll
2014-05-27 09:07 - 2014-06-01 14:42 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-27 09:06 - 2014-06-01 14:42 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-27 07:51 - 2012-10-05 23:53 - 02893824 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-05-27 07:51 - 2012-10-05 23:15 - 02400256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-05-27 07:49 - 2013-02-02 03:40 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2014-05-27 07:49 - 2013-02-02 03:40 - 00370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2014-05-27 07:49 - 2013-02-02 03:40 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2014-05-27 07:49 - 2013-02-02 03:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2014-05-27 07:49 - 2013-02-02 03:40 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2014-05-27 07:49 - 2013-02-02 03:39 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-05-27 07:49 - 2013-02-02 03:38 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2014-05-27 07:49 - 2013-02-02 03:24 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\taskkill.exe
2014-05-27 07:49 - 2013-02-02 03:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\tasklist.exe
2014-05-27 07:49 - 2013-02-02 03:23 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2014-05-27 07:49 - 2013-02-02 03:23 - 00543232 _____ (Microsoft Corporation) C:\Windows\system32\wlroamextension.dll
2014-05-27 07:49 - 2013-02-02 03:23 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2014-05-27 07:49 - 2013-02-02 03:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2014-05-27 07:49 - 2013-02-02 03:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2014-05-27 07:49 - 2013-02-02 03:21 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-05-27 07:49 - 2013-02-02 03:20 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2014-05-27 07:49 - 2013-02-02 03:20 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\hotspotauth.dll
2014-05-27 07:49 - 2013-02-02 02:25 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-05-27 07:49 - 2013-02-02 00:41 - 01437184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-05-27 07:49 - 2013-02-02 00:31 - 01690624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2014-05-27 07:49 - 2012-09-20 01:32 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-05-27 07:49 - 2012-09-20 01:32 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-05-27 07:48 - 2013-10-31 00:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-05-27 07:48 - 2013-10-31 00:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-05-27 07:48 - 2013-10-30 23:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-05-27 07:48 - 2013-10-30 22:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-05-27 07:48 - 2013-10-13 15:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-05-27 07:48 - 2013-08-27 00:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-05-27 07:48 - 2013-08-27 00:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-05-27 07:48 - 2013-08-26 17:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-05-27 07:48 - 2013-08-26 17:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-05-27 07:48 - 2013-03-06 02:10 - 00112872 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-05-27 07:48 - 2013-03-06 01:29 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-05-27 07:48 - 2012-10-11 00:46 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2014-05-27 07:48 - 2012-10-11 00:44 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2014-05-27 07:48 - 2012-10-11 00:07 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2014-05-27 07:46 - 2013-04-27 00:20 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-05-27 07:44 - 2012-11-27 01:39 - 01122768 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2014-05-27 07:44 - 2012-11-26 23:49 - 01027152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2014-05-27 07:44 - 2012-11-26 23:20 - 01217536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2014-05-27 07:44 - 2012-11-26 23:20 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-05-27 07:44 - 2012-11-26 23:20 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-05-27 07:44 - 2012-11-26 23:20 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2014-05-27 07:44 - 2012-11-26 23:20 - 00560128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2014-05-27 07:44 - 2012-11-26 23:20 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2014-05-27 07:44 - 2012-11-26 23:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2014-05-27 07:44 - 2012-11-26 23:19 - 03245568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-05-27 07:44 - 2012-11-26 23:19 - 01536512 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2014-05-27 07:44 - 2012-11-26 23:19 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2014-05-27 07:44 - 2012-11-26 23:19 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2014-05-27 07:44 - 2012-11-26 23:19 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2014-05-27 07:44 - 2012-11-26 22:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2014-05-27 07:44 - 2012-11-26 22:55 - 00029952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthhfHid.sys
2014-05-27 07:44 - 2012-10-12 03:08 - 00027880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-05-27 07:44 - 2012-10-12 01:14 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2014-05-27 07:44 - 2012-10-12 00:50 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-05-27 07:44 - 2012-09-11 00:28 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\vdsldr.exe
2014-05-27 07:44 - 2012-09-11 00:27 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\vds_ps.dll
2014-05-27 07:42 - 2013-08-10 00:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-05-27 07:42 - 2013-08-10 00:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2014-05-27 07:42 - 2013-08-09 22:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-05-27 07:42 - 2013-08-03 01:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2014-05-27 07:42 - 2013-08-03 01:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2014-05-27 07:42 - 2013-08-03 01:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2014-05-27 07:42 - 2013-08-03 00:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2014-05-27 07:42 - 2013-08-03 00:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2014-05-27 07:42 - 2013-08-03 00:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2014-05-27 07:42 - 2013-08-02 01:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-05-27 07:42 - 2013-08-02 00:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-05-27 07:42 - 2013-07-24 18:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2014-05-27 07:42 - 2013-07-24 18:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2014-05-27 07:42 - 2013-04-09 18:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2014-05-27 07:42 - 2013-04-09 17:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2014-05-27 07:42 - 2012-11-20 00:24 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-05-27 07:42 - 2012-11-20 00:17 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-05-27 07:42 - 2012-11-20 00:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2014-05-27 07:42 - 2012-11-19 23:59 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDKURD.DLL
2014-05-27 07:42 - 2012-11-05 23:18 - 11459584 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2014-05-27 07:41 - 2012-11-06 02:33 - 01566432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-05-27 07:41 - 2012-11-05 23:48 - 01150160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-05-27 07:41 - 2012-11-05 23:20 - 00883712 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2014-05-27 07:41 - 2012-11-05 23:20 - 00516608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2014-05-27 07:41 - 2012-11-05 23:20 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-05-27 07:41 - 2012-11-05 23:20 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2014-05-27 07:41 - 2012-11-05 23:20 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2014-05-27 07:41 - 2012-11-05 23:20 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2014-05-27 07:41 - 2012-11-05 23:20 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2014-05-27 07:41 - 2012-11-05 23:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2014-05-27 07:41 - 2012-11-05 23:19 - 08552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2014-05-27 07:41 - 2012-11-05 23:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-05-27 07:41 - 2012-11-05 23:19 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-05-27 07:41 - 2012-11-05 23:19 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-05-27 07:41 - 2012-11-05 23:19 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-05-27 07:41 - 2012-11-05 23:19 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-05-27 07:41 - 2012-11-05 23:19 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-05-27 07:41 - 2012-11-05 23:19 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2014-05-27 07:41 - 2012-11-05 23:19 - 00126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-05-27 07:41 - 2012-11-05 23:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2014-05-27 07:41 - 2012-11-05 23:19 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2014-05-27 07:41 - 2012-11-05 23:19 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2014-05-27 07:41 - 2012-11-05 23:18 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2014-05-27 07:41 - 2012-11-05 23:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2014-05-27 07:41 - 2012-11-05 23:18 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2014-05-27 07:41 - 2012-11-05 23:18 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2014-05-27 07:41 - 2012-11-05 23:17 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2014-05-27 07:41 - 2012-11-05 23:17 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\dafWCN.dll
2014-05-27 07:41 - 2012-11-05 23:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2014-05-27 07:41 - 2012-11-05 22:58 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-05-27 07:41 - 2012-11-05 22:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2014-05-27 07:41 - 2012-11-05 22:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2014-05-27 07:41 - 2012-11-05 22:55 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2014-05-27 07:41 - 2012-11-05 22:55 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2014-05-27 07:41 - 2012-11-05 22:55 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2014-05-27 07:41 - 2012-11-05 22:55 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fxppm.sys
2014-05-27 07:37 - 2014-03-01 04:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-27 07:37 - 2014-03-01 04:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-27 07:37 - 2014-03-01 03:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-27 07:37 - 2014-03-01 01:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-27 07:37 - 2014-02-26 18:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-27 07:37 - 2014-02-26 18:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-27 07:37 - 2014-02-26 18:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-27 07:37 - 2014-02-14 23:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-27 07:37 - 2013-11-25 18:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-05-27 07:28 - 2014-05-27 07:28 - 00000117 _____ () C:\Windows\system32\netcfg-52984.txt
2014-05-27 07:27 - 2014-05-27 07:27 - 00000117 _____ () C:\Windows\system32\netcfg-21208968.txt
2014-05-27 07:27 - 2014-05-27 07:27 - 00000117 _____ () C:\Windows\system32\netcfg-21184921.txt
2014-05-27 01:33 - 2014-05-27 01:33 - 00000117 _____ () C:\Windows\system32\netcfg-1113375.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000136 _____ () C:\Windows\system32\netcfg-133671.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000134 _____ () C:\Windows\system32\netcfg-131500.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000134 _____ () C:\Windows\system32\netcfg-129625.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000128 _____ () C:\Windows\system32\netcfg-148859.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000127 _____ () C:\Windows\system32\netcfg-123421.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000126 _____ () C:\Windows\system32\netcfg-121453.txt
2014-05-27 01:17 - 2014-05-01 15:37 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-27 01:17 - 2014-05-01 15:37 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-27 01:16 - 2014-05-27 01:17 - 00000128 _____ () C:\Windows\system32\netcfg-119156.txt
2014-05-27 01:16 - 2014-05-27 01:16 - 00000135 _____ () C:\Windows\system32\netcfg-117578.txt
2014-05-27 01:16 - 2014-05-27 01:16 - 00000129 _____ () C:\Windows\system32\netcfg-109375.txt
2014-05-27 01:16 - 2014-05-27 01:16 - 00000117 _____ () C:\Windows\system32\netcfg-81796.txt
2014-05-27 01:14 - 2014-05-27 01:14 - 00000117 _____ () C:\Windows\system32\netcfg-1600109.txt
2014-05-27 00:05 - 2014-05-27 00:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-27 00:05 - 2014-05-04 17:12 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-26 23:57 - 2014-05-28 11:02 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\hpqlog
2014-05-26 23:53 - 2013-05-04 01:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-05-26 23:53 - 2013-05-04 01:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-05-26 23:53 - 2013-05-04 01:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2014-05-26 23:53 - 2013-05-04 01:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2014-05-26 23:53 - 2013-05-04 01:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2014-05-26 23:53 - 2013-05-04 01:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2014-05-26 23:53 - 2013-05-03 23:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2014-05-26 23:53 - 2013-05-03 23:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2014-05-26 23:52 - 2013-05-04 02:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2014-05-26 23:52 - 2013-05-04 01:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2014-05-26 23:52 - 2013-05-04 01:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-05-26 23:52 - 2013-05-04 01:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2014-05-26 23:52 - 2013-05-04 01:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2014-05-26 23:52 - 2013-05-04 01:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2014-05-26 23:52 - 2013-05-04 01:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-05-26 23:52 - 2013-05-04 01:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2014-05-26 23:52 - 2013-05-04 01:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-05-26 23:52 - 2013-05-04 01:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2014-05-26 23:52 - 2013-05-04 01:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2014-05-26 23:52 - 2013-05-04 01:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2014-05-26 23:52 - 2013-05-03 23:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2014-05-26 23:52 - 2013-05-03 23:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-05-26 23:52 - 2013-05-03 23:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2014-05-26 23:52 - 2013-05-03 23:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2014-05-26 23:52 - 2013-05-03 23:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2014-05-26 23:52 - 2013-05-03 23:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2014-05-26 23:52 - 2013-05-03 23:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2014-05-26 23:52 - 2013-05-03 23:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-05-26 23:52 - 2013-05-03 23:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2014-05-26 23:52 - 2013-05-03 23:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2014-05-26 23:52 - 2013-05-03 23:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2014-05-26 23:52 - 2013-05-03 23:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-05-26 23:52 - 2013-05-03 23:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2014-05-26 23:52 - 2013-03-02 05:57 - 00077544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2014-05-26 23:52 - 2013-03-02 05:39 - 00495336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2014-05-26 23:52 - 2013-03-02 04:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-05-26 23:52 - 2013-03-02 03:23 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-05-26 23:52 - 2013-03-02 03:23 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2014-05-26 23:52 - 2013-03-02 03:23 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-05-26 23:52 - 2013-03-02 03:23 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2014-05-26 23:52 - 2013-03-02 03:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2014-05-26 23:52 - 2013-03-02 03:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2014-05-26 23:52 - 2013-03-02 03:21 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2014-05-26 23:52 - 2013-03-02 03:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2014-05-26 23:52 - 2013-03-01 21:45 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-05-26 23:52 - 2013-03-01 21:45 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-05-26 23:52 - 2013-03-01 21:45 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2014-05-26 23:52 - 2013-03-01 21:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2014-05-26 23:52 - 2013-03-01 21:45 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2014-05-26 23:52 - 2013-03-01 21:45 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2014-05-26 23:52 - 2013-03-01 21:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-05-26 23:52 - 2013-03-01 21:45 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2014-05-26 23:52 - 2013-03-01 21:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-05-26 23:52 - 2013-03-01 21:45 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-05-26 23:52 - 2013-03-01 21:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2014-05-26 23:52 - 2013-03-01 21:45 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\WSDPrintProxy.DLL
2014-05-26 23:52 - 2013-03-01 21:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2014-05-26 23:52 - 2013-03-01 21:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-05-26 23:52 - 2013-03-01 21:44 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\discan.dll
2014-05-26 23:52 - 2013-03-01 21:44 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\NdisImPlatform.dll
2014-05-26 23:52 - 2013-03-01 21:44 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\DevDispItemProvider.dll
2014-05-26 23:52 - 2013-03-01 21:43 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-05-26 23:52 - 2013-03-01 21:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2014-05-26 23:52 - 2013-02-28 23:56 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2014-05-26 23:52 - 2013-02-28 23:56 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2014-05-26 23:52 - 2013-02-28 23:55 - 01175040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-05-26 23:52 - 2013-02-02 03:39 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2014-05-26 23:52 - 2013-02-02 03:39 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2014-05-26 23:52 - 2013-01-08 22:59 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-05-26 23:52 - 2013-01-08 22:58 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2014-05-26 23:52 - 2012-11-05 23:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-05-26 23:52 - 2012-11-05 23:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wushareduxresources.dll
2014-05-26 23:51 - 2012-08-30 19:53 - 00017888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2014-05-26 23:51 - 2012-08-30 19:52 - 00017888 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2014-05-26 23:50 - 2013-10-19 00:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-05-26 23:50 - 2013-10-18 23:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-05-26 23:50 - 2013-07-01 17:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2014-05-26 23:50 - 2013-06-28 22:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-05-26 23:50 - 2013-05-04 01:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-05-26 23:50 - 2013-05-03 23:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-05-26 23:49 - 2013-12-08 19:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-26 23:49 - 2013-12-08 18:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-26 23:49 - 2013-10-02 18:25 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-05-26 23:49 - 2013-10-01 17:22 - 01022976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-05-26 23:49 - 2013-08-16 00:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2014-05-26 23:49 - 2013-08-16 00:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2014-05-26 23:49 - 2013-08-16 00:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-05-26 23:49 - 2013-08-16 00:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2014-05-26 23:49 - 2013-08-16 00:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2014-05-26 23:49 - 2013-08-16 00:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2014-05-26 23:49 - 2013-08-16 00:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-05-26 23:49 - 2013-08-16 00:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2014-05-26 23:49 - 2013-08-16 00:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2014-05-26 23:49 - 2013-08-16 00:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2014-05-26 23:49 - 2013-08-16 00:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-05-26 23:49 - 2013-08-16 00:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-05-26 23:49 - 2013-08-16 00:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2014-05-26 23:49 - 2013-08-15 17:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-05-26 23:49 - 2013-08-15 17:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2014-05-26 23:49 - 2013-08-15 17:43 - 00083968 _____ () C:\Windows\SysWOW64\OEMLicense.dll
2014-05-26 23:49 - 2013-08-15 17:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-05-26 23:49 - 2013-08-15 17:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2014-05-26 23:49 - 2013-08-15 17:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2014-05-26 23:49 - 2013-05-26 18:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-05-26 23:49 - 2013-05-26 17:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-05-26 23:49 - 2013-05-24 22:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-05-26 23:49 - 2013-05-24 21:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-05-26 23:49 - 2013-05-14 21:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2014-05-26 23:49 - 2013-05-14 21:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-05-26 23:49 - 2013-05-14 21:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2014-05-26 23:49 - 2013-05-14 21:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-05-26 23:49 - 2013-02-11 19:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-05-26 23:49 - 2012-11-07 23:24 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-05-26 23:49 - 2012-11-07 23:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-05-26 23:49 - 2012-11-07 23:20 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-05-26 23:49 - 2012-11-07 23:20 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-05-26 23:49 - 2012-11-07 23:02 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-05-26 23:49 - 2012-11-07 23:01 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-05-26 23:49 - 2012-10-10 02:04 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-05-26 23:49 - 2012-10-10 01:31 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-05-26 23:49 - 2012-09-20 01:33 - 00110592 _____ () C:\Windows\system32\OEMLicense.dll
2014-05-26 23:48 - 2014-04-12 04:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-26 23:48 - 2014-04-12 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-26 23:48 - 2014-04-12 04:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-05-26 23:48 - 2014-04-12 04:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-05-26 23:48 - 2014-04-12 04:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-26 23:48 - 2014-04-12 04:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-26 23:48 - 2014-04-12 04:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-26 23:48 - 2014-04-12 04:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-26 23:48 - 2014-04-12 04:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-05-26 23:48 - 2014-04-12 04:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-26 23:48 - 2014-04-12 04:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-26 23:48 - 2014-04-12 02:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-05-26 23:48 - 2014-04-12 02:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-05-26 23:48 - 2014-04-12 02:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-26 23:48 - 2014-04-12 02:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-26 23:48 - 2014-04-12 02:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-26 23:48 - 2014-04-12 02:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-26 23:48 - 2014-04-12 02:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-26 23:48 - 2014-04-12 01:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-05-26 23:48 - 2014-03-28 14:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-26 23:48 - 2014-03-23 17:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-26 23:48 - 2014-03-10 22:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-26 23:48 - 2014-03-10 22:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-26 23:48 - 2014-03-10 19:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-26 23:48 - 2014-03-10 19:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-26 23:48 - 2014-03-10 19:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-26 23:48 - 2014-03-10 19:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-26 23:48 - 2014-03-10 19:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-26 23:48 - 2014-03-10 19:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-26 23:48 - 2014-03-10 19:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-26 23:48 - 2014-03-10 19:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-05-26 23:48 - 2014-03-10 19:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-26 23:48 - 2014-03-10 19:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-26 23:48 - 2014-03-10 19:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-26 23:48 - 2014-03-09 22:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-26 23:48 - 2014-03-09 20:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-26 23:48 - 2014-03-03 18:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-26 23:48 - 2013-12-04 18:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-05-26 23:48 - 2013-12-04 18:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-05-26 23:47 - 2014-02-07 23:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-26 23:47 - 2013-06-30 20:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-05-26 23:47 - 2013-06-30 20:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-05-26 23:47 - 2013-06-30 20:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-05-26 23:47 - 2013-06-30 20:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-05-26 23:47 - 2013-06-28 22:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-05-26 23:47 - 2013-06-28 22:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-05-26 23:47 - 2013-05-23 18:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-05-26 23:47 - 2013-05-23 17:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-05-26 23:47 - 2013-04-23 18:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-05-26 23:47 - 2013-04-23 18:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-05-26 23:47 - 2013-04-23 17:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-05-26 23:47 - 2013-04-23 17:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-05-26 23:47 - 2013-03-02 03:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-05-26 23:47 - 2013-03-01 21:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-05-26 23:47 - 2012-12-14 23:55 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-05-26 23:47 - 2012-11-19 23:56 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-05-26 23:47 - 2012-11-03 00:26 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\sysreset.exe
2014-05-26 23:47 - 2012-11-03 00:25 - 00945152 _____ (Microsoft Corporation) C:\Windows\system32\resetengmig.dll
2014-05-26 23:46 - 2013-12-04 18:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-05-26 23:46 - 2013-12-04 18:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-05-26 23:46 - 2013-10-01 18:37 - 01569280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-05-26 23:46 - 2013-10-01 18:26 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-05-26 23:46 - 2013-09-03 22:11 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-05-26 23:44 - 2013-10-10 06:53 - 00096600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-05-26 23:44 - 2013-10-10 04:21 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-05-26 23:44 - 2013-10-10 04:20 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-05-26 23:44 - 2013-06-10 14:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-05-26 23:44 - 2013-06-10 14:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-05-26 23:44 - 2013-06-10 14:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-05-26 23:44 - 2013-06-10 14:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-05-26 23:43 - 2013-07-05 19:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-05-26 23:43 - 2013-07-05 17:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-05-26 23:43 - 2013-07-05 17:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-05-26 23:43 - 2013-07-03 21:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-05-26 23:43 - 2013-06-22 00:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-05-26 23:43 - 2013-06-22 00:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-05-26 23:43 - 2013-04-11 17:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-05-26 23:43 - 2013-04-11 17:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-05-26 23:40 - 2012-11-25 23:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-05-26 23:40 - 2012-11-25 23:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-05-26 23:40 - 2012-10-23 22:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2014-05-26 23:40 - 2012-10-23 21:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2014-05-26 23:33 - 2014-05-26 23:33 - 00001058 _____ () C:\Windows\system32\netcfg-44839125.txt
2014-05-26 23:33 - 2014-05-26 23:33 - 00001057 _____ () C:\Windows\system32\netcfg-44829187.txt
2014-05-26 23:32 - 2013-07-19 17:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-05-26 23:32 - 2013-07-19 17:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-05-26 23:29 - 2014-03-06 19:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-26 23:29 - 2014-03-06 19:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-26 23:29 - 2014-03-06 19:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-26 23:29 - 2014-03-06 19:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-26 23:29 - 2014-03-06 19:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-26 23:29 - 2014-03-06 19:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-26 23:29 - 2014-03-06 19:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-26 23:29 - 2014-03-06 19:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-26 23:29 - 2014-03-06 19:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-26 23:29 - 2014-03-06 19:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-26 23:29 - 2014-03-06 19:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-26 23:29 - 2014-03-06 19:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-26 23:29 - 2014-03-06 19:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-26 23:29 - 2014-03-06 19:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-05-26 23:29 - 2014-03-06 19:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-26 23:29 - 2014-03-06 19:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-26 23:29 - 2014-03-06 19:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-26 23:29 - 2013-10-10 04:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-05-26 23:29 - 2013-10-10 04:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2014-05-26 23:29 - 2013-10-10 04:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-05-26 23:29 - 2013-10-10 04:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-05-26 23:29 - 2013-10-10 04:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-05-26 23:29 - 2013-10-10 04:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2014-05-26 23:29 - 2013-10-10 04:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-05-26 23:29 - 2013-07-13 01:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-05-26 23:29 - 2013-07-13 01:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-05-26 23:29 - 2013-07-13 01:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2014-05-26 23:29 - 2013-07-13 01:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2014-05-26 23:29 - 2013-07-12 23:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-05-26 23:29 - 2013-07-12 23:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2014-05-26 23:29 - 2013-07-12 23:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2014-05-26 23:29 - 2013-07-01 20:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2014-05-26 23:29 - 2013-07-01 20:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2014-05-26 23:29 - 2013-05-15 17:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-05-26 23:29 - 2013-05-15 17:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-05-26 23:29 - 2013-02-21 05:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-26 23:29 - 2013-02-21 05:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-26 23:29 - 2013-02-21 05:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-26 23:29 - 2013-02-21 05:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-26 23:29 - 2013-02-21 05:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-26 23:29 - 2013-02-21 05:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-26 23:29 - 2013-02-19 04:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-05-26 23:29 - 2012-11-07 23:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-26 23:29 - 2012-11-07 23:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-26 23:29 - 2012-10-23 22:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2014-05-26 23:29 - 2012-10-23 22:24 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-05-26 23:29 - 2012-10-23 22:24 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2014-05-26 23:29 - 2012-10-23 22:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2014-05-26 23:27 - 2014-05-06 00:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-26 23:27 - 2014-05-06 00:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-26 23:27 - 2014-05-05 22:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-26 23:27 - 2014-05-05 22:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-26 23:27 - 2014-05-05 22:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-26 23:27 - 2014-05-05 22:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-26 23:27 - 2014-03-28 03:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-05-26 23:27 - 2014-01-12 18:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-05-26 23:27 - 2014-01-12 18:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-05-26 23:27 - 2013-11-19 19:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-05-26 23:27 - 2013-11-19 18:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-05-26 23:27 - 2013-08-23 02:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-05-26 23:27 - 2013-08-22 20:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-05-26 23:27 - 2013-04-09 00:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-05-26 23:27 - 2013-04-09 00:33 - 00446792 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-05-26 23:27 - 2013-04-09 00:33 - 00253544 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-05-26 23:27 - 2013-04-09 00:20 - 00306952 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_10ec.dll
2014-05-26 23:27 - 2013-04-09 00:20 - 00086280 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2014-05-26 23:27 - 2013-04-09 00:18 - 00077960 _____ (Microsoft Corporation) C:\Windows\system32\kdvm.dll
2014-05-26 23:27 - 2013-04-09 00:17 - 01829408 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-05-26 23:27 - 2013-04-08 23:52 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-05-26 23:27 - 2013-04-08 23:52 - 00804352 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2014-05-26 23:27 - 2013-04-08 23:52 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-05-26 23:27 - 2013-04-08 23:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-05-26 23:27 - 2013-04-08 23:52 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-05-26 23:27 - 2013-04-08 23:51 - 14267904 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-05-26 23:27 - 2013-04-08 23:51 - 03552768 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-05-26 23:27 - 2013-04-08 23:51 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2014-05-26 23:27 - 2013-04-08 23:51 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2014-05-26 23:27 - 2013-04-08 23:51 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-05-26 23:27 - 2013-04-08 23:51 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-05-26 23:27 - 2013-04-08 23:50 - 02107904 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-05-26 23:27 - 2013-04-08 23:50 - 00745984 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-05-26 23:27 - 2013-04-08 23:50 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-05-26 23:27 - 2013-04-08 23:50 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\GenuineCenter.dll
2014-05-26 23:27 - 2013-04-08 23:50 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2014-05-26 23:27 - 2013-04-08 23:50 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-05-26 23:27 - 2013-04-08 23:50 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2014-05-26 23:27 - 2013-04-08 23:49 - 01444864 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2014-05-26 23:27 - 2013-04-08 23:49 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-05-26 23:27 - 2013-04-08 23:49 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-05-26 23:27 - 2013-04-08 23:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\fhengine.dll
2014-05-26 23:27 - 2013-04-08 23:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2014-05-26 23:27 - 2013-04-08 23:49 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2014-05-26 23:27 - 2013-04-08 23:49 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2014-05-26 23:27 - 2013-04-08 23:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\fmifs.dll
2014-05-26 23:27 - 2013-04-08 23:48 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-05-26 23:27 - 2013-04-08 21:34 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2014-05-26 23:27 - 2013-04-08 21:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2014-05-26 23:27 - 2013-04-08 21:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-05-26 23:27 - 2013-04-08 21:31 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2014-05-26 23:27 - 2013-04-08 18:44 - 00123880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2014-05-26 23:27 - 2013-04-08 18:39 - 01408896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-05-26 23:27 - 2013-04-08 18:37 - 00426024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-05-26 23:27 - 2013-04-08 18:37 - 00324368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-05-26 23:27 - 2013-04-08 16:52 - 11878912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-05-26 23:27 - 2013-04-08 16:52 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-05-26 23:27 - 2013-04-08 16:52 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-05-26 23:27 - 2013-04-08 16:52 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-05-26 23:27 - 2013-04-08 16:52 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-05-26 23:27 - 2013-04-08 16:51 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-05-26 23:27 - 2013-04-08 16:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-05-26 23:27 - 2013-04-08 16:51 - 01113600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2014-05-26 23:27 - 2013-04-08 16:51 - 00659456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-05-26 23:27 - 2013-04-08 16:51 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2014-05-26 23:27 - 2013-04-08 16:51 - 00403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-05-26 23:27 - 2013-04-08 16:51 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-05-26 23:27 - 2013-04-08 16:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-05-26 23:27 - 2013-04-08 16:51 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-05-26 23:27 - 2013-04-08 16:51 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2014-05-26 23:27 - 2013-04-08 16:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2014-05-26 23:27 - 2013-04-08 16:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2014-05-26 23:27 - 2013-04-08 16:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2014-05-26 23:27 - 2013-04-04 18:30 - 00503080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-05-26 23:27 - 2013-03-15 17:05 - 00298456 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-05-26 23:27 - 2013-03-15 17:05 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-05-26 23:27 - 2013-02-02 03:40 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2014-05-26 23:27 - 2013-02-02 03:23 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-05-26 23:27 - 2013-01-09 20:40 - 00303848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-05-26 23:27 - 2012-11-19 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidi2c.sys
2014-05-26 23:27 - 2012-11-06 02:33 - 00522640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-05-26 23:27 - 2012-11-06 00:00 - 00463768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-05-26 23:27 - 2012-11-05 23:18 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-05-26 23:27 - 2012-11-03 00:26 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2014-05-26 23:27 - 2012-11-03 00:26 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2014-05-26 23:27 - 2012-11-03 00:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-05-26 23:27 - 2012-11-03 00:24 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-05-26 23:27 - 2012-11-03 00:24 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2014-05-26 23:27 - 2012-11-03 00:24 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2014-05-26 23:27 - 2012-11-03 00:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2014-05-26 23:27 - 2012-11-03 00:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2014-05-26 23:27 - 2012-11-03 00:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2014-05-26 23:27 - 2012-11-03 00:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2014-05-26 23:27 - 2012-11-03 00:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2014-05-26 23:27 - 2012-11-03 00:04 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2014-05-26 23:27 - 2012-11-03 00:00 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2014-05-26 23:27 - 2012-11-03 00:00 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2014-05-26 23:27 - 2012-10-11 00:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-05-26 23:27 - 2012-10-11 00:44 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2014-05-26 23:27 - 2012-10-11 00:06 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2014-05-26 23:27 - 2012-10-11 00:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-05-26 23:27 - 2012-09-20 01:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\fhmanagew.exe
2014-05-26 23:27 - 2012-09-20 01:33 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2014-05-26 23:27 - 2012-09-20 01:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2014-05-26 23:27 - 2012-09-20 01:32 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2014-05-26 23:27 - 2012-09-20 01:32 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2014-05-26 23:27 - 2012-09-20 01:32 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2014-05-26 23:27 - 2012-09-20 01:32 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2014-05-26 23:27 - 2012-09-20 01:32 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-05-26 23:27 - 2012-09-20 01:32 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-05-26 23:27 - 2012-09-20 01:32 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-05-26 23:27 - 2012-09-20 01:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll
2014-05-26 23:27 - 2012-09-20 01:31 - 00280576 _____ (Microsoft Corporation) C:\Windows\system32\fhcat.dll
2014-05-26 23:27 - 2012-09-20 01:31 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\fhshl.dll
2014-05-26 23:27 - 2012-09-20 01:31 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\fhsvc.dll
2014-05-26 23:27 - 2012-09-20 01:31 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\fhsrchapi.dll
2014-05-26 23:27 - 2012-09-20 01:31 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fhevents.dll
2014-05-26 23:27 - 2012-09-20 01:31 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\fhsrchph.dll
2014-05-26 23:27 - 2012-09-20 01:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\fhlisten.dll
2014-05-26 23:27 - 2012-09-20 01:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\fhautoplay.dll
2014-05-26 23:27 - 2012-09-20 01:31 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\fhcleanup.dll
2014-05-26 23:27 - 2012-09-20 01:31 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\fhtask.dll
2014-05-26 23:27 - 2012-09-20 01:31 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\fhsvcctl.dll
2014-05-26 23:27 - 2012-09-20 01:12 - 09374208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-05-26 23:27 - 2012-09-20 01:09 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2014-05-26 23:27 - 2012-09-20 00:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2014-05-26 23:27 - 2012-09-20 00:55 - 00038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2014-05-26 23:27 - 2012-09-20 00:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2014-05-26 23:27 - 2012-09-20 00:54 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2014-05-26 23:27 - 2012-09-20 00:54 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2014-05-26 23:27 - 2012-09-20 00:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2014-05-26 23:27 - 2012-09-20 00:54 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-05-26 23:27 - 2012-09-20 00:54 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-05-26 23:27 - 2012-09-20 00:54 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-05-26 23:27 - 2012-09-20 00:32 - 09374208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-05-26 23:26 - 2013-03-21 22:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-05-26 23:26 - 2013-03-21 17:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-05-26 23:26 - 2013-03-14 19:17 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-05-26 23:25 - 2014-02-05 18:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-05-26 23:25 - 2014-02-05 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-05-26 23:25 - 2014-01-30 19:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-05-26 23:25 - 2014-01-30 19:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-05-26 23:25 - 2013-11-23 01:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-05-26 23:25 - 2013-11-23 00:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-05-26 23:25 - 2013-04-02 18:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-05-26 23:25 - 2013-04-02 18:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-05-26 23:22 - 2013-09-27 22:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-05-26 23:22 - 2013-08-07 00:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2014-05-26 23:22 - 2012-11-09 23:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-05-26 23:22 - 2012-11-09 23:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-05-26 23:22 - 2012-11-09 23:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2014-05-26 23:22 - 2012-11-09 23:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2014-05-26 23:22 - 2012-11-09 23:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2014-05-26 23:22 - 2012-10-31 23:41 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-05-26 23:22 - 2012-10-31 23:40 - 02361344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-05-26 23:22 - 2012-10-31 23:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-05-26 23:22 - 2012-10-31 23:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-05-26 23:22 - 2012-10-31 23:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-05-26 23:22 - 2012-10-31 23:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-05-26 23:22 - 2012-10-11 02:02 - 01636672 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2014-05-26 23:22 - 2012-10-11 00:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2014-05-26 23:22 - 2012-10-11 00:19 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2014-05-26 23:22 - 2012-10-11 00:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-05-26 23:21 - 2013-11-01 00:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-05-26 23:21 - 2013-10-31 22:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-05-26 23:21 - 2013-10-01 18:37 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-05-26 23:21 - 2013-10-01 18:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-05-26 23:21 - 2013-08-02 01:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-05-26 23:21 - 2013-08-02 00:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-05-26 23:21 - 2013-03-02 05:39 - 00069864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-05-26 23:21 - 2013-03-01 21:43 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-05-26 23:21 - 2013-02-06 20:33 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-05-26 23:21 - 2012-12-12 23:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-05-26 23:21 - 2012-12-12 22:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-05-26 22:27 - 2014-05-26 22:27 - 00000117 _____ () C:\Windows\system32\netcfg-40845593.txt
2014-05-26 22:27 - 2014-05-26 22:27 - 00000117 _____ () C:\Windows\system32\netcfg-40845328.txt
2014-05-26 19:46 - 2014-05-27 08:51 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Hewlett-Packard
2014-05-26 19:43 - 2014-05-26 19:43 - 00000117 _____ () C:\Windows\system32\netcfg-2516421.txt
2014-05-26 19:43 - 2014-05-26 19:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-05-26 19:43 - 2014-05-26 19:43 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-05-26 19:42 - 2014-05-26 23:33 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-26 19:42 - 2014-05-26 19:42 - 00000117 _____ () C:\Windows\system32\netcfg-2446906.txt
2014-05-26 19:42 - 2014-05-26 19:42 - 00000117 _____ () C:\Windows\system32\netcfg-2404546.txt
2014-05-26 19:41 - 2014-05-26 19:41 - 00000346 _____ () C:\Windows\system32\netcfg-2389640.txt
2014-05-26 19:41 - 2014-05-26 19:41 - 00000117 _____ () C:\Windows\system32\netcfg-2396140.txt
2014-05-26 19:41 - 2014-05-26 19:41 - 00000117 _____ () C:\Windows\system32\netcfg-2392921.txt
2014-05-26 19:41 - 2014-05-26 19:41 - 00000117 _____ () C:\Windows\system32\netcfg-2387781.txt
2014-05-26 19:40 - 2014-05-29 09:28 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1828264231-2059877326-2897248526-1001
2014-05-26 19:35 - 2014-05-26 19:35 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\ATI
2014-05-26 19:35 - 2014-05-26 19:35 - 00000000 ____D () C:\Users\Heather\AppData\Local\ATI
2014-05-26 19:34 - 2014-05-27 18:54 - 00000000 ____D () C:\Users\Heather\AppData\Local\Hewlett-Packard
2014-05-26 19:33 - 2014-05-28 00:31 - 00000000 ___RD () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 19:33 - 2014-05-28 00:31 - 00000000 ___RD () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-26 19:33 - 2014-05-26 19:33 - 00001434 _____ () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-26 19:33 - 2014-05-26 19:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2014-05-26 19:33 - 2014-05-26 19:33 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Adobe
2014-05-26 19:33 - 2012-12-28 15:46 - 00002212 _____ () C:\Users\Public\Desktop\Snapfish.lnk
2014-05-26 19:33 - 2012-09-11 23:43 - 00002100 _____ () C:\Users\Public\Desktop\HP Games.lnk
2014-05-26 19:32 - 2014-05-26 19:32 - 00000000 ____D () C:\Users\Heather\AppData\Local\Power2Go8
2014-05-26 19:31 - 2014-05-26 19:31 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Synaptics
2014-05-26 19:30 - 2014-06-02 12:43 - 02058347 _____ () C:\Windows\WindowsUpdate.log
2014-05-26 19:30 - 2014-05-29 08:42 - 00000000 ____D () C:\Users\Heather\AppData\Local\VirtualStore
2014-05-26 19:30 - 2014-05-28 00:32 - 00000000 ____D () C:\Users\Heather\AppData\Local\Packages
2014-05-26 19:30 - 2014-05-27 01:16 - 00000000 ____D () C:\Windows\softwaredistribution.bak
2014-05-26 19:30 - 2014-05-26 19:30 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Intel
2014-05-26 19:29 - 2014-06-03 07:50 - 00000000 ____D () C:\Users\Heather\AppData\Local\Temp
2014-05-26 19:29 - 2014-06-02 00:33 - 00000000 ____D () C:\Users\Heather
2014-05-26 19:29 - 2014-05-26 19:29 - 00000020 ___SH () C:\Users\Heather\ntuser.ini
2014-05-26 19:29 - 2012-09-11 23:12 - 00000000 ___HD () C:\Users\Heather\Documents\hp.system.package.metadata
2014-05-26 19:29 - 2012-07-26 03:13 - 00000000 ___RD () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-26 19:29 - 2012-07-26 03:13 - 00000000 ___RD () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-26 19:29 - 2012-07-26 03:13 - 00000000 ___RD () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-26 19:29 - 2012-07-26 03:13 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-26 19:18 - 2014-05-26 19:18 - 00000117 _____ () C:\Windows\system32\netcfg-984765.txt
2014-05-26 19:18 - 2014-05-26 19:18 - 00000117 _____ () C:\Windows\system32\netcfg-984734.txt
2014-05-26 19:18 - 2014-05-26 19:18 - 00000117 _____ () C:\Windows\system32\netcfg-983187.txt
2014-05-26 19:18 - 2014-05-26 19:18 - 00000117 _____ () C:\Windows\system32\netcfg-974203.txt
2014-05-26 15:48 - 2014-05-26 15:48 - 00000117 _____ () C:\Windows\system32\netcfg-16901609.txt
2014-05-26 15:48 - 2014-05-26 15:48 - 00000117 _____ () C:\Windows\system32\netcfg-16899203.txt
2014-05-26 13:43 - 2014-05-26 13:43 - 00000117 _____ () C:\Windows\system32\netcfg-9454312.txt
2014-05-26 13:43 - 2014-05-26 13:43 - 00000117 _____ () C:\Windows\system32\netcfg-9448359.txt
2014-05-26 13:34 - 2014-05-26 13:34 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Macromedia
2014-05-26 13:14 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\CyberLink
2014-05-26 13:14 - 2014-06-02 08:08 - 00000000 ____D () C:\Users\Heather\AppData\Local\CyberLink
2014-05-26 13:14 - 2014-05-26 13:14 - 00000000 ____D () C:\Users\Heather\Documents\Youcam

==================== One Month Modified Files and Folders =======

2014-06-03 07:50 - 2014-06-03 07:49 - 00000000 ____D () C:\FRST
2014-06-03 07:50 - 2014-05-26 19:29 - 00000000 ____D () C:\Users\Heather\AppData\Local\Temp
2014-06-03 07:49 - 2014-06-01 01:17 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-03 07:39 - 2014-06-03 07:39 - 00000000 ____D () C:\Users\Heather\Documents\Norton Identity Safe Backups
2014-06-03 07:25 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\sru
2014-06-02 12:43 - 2014-05-26 19:30 - 02058347 _____ () C:\Windows\WindowsUpdate.log
2014-06-02 08:47 - 2012-09-11 23:56 - 00877348 _____ () C:\Windows\system32\perfh00C.dat
2014-06-02 08:47 - 2012-09-11 23:56 - 00191806 _____ () C:\Windows\system32\perfc00C.dat
2014-06-02 08:47 - 2012-07-26 02:28 - 01994298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-02 08:40 - 2012-07-26 02:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-02 08:40 - 2012-07-26 02:21 - 00038894 _____ () C:\Windows\setupact.log
2014-06-02 08:39 - 2012-08-03 17:23 - 00067234 _____ () C:\Windows\PFRO.log
2014-06-02 08:39 - 2012-07-26 00:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-06-02 08:21 - 2014-05-26 13:14 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\CyberLink
2014-06-02 08:19 - 2012-09-11 23:16 - 00000000 ____D () C:\ProgramData\CyberLink
2014-06-02 08:18 - 2012-12-28 15:51 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-06-02 08:18 - 2012-12-28 15:51 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-06-02 08:18 - 2012-12-28 15:51 - 00029480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2014-06-02 08:18 - 2012-09-11 23:15 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-06-02 08:11 - 2014-06-02 08:11 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\WebApp
2014-06-02 08:08 - 2014-06-02 08:08 - 00000000 ____D () C:\Users\Heather\Documents\CyberLink
2014-06-02 08:08 - 2014-05-26 13:14 - 00000000 ____D () C:\Users\Heather\AppData\Local\CyberLink
2014-06-02 00:33 - 2014-05-26 19:29 - 00000000 ____D () C:\Users\Heather
2014-06-01 15:41 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\rescache
2014-06-01 15:05 - 2012-07-26 03:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-06-01 15:03 - 2012-08-03 19:02 - 00000000 ____D () C:\SWSetup
2014-06-01 14:58 - 2012-07-26 02:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-01 14:44 - 2014-06-01 14:44 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\HewlettPackard
2014-06-01 14:42 - 2014-05-27 09:07 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-06-01 14:42 - 2014-05-27 09:06 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-06-01 14:30 - 2014-06-01 14:30 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-06-01 14:30 - 2012-12-28 15:59 - 00000000 ____D () C:\ProgramData\Norton
2014-06-01 14:30 - 2012-07-26 00:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-06-01 14:29 - 2014-06-01 14:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-06-01 14:29 - 2012-12-28 16:00 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-06-01 14:29 - 2012-12-28 16:00 - 00002501 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-06-01 14:29 - 2012-12-28 15:59 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-06-01 14:28 - 2012-12-28 16:00 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-06-01 14:28 - 2012-12-28 16:00 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-06-01 14:28 - 2012-12-28 15:59 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-06-01 14:20 - 2014-06-01 14:20 - 00031744 ___SH () C:\Users\Heather\Desktop\Thumbs.db
2014-06-01 14:20 - 2014-06-01 14:20 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-06-01 14:14 - 2014-06-01 11:30 - 00000427 ____H () C:\Windows\system32\Rebecca.dat
2014-06-01 01:17 - 2014-06-01 01:17 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-01 01:17 - 2014-06-01 01:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-01 01:17 - 2014-06-01 01:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 01:17 - 2014-06-01 01:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-01 01:09 - 2014-06-01 01:06 - 00000000 ____D () C:\AdwCleaner
2014-05-30 10:01 - 2014-05-30 10:01 - 00291288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-29 23:03 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-29 09:31 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-29 09:28 - 2014-05-26 19:40 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1828264231-2059877326-2897248526-1001
2014-05-29 08:42 - 2014-05-26 19:30 - 00000000 ____D () C:\Users\Heather\AppData\Local\VirtualStore
2014-05-29 07:49 - 2014-05-29 07:49 - 00000000 ____D () C:\Users\Public\CyberLink
2014-05-28 18:25 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-28 11:14 - 2012-09-11 23:12 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-28 11:13 - 2012-07-26 13:40 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-05-28 11:12 - 2012-12-28 15:23 - 00017876 _____ () C:\Windows\DPINST.LOG
2014-05-28 11:12 - 2012-12-28 15:23 - 00002990 _____ () C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements
2014-05-28 11:12 - 2012-12-28 15:23 - 00001332 _____ () C:\Windows\Synaptics.log
2014-05-28 11:11 - 2014-05-28 11:11 - 01060080 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00544496 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00495856 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2014-05-28 11:11 - 2014-05-28 11:11 - 00264432 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00192240 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo18.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00151280 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCom.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00033008 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2014-05-28 11:06 - 2012-12-28 15:20 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-05-28 11:02 - 2014-05-26 23:57 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\hpqlog
2014-05-28 11:00 - 2014-05-28 11:00 - 00003160 _____ () C:\Windows\System32\Tasks\CLVDLauncher
2014-05-28 11:00 - 2014-05-28 11:00 - 00003160 _____ () C:\Windows\System32\Tasks\CLMLSvc_P2G8
2014-05-28 11:00 - 2012-12-28 15:39 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-05-28 08:16 - 2014-05-28 08:16 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-05-28 00:32 - 2014-05-26 19:30 - 00000000 ____D () C:\Users\Heather\AppData\Local\Packages
2014-05-28 00:31 - 2014-05-26 19:33 - 00000000 ___RD () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-28 00:31 - 2014-05-26 19:33 - 00000000 ___RD () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-28 00:24 - 2012-07-26 03:12 - 00000000 ___RD () C:\Windows\ToastData
2014-05-28 00:24 - 2012-07-26 03:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-05-28 00:24 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-28 00:24 - 2012-07-26 03:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-28 00:24 - 2012-07-26 00:38 - 00000000 ____D () C:\Windows\system32\oobe
2014-05-28 00:23 - 2012-07-26 03:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-27 23:08 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-27 23:08 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-27 23:08 - 2012-07-26 02:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-05-27 23:07 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-27 23:07 - 2012-07-26 03:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-27 23:07 - 2012-07-26 03:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-27 19:47 - 2014-05-27 19:47 - 00000000 ____D () C:\Users\Heather\AppData\Local\DFX
2014-05-27 19:45 - 2014-05-27 19:45 - 00001710 _____ () C:\Users\Public\Desktop\DFX.lnk
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Roaming\vlc
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\vlc
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\vlc
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Guest
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\vlc
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Administrator
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DFX Audio Enhancer
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Program Files (x86)\DFX
2014-05-27 19:11 - 2014-05-27 10:10 - 00000000 ____D () C:\Users\Heather\AppData\Local\IM
2014-05-27 18:54 - 2014-05-27 18:54 - 00000356 _____ () C:\Windows\Tasks\HPCeeScheduleForHeather.job
2014-05-27 18:54 - 2014-05-26 19:34 - 00000000 ____D () C:\Users\Heather\AppData\Local\Hewlett-Packard
2014-05-27 10:11 - 2014-05-27 10:10 - 00000000 ____D () C:\ProgramData\IM
2014-05-27 10:10 - 2014-05-27 10:10 - 00002085 _____ () C:\Users\Public\Desktop\Secure passwords.lnk
2014-05-27 10:10 - 2014-05-27 10:10 - 00002025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
2014-05-27 10:10 - 2014-05-27 10:10 - 00002013 _____ () C:\Users\Public\Desktop\IncrediMail.lnk
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\ProgramData\Photo Notifier and Animation Creator
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\ProgramData\IncrediMail
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\Program Files (x86)\Photo Notifier and Animation Creator
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\Program Files (x86)\IncrediMail
2014-05-27 10:10 - 2012-09-11 23:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-27 09:50 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-27 09:50 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-27 09:50 - 2012-07-26 03:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-05-27 09:50 - 2012-07-26 03:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-05-27 09:50 - 2012-07-26 00:38 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-05-27 09:50 - 2012-07-26 00:38 - 00000000 ____D () C:\Windows\system32\Dism
2014-05-27 09:49 - 2012-07-26 03:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-27 09:49 - 2012-07-26 03:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-27 09:29 - 2014-05-27 09:29 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-05-27 09:29 - 2012-12-28 15:26 - 00000000 ____D () C:\Program Files\IDT
2014-05-27 09:26 - 2014-05-27 09:29 - 06085632 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2014-05-27 09:26 - 2014-05-27 09:29 - 03308376 _____ (Dolby Laboratories) C:\Windows\system32\EEP64A.dll
2014-05-27 09:26 - 2014-05-27 09:29 - 01821184 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl
2014-05-27 09:26 - 2014-05-27 09:29 - 01664000 _____ (IDT, Inc.) C:\Windows\sttray64.exe
2014-05-27 09:26 - 2014-05-27 09:29 - 00426328 _____ (Dolby Laboratories) C:\Windows\system32\EED64A.dll
2014-05-27 09:26 - 2014-05-27 09:29 - 00136024 _____ (Dolby Laboratories) C:\Windows\system32\EEL64A.dll
2014-05-27 09:26 - 2014-05-27 09:29 - 00118104 _____ (Dolby Laboratories) C:\Windows\system32\EEA64A.dll
2014-05-27 09:26 - 2014-05-27 09:27 - 02188800 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2014-05-27 09:26 - 2014-05-27 09:27 - 00671744 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2014-05-27 09:26 - 2014-05-27 09:27 - 00542208 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2014-05-27 09:26 - 2014-05-27 09:27 - 00499200 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2014-05-27 09:26 - 2014-05-27 09:27 - 00255488 _____ (IDT, Inc.) C:\Windows\system32\st646425.dll
2014-05-27 09:10 - 2012-12-28 15:20 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-05-27 08:51 - 2014-05-26 19:46 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Hewlett-Packard
2014-05-27 07:29 - 2012-12-28 15:20 - 00000000 ____D () C:\Intel
2014-05-27 07:28 - 2014-05-27 07:28 - 00000117 _____ () C:\Windows\system32\netcfg-52984.txt
2014-05-27 07:27 - 2014-05-27 07:27 - 00000117 _____ () C:\Windows\system32\netcfg-21208968.txt
2014-05-27 07:27 - 2014-05-27 07:27 - 00000117 _____ () C:\Windows\system32\netcfg-21184921.txt
2014-05-27 07:27 - 2012-07-26 00:37 - 00000000 ____D () C:\Windows\servicing
2014-05-27 01:33 - 2014-05-27 01:33 - 00000117 _____ () C:\Windows\system32\netcfg-1113375.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000136 _____ () C:\Windows\system32\netcfg-133671.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000134 _____ () C:\Windows\system32\netcfg-131500.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000134 _____ () C:\Windows\system32\netcfg-129625.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000128 _____ () C:\Windows\system32\netcfg-148859.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000127 _____ () C:\Windows\system32\netcfg-123421.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000126 _____ () C:\Windows\system32\netcfg-121453.txt
2014-05-27 01:17 - 2014-05-27 01:16 - 00000128 _____ () C:\Windows\system32\netcfg-119156.txt
2014-05-27 01:16 - 2014-05-27 01:16 - 00000135 _____ () C:\Windows\system32\netcfg-117578.txt
2014-05-27 01:16 - 2014-05-27 01:16 - 00000129 _____ () C:\Windows\system32\netcfg-109375.txt
2014-05-27 01:16 - 2014-05-27 01:16 - 00000117 _____ () C:\Windows\system32\netcfg-81796.txt
2014-05-27 01:16 - 2014-05-26 19:30 - 00000000 ____D () C:\Windows\softwaredistribution.bak
2014-05-27 01:14 - 2014-05-27 01:14 - 00000117 _____ () C:\Windows\system32\netcfg-1600109.txt
2014-05-27 00:07 - 2014-05-27 00:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-26 23:33 - 2014-05-26 23:33 - 00001058 _____ () C:\Windows\system32\netcfg-44839125.txt
2014-05-26 23:33 - 2014-05-26 23:33 - 00001057 _____ () C:\Windows\system32\netcfg-44829187.txt
2014-05-26 23:33 - 2014-05-26 19:42 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-26 23:33 - 2012-12-28 15:24 - 00000000 ____D () C:\Program Files\Intel
2014-05-26 22:48 - 2012-09-11 23:43 - 00000000 ___HD () C:\HP
2014-05-26 22:27 - 2014-05-26 22:27 - 00000117 _____ () C:\Windows\system32\netcfg-40845593.txt
2014-05-26 22:27 - 2014-05-26 22:27 - 00000117 _____ () C:\Windows\system32\netcfg-40845328.txt
2014-05-26 19:43 - 2014-05-26 19:43 - 00000117 _____ () C:\Windows\system32\netcfg-2516421.txt
2014-05-26 19:43 - 2014-05-26 19:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-05-26 19:43 - 2014-05-26 19:43 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-05-26 19:43 - 2012-12-28 15:28 - 00000000 ____D () C:\ProgramData\Intel.sav
2014-05-26 19:43 - 2012-12-28 15:25 - 00000000 ____D () C:\ProgramData\Intel
2014-05-26 19:43 - 2012-12-28 15:23 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-05-26 19:42 - 2014-05-26 19:42 - 00000117 _____ () C:\Windows\system32\netcfg-2446906.txt
2014-05-26 19:42 - 2014-05-26 19:42 - 00000117 _____ () C:\Windows\system32\netcfg-2404546.txt
2014-05-26 19:41 - 2014-05-26 19:41 - 00000346 _____ () C:\Windows\system32\netcfg-2389640.txt
2014-05-26 19:41 - 2014-05-26 19:41 - 00000117 _____ () C:\Windows\system32\netcfg-2396140.txt
2014-05-26 19:41 - 2014-05-26 19:41 - 00000117 _____ () C:\Windows\system32\netcfg-2392921.txt
2014-05-26 19:41 - 2014-05-26 19:41 - 00000117 _____ () C:\Windows\system32\netcfg-2387781.txt
2014-05-26 19:41 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\restore
2014-05-26 19:35 - 2014-05-26 19:35 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\ATI
2014-05-26 19:35 - 2014-05-26 19:35 - 00000000 ____D () C:\Users\Heather\AppData\Local\ATI
2014-05-26 19:33 - 2014-05-26 19:33 - 00001434 _____ () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-26 19:33 - 2014-05-26 19:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2014-05-26 19:33 - 2014-05-26 19:33 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Adobe
2014-05-26 19:33 - 2012-12-28 15:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-05-26 19:33 - 2012-09-11 23:30 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-05-26 19:33 - 2012-09-11 23:28 - 00000000 ___RD () C:\Program Files\Online Services
2014-05-26 19:33 - 2012-09-11 23:27 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2014-05-26 19:33 - 2012-09-11 23:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2014-05-26 19:33 - 2012-07-26 03:12 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-05-26 19:32 - 2014-05-26 19:32 - 00000000 ____D () C:\Users\Heather\AppData\Local\Power2Go8
2014-05-26 19:32 - 2012-08-03 19:02 - 00000000 ___HD () C:\SYSTEM.SAV
2014-05-26 19:31 - 2014-05-26 19:31 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Synaptics
2014-05-26 19:30 - 2014-05-26 19:30 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Intel
2014-05-26 19:30 - 2012-08-03 18:21 - 00000000 ____D () C:\Windows\Panther
2014-05-26 19:29 - 2014-05-26 19:29 - 00000020 ___SH () C:\Users\Heather\ntuser.ini
2014-05-26 19:18 - 2014-05-26 19:18 - 00000117 _____ () C:\Windows\system32\netcfg-984765.txt
2014-05-26 19:18 - 2014-05-26 19:18 - 00000117 _____ () C:\Windows\system32\netcfg-984734.txt
2014-05-26 19:18 - 2014-05-26 19:18 - 00000117 _____ () C:\Windows\system32\netcfg-983187.txt
2014-05-26 19:18 - 2014-05-26 19:18 - 00000117 _____ () C:\Windows\system32\netcfg-974203.txt
2014-05-26 15:48 - 2014-05-26 15:48 - 00000117 _____ () C:\Windows\system32\netcfg-16901609.txt
2014-05-26 15:48 - 2014-05-26 15:48 - 00000117 _____ () C:\Windows\system32\netcfg-16899203.txt
2014-05-26 13:43 - 2014-05-26 13:43 - 00000117 _____ () C:\Windows\system32\netcfg-9454312.txt
2014-05-26 13:43 - 2014-05-26 13:43 - 00000117 _____ () C:\Windows\system32\netcfg-9448359.txt
2014-05-26 13:34 - 2014-05-26 13:34 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Macromedia
2014-05-26 13:14 - 2014-05-26 13:14 - 00000000 ____D () C:\Users\Heather\Documents\Youcam
2014-05-12 07:26 - 2014-06-01 01:17 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-01 01:17 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-01 01:17 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-06 00:14 - 2014-05-26 23:27 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 00:14 - 2014-05-26 23:27 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-05 22:48 - 2014-05-26 23:27 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-05 22:48 - 2014-05-26 23:27 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 22:37 - 2014-05-26 23:27 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-05 22:26 - 2014-05-26 23:27 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-04 17:12 - 2014-05-27 00:05 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Heather\AppData\Local\Temp\Extract.exe
C:\Users\Heather\AppData\Local\Temp\Quarantine.exe
C:\Users\Heather\AppData\Local\Temp\SP59202.exe
C:\Users\Heather\AppData\Local\Temp\SP59207.exe
C:\Users\Heather\AppData\Local\Temp\SP59647.exe
C:\Users\Heather\AppData\Local\Temp\SP59649.exe
C:\Users\Heather\AppData\Local\Temp\SP59927.exe
C:\Users\Heather\AppData\Local\Temp\SP60051.exe
C:\Users\Heather\AppData\Local\Temp\SP61037.exe
C:\Users\Heather\AppData\Local\Temp\SP61277.exe
C:\Users\Heather\AppData\Local\Temp\SP61882.exe
C:\Users\Heather\AppData\Local\Temp\SP62364.exe
C:\Users\Heather\AppData\Local\Temp\SP62976.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-26 23:48] - [2014-04-12 04:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2012-08-03 17:23

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2014
Ran by Heather at 2014-06-03 07:50:54
Running from C:\Users\Heather\Desktop\EXE. Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7 Wonders II (x32 Version: 2.2.0.98 - WildTangent) Hidden
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5977D04D-1D6A-952C-97AF-04D9D4C0AE56}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Crazy Chicken Soccer (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.6326 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3.6326 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3119 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2527 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.3.2527 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5723 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.8.5723 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DFX (HKLM-x32\...\DFX) (Version: 11.113.0.0 - Power Technology)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
HPDetect (HKLM-x32\...\{CCCDD476-98F9-4B06-91DB-23F27CEC3BE1}) (Version: 1.0.0.0 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
IncrediMail (x32 Version: 6.6.0.5288 - IncrediMail) Hidden
IncrediMail 2.5 (HKLM-x32\...\IncrediMail) (Version: 6.6.0.5288 - IncrediMail Ltd.)
Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 16.1.1.0084 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel® WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.3.0.12 - Symantec Corporation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Photo Notifier and Animation Creator (x32 Version: 1.0.0.1009 - IncrediMail) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points  =========================

27-05-2014 00:41:56 Intel® PROSet/Wireless Software
28-05-2014 00:43:02 HPSF Applying updates
28-05-2014 00:44:09 HPSF Applying updates
28-05-2014 00:44:49 HPSF Applying updates
01-06-2014 19:44:20 Installed HPDetect

==================== Hosts content: ==========================

2012-07-26 00:26 - 2012-07-26 00:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0D5615F9-42B3-40A6-857C-A6F6EC85F8A1} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-01] (Hewlett-Packard Development Company, L.P.)
Task: {11D92285-A085-4242-A205-B71481A437E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {23B8E1E0-1E81-46B7-9D0E-35C658D08CF0} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {26E567D5-472D-4FE7-A859-7B4291653E82} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {3E0A5225-119E-47CE-B65B-30E3D7FA42E5} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {4225EF91-3A87-4913-9E10-64C9E91AE48F} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {4376AF82-FAE0-4320-9A5C-3A380B58F893} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-05-28] (Synaptics Incorporated)
Task: {45A6206B-D153-4379-B6A3-A2EC34B367F5} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {4DA33754-74FB-4935-B1E2-6B1350BEB364} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {763BA632-F1AF-4DC0-9B95-E03B9C6113F9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe [2014-05-10] (Symantec Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B116D4C9-E396-4A46-B26F-AFFDFB6BD8F6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CB88C369-0D87-4A8B-B93C-B085C0C50F89} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {DB6D55BD-5F62-4717-B733-DA317EB59374} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {E0461B04-59B6-4F23-ADDB-2D4D54EAE928} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Critical Actions Pending => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F8AEA648-EAEF-4508-BAD2-4F9D2EAF61B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\HPCeeScheduleForHeather.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2012-07-25 15:08 - 2012-07-25 15:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-06 14:54 - 2012-08-06 14:54 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-12-28 15:24 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-05-27 10:09 - 2014-05-27 10:09 - 00272808 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll
2014-05-27 10:09 - 2014-05-27 10:09 - 00033128 _____ () C:\Program Files (x86)\IncrediMail\Bin\IMHttpComm.dll
2014-05-27 10:09 - 2014-05-27 10:09 - 00072104 _____ () C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll
2013-10-01 15:02 - 2013-10-01 15:02 - 00108888 _____ () C:\Program Files (x86)\IncrediMail\Bin\pmc.dll
2014-05-27 10:09 - 2014-05-27 10:09 - 00133544 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll
2014-05-27 10:09 - 2014-05-27 10:09 - 00080296 _____ () C:\Program Files (x86)\IncrediMail\bin\ImAppRU.dll
2014-05-27 10:10 - 2014-05-27 10:08 - 01034096 _____ () C:\Program Files (x86)\IncrediMail\bin\AE\ActionEngine.dll
2014-05-28 10:59 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name:
Description:
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: GenericAdapter
Service: BTHUSB
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
 Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.

==================== Event log errors: =========================

Application errors:
==================
Error: (06/02/2014 08:41:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ZeroConfigService.exe, version: 16.1.0.0, time stamp: 0x521e80f5
Faulting module name: MurocApi.dll, version: 16.1.0.0, time stamp: 0x521e7ff7
Exception code: 0xc0000005
Fault offset: 0x0000000000026570
Faulting process id: 0x88c
Faulting application start time: 0xZeroConfigService.exe0
Faulting application path: ZeroConfigService.exe1
Faulting module path: ZeroConfigService.exe2
Report Id: ZeroConfigService.exe3
Faulting package full name: ZeroConfigService.exe4
Faulting package-relative application ID: ZeroConfigService.exe5

Error: (06/02/2014 08:05:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: mbamcore.dll, version: 1.0.11.0, time stamp: 0x536d8027
Exception code: 0xc0000005
Fault offset: 0x00001c8f
Faulting process id: 0x250
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
Faulting package full name: mbam.exe4
Faulting package-relative application ID: mbam.exe5

Error: (06/02/2014 00:55:40 AM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error

Error: (06/01/2014 03:06:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ZeroConfigService.exe, version: 16.1.0.0, time stamp: 0x521e80f5
Faulting module name: MurocApi.dll, version: 16.1.0.0, time stamp: 0x521e7ff7
Exception code: 0xc0000005
Fault offset: 0x0000000000026570
Faulting process id: 0xaec
Faulting application start time: 0xZeroConfigService.exe0
Faulting application path: ZeroConfigService.exe1
Faulting module path: ZeroConfigService.exe2
Report Id: ZeroConfigService.exe3
Faulting package full name: ZeroConfigService.exe4
Faulting package-relative application ID: ZeroConfigService.exe5

Error: (06/01/2014 02:44:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary EraserUtilRebootDrv.

System Error:
The system cannot find the file specified.
.

Error: (05/30/2014 09:59:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPPU.exe, version: 1.0.0.0, time stamp: 0x50079e34
Faulting module name: d2d1.dll, version: 6.2.9200.16765, time stamp: 0x528bf8d9
Exception code: 0xc0000005
Fault offset: 0x0015948b
Faulting process id: 0x9070
Faulting application start time: 0xHPPU.exe0
Faulting application path: HPPU.exe1
Faulting module path: HPPU.exe2
Report Id: HPPU.exe3
Faulting package full name: HPPU.exe4
Faulting package-relative application ID: HPPU.exe5

Error: (05/30/2014 00:59:47 AM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error

Error: (05/28/2014 11:14:05 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: HEATHER)
Description: Application or service 'HPWMISVC' could not be restarted.

Error: (05/28/2014 11:06:10 AM) (Source: MsiInstaller) (EventID: 11402) (User: HEATHER)
Description: Product: Intel® PROSet/Wireless Software for Bluetooth® Technology -- Error 1402. Could not open key: HKEY_LOCAL_MACHINE32\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters.  System error 5.  Verify that you have sufficient access to that key, or contact your support personnel.

Error: (05/28/2014 09:50:15 AM) (Source: MsiInstaller) (EventID: 11402) (User: HEATHER)
Description: Product: Intel® PROSet/Wireless Software for Bluetooth® Technology -- Error 1402. Could not open key: HKEY_LOCAL_MACHINE32\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters.  System error 5.  Verify that you have sufficient access to that key, or contact your support personnel.

System errors:
=============
Error: (06/02/2014 08:41:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/01/2014 03:06:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/31/2014 10:11:14 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:03:11 PM on ‎2014-‎05-‎30 was unexpected.

Error: (05/29/2014 09:00:43 AM) (Source: DCOM) (EventID: 10016) (User: HEATHER)
Description: application-specificLocalActivation{B77C4C36-0154-4C52-AB49-FAA03837E47F}{EA022610-0748-4C24-B229-6C507EBDFDBB}HeatherHeatherS-1-5-21-1828264231-2059877326-2897248526-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/29/2014 09:00:43 AM) (Source: DCOM) (EventID: 10016) (User: HEATHER)
Description: application-specificLocalActivation{A188DB29-2ABC-46CB-9A38-40B82CF5D051}{EA022610-0748-4C24-B229-6C507EBDFDBB}HeatherHeatherS-1-5-21-1828264231-2059877326-2897248526-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (05/28/2014 11:14:07 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The HPWMISVC service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (05/28/2014 11:00:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CLVirtualDrive service failed to start due to the following error:
%%183

Error: (05/27/2014 07:23:04 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Bluetooth Device Monitor service.

Error: (05/27/2014 07:22:34 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Bluetooth Device Monitor service.

Error: (05/27/2014 10:54:40 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1018) (User: NT AUTHORITY)
Description: CBS failed to install the language pack for fr-FR. Returned CBS error code 0x800f0825.

Microsoft Office Sessions:
=========================
Error: (06/02/2014 08:41:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe16.1.0.0521e80f5MurocApi.dll16.1.0.0521e7ff7c0000005000000000002657088c01cf7e683c714d89C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dll8c06ebba-ea5b-11e3-be7f-38eaa7f369c1

Error: (06/02/2014 08:05:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532mbamcore.dll1.0.11.0536d8027c000000500001c8f25001cf7e633c98a63bC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamcore.dll902683fb-ea56-11e3-be7e-38eaa7f369c1

Error: (06/02/2014 00:55:40 AM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description:

Error: (06/01/2014 03:06:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe16.1.0.0521e80f5MurocApi.dll16.1.0.0521e7ff7c00000050000000000026570aec01cf7dd4eee28f0eC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dll38a12ee0-e9c8-11e3-be7e-38eaa7f369c1

Error: (06/01/2014 02:44:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary EraserUtilRebootDrv.

System Error:
The system cannot find the file specified.

Error: (05/30/2014 09:59:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPPU.exe1.0.0.050079e34d2d1.dll6.2.9200.16765528bf8d9c00000050015948b907001cf7c17b804562cC:\Program Files (x86)\Hewlett-Packard\HP Utility Center\HPPU.exeC:\Windows\SYSTEM32\d2d1.dllfdfcfb39-e80a-11e3-be7a-38eaa7f369c1

Error: (05/30/2014 00:59:47 AM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description:

Error: (05/28/2014 11:14:05 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: HEATHER)
Description: 0C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeHPWMISVC03026217818480

Error: (05/28/2014 11:06:10 AM) (Source: MsiInstaller) (EventID: 11402) (User: HEATHER)
Description: Product: Intel® PROSet/Wireless Software for Bluetooth® Technology -- Error 1402. Could not open key: HKEY_LOCAL_MACHINE32\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters.  System error 5.  Verify that you have sufficient access to that key, or contact your support personnel. (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (05/28/2014 09:50:15 AM) (Source: MsiInstaller) (EventID: 11402) (User: HEATHER)
Description: Product: Intel® PROSet/Wireless Software for Bluetooth® Technology -- Error 1402. Could not open key: HKEY_LOCAL_MACHINE32\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters.  System error 5.  Verify that you have sufficient access to that key, or contact your support personnel. (NULL)(NULL)(NULL)(NULL)(NULL)

CodeIntegrity Errors:
===================================
  Date: 2014-05-27 08:48:33.070
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:39:25.527
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:38:57.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:31:20.622
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:26:05.859
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:22:51.467
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:19:35.142
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:19:30.181
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:16:19.076
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:12:49.240
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 26%
Total physical RAM: 8084.27 MB
Available physical RAM: 5910.1 MB
Total Pagefile: 12692.27 MB
Available Pagefile: 10325.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:672.22 GB) (Free:600.83 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:25.65 GB) (Free:3.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: DC15DFB4)

Partition: GPT Partition Type.

==================== End Of Log ============================

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2014-06-03
Scan Time: 7:49:10 AM
Logfile: mal.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.03.04
Rootkit Database: v2014.06.02.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: Heather

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 307765
Time Elapsed: 8 min, 19 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)



#5 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,059 posts
  • MVP

Posted 04 June 2014 - 01:01 PM

LiquidTension is experiencing computer issues at the moment, so he asked if I could copy his reply to you into the thread, so here it is




Hello lightbrite,

Is there any reason why you have not updated Windows to 8.1?

I can see you are running FRST from the following folder: C:\Users\Heather\Desktop\EXE. Downloads
Please run all tools directly from your desktop.
 

Hi , While I was waiting for reply I did install Malwarebytes ,I did scan and quarantined items then rebooted as suggested by malwarebytes

Please open Malwarebytes, locate the log containing quarantined items and copy/paste the contents in your next reply.

STEP 1
BY4dvz9.pngAdwCleaner
  • Please download AdwCleaner and save the file to your desktop.
  • Right-Click AdwCleaner.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts.
  • Click Scan.
  • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate.
  • Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
  • Follow the prompts and allow your computer to reboot.
  • After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.
-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.


STEP 2
E3feWj5.pngJunkware Removal Tool (JRT)
  • Please download Junkware Removal Tool and save the file to your desktop.
  • If you unchecked items in AdwCleaner, please backup the associated folder/file prior to running this tool.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click JRT.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts and allow the scan to run uninterrupted.
  • Upon completion, a log (JRT.txt) will open on your desktop.
  • Re-enable your anti-virus software.
  • Copy the contents of JRT.txt and paste in your next reply.
======================================================

STEP 3
pfNZP4A.pngLogs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.
  • MBAM log
  • AdwCleaner[S0].txt
  • JRT.txt

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015


#6 lightbrite

lightbrite

    Authentic Member

  • Authentic Member
  • PipPip
  • 70 posts

Posted 04 June 2014 - 06:52 PM

Hi,        To answer question about upgrading to 8.1 . I just recently purchased laptop and that was my next update until I got that trovi .wanted to make sure laptop was clean before I udate.. Also I have used malwarebytes before and downloaded to laptop and ran scan so the log files are from that and the  first run of malwarebytes..

 

thanks for help

Heather

 

Here is logs

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2014-06-02
Scan Time: 8:29:36 AM
Logfile: mbytes.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.02.05
Rootkit Database: v2014.05.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: Heather

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 307559
Time Elapsed: 8 min, 42 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, Quarantined, [b9f492e1017a6bcbc497ccf92ed56e92],

Registry Values: 1
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, 92828566115512130, Quarantined, [b9f492e1017a6bcbc497ccf92ed56e92]

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.Conduit.A, C:\Users\Heather\AppData\Local\Temp\CT3325111, Quarantined, [f1bcd69d8af12d09518ac5b63bc7a55b],
PUP.Optional.Conduit.A, C:\Users\Heather\AppData\Local\Temp\CT3325809, Quarantined, [159802714c2f22149447e398946e10f0],

Files: 3
PUP.Optional.Conduit.A, C:\Users\Heather\AppData\Local\Temp\nsz1DF2\SpSetup.exe, Quarantined, [3a731c57bcbf93a3371250336f923ac6],
PUP.Optional.Conduit.A, C:\Users\Heather\AppData\Local\Temp\CT3325111\ddt.csf, Quarantined, [f1bcd69d8af12d09518ac5b63bc7a55b],
PUP.Optional.Conduit.A, C:\Users\Heather\AppData\Local\Temp\CT3325809\ddt.csf, Quarantined, [159802714c2f22149447e398946e10f0],

Physical Sectors: 0
(No malicious items detected)

(end)

 

# AdwCleaner v3.211 - Report created 04/06/2014 at 19:23:48
# Updated 26/05/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Heather - HEATHER
# Running from : C:\Users\Heather\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\Software

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\Heather\AppData\Roaming\Mozilla\Firefox\Profiles\8494zov5.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2699 octets] - [01/06/2014 01:06:28]
AdwCleaner[R1].txt - [920 octets] - [04/06/2014 19:20:21]
AdwCleaner[S0].txt - [2271 octets] - [01/06/2014 01:09:14]
AdwCleaner[S1].txt - [844 octets] - [04/06/2014 19:23:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [903 octets] ##########
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Heather on 2014-06-04 at 19:28:15.00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4DABDDBA-3607-487A-BF21-92E49C647822}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{4DABDDBA-3607-487A-BF21-92E49C647822}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2014-06-04 at 19:34:19.97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#7 LiquidTension

LiquidTension

    SuperMember

  • Classroom Teacher
  • 2,566 posts

Posted 05 June 2014 - 10:20 PM

Hello Heather,
 
I would update to 8.1 after we're finished here.
 
Your logs indicate you may have issues with USB drives? Is this the case?

 

Please run the following scans. When running Malwarebytes, please ensure you tick the option to Scan for rootkits (as instructed below).
 
STEP 1
GfiJrQ9.png Malwarebytes Anti-Malware (MBAM)

  • Launch Malwarebytes and select Update.
  • Once updated, click the Settings tab and tick Scan for rootkits.
  • Click the Scan tab, ensure Threat Scan is checked and click Scan Now.
  • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. 
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • Click Copy to Clipboard and paste the log in your next reply. 
     

STEP 2
GzlsbnV.png ESET Online Scan
Note: This scan will take a significant amount of time to complete. Please do not browse the Internet whilst your resident protection is disabled.

  • Please download ESET Online Scan and save the file to your desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme. 
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then press Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Click Hide advanced settings. Your settings should match that of the image below.
  • Ensure Remove found threats is unchecked.
    3Crnyln.png
  • Allow virus signature database to download and for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points. 
  • Click esetExport.png and save the file to your desktop, naming it something unique such as MyEsetScan.
  • Push the Back button.
  • Place a checkmark next to KN1w2nv.png and click SzOC1p0.png.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • MBAM Scan log
  • ESET Online Scan log
  • How is your computer running? 

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#8 lightbrite

lightbrite

    Authentic Member

  • Authentic Member
  • PipPip
  • 70 posts

Posted 06 June 2014 - 06:51 AM

Hi ,LiquidTension

 

I probably have screwed up :wall:    I updated to 8.1 before this was cleaned up . Would that make a difference before everything was given the thumbs up . :blush:  I hope not.(if so I'll change my name to dull brite

Should I still go ahead and run malwarebytes and the rest of instructions .

Heather



#9 LiquidTension

LiquidTension

    SuperMember

  • Classroom Teacher
  • 2,566 posts

Posted 06 June 2014 - 11:12 AM

Hello Heather,

Don't worry! Updating Windows to 8.1 earlier will not have had any adverse effects. Please proceed with Malwarebytes and ESET. :)

Please don't forget to answer my question regarding your USB drive(s). Do you have any issues inserting, removing, reading or opening any USB drive?

I would also like to know how your computer is performing after running MBAM and ESET? Are you experiencing any issues?

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#10 lightbrite

lightbrite

    Authentic Member

  • Authentic Member
  • PipPip
  • 70 posts

Posted 07 June 2014 - 06:07 PM

Hi Adam

 

I 'm not sure what you mean really about the usb drives ? I just got this laptop  fairly recently and trying to find where everything is. It's a bit different than running xp . Except now when I upgraded to 8.1 a window popped open when booting up saying Catalyst Control Host Center stopped working and has to close program ? Any ideas I would appreciate them.  ..I noticed all the errors on the one scan log from jrt ?

thanks Heather

 

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll.vir    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir    a variant of Win32/Conduit.SearchProtect.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll.vir    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll.vir    a variant of Win64/Conduit.SearchProtect.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir    a variant of Win32/Conduit.SearchProtect.I potentially unwanted application
 

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2014-06-06
Scan Time: 12:42:08 PM
Logfile: mbam#2.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.06.06
Rootkit Database: v2014.06.02.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Heather

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 316289
Time Elapsed: 11 min, 54 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


Edited by lightbrite, 07 June 2014 - 06:12 PM.

    Advertisements

Register to Remove


#11 LiquidTension

LiquidTension

    SuperMember

  • Classroom Teacher
  • 2,566 posts

Posted 09 June 2014 - 10:10 AM

Hello Heather,
 
The items identified by ESET have already been quarantined, and are not an issue.  
 

I 'm not sure what you mean really about the usb drives ?

Not to worry. If there is an issue you would know about it. 
 

Except now when I upgraded to 8.1 a window popped open when booting up saying Catalyst Control Host Center stopped working and has to close program ? Any ideas I would appreciate them

Catalyst Control Center configuration software is developed by Advanced Micro Devices, Inc. (AMD), and allows the end user to control the performance and visual quality of AMD graphics. 
 
Your current version of the software is not compatible with Windows 8.1. Please visit the AMD download page, and click the orange Download Nowbutton. This will automatically detect and install the correct version for your Operating System. 
 
Upon completion, please reboot your computer and monitor the startup. Let me know if you still receive the error. 
 
 
STEP 1
CXrghb6.png Update Outdated Software

Outdated software contain security risks that must be patched. Please download and install the latest version of the programmes below.

  • u9DsAVv.png Follow these instructions to check for and download the latest Windows Updates.
  • ehzOq95.png I recommend installing the latest version of Internet Explorer for added security. The latest version IE can be installed via Windows Update, or by visiting this page
     

STEP 2
oxliOQk.png Security Check

  • Please download SecurityCheck and save the file to your desktop.
  • Double-click SecurityCheck.exe and follow the onscreen instructions inside the black box.
  • A log (checkup.txt) will automatically open on your desktop.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Confirmation you had no issues with the instructions. 
  • checkup.txt
  • Comments on how your computer is performing. 

Note: There are important steps to follow. Please ensure you continue following this topic until I give you the "All Clean".


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#12 lightbrite

lightbrite

    Authentic Member

  • Authentic Member
  • PipPip
  • 70 posts

Posted 09 June 2014 - 05:07 PM

Hi Adam

 

Computers are frustrating to say the least . :wall:      When I got this laptop it asks to verify this pc ,and I did , then I got this trovi for which you were helping me with then while I was waiting for reply I updated to 8.1 for which you said  there shouldn't be a problem .Now here's a question when you upgrade to 8.1 do you have to verify this pc again because that's what I'm getting in messages verify this pc .

I went to amd and clicked the orange button and I'm  assuming it was for auto detect drivers .I downloaded and clicked to open but it didn't install ,now I get message from Norton saying high cpu from auto detect but it didn't install .Not sure where to go from here ...help! one more thing Internet Explorer is installed and says when I went to page it's installed and is latest version.....

Heather :blush: 


Edited by lightbrite, 09 June 2014 - 05:10 PM.


#13 LiquidTension

LiquidTension

    SuperMember

  • Classroom Teacher
  • 2,566 posts

Posted 10 June 2014 - 01:05 PM

Hello Heather,
 
Lets get a fresh look at your computer, and we will see about addressing some of your issues. Please answer the following questions, and carry out the instructions below.

  • Do you still receive the, "Catalyst Control Host Center Has Stopped Working" message when you boot your computer? 
  • Overall, how is your computer performing?
     

STEP 1
qd0Bfg4.png System Summary Information

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time.
  • Type msinfo32 and click OK.
  • Click on System Summary to select it. 
  • Click FileSave. Name the file Summary and save it to your desktop.
  • Right-click the file on your desktop, hover your mouse over Send To and click Compressed (zipped) Folder.
  • Attach the Summary.zip folder in your next reply. 
     

STEP 2
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your desktop. Copy the contents of both logs and paste in your next reply. 
     

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Answers to my questions
  • Summary.zip (attached)
  • FRST.txt
  • Addition.txt

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#14 lightbrite

lightbrite

    Authentic Member

  • Authentic Member
  • PipPip
  • 70 posts

Posted 10 June 2014 - 03:20 PM

Hi Adam

 

Ok , here it goes .

 

  • 1    Yes, to the Catalyst Control Center stopped working did pop up again when booting up this morning.
  • 2    It seems to running ok ,except late yesterday when I tried to open some programs it wouldn't open .But I went to HP store on pc and installed the updates and it appears to be working now. So Far  (fingers crossed )
  • I guess I will wait upon your next reply to see what's next.

  

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-06-2014
Ran by Heather (administrator) on HEATHER on 10-06-2014 15:37:22
Running from C:\Users\Heather\Desktop
Platform: Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HpDeviceDetection3.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2014-05-27] (IDT, Inc.)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2014-05-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-04-10] (CyberLink Corp.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
HKU\S-1-5-21-1828264231-2059877326-2897248526-1001\...\Run: [IncrediMail] => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [444840 2014-05-27] (IncrediMail, Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPNTDFJS
SearchScopes: HKLM - {4DABDDBA-3607-487A-BF21-92E49C647822} URL = http://www.amazon.ca...ds={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...56705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...56705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPNTDFJS
SearchScopes: HKCU - {4DABDDBA-3607-487A-BF21-92E49C647822} URL =
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...56705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Heather\AppData\Roaming\Mozilla\Firefox\Profiles\8494zov5.default
FF DefaultSearchEngine: Norton Safe Search
FF SelectedSearchEngine: Norton Safe Search
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: hp.com/HPDetect - C:\Users\Heather\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF [2014-06-01]
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn [2014-06-09]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF [2014-06-01]

==================== Services (Whitelisted) =================

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-10] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-05-21] (Hewlett-Packard Company)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-08] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-06-05] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-05] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-05] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2014-01-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-05-28] (Advanced Micro Devices, Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-05-31] (Symantec Corporation)
S3 getbus; C:\Users\Heather\AppData\Local\Temp\getbus.sys [22912 2014-06-09] (AMD)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20140608.001\IDSvia64.sys [525016 2014-05-30] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-18] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140610.001\ENG64.SYS [126040 2014-05-31] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140610.001\EX64.SYS [2099288 2014-05-31] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3349984 2014-04-26] (Intel Corporation)
R3 NMgamingmsFltr; C:\Windows\system32\drivers\NMgamingms.sys [13312 2013-12-09] (LXD Development, Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-03-18] (Microsoft Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-18] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2014-05-28] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1503000.00C\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-01] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-05] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-06-27] (Hewlett-Packard Development Company, L.P.)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-06-05] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows ® Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-10 15:37 - 2014-06-10 15:37 - 00017995 _____ () C:\Users\Heather\Desktop\FRST.txt
2014-06-10 15:36 - 2014-06-10 15:36 - 00000000 ____D () C:\Users\Heather\Desktop\FRST-OlderVersion
2014-06-10 15:35 - 2014-06-10 15:35 - 00068081 _____ () C:\Users\Heather\Desktop\system32-Summary.zip
2014-06-10 15:32 - 2014-06-10 15:32 - 01406032 _____ () C:\Users\Heather\Desktop\system32-Summary.nfo
2014-06-09 18:52 - 2014-06-09 18:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-06-09 18:52 - 2014-06-09 18:52 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-06-08 08:27 - 2014-06-08 08:27 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-06-08 08:20 - 2014-06-10 15:04 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{68DFB85F-864C-4F21-9DBD-35DA4D2F8654}
2014-06-08 08:20 - 2014-06-08 08:20 - 00000000 __SHD () C:\Users\Heather\AppData\Local\EmieUserList
2014-06-08 08:20 - 2014-06-08 08:20 - 00000000 __SHD () C:\Users\Heather\AppData\Local\EmieSiteList
2014-06-08 07:52 - 2014-06-08 07:52 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\IDT
2014-06-08 07:44 - 2014-06-08 07:44 - 00005193 _____ () C:\WirelessDiagLog.csv
2014-06-07 19:05 - 2014-06-07 19:05 - 00001048 _____ () C:\Users\Heather\Desktop\mbam#2.txt
2014-06-07 18:41 - 2014-06-07 18:41 - 00001054 _____ () C:\Users\Heather\Desktop\Malwarebytes.txt
2014-06-07 18:16 - 2014-06-07 18:16 - 00001173 _____ () C:\Users\Heather\Desktop\myEsetscan.txt
2014-06-06 12:37 - 2014-06-06 12:37 - 02347384 _____ (ESET) C:\Users\Heather\Desktop\esetsmartinstaller_enu.exe
2014-06-05 22:08 - 2014-06-05 22:08 - 00000000 __SHD () C:\Recovery
2014-06-05 22:08 - 2014-06-05 19:45 - 00000000 ___DC () C:\WINDOWS\Panther
2014-06-05 22:07 - 2014-06-05 22:07 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-06-05 22:07 - 2014-06-05 22:07 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01339240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01066496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-06-05 22:06 - 2014-06-05 22:06 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-06-05 22:06 - 2014-06-05 22:06 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-06-05 22:06 - 2014-06-05 22:06 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-06-05 22:06 - 2014-06-05 22:06 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-06-05 22:06 - 2014-06-05 22:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-06-05 22:06 - 2014-06-05 22:06 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-06-05 22:05 - 2014-06-05 22:05 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-06-05 22:05 - 2014-06-05 22:05 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-06-05 22:05 - 2014-06-05 22:05 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-06-05 22:05 - 2014-06-05 22:05 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-05 22:04 - 2014-06-05 22:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-06-05 22:04 - 2014-06-05 22:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-06-05 22:04 - 2014-06-05 22:04 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-06-05 22:04 - 2014-06-05 22:04 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-06-05 22:03 - 2014-06-05 22:03 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-05 22:03 - 2014-06-05 22:03 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-05 22:03 - 2014-06-05 22:03 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-06-05 22:03 - 2014-06-05 22:03 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-06-05 22:03 - 2014-06-05 22:03 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-06-05 22:03 - 2014-06-05 22:03 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-06-05 22:03 - 2014-06-05 22:03 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-05 22:03 - 2014-06-05 22:03 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-05 22:03 - 2014-06-05 22:03 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 03359744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-05 22:02 - 2014-06-05 22:02 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-05 22:02 - 2014-06-05 22:02 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00384856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-05 22:02 - 2014-06-05 22:02 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00310616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-05 22:01 - 2014-06-05 22:01 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-06-05 21:58 - 2014-06-05 21:58 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-06-05 21:58 - 2014-06-05 21:58 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-06-05 21:58 - 2014-06-05 21:58 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-06-05 21:58 - 2014-06-05 21:58 - 00000000 ____D () C:\Program Files\MSBuild
2014-06-05 21:58 - 2014-06-05 21:58 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-06-05 21:58 - 2014-06-05 21:58 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-06-05 21:58 - 2014-06-05 21:58 - 00000000 ____D () C:\inetpub
2014-06-05 21:57 - 2013-08-02 23:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-06-05 21:57 - 2013-08-02 23:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-05 21:57 - 2013-08-02 23:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-06-05 21:57 - 2013-08-02 23:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-06-05 21:57 - 2013-08-02 23:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-05 21:57 - 2013-08-02 23:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-06-05 19:52 - 2014-06-05 19:52 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-06-05 19:48 - 2014-06-10 07:53 - 00000000 __RDO () C:\Users\Heather\OneDrive
2014-06-05 19:48 - 2014-06-05 19:49 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-06-05 19:45 - 2014-06-05 19:45 - 00001446 _____ () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-05 19:45 - 2014-06-05 19:45 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-06-05 19:44 - 2014-06-05 19:44 - 00000020 ___SH () C:\Users\Heather\ntuser.ini
2014-06-05 19:44 - 2014-05-28 16:52 - 00036096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2014-06-05 19:38 - 2014-06-10 15:33 - 01237737 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-05 19:37 - 2014-06-05 19:37 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-06-05 19:28 - 2014-06-05 19:28 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-06-05 19:28 - 2014-06-05 19:28 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-06-05 19:27 - 2014-06-05 19:27 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-06-05 19:23 - 2014-06-05 19:23 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-06-05 19:22 - 2014-06-10 15:37 - 00000000 ____D () C:\Users\Heather\AppData\Local\Temp
2014-06-05 19:22 - 2014-06-05 19:48 - 00000000 ____D () C:\Users\Heather
2014-06-05 19:22 - 2014-06-05 19:23 - 00000000 ___RD () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-05 19:22 - 2014-06-05 19:23 - 00000000 ___RD () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-05 19:22 - 2014-03-18 05:13 - 00000369 _____ () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-06-05 19:22 - 2014-03-18 05:13 - 00000369 _____ () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-06-05 19:22 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-05 19:22 - 2013-08-22 10:36 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-05 19:21 - 2014-06-05 19:37 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2014-06-05 19:21 - 2014-06-05 19:37 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2014-06-05 19:15 - 2014-06-05 19:23 - 00012096 _____ () C:\WINDOWS\iis.log
2014-06-05 19:15 - 2014-06-05 19:15 - 00930400 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-06-05 19:12 - 2014-06-05 19:29 - 00000000 ____D () C:\Program Files\IDT
2014-06-05 19:12 - 2014-06-05 19:12 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-06-05 19:12 - 2014-06-05 19:12 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-06-05 19:12 - 2014-06-05 19:12 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-06-05 19:12 - 2014-06-05 19:12 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-06-05 19:12 - 2014-06-05 19:12 - 00000000 ____D () C:\Program Files\Synaptics
2014-06-05 19:12 - 2014-05-27 09:26 - 06085632 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2014-06-05 19:12 - 2014-05-27 09:26 - 03308376 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEP64A.dll
2014-06-05 19:12 - 2014-05-27 09:26 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2014-06-05 19:12 - 2014-05-27 09:26 - 01664000 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2014-06-05 19:12 - 2014-05-27 09:26 - 00426328 _____ (Dolby Laboratories) C:\WINDOWS\system32\EED64A.dll
2014-06-05 19:12 - 2014-05-27 09:26 - 00136024 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEL64A.dll
2014-06-05 19:12 - 2014-05-27 09:26 - 00118104 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEA64A.dll
2014-06-05 19:11 - 2014-06-05 19:11 - 00000000 ____D () C:\Program Files\AMD
2014-06-05 18:25 - 2014-06-05 19:37 - 00006608 _____ () C:\WINDOWS\comsetup.log
2014-06-05 07:36 - 2014-06-05 18:49 - 00307732 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-06-04 22:01 - 2014-06-04 22:02 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\WildTangent
2014-06-04 21:48 - 2014-06-04 21:48 - 00000000 ____D () C:\Users\Heather\AppData\Local\Bluestacks
2014-06-04 21:48 - 2014-06-04 21:48 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-04 19:40 - 2014-06-04 19:40 - 00001804 _____ () C:\Users\Heather\Desktop\mbytes.txt
2014-06-04 19:34 - 2014-06-04 19:34 - 00000907 _____ () C:\Users\Heather\Desktop\JRT.txt
2014-06-04 19:28 - 2014-06-04 19:28 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-06-04 19:27 - 2014-06-04 19:27 - 00000982 _____ () C:\Users\Heather\Desktop\AdwCleaner[S1].txt
2014-06-04 19:13 - 2014-06-04 19:14 - 01016261 _____ (Thisisu) C:\Users\Heather\Desktop\JRT.exe
2014-06-04 19:12 - 2014-06-04 17:58 - 00000030 _____ () C:\AVScanner.ini
2014-06-04 19:11 - 2014-06-04 19:11 - 01327971 _____ () C:\Users\Heather\Downloads\AdwCleaner.exe
2014-06-04 19:11 - 2014-06-04 19:11 - 00001181 _____ () C:\Users\Heather\Desktop\AdwCleaner - Shortcut.lnk
2014-06-04 18:55 - 2014-06-10 15:36 - 02080768 _____ (Farbar) C:\Users\Heather\Desktop\FRST64.exe
2014-06-04 17:59 - 2014-06-04 17:59 - 00000000 ____D () C:\Users\Heather\AppData\Local\Macromedia
2014-06-04 17:58 - 2014-06-04 17:58 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-04 17:57 - 2014-06-10 15:06 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-04 17:57 - 2014-06-04 17:59 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-06-04 15:40 - 2014-06-04 15:40 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-04 15:40 - 2014-06-04 15:40 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-04 15:40 - 2014-06-04 15:40 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Mozilla
2014-06-04 15:40 - 2014-06-04 15:40 - 00000000 ____D () C:\Users\Heather\AppData\Local\Mozilla
2014-06-04 15:40 - 2014-06-04 15:40 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-04 15:40 - 2014-06-04 15:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-04 15:40 - 2014-06-04 15:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-03 08:53 - 2014-06-03 08:53 - 00002160 _____ () C:\Users\Heather\Downloads\cc_20140603_085301backup3from1.reg
2014-06-03 08:52 - 2014-06-03 08:52 - 00008396 _____ () C:\Users\Heather\Downloads\cc_20140603_085146 backup2nd from 1.reg
2014-06-03 08:51 - 2014-06-03 08:51 - 00093502 _____ () C:\Users\Heather\Downloads\cc_20140603_085055 backup.reg
2014-06-03 08:46 - 2014-06-05 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-03 08:46 - 2014-06-03 08:46 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-03 08:46 - 2014-06-03 08:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-03 08:26 - 2014-06-03 08:26 - 00001042 _____ () C:\Users\Heather\Downloads\mal.txt
2014-06-03 07:49 - 2014-06-10 15:37 - 00000000 ____D () C:\FRST
2014-06-03 07:39 - 2014-06-03 07:39 - 00000000 ____D () C:\Users\Heather\Documents\Norton Identity Safe Backups
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-06-02 08:11 - 2014-06-02 08:11 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\WebApp
2014-06-02 08:08 - 2014-06-02 08:08 - 00000000 ____D () C:\Users\Heather\Documents\CyberLink
2014-06-01 14:44 - 2014-06-01 14:44 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\HewlettPackard
2014-06-01 14:29 - 2014-06-05 19:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-06-01 14:20 - 2014-06-01 14:20 - 00031744 ___SH () C:\Users\Heather\Desktop\Thumbs.db
2014-06-01 14:20 - 2014-06-01 14:20 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-06-01 11:30 - 2014-06-01 14:14 - 00000427 ____H () C:\WINDOWS\system32\Rebecca.dat
2014-06-01 01:17 - 2014-06-10 10:47 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-01 01:17 - 2014-06-05 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-01 01:17 - 2014-06-01 01:17 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-01 01:17 - 2014-06-01 01:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 01:17 - 2014-06-01 01:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-01 01:17 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-06-01 01:17 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-06-01 01:17 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-06-01 01:06 - 2014-06-04 19:23 - 00000000 ____D () C:\AdwCleaner
2014-05-29 07:49 - 2014-05-29 07:49 - 00000000 ____D () C:\Users\Public\CyberLink
2014-05-28 16:53 - 2014-05-28 16:53 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 03461040 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap
2014-05-28 16:53 - 2014-05-28 16:53 - 03426688 _____ () C:\WINDOWS\system32\atiumd6a.cap
2014-05-28 16:53 - 2014-05-28 16:53 - 00234036 _____ () C:\WINDOWS\system32\ativvaxy_cik.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00233776 _____ () C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00230912 _____ () C:\WINDOWS\system32\clinfo.exe
2014-05-28 16:53 - 2014-05-28 16:53 - 00204952 _____ () C:\WINDOWS\SysWOW64\ativvsvl.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00204952 _____ () C:\WINDOWS\system32\ativvsvl.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00157144 _____ () C:\WINDOWS\SysWOW64\ativvsva.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00157144 _____ () C:\WINDOWS\system32\ativvsva.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00129536 _____ (AMD) C:\WINDOWS\system32\coinst_13.251.9001.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00099840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00083968 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00083552 _____ () C:\WINDOWS\system32\ativce02.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00073728 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00020790 _____ () C:\WINDOWS\SysWOW64\ativvsnl.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00020790 _____ () C:\WINDOWS\system32\ativvsnl.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00003917 _____ () C:\WINDOWS\SysWOW64\atipblag.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00003917 _____ () C:\WINDOWS\system32\atipblag.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00000025 _____ () C:\WINDOWS\SysWOW64\ativvsny.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00000025 _____ () C:\WINDOWS\system32\ativvsny.dat
2014-05-28 16:52 - 2014-05-28 16:52 - 29382144 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 24860160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 13209088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 09753752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 08406024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 01318552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 01187342 _____ () C:\WINDOWS\system32\amdocl_as64.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 01100216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 01061902 _____ () C:\WINDOWS\system32\amdocl_ld64.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00995342 _____ () C:\WINDOWS\SysWOW64\amdocl_as32.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00798734 _____ () C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00721296 _____ () C:\WINDOWS\system32\atiicdxx.dat
2014-05-28 16:52 - 2014-05-28 16:52 - 00626688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 00588288 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00550464 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb
2014-05-28 16:52 - 2014-05-28 16:52 - 00550464 _____ () C:\WINDOWS\system32\atiapfxx.blb
2014-05-28 16:52 - 2014-05-28 16:52 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00412672 _____ () C:\WINDOWS\system32\amdmiracast.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00207072 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atibtmon.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00053248 _____ () C:\WINDOWS\system32\amdverag.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00047887 _____ () C:\WINDOWS\atiogl.xml
2014-05-28 16:52 - 2014-05-28 16:52 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2014-05-28 16:52 - 2014-05-21 00:33 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-05-28 16:52 - 2014-05-21 00:33 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 01060080 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00544496 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00495856 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2014-05-28 11:11 - 2014-05-28 11:11 - 00264432 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00192240 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo18.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00151280 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynTPCom.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00033008 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2014-05-28 11:00 - 2014-05-28 11:00 - 00003160 _____ () C:\WINDOWS\System32\Tasks\CLVDLauncher
2014-05-28 11:00 - 2014-05-28 11:00 - 00003160 _____ () C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2014-05-28 11:00 - 2012-06-25 10:24 - 00092536 _____ (CyberLink) C:\WINDOWS\system32\Drivers\CLVirtualDrive.sys
2014-05-28 08:16 - 2014-06-05 19:27 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-05-27 22:39 - 2014-06-05 19:45 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak1
2014-05-27 19:47 - 2014-05-27 19:47 - 00000000 ____D () C:\Users\Heather\AppData\Local\DFX
2014-05-27 19:45 - 2014-06-09 18:52 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-27 19:45 - 2014-06-09 18:52 - 00000000 ____D () C:\Users\Guest
2014-05-27 19:45 - 2014-06-09 18:52 - 00000000 ____D () C:\Users\Administrator
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Roaming\vlc
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\vlc
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\vlc
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\vlc
2014-05-27 18:54 - 2014-06-09 20:43 - 00000356 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForHeather.job
2014-05-27 10:10 - 2014-06-05 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
2014-05-27 10:10 - 2014-05-27 19:11 - 00000000 ____D () C:\Users\Heather\AppData\Local\IM
2014-05-27 10:10 - 2014-05-27 10:11 - 00000000 ____D () C:\ProgramData\IM
2014-05-27 10:10 - 2014-05-27 10:10 - 00002085 _____ () C:\Users\Public\Desktop\Secure passwords.lnk
2014-05-27 10:10 - 2014-05-27 10:10 - 00002025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
2014-05-27 10:10 - 2014-05-27 10:10 - 00002013 _____ () C:\Users\Public\Desktop\IncrediMail.lnk
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\ProgramData\Photo Notifier and Animation Creator
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\ProgramData\IncrediMail
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\Program Files (x86)\Photo Notifier and Animation Creator
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\Program Files (x86)\IncrediMail
2014-05-27 09:27 - 2014-05-27 09:26 - 02188800 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2014-05-27 09:27 - 2014-05-27 09:26 - 00671744 ____N (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2014-05-27 09:27 - 2014-05-27 09:26 - 00542208 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2014-05-27 09:27 - 2014-05-27 09:26 - 00499200 _____ (IDT, Inc.) C:\WINDOWS\system32\stcplx64.dll
2014-05-27 09:27 - 2014-05-27 09:26 - 00255488 _____ (IDT, Inc.) C:\WINDOWS\system32\st646425.dll
2014-05-27 09:07 - 2014-06-09 20:07 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-05-27 09:06 - 2014-06-09 20:07 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-27 07:28 - 2014-05-27 07:28 - 00000117 _____ () C:\WINDOWS\system32\netcfg-52984.txt
2014-05-27 07:27 - 2014-05-27 07:27 - 00000117 _____ () C:\WINDOWS\system32\netcfg-21208968.txt
2014-05-27 07:27 - 2014-05-27 07:27 - 00000117 _____ () C:\WINDOWS\system32\netcfg-21184921.txt
2014-05-27 01:33 - 2014-05-27 01:33 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1113375.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000136 _____ () C:\WINDOWS\system32\netcfg-133671.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000134 _____ () C:\WINDOWS\system32\netcfg-131500.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000134 _____ () C:\WINDOWS\system32\netcfg-129625.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000128 _____ () C:\WINDOWS\system32\netcfg-148859.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000127 _____ () C:\WINDOWS\system32\netcfg-123421.txt
2014-05-27 01:16 - 2014-05-27 01:17 - 00000128 _____ () C:\WINDOWS\system32\netcfg-119156.txt
2014-05-27 01:16 - 2014-05-27 01:16 - 00000129 _____ () C:\WINDOWS\system32\netcfg-109375.txt
2014-05-27 01:16 - 2014-05-27 01:16 - 00000117 _____ () C:\WINDOWS\system32\netcfg-81796.txt
2014-05-27 01:14 - 2014-05-27 01:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1600109.txt
2014-05-27 00:05 - 2014-06-10 15:22 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-27 00:05 - 2014-06-10 15:21 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-26 23:57 - 2014-05-28 11:02 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\hpqlog
2014-05-26 23:52 - 2013-05-03 23:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2014-05-26 23:52 - 2013-05-03 23:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2014-05-26 23:33 - 2014-05-26 23:33 - 00001058 _____ () C:\WINDOWS\system32\netcfg-44839125.txt
2014-05-26 23:33 - 2014-05-26 23:33 - 00001057 _____ () C:\WINDOWS\system32\netcfg-44829187.txt
2014-05-26 22:27 - 2014-05-26 22:27 - 00000117 _____ () C:\WINDOWS\system32\netcfg-40845593.txt
2014-05-26 22:27 - 2014-05-26 22:27 - 00000117 _____ () C:\WINDOWS\system32\netcfg-40845328.txt
2014-05-26 19:46 - 2014-05-27 08:51 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Hewlett-Packard
2014-05-26 19:43 - 2014-05-26 19:43 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2516421.txt
2014-05-26 19:42 - 2014-06-09 20:17 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-26 19:42 - 2014-05-26 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2446906.txt
2014-05-26 19:42 - 2014-05-26 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2404546.txt
2014-05-26 19:41 - 2014-05-26 19:41 - 00000346 _____ () C:\WINDOWS\system32\netcfg-2389640.txt
2014-05-26 19:41 - 2014-05-26 19:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2396140.txt
2014-05-26 19:41 - 2014-05-26 19:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2392921.txt
2014-05-26 19:41 - 2014-05-26 19:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2387781.txt
2014-05-26 19:40 - 2014-06-10 15:21 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1828264231-2059877326-2897248526-1001
2014-05-26 19:35 - 2014-05-26 19:35 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\ATI
2014-05-26 19:35 - 2014-05-26 19:35 - 00000000 ____D () C:\Users\Heather\AppData\Local\ATI
2014-05-26 19:34 - 2014-05-27 18:54 - 00000000 ____D () C:\Users\Heather\AppData\Local\Hewlett-Packard
2014-05-26 19:33 - 2014-06-05 19:45 - 00000000 ___RD () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 19:33 - 2014-06-05 19:45 - 00000000 ___RD () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-26 19:33 - 2014-06-05 19:25 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2014-05-26 19:33 - 2014-05-26 19:33 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Adobe
2014-05-26 19:33 - 2012-12-28 15:46 - 00002212 _____ () C:\Users\Public\Desktop\Snapfish.lnk
2014-05-26 19:33 - 2012-09-11 23:43 - 00002100 _____ () C:\Users\Public\Desktop\HP Games.lnk
2014-05-26 19:32 - 2014-05-26 19:32 - 00000000 ____D () C:\Users\Heather\AppData\Local\Power2Go8
2014-05-26 19:31 - 2014-05-26 19:31 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Synaptics
2014-05-26 19:30 - 2014-06-09 23:08 - 00000000 ____D () C:\Users\Heather\AppData\Local\Packages
2014-05-26 19:30 - 2014-05-29 08:42 - 00000000 ____D () C:\Users\Heather\AppData\Local\VirtualStore
2014-05-26 19:30 - 2014-05-27 01:16 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak
2014-05-26 19:30 - 2014-05-26 19:30 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Intel
2014-05-26 19:29 - 2012-09-11 23:12 - 00000000 ___HD () C:\Users\Heather\Documents\hp.system.package.metadata
2014-05-26 19:18 - 2014-05-26 19:18 - 00000117 _____ () C:\WINDOWS\system32\netcfg-984765.txt
2014-05-26 19:18 - 2014-05-26 19:18 - 00000117 _____ () C:\WINDOWS\system32\netcfg-984734.txt
2014-05-26 19:18 - 2014-05-26 19:18 - 00000117 _____ () C:\WINDOWS\system32\netcfg-983187.txt
2014-05-26 19:18 - 2014-05-26 19:18 - 00000117 _____ () C:\WINDOWS\system32\netcfg-974203.txt
2014-05-26 15:48 - 2014-05-26 15:48 - 00000117 _____ () C:\WINDOWS\system32\netcfg-16901609.txt
2014-05-26 15:48 - 2014-05-26 15:48 - 00000117 _____ () C:\WINDOWS\system32\netcfg-16899203.txt
2014-05-26 13:43 - 2014-05-26 13:43 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9454312.txt
2014-05-26 13:43 - 2014-05-26 13:43 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9448359.txt
2014-05-26 13:34 - 2014-05-26 13:34 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Macromedia
2014-05-26 13:14 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\CyberLink
2014-05-26 13:14 - 2014-06-02 08:08 - 00000000 ____D () C:\Users\Heather\AppData\Local\CyberLink
2014-05-26 13:14 - 2014-05-26 13:14 - 00000000 ____D () C:\Users\Heather\Documents\Youcam
2014-05-21 00:34 - 2014-05-21 00:34 - 00187348 _____ () C:\WINDOWS\system32\resTHA.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00180164 _____ () C:\WINDOWS\system32\resELL.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00176020 _____ () C:\WINDOWS\system32\resRUS.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00161876 _____ () C:\WINDOWS\system32\resARA.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00161332 _____ () C:\WINDOWS\system32\resHEB.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00161268 _____ () C:\WINDOWS\system32\resJPN.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00156692 _____ () C:\WINDOWS\system32\resFRA.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00156676 _____ () C:\WINDOWS\system32\resHUN.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00154980 _____ () C:\WINDOWS\system32\resKOR.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00154884 _____ () C:\WINDOWS\system32\resITA.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00154884 _____ () C:\WINDOWS\system32\resDEU.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00154724 _____ () C:\WINDOWS\system32\resROM.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00154612 _____ () C:\WINDOWS\system32\resESN.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00154180 _____ () C:\WINDOWS\system32\resPLK.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00154036 _____ () C:\WINDOWS\system32\resSKY.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00153844 _____ () C:\WINDOWS\system32\resNLD.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00153284 _____ () C:\WINDOWS\system32\resPTB.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00153140 _____ () C:\WINDOWS\system32\resTRK.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00153108 _____ () C:\WINDOWS\system32\resCSY.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00152980 _____ () C:\WINDOWS\system32\resPTG.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00152564 _____ () C:\WINDOWS\system32\resFIN.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00152132 _____ () C:\WINDOWS\system32\resHRV.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00151684 _____ () C:\WINDOWS\system32\resSVE.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00151508 _____ () C:\WINDOWS\system32\resSLV.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00150580 _____ () C:\WINDOWS\system32\resNOR.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00150068 _____ () C:\WINDOWS\system32\resDAN.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00148756 _____ () C:\WINDOWS\system32\resENU.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00146980 _____ () C:\WINDOWS\system32\resCHT.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00146148 _____ () C:\WINDOWS\system32\resCHS.cui
2014-05-21 00:33 - 2014-05-21 00:33 - 23048704 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 18032640 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 17791136 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 17409536 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 16586584 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 16114320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 08120320 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 06364672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 04590152 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 04342088 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 04338504 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 04011168 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 03791872 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2014-05-21 00:33 - 2014-05-21 00:33 - 03658520 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 02813952 _____ () C:\WINDOWS\system32\iglhxa64.cpa
2014-05-21 00:33 - 2014-05-21 00:33 - 02477728 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 02023936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 01755648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 01673216 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 01551872 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 01455776 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 01137080 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 01132960 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00929608 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00792736 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00734208 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00655360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00646304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00603296 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00543560 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00543048 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00501064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00443720 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00433560 _____ () C:\WINDOWS\system32\igdmd64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00415560 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00392520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00392008 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00373248 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00358912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00348088 _____ () C:\WINDOWS\SysWOW64\igdmd32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00344736 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00330240 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00314696 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00294912 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00291328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00278344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00267264 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00254976 _____ () C:\WINDOWS\system32\igfxCPL.cpl
2014-05-21 00:33 - 2014-05-21 00:33 - 00249856 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00243528 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00223744 _____ () C:\WINDOWS\system32\igdde64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00218808 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00212992 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00210592 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00190792 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00187408 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00183808 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00183800 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00182784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3621.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00182784 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00177824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00160256 _____ () C:\WINDOWS\system32\igdail64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00158032 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00155136 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00152392 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00142848 _____ () C:\WINDOWS\SysWOW64\igdail32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00128672 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00094368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00094208 _____ () C:\WINDOWS\system32\IccLibDll_x64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00070144 _____ () C:\WINDOWS\system32\igfxCUIServicePS.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00069632 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00057856 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00044025 _____ () C:\WINDOWS\system32\iglhxo64.vp
2014-05-21 00:33 - 2014-05-21 00:33 - 00043816 _____ () C:\WINDOWS\system32\iglhxc64_dev.vp
2014-05-21 00:33 - 2014-05-21 00:33 - 00043494 _____ () C:\WINDOWS\system32\iglhxc64.vp
2014-05-21 00:33 - 2014-05-21 00:33 - 00043298 _____ () C:\WINDOWS\system32\iglhxg64_dev.vp
2014-05-21 00:33 - 2014-05-21 00:33 - 00043256 _____ () C:\WINDOWS\system32\iglhxg64.vp
2014-05-21 00:33 - 2014-05-21 00:33 - 00042079 _____ () C:\WINDOWS\system32\iglhxo64_dev.vp
2014-05-21 00:33 - 2014-05-21 00:33 - 00031408 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00030720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00002568 _____ () C:\WINDOWS\system32\iglhxs64.vp
2014-05-21 00:33 - 2014-05-21 00:33 - 00001125 _____ () C:\WINDOWS\system32\iglhxa64.vp

==================== One Month Modified Files and Folders =======

2014-06-10 15:37 - 2014-06-10 15:37 - 00017995 _____ () C:\Users\Heather\Desktop\FRST.txt
2014-06-10 15:37 - 2014-06-05 19:22 - 00000000 ____D () C:\Users\Heather\AppData\Local\Temp
2014-06-10 15:37 - 2014-06-03 07:49 - 00000000 ____D () C:\FRST
2014-06-10 15:36 - 2014-06-10 15:36 - 00000000 ____D () C:\Users\Heather\Desktop\FRST-OlderVersion
2014-06-10 15:36 - 2014-06-04 18:55 - 02080768 _____ (Farbar) C:\Users\Heather\Desktop\FRST64.exe
2014-06-10 15:35 - 2014-06-10 15:35 - 00068081 _____ () C:\Users\Heather\Desktop\system32-Summary.zip
2014-06-10 15:33 - 2014-06-05 19:38 - 01237737 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-10 15:32 - 2014-06-10 15:32 - 01406032 _____ () C:\Users\Heather\Desktop\system32-Summary.nfo
2014-06-10 15:22 - 2014-05-27 00:05 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-10 15:21 - 2014-05-27 00:05 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-10 15:21 - 2014-05-26 19:40 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1828264231-2059877326-2897248526-1001
2014-06-10 15:21 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-10 15:21 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-10 15:06 - 2014-06-04 17:57 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-10 15:04 - 2014-06-08 08:20 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{68DFB85F-864C-4F21-9DBD-35DA4D2F8654}
2014-06-10 11:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-10 10:47 - 2014-06-01 01:17 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-06-10 07:53 - 2014-06-05 19:48 - 00000000 __RDO () C:\Users\Heather\OneDrive
2014-06-10 00:11 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-06-09 23:14 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-09 23:08 - 2014-05-26 19:30 - 00000000 ____D () C:\Users\Heather\AppData\Local\Packages
2014-06-09 21:28 - 2012-12-28 15:20 - 00000000 ____D () C:\Intel
2014-06-09 21:27 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-09 21:26 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-06-09 20:43 - 2014-05-27 18:54 - 00000356 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForHeather.job
2014-06-09 20:18 - 2012-12-28 15:24 - 00000000 ____D () C:\Program Files\Intel
2014-06-09 20:17 - 2014-05-26 19:42 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-09 20:07 - 2014-05-27 09:07 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-06-09 20:07 - 2014-05-27 09:06 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-06-09 18:53 - 2012-12-28 15:25 - 00000000 ____D () C:\ProgramData\Intel
2014-06-09 18:52 - 2014-06-09 18:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-06-09 18:52 - 2014-06-09 18:52 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-06-09 18:52 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-09 18:52 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Guest
2014-06-09 18:52 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Administrator
2014-06-09 18:52 - 2012-12-28 15:23 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-06-09 18:52 - 2012-12-28 15:20 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-06-09 18:52 - 2012-07-26 00:37 - 00000000 ____D () C:\Users\Default.migrated
2014-06-09 18:11 - 2014-03-18 04:54 - 00002504 _____ () C:\WINDOWS\PFRO.log
2014-06-08 08:27 - 2014-06-08 08:27 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-06-08 08:20 - 2014-06-08 08:20 - 00000000 __SHD () C:\Users\Heather\AppData\Local\EmieUserList
2014-06-08 08:20 - 2014-06-08 08:20 - 00000000 __SHD () C:\Users\Heather\AppData\Local\EmieSiteList
2014-06-08 07:52 - 2014-06-08 07:52 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\IDT
2014-06-08 07:44 - 2014-06-08 07:44 - 00005193 _____ () C:\WirelessDiagLog.csv
2014-06-07 19:28 - 2014-03-18 05:03 - 00956412 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-07 19:24 - 2013-08-22 09:44 - 00344624 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-07 19:05 - 2014-06-07 19:05 - 00001048 _____ () C:\Users\Heather\Desktop\mbam#2.txt
2014-06-07 18:41 - 2014-06-07 18:41 - 00001054 _____ () C:\Users\Heather\Desktop\Malwarebytes.txt
2014-06-07 18:16 - 2014-06-07 18:16 - 00001173 _____ () C:\Users\Heather\Desktop\myEsetscan.txt
2014-06-06 16:44 - 2013-08-22 09:46 - 00296985 _____ () C:\WINDOWS\setupact.log
2014-06-06 12:37 - 2014-06-06 12:37 - 02347384 _____ (ESET) C:\Users\Heather\Desktop\esetsmartinstaller_enu.exe
2014-06-05 22:08 - 2014-06-05 22:08 - 00000000 __SHD () C:\Recovery
2014-06-05 22:07 - 2014-06-05 22:07 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-06-05 22:07 - 2014-06-05 22:07 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-06-05 22:07 - 2013-08-22 10:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-06-05 22:06 - 2014-06-05 22:06 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01339240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01066496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-06-05 22:06 - 2014-06-05 22:06 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-06-05 22:06 - 2014-06-05 22:06 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-06-05 22:06 - 2014-06-05 22:06 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-06-05 22:06 - 2014-06-05 22:06 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-06-05 22:06 - 2014-06-05 22:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-06-05 22:06 - 2014-06-05 22:06 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-05 22:06 - 2014-06-05 22:06 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-06-05 22:06 - 2014-06-05 22:06 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-06-05 22:06 - 2014-06-05 22:06 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-06-05 22:06 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-06-05 22:05 - 2014-06-05 22:05 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-06-05 22:05 - 2014-06-05 22:05 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-06-05 22:05 - 2014-06-05 22:05 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-06-05 22:05 - 2014-06-05 22:05 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-05 22:04 - 2014-06-05 22:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-06-05 22:04 - 2014-06-05 22:04 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-06-05 22:04 - 2014-06-05 22:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-06-05 22:04 - 2014-06-05 22:04 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-06-05 22:04 - 2014-06-05 22:04 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-06-05 22:04 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-06-05 22:03 - 2014-06-05 22:03 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-05 22:03 - 2014-06-05 22:03 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-05 22:03 - 2014-06-05 22:03 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-06-05 22:03 - 2014-06-05 22:03 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-06-05 22:03 - 2014-06-05 22:03 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-06-05 22:03 - 2014-06-05 22:03 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-06-05 22:03 - 2014-06-05 22:03 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-05 22:03 - 2014-06-05 22:03 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-05 22:03 - 2014-06-05 22:03 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-06-05 22:03 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-05 22:03 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-05 22:03 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-05 22:03 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-06-05 22:03 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-05 22:03 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-05 22:02 - 2014-06-05 22:02 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 03359744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-05 22:02 - 2014-06-05 22:02 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-05 22:02 - 2014-06-05 22:02 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00384856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-05 22:02 - 2014-06-05 22:02 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00310616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-05 22:02 - 2014-06-05 22:02 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-05 22:02 - 2014-06-05 22:02 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-05 22:02 - 2014-06-05 22:02 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-05 22:01 - 2014-06-05 22:01 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-06-05 21:58 - 2014-06-05 21:58 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-06-05 21:58 - 2014-06-05 21:58 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-06-05 21:58 - 2014-06-05 21:58 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-06-05 21:58 - 2014-06-05 21:58 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-06-05 21:58 - 2014-06-05 21:58 - 00000000 ____D () C:\Program Files\MSBuild
2014-06-05 21:58 - 2014-06-05 21:58 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-06-05 21:58 - 2014-06-05 21:58 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-06-05 21:58 - 2014-06-05 21:58 - 00000000 ____D () C:\inetpub
2014-06-05 21:05 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-06-05 21:05 - 2012-12-28 15:25 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-06-05 21:05 - 2012-08-03 19:02 - 00000000 ____D () C:\SWSetup
2014-06-05 19:52 - 2014-06-05 19:52 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-06-05 19:50 - 2012-07-26 03:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-06-05 19:49 - 2014-06-05 19:48 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-06-05 19:48 - 2014-06-05 19:22 - 00000000 ____D () C:\Users\Heather
2014-06-05 19:45 - 2014-06-05 22:08 - 00000000 ___DC () C:\WINDOWS\Panther
2014-06-05 19:45 - 2014-06-05 19:45 - 00001446 _____ () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-05 19:45 - 2014-06-05 19:45 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-06-05 19:45 - 2014-05-27 22:39 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak1
2014-06-05 19:45 - 2014-05-26 19:33 - 00000000 ___RD () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-05 19:45 - 2014-05-26 19:33 - 00000000 ___RD () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-05 19:44 - 2014-06-05 19:44 - 00000020 ___SH () C:\Users\Heather\ntuser.ini
2014-06-05 19:43 - 2012-12-28 16:00 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-06-05 19:39 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-05 19:38 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-06-05 19:37 - 2014-06-05 19:37 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-06-05 19:37 - 2014-06-05 19:21 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2014-06-05 19:37 - 2014-06-05 19:21 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2014-06-05 19:37 - 2014-06-05 18:25 - 00006608 _____ () C:\WINDOWS\comsetup.log
2014-06-05 19:35 - 2013-08-22 10:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-06-05 19:35 - 2013-08-22 10:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-05 19:29 - 2014-06-05 19:12 - 00000000 ____D () C:\Program Files\IDT
2014-06-05 19:29 - 2014-06-03 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-05 19:29 - 2014-06-01 14:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-06-05 19:29 - 2014-06-01 01:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-05 19:29 - 2014-05-27 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
2014-06-05 19:29 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-06-05 19:29 - 2012-12-28 15:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-06-05 19:29 - 2012-12-28 15:39 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-06-05 19:29 - 2012-09-11 23:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-05 19:29 - 2012-09-11 23:30 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-06-05 19:29 - 2012-09-11 23:24 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-06-05 19:29 - 2012-09-11 23:24 - 00000000 ____D () C:\WINDOWS\fr
2014-06-05 19:29 - 2012-09-11 23:24 - 00000000 ____D () C:\WINDOWS\en
2014-06-05 19:28 - 2014-06-05 19:28 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-06-05 19:28 - 2014-06-05 19:28 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-06-05 19:28 - 2013-08-22 10:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-06-05 19:27 - 2014-06-05 19:27 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-06-05 19:27 - 2014-05-28 08:16 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-06-05 19:27 - 2014-03-18 04:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2014-06-05 19:27 - 2014-03-18 04:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-06-05 19:27 - 2014-03-18 04:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-06-05 19:27 - 2014-03-18 04:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2014-06-05 19:27 - 2014-03-18 04:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2014-06-05 19:27 - 2014-03-18 04:32 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-06-05 19:27 - 2014-03-18 04:32 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-06-05 19:27 - 2014-03-18 04:32 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2014-06-05 19:27 - 2014-03-18 04:32 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2014-06-05 19:27 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-05 19:27 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-06-05 19:27 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-06-05 19:27 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-06-05 19:27 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-06-05 19:27 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-06-05 19:27 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-06-05 19:27 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-06-05 19:27 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-06-05 19:27 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-06-05 19:27 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-06-05 19:27 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-06-05 19:27 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-06-05 19:27 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-06-05 19:27 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-05 19:27 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-06-05 19:27 - 2012-12-28 15:25 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-06-05 19:27 - 2012-09-11 23:55 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-06-05 19:26 - 2013-08-22 10:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-06-05 19:26 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-05 19:26 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-06-05 19:26 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\IME
2014-06-05 19:26 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Help
2014-06-05 19:25 - 2014-05-26 19:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2014-06-05 19:25 - 2014-03-18 04:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-06-05 19:25 - 2013-08-22 10:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-06-05 19:25 - 2013-08-22 10:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-06-05 19:25 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-06-05 19:25 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-06-05 19:25 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-05 19:25 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-06-05 19:25 - 2012-12-28 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2014-06-05 19:25 - 2012-12-28 15:22 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-06-05 19:25 - 2012-09-11 23:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2014-06-05 19:25 - 2012-08-03 17:29 - 00000000 ____D () C:\ProgramData\PRICache
2014-06-05 19:23 - 2014-06-05 19:23 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-06-05 19:23 - 2014-06-05 19:22 - 00000000 ___RD () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-05 19:23 - 2014-06-05 19:22 - 00000000 ___RD () C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-05 19:23 - 2014-06-05 19:15 - 00012096 _____ () C:\WINDOWS\iis.log
2014-06-05 19:23 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-06-05 19:15 - 2014-06-05 19:15 - 00930400 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-06-05 19:12 - 2014-06-05 19:12 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-06-05 19:12 - 2014-06-05 19:12 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-06-05 19:12 - 2014-06-05 19:12 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-06-05 19:12 - 2014-06-05 19:12 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-06-05 19:12 - 2014-06-05 19:12 - 00000000 ____D () C:\Program Files\Synaptics
2014-06-05 19:12 - 2013-08-22 09:46 - 00000084 _____ () C:\WINDOWS\setuperr.log
2014-06-05 19:11 - 2014-06-05 19:11 - 00000000 ____D () C:\Program Files\AMD
2014-06-05 19:09 - 2013-08-22 08:36 - 00000000 __RHD () C:\Users\Default
2014-06-05 18:49 - 2014-06-05 07:36 - 00307732 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-06-05 17:52 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-06-05 16:46 - 2012-09-11 23:56 - 00877348 _____ () C:\WINDOWS\system32\perfh00C.dat
2014-06-05 16:46 - 2012-09-11 23:56 - 00191806 _____ () C:\WINDOWS\system32\perfc00C.dat
2014-06-04 22:02 - 2014-06-04 22:01 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\WildTangent
2014-06-04 22:02 - 2012-09-11 23:32 - 00000000 ____D () C:\ProgramData\WildTangent
2014-06-04 21:48 - 2014-06-04 21:48 - 00000000 ____D () C:\Users\Heather\AppData\Local\Bluestacks
2014-06-04 21:48 - 2014-06-04 21:48 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-04 19:40 - 2014-06-04 19:40 - 00001804 _____ () C:\Users\Heather\Desktop\mbytes.txt
2014-06-04 19:34 - 2014-06-04 19:34 - 00000907 _____ () C:\Users\Heather\Desktop\JRT.txt
2014-06-04 19:28 - 2014-06-04 19:28 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-06-04 19:27 - 2014-06-04 19:27 - 00000982 _____ () C:\Users\Heather\Desktop\AdwCleaner[S1].txt
2014-06-04 19:23 - 2014-06-01 01:06 - 00000000 ____D () C:\AdwCleaner
2014-06-04 19:14 - 2014-06-04 19:13 - 01016261 _____ (Thisisu) C:\Users\Heather\Desktop\JRT.exe
2014-06-04 19:11 - 2014-06-04 19:11 - 01327971 _____ () C:\Users\Heather\Downloads\AdwCleaner.exe
2014-06-04 19:11 - 2014-06-04 19:11 - 00001181 _____ () C:\Users\Heather\Desktop\AdwCleaner - Shortcut.lnk
2014-06-04 17:59 - 2014-06-04 17:59 - 00000000 ____D () C:\Users\Heather\AppData\Local\Macromedia
2014-06-04 17:59 - 2014-06-04 17:57 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-06-04 17:58 - 2014-06-04 19:12 - 00000030 _____ () C:\AVScanner.ini
2014-06-04 17:58 - 2014-06-04 17:58 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-04 15:40 - 2014-06-04 15:40 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-04 15:40 - 2014-06-04 15:40 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-04 15:40 - 2014-06-04 15:40 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Mozilla
2014-06-04 15:40 - 2014-06-04 15:40 - 00000000 ____D () C:\Users\Heather\AppData\Local\Mozilla
2014-06-04 15:40 - 2014-06-04 15:40 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-04 15:40 - 2014-06-04 15:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-04 15:40 - 2014-06-04 15:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-03 08:53 - 2014-06-03 08:53 - 00002160 _____ () C:\Users\Heather\Downloads\cc_20140603_085301backup3from1.reg
2014-06-03 08:52 - 2014-06-03 08:52 - 00008396 _____ () C:\Users\Heather\Downloads\cc_20140603_085146 backup2nd from 1.reg
2014-06-03 08:51 - 2014-06-03 08:51 - 00093502 _____ () C:\Users\Heather\Downloads\cc_20140603_085055 backup.reg
2014-06-03 08:46 - 2014-06-03 08:46 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-03 08:46 - 2014-06-03 08:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-03 08:26 - 2014-06-03 08:26 - 00001042 _____ () C:\Users\Heather\Downloads\mal.txt
2014-06-03 07:39 - 2014-06-03 07:39 - 00000000 ____D () C:\Users\Heather\Documents\Norton Identity Safe Backups
2014-06-02 08:21 - 2014-06-02 08:21 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-06-02 08:21 - 2014-05-26 13:14 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\CyberLink
2014-06-02 08:19 - 2012-09-11 23:16 - 00000000 ____D () C:\ProgramData\CyberLink
2014-06-02 08:18 - 2012-12-28 15:51 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2014-06-02 08:18 - 2012-12-28 15:51 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2014-06-02 08:18 - 2012-12-28 15:51 - 00029480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2014-06-02 08:18 - 2012-09-11 23:15 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-06-02 08:11 - 2014-06-02 08:11 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\WebApp
2014-06-02 08:08 - 2014-06-02 08:08 - 00000000 ____D () C:\Users\Heather\Documents\CyberLink
2014-06-02 08:08 - 2014-05-26 13:14 - 00000000 ____D () C:\Users\Heather\AppData\Local\CyberLink
2014-06-01 14:44 - 2014-06-01 14:44 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\HewlettPackard
2014-06-01 14:30 - 2012-12-28 15:59 - 00000000 ____D () C:\ProgramData\Norton
2014-06-01 14:29 - 2012-12-28 16:00 - 00002501 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-06-01 14:29 - 2012-12-28 15:59 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-06-01 14:28 - 2012-12-28 16:00 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-06-01 14:28 - 2012-12-28 16:00 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-06-01 14:28 - 2012-12-28 15:59 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-06-01 14:20 - 2014-06-01 14:20 - 00031744 ___SH () C:\Users\Heather\Desktop\Thumbs.db
2014-06-01 14:20 - 2014-06-01 14:20 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-06-01 14:14 - 2014-06-01 11:30 - 00000427 ____H () C:\WINDOWS\system32\Rebecca.dat
2014-06-01 01:17 - 2014-06-01 01:17 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-01 01:17 - 2014-06-01 01:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 01:17 - 2014-06-01 01:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-29 08:42 - 2014-05-26 19:30 - 00000000 ____D () C:\Users\Heather\AppData\Local\VirtualStore
2014-05-29 07:49 - 2014-05-29 07:49 - 00000000 ____D () C:\Users\Public\CyberLink
2014-05-28 16:53 - 2014-05-28 16:53 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 03461040 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap
2014-05-28 16:53 - 2014-05-28 16:53 - 03426688 _____ () C:\WINDOWS\system32\atiumd6a.cap
2014-05-28 16:53 - 2014-05-28 16:53 - 00234036 _____ () C:\WINDOWS\system32\ativvaxy_cik.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00233776 _____ () C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00230912 _____ () C:\WINDOWS\system32\clinfo.exe
2014-05-28 16:53 - 2014-05-28 16:53 - 00204952 _____ () C:\WINDOWS\SysWOW64\ativvsvl.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00204952 _____ () C:\WINDOWS\system32\ativvsvl.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00157144 _____ () C:\WINDOWS\SysWOW64\ativvsva.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00157144 _____ () C:\WINDOWS\system32\ativvsva.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00129536 _____ (AMD) C:\WINDOWS\system32\coinst_13.251.9001.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00099840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00083968 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00083552 _____ () C:\WINDOWS\system32\ativce02.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00073728 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2014-05-28 16:53 - 2014-05-28 16:53 - 00020790 _____ () C:\WINDOWS\SysWOW64\ativvsnl.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00020790 _____ () C:\WINDOWS\system32\ativvsnl.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00003917 _____ () C:\WINDOWS\SysWOW64\atipblag.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00003917 _____ () C:\WINDOWS\system32\atipblag.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00000025 _____ () C:\WINDOWS\SysWOW64\ativvsny.dat
2014-05-28 16:53 - 2014-05-28 16:53 - 00000025 _____ () C:\WINDOWS\system32\ativvsny.dat
2014-05-28 16:52 - 2014-06-05 19:44 - 00036096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 29382144 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 24860160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 13209088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 09753752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 08406024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 01318552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 01187342 _____ () C:\WINDOWS\system32\amdocl_as64.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 01100216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 01061902 _____ () C:\WINDOWS\system32\amdocl_ld64.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00995342 _____ () C:\WINDOWS\SysWOW64\amdocl_as32.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00798734 _____ () C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00721296 _____ () C:\WINDOWS\system32\atiicdxx.dat
2014-05-28 16:52 - 2014-05-28 16:52 - 00626688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 00588288 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00550464 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb
2014-05-28 16:52 - 2014-05-28 16:52 - 00550464 _____ () C:\WINDOWS\system32\atiapfxx.blb
2014-05-28 16:52 - 2014-05-28 16:52 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00412672 _____ () C:\WINDOWS\system32\amdmiracast.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00207072 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2014-05-28 16:52 - 2014-05-28 16:52 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atibtmon.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00053248 _____ () C:\WINDOWS\system32\amdverag.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2014-05-28 16:52 - 2014-05-28 16:52 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00047887 _____ () C:\WINDOWS\atiogl.xml
2014-05-28 16:52 - 2014-05-28 16:52 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2014-05-28 16:52 - 2014-05-28 16:52 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2014-05-28 11:14 - 2012-09-11 23:12 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-28 11:13 - 2012-07-26 13:40 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-05-28 11:12 - 2012-12-28 15:23 - 00002990 _____ () C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2014-05-28 11:11 - 2014-05-28 11:11 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 01060080 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00544496 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00495856 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2014-05-28 11:11 - 2014-05-28 11:11 - 00264432 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00192240 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo18.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00151280 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynTPCom.dll
2014-05-28 11:11 - 2014-05-28 11:11 - 00033008 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2014-05-28 11:02 - 2014-05-26 23:57 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\hpqlog
2014-05-28 11:00 - 2014-05-28 11:00 - 00003160 _____ () C:\WINDOWS\System32\Tasks\CLVDLauncher
2014-05-28 11:00 - 2014-05-28 11:00 - 00003160 _____ () C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2014-05-27 19:47 - 2014-05-27 19:47 - 00000000 ____D () C:\Users\Heather\AppData\Local\DFX
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Roaming\vlc
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\vlc
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\vlc
2014-05-27 19:45 - 2014-05-27 19:45 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\vlc
2014-05-27 19:11 - 2014-05-27 10:10 - 00000000 ____D () C:\Users\Heather\AppData\Local\IM
2014-05-27 18:54 - 2014-05-26 19:34 - 00000000 ____D () C:\Users\Heather\AppData\Local\Hewlett-Packard
2014-05-27 10:11 - 2014-05-27 10:10 - 00000000 ____D () C:\ProgramData\IM
2014-05-27 10:10 - 2014-05-27 10:10 - 00002085 _____ () C:\Users\Public\Desktop\Secure passwords.lnk
2014-05-27 10:10 - 2014-05-27 10:10 - 00002025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
2014-05-27 10:10 - 2014-05-27 10:10 - 00002013 _____ () C:\Users\Public\Desktop\IncrediMail.lnk
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\ProgramData\Photo Notifier and Animation Creator
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\ProgramData\IncrediMail
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\Program Files (x86)\Photo Notifier and Animation Creator
2014-05-27 10:10 - 2014-05-27 10:10 - 00000000 ____D () C:\Program Files (x86)\IncrediMail
2014-05-27 09:26 - 2014-06-05 19:12 - 06085632 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2014-05-27 09:26 - 2014-06-05 19:12 - 03308376 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEP64A.dll
2014-05-27 09:26 - 2014-06-05 19:12 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2014-05-27 09:26 - 2014-06-05 19:12 - 01664000 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2014-05-27 09:26 - 2014-06-05 19:12 - 00426328 _____ (Dolby Laboratories) C:\WINDOWS\system32\EED64A.dll
2014-05-27 09:26 - 2014-06-05 19:12 - 00136024 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEL64A.dll
2014-05-27 09:26 - 2014-06-05 19:12 - 00118104 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEA64A.dll
2014-05-27 09:26 - 2014-05-27 09:27 - 02188800 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2014-05-27 09:26 - 2014-05-27 09:27 - 00671744 ____N (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2014-05-27 09:26 - 2014-05-27 09:27 - 00542208 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2014-05-27 09:26 - 2014-05-27 09:27 - 00499200 _____ (IDT, Inc.) C:\WINDOWS\system32\stcplx64.dll
2014-05-27 09:26 - 2014-05-27 09:27 - 00255488 _____ (IDT, Inc.) C:\WINDOWS\system32\st646425.dll
2014-05-27 09:10 - 2012-12-28 15:20 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll
2014-05-27 08:51 - 2014-05-26 19:46 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Hewlett-Packard
2014-05-27 07:28 - 2014-05-27 07:28 - 00000117 _____ () C:\WINDOWS\system32\netcfg-52984.txt
2014-05-27 07:27 - 2014-05-27 07:27 - 00000117 _____ () C:\WINDOWS\system32\netcfg-21208968.txt
2014-05-27 07:27 - 2014-05-27 07:27 - 00000117 _____ () C:\WINDOWS\system32\netcfg-21184921.txt
2014-05-27 01:33 - 2014-05-27 01:33 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1113375.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000136 _____ () C:\WINDOWS\system32\netcfg-133671.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000134 _____ () C:\WINDOWS\system32\netcfg-131500.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000134 _____ () C:\WINDOWS\system32\netcfg-129625.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000128 _____ () C:\WINDOWS\system32\netcfg-148859.txt
2014-05-27 01:17 - 2014-05-27 01:17 - 00000127 _____ () C:\WINDOWS\system32\netcfg-123421.txt
2014-05-27 01:17 - 2014-05-27 01:16 - 00000128 _____ () C:\WINDOWS\system32\netcfg-119156.txt
2014-05-27 01:16 - 2014-05-27 01:16 - 00000129 _____ () C:\WINDOWS\system32\netcfg-109375.txt
2014-05-27 01:16 - 2014-05-27 01:16 - 00000117 _____ () C:\WINDOWS\system32\netcfg-81796.txt
2014-05-27 01:16 - 2014-05-26 19:30 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak
2014-05-27 01:14 - 2014-05-27 01:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1600109.txt
2014-05-26 23:33 - 2014-05-26 23:33 - 00001058 _____ () C:\WINDOWS\system32\netcfg-44839125.txt
2014-05-26 23:33 - 2014-05-26 23:33 - 00001057 _____ () C:\WINDOWS\system32\netcfg-44829187.txt
2014-05-26 22:48 - 2012-09-11 23:43 - 00000000 ___HD () C:\HP
2014-05-26 22:27 - 2014-05-26 22:27 - 00000117 _____ () C:\WINDOWS\system32\netcfg-40845593.txt
2014-05-26 22:27 - 2014-05-26 22:27 - 00000117 _____ () C:\WINDOWS\system32\netcfg-40845328.txt
2014-05-26 19:43 - 2014-05-26 19:43 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2516421.txt
2014-05-26 19:42 - 2014-05-26 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2446906.txt
2014-05-26 19:42 - 2014-05-26 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2404546.txt
2014-05-26 19:41 - 2014-05-26 19:41 - 00000346 _____ () C:\WINDOWS\system32\netcfg-2389640.txt
2014-05-26 19:41 - 2014-05-26 19:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2396140.txt
2014-05-26 19:41 - 2014-05-26 19:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2392921.txt
2014-05-26 19:41 - 2014-05-26 19:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2387781.txt
2014-05-26 19:35 - 2014-05-26 19:35 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\ATI
2014-05-26 19:35 - 2014-05-26 19:35 - 00000000 ____D () C:\Users\Heather\AppData\Local\ATI
2014-05-26 19:33 - 2014-05-26 19:33 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Adobe
2014-05-26 19:33 - 2012-09-11 23:28 - 00000000 ___RD () C:\Program Files\Online Services
2014-05-26 19:33 - 2012-09-11 23:27 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2014-05-26 19:32 - 2014-05-26 19:32 - 00000000 ____D () C:\Users\Heather\AppData\Local\Power2Go8
2014-05-26 19:32 - 2012-08-03 19:02 - 00000000 ___HD () C:\SYSTEM.SAV
2014-05-26 19:31 - 2014-05-26 19:31 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Synaptics
2014-05-26 19:30 - 2014-05-26 19:30 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Intel
2014-05-26 19:18 - 2014-05-26 19:18 - 00000117 _____ () C:\WINDOWS\system32\netcfg-984765.txt
2014-05-26 19:18 - 2014-05-26 19:18 - 00000117 _____ () C:\WINDOWS\system32\netcfg-984734.txt
2014-05-26 19:18 - 2014-05-26 19:18 - 00000117 _____ () C:\WINDOWS\system32\netcfg-983187.txt
2014-05-26 19:18 - 2014-05-26 19:18 - 00000117 _____ () C:\WINDOWS\system32\netcfg-974203.txt
2014-05-26 15:48 - 2014-05-26 15:48 - 00000117 _____ () C:\WINDOWS\system32\netcfg-16901609.txt
2014-05-26 15:48 - 2014-05-26 15:48 - 00000117 _____ () C:\WINDOWS\system32\netcfg-16899203.txt
2014-05-26 13:43 - 2014-05-26 13:43 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9454312.txt
2014-05-26 13:43 - 2014-05-26 13:43 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9448359.txt
2014-05-26 13:34 - 2014-05-26 13:34 - 00000000 ____D () C:\Users\Heather\AppData\Roaming\Macromedia
2014-05-26 13:14 - 2014-05-26 13:14 - 00000000 ____D () C:\Users\Heather\Documents\Youcam
2014-05-21 00:34 - 2014-05-21 00:34 - 00187348 _____ () C:\WINDOWS\system32\resTHA.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00180164 _____ () C:\WINDOWS\system32\resELL.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00176020 _____ () C:\WINDOWS\system32\resRUS.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00161876 _____ () C:\WINDOWS\system32\resARA.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00161332 _____ () C:\WINDOWS\system32\resHEB.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00161268 _____ () C:\WINDOWS\system32\resJPN.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00156692 _____ () C:\WINDOWS\system32\resFRA.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00156676 _____ () C:\WINDOWS\system32\resHUN.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00154980 _____ () C:\WINDOWS\system32\resKOR.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00154884 _____ () C:\WINDOWS\system32\resITA.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00154884 _____ () C:\WINDOWS\system32\resDEU.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00154724 _____ () C:\WINDOWS\system32\resROM.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00154612 _____ () C:\WINDOWS\system32\resESN.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00154180 _____ () C:\WINDOWS\system32\resPLK.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00154036 _____ () C:\WINDOWS\system32\resSKY.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00153844 _____ () C:\WINDOWS\system32\resNLD.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00153284 _____ () C:\WINDOWS\system32\resPTB.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00153140 _____ () C:\WINDOWS\system32\resTRK.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00153108 _____ () C:\WINDOWS\system32\resCSY.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00152980 _____ () C:\WINDOWS\system32\resPTG.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00152564 _____ () C:\WINDOWS\system32\resFIN.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00152132 _____ () C:\WINDOWS\system32\resHRV.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00151684 _____ () C:\WINDOWS\system32\resSVE.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00151508 _____ () C:\WINDOWS\system32\resSLV.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00150580 _____ () C:\WINDOWS\system32\resNOR.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00150068 _____ () C:\WINDOWS\system32\resDAN.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00148756 _____ () C:\WINDOWS\system32\resENU.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00146980 _____ () C:\WINDOWS\system32\resCHT.cui
2014-05-21 00:34 - 2014-05-21 00:34 - 00146148 _____ () C:\WINDOWS\system32\resCHS.cui
2014-05-21 00:33 - 2014-05-28 16:52 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-05-21 00:33 - 2014-05-28 16:52 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 23048704 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 18032640 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 17791136 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 17409536 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 16586584 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 16114320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 08120320 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 06364672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 04590152 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 04342088 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 04338504 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 04011168 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 03791872 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2014-05-21 00:33 - 2014-05-21 00:33 - 03658520 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 02813952 _____ () C:\WINDOWS\system32\iglhxa64.cpa
2014-05-21 00:33 - 2014-05-21 00:33 - 02477728 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 02023936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 01755648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 01673216 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 01551872 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 01455776 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 01137080 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 01132960 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00929608 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00792736 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00734208 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00655360 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00646304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00603296 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00543560 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00543048 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00501064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00443720 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00433560 _____ () C:\WINDOWS\system32\igdmd64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00415560 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00392520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00392008 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00373248 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00358912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00348088 _____ () C:\WINDOWS\SysWOW64\igdmd32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00344736 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00330240 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00314696 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00294912 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00291328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00278344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00267264 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00254976 _____ () C:\WINDOWS\system32\igfxCPL.cpl
2014-05-21 00:33 - 2014-05-21 00:33 - 00249856 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00243528 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00223744 _____ () C:\WINDOWS\system32\igdde64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00218808 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00212992 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00210592 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00190792 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00187408 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00183808 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00183800 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00182784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3621.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00182784 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00177824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00160256 _____ () C:\WINDOWS\system32\igdail64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00158032 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00155136 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00152392 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00142848 _____ () C:\WINDOWS\SysWOW64\igdail32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00128672 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00094368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00094208 _____ () C:\WINDOWS\system32\IccLibDll_x64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00070144 _____ () C:\WINDOWS\system32\igfxCUIServicePS.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00069632 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00057856 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00044025 _____ () C:\WINDOWS\system32\iglhxo64.vp
2014-05-21 00:33 - 2014-05-21 00:33 - 00043816 _____ () C:\WINDOWS\system32\iglhxc64_dev.vp
2014-05-21 00:33 - 2014-05-21 00:33 - 00043494 _____ () C:\WINDOWS\system32\iglhxc64.vp
2014-05-21 00:33 - 2014-05-21 00:33 - 00043298 _____ () C:\WINDOWS\system32\iglhxg64_dev.vp
2014-05-21 00:33 - 2014-05-21 00:33 - 00043256 _____ () C:\WINDOWS\system32\iglhxg64.vp
2014-05-21 00:33 - 2014-05-21 00:33 - 00042079 _____ () C:\WINDOWS\system32\iglhxo64_dev.vp
2014-05-21 00:33 - 2014-05-21 00:33 - 00031408 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00030720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2014-05-21 00:33 - 2014-05-21 00:33 - 00002568 _____ () C:\WINDOWS\system32\iglhxs64.vp
2014-05-21 00:33 - 2014-05-21 00:33 - 00001125 _____ () C:\WINDOWS\system32\iglhxa64.vp
2014-05-12 07:26 - 2014-06-01 01:17 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-01 01:17 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-01 01:17 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Users\Heather\AppData\Local\Temp\Extract.exe
C:\Users\Heather\AppData\Local\Temp\SP58519.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-05 19:09

==================== End Of Log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-06-2014
Ran by Heather at 2014-06-10 15:38:07
Running from C:\Users\Heather\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7 Wonders II (x32 Version: 2.2.0.98 - WildTangent) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5977D04D-1D6A-952C-97AF-04D9D4C0AE56}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Crazy Chicken Soccer (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.6326 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3.6326 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3119 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2527 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.3.2527 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5723 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.8.5723 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{D2F04839-0AD0-4F06-A6B5-6DFF05E27B67}) (Version: 11.50.0019 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
HPDetect (HKLM-x32\...\{CCCDD476-98F9-4B06-91DB-23F27CEC3BE1}) (Version: 1.0.0.0 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
IncrediMail (x32 Version: 6.6.0.5288 - IncrediMail) Hidden
IncrediMail 2.5 (HKLM-x32\...\IncrediMail) (Version: 6.6.0.5288 - IncrediMail Ltd.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® PRO/Wireless Driver (Version: 16.11.0000.1482 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 16.10.0.0136 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel® WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8e41467d-297e-496d-8b0f-e771b6c87c06}) (Version: 16.11.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.10.0.0307 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.3.0.12 - Symantec Corporation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Photo Notifier and Animation Creator (x32 Version: 1.0.0.1009 - IncrediMail) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points  =========================

06-06-2014 02:05:10 Installed Realtek Ethernet Controller Driver
08-06-2014 13:27:34 Installed HP Support Solutions Framework
10-06-2014 01:17:31 Intel® PROSet/Wireless Software

==================== Hosts content: ==========================

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D5615F9-42B3-40A6-857C-A6F6EC85F8A1} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-01] (Hewlett-Packard Development Company, L.P.)
Task: {11D92285-A085-4242-A205-B71481A437E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23B8E1E0-1E81-46B7-9D0E-35C658D08CF0} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {37929012-B210-4BC0-8EA5-964E7AC2168E} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3EEFC7C7-FA41-42B6-9621-F8E57BE5BBE0} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {4376AF82-FAE0-4320-9A5C-3A380B58F893} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-05-28] (Synaptics Incorporated)
Task: {45A6206B-D153-4379-B6A3-A2EC34B367F5} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {46CB76DD-26CE-468F-A011-82F93C14C021} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4DA33754-74FB-4935-B1E2-6B1350BEB364} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7EC035F9-5ADB-4246-BFEA-18667BBA1361} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-10] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8E6EA454-B261-4E9E-9B8A-7DFBD5064EF2} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A84E9424-D78D-4501-AFA7-1D970E1EB597} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-04] (Adobe Systems Incorporated)
Task: {B116D4C9-E396-4A46-B26F-AFFDFB6BD8F6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D6E8E6FE-D9BF-41F2-A7B9-B292A6E3B582} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe [2014-05-10] (Symantec Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DB6D55BD-5F62-4717-B733-DA317EB59374} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F8AEA648-EAEF-4508-BAD2-4F9D2EAF61B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForHeather.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2012-06-27 01:42 - 2012-06-27 01:42 - 00607744 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\JobCapsA.DLL
2012-12-28 15:24 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-05-27 10:09 - 2014-05-27 10:09 - 00272808 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll
2014-05-27 10:09 - 2014-05-27 10:09 - 00033128 _____ () C:\Program Files (x86)\IncrediMail\Bin\IMHttpComm.dll
2014-05-27 10:09 - 2014-05-27 10:09 - 00072104 _____ () C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll
2013-10-01 15:02 - 2013-10-01 15:02 - 00108888 _____ () C:\Program Files (x86)\IncrediMail\Bin\pmc.dll
2014-05-27 10:09 - 2014-05-27 10:09 - 00133544 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll
2014-05-27 10:09 - 2014-05-27 10:09 - 00080296 _____ () C:\Program Files (x86)\IncrediMail\bin\ImAppRU.dll
2014-05-27 10:10 - 2014-05-27 10:08 - 01034096 _____ () C:\Program Files (x86)\IncrediMail\bin\AE\ActionEngine.dll
2014-05-28 10:59 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Heather\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: =========================

Application errors:
==================
Error: (06/10/2014 07:54:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CCC.exe, version: 3.5.0.0, time stamp: 0x4f8350e0
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532954fb
Exception code: 0xe0434352
Fault offset: 0x0000000000005bf8
Faulting process id: 0x474
Faulting application start time: 0xCCC.exe0
Faulting application path: CCC.exe1
Faulting module path: CCC.exe2
Report Id: CCC.exe3
Faulting package full name: CCC.exe4
Faulting package-relative application ID: CCC.exe5

Error: (06/10/2014 07:54:16 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CCC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException
Stack:
   at System.Threading.TimerQueueTimer.Change(UInt32, UInt32)
   at ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart(System.Object)

Error: (06/10/2014 07:52:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 26721109

Error: (06/10/2014 07:52:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 26721109

Error: (06/10/2014 07:52:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/10/2014 00:05:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1298

Start Time: 01cf845db7b2333e

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: c8fb117b-f05c-11e3-be87-38eaa7f369c1

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/09/2014 09:29:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CCC.exe, version: 3.5.0.0, time stamp: 0x4f8350e0
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532954fb
Exception code: 0xe0434352
Fault offset: 0x0000000000005bf8
Faulting process id: 0x14ac
Faulting application start time: 0xCCC.exe0
Faulting application path: CCC.exe1
Faulting module path: CCC.exe2
Report Id: CCC.exe3
Faulting package full name: CCC.exe4
Faulting package-relative application ID: CCC.exe5

Error: (06/09/2014 09:29:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CCC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException
Stack:
   at System.Threading.TimerQueueTimer.Change(UInt32, UInt32)
   at ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart(System.Object)

Error: (06/09/2014 09:27:26 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start

Error: (06/09/2014 09:26:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPPU.exe, version: 1.0.0.0, time stamp: 0x50079e34
Faulting module name: d2d1.dll, version: 6.3.9600.16473, time stamp: 0x528d9db8
Exception code: 0xc0000005
Fault offset: 0x0022b268
Faulting process id: 0xc6c
Faulting application start time: 0xHPPU.exe0
Faulting application path: HPPU.exe1
Faulting module path: HPPU.exe2
Report Id: HPPU.exe3
Faulting package full name: HPPU.exe4
Faulting package-relative application ID: HPPU.exe5

System errors:
=============
Error: (06/09/2014 11:10:41 PM) (Source: DCOM) (EventID: 10016) (User: HEATHER)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HeatherHeatherS-1-5-21-1828264231-2059877326-2897248526-1001LocalHost (Using LRPC)5897HisTech.ClassicMysteryMovies_1.0.0.0_neutral__1zvfxf2v1qg0mS-1-15-2-1574133628-3505479272-2232503753-3370131359-2923903336-3305272826-3272484724

Error: (06/09/2014 11:10:41 PM) (Source: DCOM) (EventID: 10016) (User: HEATHER)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}HeatherHeatherS-1-5-21-1828264231-2059877326-2897248526-1001LocalHost (Using LRPC)5897HisTech.ClassicMysteryMovies_1.0.0.0_neutral__1zvfxf2v1qg0mS-1-15-2-1574133628-3505479272-2232503753-3370131359-2923903336-3305272826-3272484724

Error: (06/09/2014 09:27:17 PM) (Source: BTHUSB) (EventID: 30) (User: )
Description: The local adapter does not support an important Low Energy controller state.  The minimum required supported state mask is 0x1f7fffff, got 0x1f3fffff.  Low Energy functionality will be disabled.

Error: (06/09/2014 09:26:35 PM) (Source: DCOM) (EventID: 10010) (User: HEATHER)
Description: {F2F6A7B0-0E74-49BF-ABDF-8A0778554472}

Error: (06/09/2014 09:26:35 PM) (Source: DCOM) (EventID: 10010) (User: HEATHER)
Description: {F2F6A7B0-0E74-49BF-ABDF-8A0778554472}

Error: (06/09/2014 09:26:31 PM) (Source: DCOM) (EventID: 10010) (User: HEATHER)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (06/09/2014 06:11:39 PM) (Source: BTHUSB) (EventID: 30) (User: )
Description: The local adapter does not support an important Low Energy controller state.  The minimum required supported state mask is 0x1f7fffff, got 0x1f3fffff.  Low Energy functionality will be disabled.

Error: (06/09/2014 06:11:00 PM) (Source: DCOM) (EventID: 10010) (User: HEATHER)
Description: {F2F6A7B0-0E74-49BF-ABDF-8A0778554472}

Error: (06/09/2014 06:11:00 PM) (Source: DCOM) (EventID: 10010) (User: HEATHER)
Description: {F2F6A7B0-0E74-49BF-ABDF-8A0778554472}

Error: (06/08/2014 07:29:03 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ZeroConfigService service.

Microsoft Office Sessions:
=========================
Error: (06/10/2014 07:54:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe3.5.0.04f8350e0KERNELBASE.dll6.3.9600.17055532954fbe04343520000000000005bf847401cf84ab0692e32bC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\WINDOWS\system32\KERNELBASE.dll55e4a998-f09e-11e3-be87-38eaa7f369c1

Error: (06/10/2014 07:54:16 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CCC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException
Stack:
   at System.Threading.TimerQueueTimer.Change(UInt32, UInt32)
   at ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart(System.Object)

Error: (06/10/2014 07:52:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 26721109

Error: (06/10/2014 07:52:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 26721109

Error: (06/10/2014 07:52:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/10/2014 00:05:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20498129801cf845db7b2333e4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exec8fb117b-f05c-11e3-be87-38eaa7f369c1microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (06/09/2014 09:29:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe3.5.0.04f8350e0KERNELBASE.dll6.3.9600.17055532954fbe04343520000000000005bf814ac01cf8453bc2c7938C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\WINDOWS\system32\KERNELBASE.dll0963a502-f047-11e3-be87-38eaa7f369c1

Error: (06/09/2014 09:29:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CCC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ObjectDisposedException
Stack:
   at System.Threading.TimerQueueTimer.Change(UInt32, UInt32)
   at ATI.ACE.CCC.Implementation.CCC_Main.CCCNewThreadBegin(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart(System.Object)

Error: (06/09/2014 09:27:26 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description:

Error: (06/09/2014 09:26:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPPU.exe1.0.0.050079e34d2d1.dll6.3.9600.16473528d9db8c00000050022b268c6c01cf844790f259c3C:\Program Files (x86)\Hewlett-Packard\HP Utility Center\HPPU.exeC:\WINDOWS\SYSTEM32\d2d1.dll93bae6ad-f046-11e3-be86-38eaa7f369c1

CodeIntegrity Errors:
===================================
  Date: 2014-05-27 08:48:33.070
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:39:25.527
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:38:57.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:31:20.622
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:26:05.859
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:22:51.467
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:19:35.142
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:19:30.181
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:16:19.076
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-27 08:12:49.240
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 26%
Total physical RAM: 8084.28 MB
Available physical RAM: 5903.35 MB
Total Pagefile: 9364.28 MB
Available Pagefile: 6844.8 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:671.78 GB) (Free:622.14 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:25.65 GB) (Free:3.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: DC15DFB4)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

 

 



#15 LiquidTension

LiquidTension

    SuperMember

  • Classroom Teacher
  • 2,566 posts

Posted 11 June 2014 - 10:22 AM

Hello Heather,
 
I cannot see any malware present on your computer. I would like to run Security Check, remove our tools, and send you across to our Techs who are more experienced with dealing with issues such as AMD drivers. I notice you have created the Summary.zip - no need to attach it here. Once we are done in this section, I will point you in the right direction and you can attach the file in your reply there. 

 

STEP 1
oxliOQk.png Security Check

  • Please download SecurityCheck and save the file to your desktop.
  • Double-click SecurityCheck.exe and follow the onscreen instructions inside the black box.
  • A log (checkup.txt) will automatically open on your desktop.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 2
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • checkup.txt
  • Comments on how your computer is performing (excluding issues with AMD and updating to 8.1). 

Note: There are important steps to follow. Please ensure you continue following this topic until I give you the "All Clean".


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users