Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Do you have DDS for Vista 8.1?


  • Please log in to reply
43 replies to this topic

#1 ydelgado

ydelgado

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 21 May 2014 - 06:53 PM

I am going through your preparations instructions and see that this DDS is for Vista 7 and my computer won't take it. Thanks, Yvette



BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,270 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:28 PM

Posted 21 May 2014 - 08:09 PM

No there is not yet a DDS for 8.1

If you are infected .. do the rest and post your issues in this topic.
Mention you run 8.1 so they'll understand no DDS log.

You may want to post an FRST log.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

Let me know if that went well.

Edited by boopme, 21 May 2014 - 08:10 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 ydelgado

ydelgado
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 24 May 2014 - 08:36 AM

Hi

 

I didn't see my reply to you so I am posting again.

 

FST log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-05-2014
Ran by Yvette (administrator) on YVETTE on 24-05-2014 09:03:35
Running from C:\Users\Yvette\Downloads
Platform: Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\pcreg\pcreg.exe
(Reimage®) C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\plugin-nm-server.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\klwtblfs.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2014-05-09] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-05-09] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-13] (Hewlett-Packard)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-631014708-43465564-1374874319-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22415552 2014-04-25] (Google)
HKU\S-1-5-21-631014708-43465564-1374874319-1001\...\Policies\Explorer: [HideSCAHealth] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
ProxyServer: http=127.0.0.1:49220;https=127.0.0.1:49220
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\Yvette\AppData\Roaming\Mozilla\Firefox\Profiles\nwdhq728.default
FF user.js: detected! => C:\Users\Yvette\AppData\Roaming\Mozilla\Firefox\Profiles\nwdhq728.default\user.js
FF SelectedSearchEngine: Conduit Search
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-05-21]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-05-21]
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-05-21]
 
Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Yvette\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-01]
CHR Extension: (Google Drive) - C:\Users\Yvette\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Yvette\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\Yvette\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-01]
CHR Extension: (Google Search) - C:\Users\Yvette\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-01]
CHR Extension: (Kaspersky Protection) - C:\Users\Yvette\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-05-22]
CHR Extension: (Google Wallet) - C:\Users\Yvette\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-01]
CHR Extension: (Gmail) - C:\Users\Yvette\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-01]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-01-01]
 
==================== Services (Whitelisted) =================
 
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-27] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-27] (CyberLink)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 pcregservice; C:\Program Files\pcreg\pcreg.exe [249024 2014-04-25] ()
R2 ReimageRealTimeProtection; C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe [5100384 2014-04-27] (Reimage®)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-01-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-05-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-18] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3855872 2013-09-10] (Qualcomm Atheros Communications, Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-15] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-07-11] (Windows ® Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-05-17] (Microsoft Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [141408 2014-04-18] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [769632 2014-04-18] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [88280 2014-04-03] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-15] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [56672 2014-05-17] (Microsoft Corporation)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2014-05-18] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-24 09:03 - 2014-05-24 09:03 - 00018080 _____ () C:\Users\Yvette\Downloads\FRST.txt
2014-05-24 09:02 - 2014-05-24 09:03 - 00000000 ____D () C:\FRST
2014-05-24 09:02 - 2014-05-24 09:02 - 02066432 _____ (Farbar) C:\Users\Yvette\Downloads\FRST64.exe
2014-05-24 09:02 - 2014-05-24 09:02 - 01055232 _____ (Farbar) C:\Users\Yvette\Downloads\FRST.exe
2014-05-22 07:16 - 2014-05-24 07:28 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\48230029.sys
2014-05-21 20:48 - 2014-05-21 20:48 - 00001122 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-05-21 20:48 - 2014-05-21 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-05-21 20:48 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2014-05-21 20:47 - 2014-05-24 08:35 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-21 20:47 - 2014-05-21 20:47 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-05-21 20:47 - 2014-04-18 16:35 - 00769632 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2014-05-21 20:47 - 2014-04-18 16:35 - 00141408 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys
2014-05-21 20:47 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klhk.sys
2014-05-21 20:38 - 2014-05-21 20:46 - 168766272 _____ (Kaspersky Lab) C:\Users\Yvette\Downloads\kav15.0.0.463EN_5997 (1).exe
2014-05-21 20:33 - 2014-05-21 20:33 - 00869456 _____ () C:\Users\Yvette\Downloads\Norton_Removal_Tool.exe
2014-05-21 20:29 - 2014-05-21 20:29 - 03105184 _____ () C:\Users\Yvette\Downloads\BitDefender_Uninstall_Tool.exe
2014-05-21 20:02 - 2014-05-21 20:10 - 168766272 _____ (Kaspersky Lab) C:\Users\Yvette\Downloads\kav15.0.0.463EN_5997.exe
2014-05-21 19:50 - 2014-05-21 19:50 - 00688992 _____ (Swearware) C:\Users\Yvette\Downloads\dds (1).com
2014-05-21 19:49 - 2014-05-21 19:49 - 00688992 _____ (Swearware) C:\Users\Yvette\Downloads\dds.com
2014-05-20 21:31 - 2014-05-24 07:45 - 00000955 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-05-20 21:29 - 2014-05-24 07:42 - 00007456 _____ () C:\WINDOWS\system32\SettingsFile
2014-05-19 20:54 - 2013-08-22 09:25 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140519-205449.backup
2014-05-19 19:11 - 2014-05-19 20:50 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-19 19:11 - 2014-05-19 19:29 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-19 19:11 - 2014-05-19 19:11 - 00001366 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-19 19:11 - 2014-05-19 19:11 - 00001354 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-19 19:11 - 2014-05-19 19:11 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-05-19 19:11 - 2014-05-19 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-19 19:11 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-05-19 19:03 - 2014-05-19 19:08 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Yvette\Downloads\spybot-2.3.exe
2014-05-18 19:08 - 2014-05-18 19:08 - 00918672 _____ (Google Inc.) C:\Users\Yvette\Downloads\ChromeSetup (1).exe
2014-05-18 19:07 - 2014-05-24 08:37 - 00002170 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-18 19:07 - 2014-05-18 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-18 18:57 - 2014-05-18 18:57 - 00918672 _____ (Google Inc.) C:\Users\Yvette\Downloads\ChromeSetup.exe
2014-05-18 16:19 - 2014-05-18 16:19 - 00000000 ____D () C:\Users\Yvette\AppData\Local\SearchProtect
2014-05-18 16:06 - 2014-05-18 16:06 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Identity Safe
2014-05-18 13:00 - 2014-05-18 13:00 - 00000000 ____D () C:\ProgramData\Recovery
2014-05-18 08:19 - 2014-05-24 08:35 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-05-18 08:19 - 2014-05-18 08:19 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-18 08:19 - 2014-05-18 08:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-18 08:19 - 2014-05-18 08:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-18 08:19 - 2014-05-18 08:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-18 08:19 - 2014-04-03 10:47 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-05-18 08:19 - 2014-04-03 10:47 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-05-18 08:19 - 2014-04-03 10:47 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-05-18 08:17 - 2014-05-18 08:18 - 17305528 _____ (Malwarebytes Corporation ) C:\Users\Yvette\Downloads\mbam_premium.exe
2014-05-18 07:26 - 2014-05-18 07:26 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-05-18 07:26 - 2014-05-18 07:26 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-05-18 07:26 - 2014-05-18 07:26 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-05-18 07:25 - 2014-05-18 07:25 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-05-18 07:25 - 2014-05-18 07:25 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-05-18 07:25 - 2014-05-18 07:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-05-18 07:25 - 2014-05-18 07:25 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-05-18 01:13 - 2014-05-18 01:13 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-05-18 01:13 - 2014-05-18 01:13 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-05-18 01:12 - 2014-05-18 01:12 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-05-18 01:12 - 2014-05-18 01:12 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-05-18 01:12 - 2014-05-18 01:12 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 02008408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-05-18 01:12 - 2014-05-18 01:12 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-05-18 01:12 - 2014-05-18 01:12 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-05-18 01:12 - 2014-05-18 01:12 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-05-18 01:12 - 2014-05-18 01:12 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-05-18 01:12 - 2014-05-18 01:12 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-05-18 01:12 - 2014-05-18 01:12 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-05-18 01:12 - 2014-05-18 01:12 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-05-18 01:11 - 2014-05-18 01:11 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-05-18 01:11 - 2014-05-18 01:11 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-05-18 01:11 - 2014-05-18 01:11 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-05-18 01:11 - 2014-05-18 01:11 - 01287576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 01109424 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-05-18 01:11 - 2014-05-18 01:11 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-05-18 01:11 - 2014-05-18 01:11 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-05-18 01:10 - 2014-05-18 01:10 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-05-18 01:10 - 2014-05-18 01:10 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-05-18 01:10 - 2014-05-18 01:10 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-05-18 01:10 - 2014-05-18 01:10 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-18 01:10 - 2014-05-18 01:10 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-05-18 01:10 - 2014-05-18 01:10 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-18 01:10 - 2014-05-18 01:10 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-18 00:54 - 2014-05-18 00:54 - 00014540 _____ () C:\WINDOWS\system32\reimage.rep
2014-05-17 23:35 - 2013-11-12 02:39 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-!User_SID!
2014-05-17 23:34 - 2013-11-12 01:12 - 00003902 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1A211DA5-FE5E-453F-BF81-0E42091664F4}
2014-05-17 23:33 - 2013-08-22 07:38 - 00395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2014-05-17 23:33 - 2013-06-18 10:45 - 00147584 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\E1G6032E.sys
2014-05-17 21:32 - 2014-05-17 23:39 - 00000000 ____D () C:\ReimageUndo
2014-05-17 21:32 - 2014-05-17 21:32 - 00016224 _____ () C:\WINDOWS\system32\Native.exe
2014-05-17 21:26 - 2014-05-17 21:26 - 01526592 _____ (LogMeIn, Inc.) C:\Users\Yvette\Downloads\Support-LogMeInRescue.exe
2014-05-17 21:26 - 2014-05-17 21:26 - 00002268 _____ () C:\Users\Yvette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tech Support.lnk
2014-05-17 21:12 - 2014-05-17 21:12 - 00000000 ____D () C:\ProgramData\CDB
2014-05-17 21:11 - 2014-05-18 07:46 - 00001924 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2014-05-17 21:11 - 2014-05-18 07:46 - 00000000 ____D () C:\rei
2014-05-17 21:11 - 2014-05-17 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2014-05-17 21:11 - 2014-05-17 21:11 - 00000000 ____D () C:\Program Files\Reimage
2014-05-17 21:10 - 2014-05-18 09:03 - 00000180 _____ () C:\WINDOWS\Reimage.ini
2014-05-17 21:10 - 2014-05-17 21:10 - 00816808 _____ (Reimage®) C:\Users\Yvette\Downloads\ReimageRepair.exe
2014-05-17 20:52 - 2014-05-17 21:00 - 00000000 ____D () C:\NPE
2014-05-17 20:50 - 2014-05-17 21:04 - 00000000 ____D () C:\Users\Yvette\AppData\Local\NPE
2014-05-17 12:21 - 2014-05-24 08:36 - 00000000 ____D () C:\Program Files\pcreg
2014-05-17 12:21 - 2014-05-17 12:21 - 00003688 _____ () C:\WINDOWS\System32\Tasks\pcreg
2014-05-17 11:33 - 2014-05-18 08:29 - 00000000 ____D () C:\Program Files (x86)\Rr Savings
2014-05-17 11:31 - 2014-05-17 11:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-17 11:31 - 2014-05-17 11:39 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-17 11:31 - 2014-05-17 11:39 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-17 11:31 - 2014-05-17 11:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-17 11:31 - 2014-05-17 11:31 - 00000000 ____D () C:\Users\Yvette\AppData\Roaming\Mozilla
2014-05-17 11:31 - 2014-05-17 11:31 - 00000000 ____D () C:\Users\Yvette\AppData\Local\Mozilla
2014-05-17 11:31 - 2014-05-17 11:31 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-17 11:27 - 2014-05-18 00:54 - 00000000 ____D () C:\Program Files\002
2014-05-17 11:26 - 2014-05-17 11:26 - 00004384 _____ () C:\WINDOWS\System32\Tasks\BrowserSafeguard Update Task
2014-05-17 07:56 - 2014-05-17 07:56 - 00173182 _____ () C:\Users\Yvette\Downloads\PicLauren.jpg-large
2014-05-15 07:38 - 2013-09-13 04:24 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-15 07:38 - 2013-09-12 23:28 - 03524096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-15 07:38 - 2013-08-22 05:41 - 00569232 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-15 07:38 - 2013-08-22 04:31 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-15 07:38 - 2013-08-22 04:22 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-05-15 07:38 - 2013-08-22 04:08 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-15 07:38 - 2013-08-22 02:17 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-15 07:38 - 2013-08-22 02:16 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-15 07:38 - 2013-08-22 02:11 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-15 07:38 - 2013-08-22 02:11 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-15 07:38 - 2013-08-22 02:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-15 07:38 - 2013-08-22 02:08 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-15 07:38 - 2013-08-22 02:03 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-15 07:38 - 2013-08-21 22:25 - 00431816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-15 07:38 - 2013-08-21 21:02 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-15 07:38 - 2013-08-21 20:43 - 00304640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-15 07:38 - 2013-08-21 19:22 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-15 07:38 - 2013-08-21 19:21 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-15 07:38 - 2013-08-21 19:18 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-15 07:38 - 2013-08-21 19:17 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-15 07:37 - 2013-10-18 21:38 - 23213056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-15 07:37 - 2013-10-18 19:59 - 17143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-15 07:37 - 2013-08-22 03:29 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-15 07:37 - 2013-08-21 20:13 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-15 07:36 - 2014-04-08 18:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-15 07:36 - 2014-04-08 18:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-15 07:36 - 2014-04-08 14:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-15 07:36 - 2014-04-08 14:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-14 08:03 - 2014-05-14 08:03 - 00147564 _____ () C:\Users\Yvette\Downloads\PicYolanda.jpg-large
2014-05-14 07:15 - 2014-05-14 07:15 - 00281008 _____ () C:\WINDOWS\Minidump\051414-36718-01.dmp
2014-05-14 07:15 - 2014-05-14 07:15 - 00000000 ____D () C:\WINDOWS\Minidump
2014-05-14 07:14 - 2014-05-14 07:14 - 565868777 _____ () C:\WINDOWS\MEMORY.DMP
2014-05-12 07:39 - 2014-05-12 07:39 - 00092217 _____ () C:\Users\Yvette\Downloads\PicEvans.jpg-large
2014-05-10 15:19 - 2014-05-10 15:19 - 00155330 _____ () C:\Users\Yvette\Downloads\SrirachaHouse.htm
2014-05-10 15:19 - 2014-05-10 15:19 - 00000000 ____D () C:\Users\Yvette\Downloads\SrirachaHouse_files
2014-05-10 08:13 - 2014-05-10 08:13 - 00093127 _____ () C:\Users\Yvette\Downloads\PicEricStein.jpg-large
2014-05-09 19:27 - 2014-05-09 19:27 - 00256000 _____ (IDT, Inc.) C:\WINDOWS\system32\st646491.dll
2014-05-09 08:24 - 2014-05-09 08:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-09 08:24 - 2014-05-09 08:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-09 08:24 - 2014-05-09 08:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-09 08:23 - 2014-05-09 08:23 - 00000000 __SHD () C:\Users\Yvette\AppData\Local\EmieUserList
2014-05-09 08:23 - 2014-05-09 08:23 - 00000000 __SHD () C:\Users\Yvette\AppData\Local\EmieSiteList
2014-05-09 08:19 - 2014-05-09 08:19 - 06957280 _____ (Microsoft Corporation) C:\Users\Yvette\Downloads\Silverlight.exe
2014-05-09 07:45 - 2014-05-09 07:45 - 00090467 _____ () C:\Users\Yvette\Downloads\PicFausto.jpg-large
2014-05-07 02:53 - 2014-05-07 02:53 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-05-07 02:53 - 2014-05-07 02:53 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-05-05 07:32 - 2014-05-05 07:32 - 00154000 _____ () C:\Users\Yvette\Downloads\PicJohnSantella.jpg-large
2014-05-03 09:54 - 2014-05-03 09:55 - 02525066 _____ () C:\Users\Yvette\Downloads\CNN-Passion Fashion_768Kbps_360p (1).mp4
2014-05-03 09:43 - 2014-05-03 09:43 - 02525066 _____ () C:\Users\Yvette\Downloads\CNN-Passion Fashion_768Kbps_360p.mp4
2014-05-03 09:36 - 2014-05-03 09:36 - 00001363 _____ () C:\Users\Yvette\Desktop\PFF Press Release (1) - Shortcut.lnk
2014-05-02 21:16 - 2013-10-18 20:52 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-05-02 08:04 - 2013-10-18 19:42 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-01 21:20 - 2014-05-17 21:00 - 00000000 ___RD () C:\Users\Yvette\OneDrive
2014-04-30 08:00 - 2014-04-30 08:00 - 00102362 _____ () C:\Users\Yvette\Downloads\PicAntonio&Carmen.jpg-large
2014-04-30 07:28 - 2014-04-30 07:28 - 00884672 _____ (Google Inc.) C:\Users\Yvette\Downloads\googledrivesync (2).exe
2014-04-30 07:26 - 2014-04-30 07:26 - 00044802 _____ () C:\Users\Yvette\Downloads\Fw Delivery Status Notification (Failure).eml
2014-04-30 07:26 - 2014-04-30 07:26 - 00000527 _____ () C:\Users\Yvette\Downloads\ATT00001
2014-04-29 05:30 - 2014-03-06 05:19 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-04-29 05:29 - 2014-05-17 23:33 - 00467800 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-04-29 05:29 - 2014-05-17 23:33 - 00111616 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-04-29 05:29 - 2014-05-17 23:33 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-04-29 05:29 - 2014-03-13 08:35 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-04-29 05:29 - 2014-03-06 04:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-04-29 05:29 - 2013-10-03 01:16 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-04-29 05:29 - 2013-10-03 01:02 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-04-29 05:29 - 2013-09-21 02:54 - 02328328 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-04-29 05:29 - 2013-09-21 02:53 - 01534504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-04-29 05:29 - 2013-09-21 02:53 - 00482456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-04-29 05:29 - 2013-09-21 01:37 - 02065960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-04-29 05:29 - 2013-09-21 01:12 - 01092896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-04-29 05:29 - 2013-09-21 01:09 - 00382224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-04-29 05:29 - 2013-09-20 23:58 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-04-29 05:29 - 2013-09-20 22:27 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-04-29 05:29 - 2013-09-20 22:01 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-04-29 05:29 - 2013-09-20 21:59 - 00940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-04-29 05:29 - 2013-09-20 21:50 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-04-29 05:29 - 2013-09-20 21:31 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-04-29 05:29 - 2013-09-20 21:20 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-04-29 05:29 - 2013-09-20 21:09 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-04-29 05:29 - 2013-09-20 21:08 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-04-29 05:29 - 2013-09-20 20:58 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-04-29 05:29 - 2013-09-18 21:01 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-04-29 05:29 - 2013-09-18 20:32 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-04-29 05:29 - 2013-09-11 01:31 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-04-29 05:29 - 2013-09-11 01:31 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-04-29 05:29 - 2013-09-03 20:48 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-04-29 05:29 - 2013-09-03 20:36 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-04-29 05:29 - 2013-08-31 01:36 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-04-29 05:29 - 2013-08-31 01:12 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-04-29 05:29 - 2013-08-27 23:55 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-04-29 05:29 - 2013-08-22 12:11 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-04-29 05:29 - 2013-08-22 12:11 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-04-29 05:29 - 2013-08-22 12:11 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-04-29 05:29 - 2013-08-22 12:11 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-04-29 05:29 - 2013-08-22 06:25 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-04-29 05:29 - 2013-08-22 06:25 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-04-29 05:29 - 2013-08-22 06:25 - 00337760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-04-29 05:29 - 2013-08-22 05:44 - 00192864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-04-29 05:29 - 2013-08-22 05:43 - 00490848 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-04-29 05:29 - 2013-08-22 05:41 - 00564520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-04-29 05:29 - 2013-08-22 05:41 - 00117784 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-04-29 05:29 - 2013-08-22 05:39 - 02360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-04-29 05:29 - 2013-08-22 05:36 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-04-29 05:29 - 2013-08-22 05:32 - 00461224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-04-29 05:29 - 2013-08-22 05:32 - 00364688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-04-29 05:29 - 2013-08-22 05:32 - 00358976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-04-29 05:29 - 2013-08-22 05:32 - 00245920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-04-29 05:29 - 2013-08-22 04:43 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-04-29 05:29 - 2013-08-22 04:38 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-04-29 05:29 - 2013-08-22 04:38 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-04-29 05:29 - 2013-08-22 04:37 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-04-29 05:29 - 2013-08-22 04:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-04-29 05:29 - 2013-08-22 04:35 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-04-29 05:29 - 2013-08-22 04:35 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-04-29 05:29 - 2013-08-22 04:35 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-04-29 05:29 - 2013-08-22 04:29 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-04-29 05:29 - 2013-08-22 04:28 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-04-29 05:29 - 2013-08-22 04:22 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-04-29 05:29 - 2013-08-22 04:12 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-04-29 05:29 - 2013-08-22 04:11 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-04-29 05:29 - 2013-08-22 04:04 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-04-29 05:29 - 2013-08-22 03:58 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-04-29 05:29 - 2013-08-22 03:42 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-04-29 05:29 - 2013-08-22 03:36 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-04-29 05:29 - 2013-08-22 03:06 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-04-29 05:29 - 2013-08-22 03:05 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-04-29 05:29 - 2013-08-22 03:01 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-04-29 05:29 - 2013-08-22 03:00 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-04-29 05:29 - 2013-08-22 02:59 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-04-29 05:29 - 2013-08-22 02:58 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2014-04-29 05:29 - 2013-08-22 02:56 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-04-29 05:29 - 2013-08-22 02:52 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-04-29 05:29 - 2013-08-22 02:47 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-04-29 05:29 - 2013-08-22 02:46 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-04-29 05:29 - 2013-08-22 02:43 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-04-29 05:29 - 2013-08-22 02:43 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2014-04-29 05:29 - 2013-08-22 02:41 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-04-29 05:29 - 2013-08-22 02:40 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-04-29 05:29 - 2013-08-22 02:39 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-04-29 05:29 - 2013-08-22 02:37 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-04-29 05:29 - 2013-08-22 02:35 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-04-29 05:29 - 2013-08-22 02:35 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-04-29 05:29 - 2013-08-22 02:33 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-04-29 05:29 - 2013-08-22 02:29 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-04-29 05:29 - 2013-08-22 02:29 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-04-29 05:29 - 2013-08-22 02:21 - 00297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-04-29 05:29 - 2013-08-22 02:20 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-04-29 05:29 - 2013-08-22 02:11 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-04-29 05:29 - 2013-08-22 02:10 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-04-29 05:29 - 2013-08-22 02:09 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-04-29 05:29 - 2013-08-22 02:04 - 01044480 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-04-29 05:29 - 2013-08-21 22:30 - 00394072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-04-29 05:29 - 2013-08-21 22:29 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-04-29 05:29 - 2013-08-21 22:28 - 01721000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-04-29 05:29 - 2013-08-21 22:19 - 00406512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-04-29 05:29 - 2013-08-21 22:19 - 00355320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-04-29 05:29 - 2013-08-21 22:19 - 00319232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-04-29 05:29 - 2013-08-21 21:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-04-29 05:29 - 2013-08-21 21:14 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-04-29 05:29 - 2013-08-21 21:01 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-04-29 05:29 - 2013-08-21 21:00 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-04-29 05:29 - 2013-08-21 20:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-04-29 05:29 - 2013-08-21 20:45 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-04-29 05:29 - 2013-08-21 20:40 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-04-29 05:29 - 2013-08-21 20:24 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-04-29 05:29 - 2013-08-21 20:19 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-04-29 05:29 - 2013-08-21 19:55 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-04-29 05:29 - 2013-08-21 19:52 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-04-29 05:29 - 2013-08-21 19:51 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-04-29 05:29 - 2013-08-21 19:50 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-04-29 05:29 - 2013-08-21 19:49 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-04-29 05:29 - 2013-08-21 19:42 - 01352192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-04-29 05:29 - 2013-08-21 19:40 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-04-29 05:29 - 2013-08-21 19:36 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-04-29 05:29 - 2013-08-21 19:35 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-04-29 05:29 - 2013-08-21 19:34 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-04-29 05:29 - 2013-08-21 19:30 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-04-29 05:29 - 2013-08-21 19:25 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-04-29 05:29 - 2013-08-21 19:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-04-29 05:29 - 2013-08-21 19:19 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-04-29 05:29 - 2013-08-21 19:17 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-04-29 05:25 - 2014-05-17 23:33 - 00312160 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-04-29 05:25 - 2013-10-18 20:33 - 02763776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-04-29 05:25 - 2013-10-18 19:19 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-04-29 05:25 - 2013-10-18 18:42 - 12995072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-04-29 05:25 - 2013-10-18 18:27 - 11222016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-04-29 05:25 - 2013-10-02 03:00 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-04-29 05:25 - 2013-09-30 19:42 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-04-29 05:25 - 2013-09-26 00:46 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-04-29 05:25 - 2013-09-26 00:24 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-04-29 05:25 - 2013-09-26 00:23 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-04-29 05:25 - 2013-09-25 23:21 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-04-29 05:25 - 2013-09-25 22:54 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-04-29 05:25 - 2013-09-25 22:47 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-04-29 05:25 - 2013-09-25 22:40 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-04-29 05:25 - 2013-09-23 21:05 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2014-04-29 05:25 - 2013-09-21 01:09 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-04-29 05:25 - 2013-09-20 22:33 - 11366912 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2014-04-29 05:25 - 2013-09-20 21:56 - 08712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2014-04-29 05:25 - 2013-09-20 21:34 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2014-04-29 05:25 - 2013-09-20 21:10 - 12028416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-04-29 05:25 - 2013-09-20 21:05 - 08875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-04-29 05:25 - 2013-09-20 20:44 - 01662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-04-29 05:25 - 2013-09-18 21:08 - 01150976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2014-04-29 05:25 - 2013-09-18 20:27 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2014-04-29 05:25 - 2013-09-18 20:27 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-04-29 05:25 - 2013-09-18 20:11 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2014-04-29 05:25 - 2013-08-22 12:11 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2014-04-29 05:25 - 2013-08-22 05:41 - 02495696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-04-29 05:25 - 2013-08-22 05:41 - 01435312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-04-29 05:25 - 2013-08-22 05:36 - 02622800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-04-29 05:25 - 2013-08-22 05:35 - 01463208 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2014-04-29 05:25 - 2013-08-22 04:35 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2014-04-29 05:25 - 2013-08-22 04:11 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-04-29 05:25 - 2013-08-22 04:02 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-04-29 05:25 - 2013-08-22 03:13 - 00626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-04-29 05:25 - 2013-08-22 03:11 - 02934272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-04-29 05:25 - 2013-08-22 03:07 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-04-29 05:25 - 2013-08-22 02:29 - 03486208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2014-04-29 05:25 - 2013-08-22 02:15 - 13943296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2014-04-29 05:25 - 2013-08-22 02:04 - 02368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2014-04-29 05:25 - 2013-08-22 02:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-04-29 05:25 - 2013-08-22 02:00 - 01762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-04-29 05:25 - 2013-08-21 21:06 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OobeFldr.dll
2014-04-29 05:25 - 2013-08-21 20:01 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-04-29 05:25 - 2013-08-21 19:58 - 01926144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-04-29 05:25 - 2013-08-21 19:45 - 02633216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2014-04-29 05:25 - 2013-08-21 19:38 - 11760128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2014-04-29 05:25 - 2013-08-21 19:17 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2014-04-29 05:25 - 2013-08-21 19:14 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-04-29 05:25 - 2013-08-14 16:36 - 00165583 _____ () C:\WINDOWS\system32\systemsf.ebd
2014-04-29 05:24 - 2014-05-17 23:33 - 00551776 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-04-29 05:24 - 2014-05-17 23:33 - 00522592 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2014-04-29 05:24 - 2014-05-17 23:33 - 00371032 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-04-29 05:24 - 2014-05-17 23:33 - 00325472 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-04-29 05:24 - 2014-05-17 23:33 - 00285536 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-04-29 05:24 - 2014-05-17 23:33 - 00236376 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-04-29 05:24 - 2014-05-17 23:33 - 00142688 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-04-29 05:24 - 2014-02-22 08:11 - 00272896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-04-29 05:24 - 2014-02-22 08:07 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofUtil.dll
2014-04-29 05:24 - 2014-02-22 06:47 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2014-04-29 05:24 - 2014-02-22 06:38 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2014-04-29 05:24 - 2014-02-22 05:35 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2014-04-29 05:24 - 2014-02-22 00:33 - 00262335 _____ () C:\WINDOWS\system32\dfpinc.dat
2014-04-29 05:24 - 2013-10-23 03:01 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-04-29 05:24 - 2013-10-23 00:59 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-04-29 05:24 - 2013-10-02 01:47 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-04-29 05:24 - 2013-09-30 19:36 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-04-29 05:24 - 2013-09-26 04:08 - 00707560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2014-04-29 05:24 - 2013-09-26 01:20 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2014-04-29 05:24 - 2013-09-25 23:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2014-04-29 05:24 - 2013-09-25 23:14 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2014-04-29 05:24 - 2013-09-25 22:34 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2014-04-29 05:24 - 2013-09-25 22:34 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2014-04-29 05:24 - 2013-09-25 02:25 - 00783504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2014-04-29 05:24 - 2013-09-25 00:58 - 00648648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2014-04-29 05:24 - 2013-09-24 02:12 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2014-04-29 05:24 - 2013-09-21 04:10 - 00579416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-04-29 05:24 - 2013-09-21 03:50 - 00528048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2014-04-29 05:24 - 2013-09-21 03:48 - 00534048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2014-04-29 05:24 - 2013-09-21 03:48 - 00123480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-04-29 05:24 - 2013-09-21 03:04 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-04-29 05:24 - 2013-09-21 02:53 - 00996320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2014-04-29 05:24 - 2013-09-21 02:53 - 00366688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2014-04-29 05:24 - 2013-09-21 02:51 - 01720552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-04-29 05:24 - 2013-09-21 01:23 - 00427096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2014-04-29 05:24 - 2013-09-21 01:23 - 00098104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-04-29 05:24 - 2013-09-21 01:09 - 00312936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2014-04-29 05:24 - 2013-09-20 21:38 - 00365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-04-29 05:24 - 2013-09-20 21:02 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2014-04-29 05:24 - 2013-09-20 20:54 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2014-04-29 05:24 - 2013-09-20 20:39 - 01455616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2014-04-29 05:24 - 2013-09-20 20:36 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-04-29 05:24 - 2013-09-18 20:37 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2014-04-29 05:24 - 2013-09-18 20:10 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-04-29 05:24 - 2013-09-18 19:59 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-04-29 05:24 - 2013-09-18 19:55 - 00552448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2014-04-29 05:24 - 2013-09-18 19:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-04-29 05:24 - 2013-09-18 19:32 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-04-29 05:24 - 2013-09-18 19:29 - 01581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-04-29 05:24 - 2013-09-16 21:15 - 01225728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-04-29 05:24 - 2013-09-16 20:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-04-29 05:24 - 2013-09-16 20:08 - 00738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2014-04-29 05:24 - 2013-09-16 19:28 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2014-04-29 05:24 - 2013-09-14 00:35 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2014-04-29 05:24 - 2013-09-12 23:55 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-04-29 05:24 - 2013-09-07 03:30 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2014-04-29 05:24 - 2013-09-07 03:13 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2014-04-29 05:24 - 2013-09-04 23:39 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-04-29 05:24 - 2013-09-03 22:16 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2014-04-29 05:24 - 2013-08-22 06:25 - 00382200 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-04-29 05:24 - 2013-08-22 06:25 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-04-29 05:24 - 2013-08-22 06:25 - 00330016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-04-29 05:24 - 2013-08-22 06:25 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PkgMgr.exe
2014-04-29 05:24 - 2013-08-22 05:46 - 01934296 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2014-04-29 05:24 - 2013-08-22 05:46 - 01207024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2014-04-29 05:24 - 2013-08-22 05:43 - 00374112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-04-29 05:24 - 2013-08-22 05:42 - 00172016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2014-04-29 05:24 - 2013-08-22 05:42 - 00084696 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2014-04-29 05:24 - 2013-08-22 05:41 - 00317112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-04-29 05:24 - 2013-08-22 05:41 - 00244856 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-04-29 05:24 - 2013-08-22 05:41 - 00151832 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2014-04-29 05:24 - 2013-08-22 05:40 - 01793296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2014-04-29 05:24 - 2013-08-22 05:39 - 01653864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-04-29 05:24 - 2013-08-22 05:39 - 01517984 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-04-29 05:24 - 2013-08-22 05:39 - 00646168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-04-29 05:24 - 2013-08-22 05:39 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2014-04-29 05:24 - 2013-08-22 05:39 - 00254688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-04-29 05:24 - 2013-08-22 05:35 - 00669392 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2014-04-29 05:24 - 2013-08-22 05:32 - 01215840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2014-04-29 05:24 - 2013-08-22 05:32 - 00608984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-04-29 05:24 - 2013-08-22 05:32 - 00385344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2014-04-29 05:24 - 2013-08-22 05:32 - 00322336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-04-29 05:24 - 2013-08-22 04:47 - 01165824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-04-29 05:24 - 2013-08-22 04:44 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2014-04-29 05:24 - 2013-08-22 04:43 - 02826752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2014-04-29 05:24 - 2013-08-22 04:39 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2014-04-29 05:24 - 2013-08-22 04:36 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2014-04-29 05:24 - 2013-08-22 04:35 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll
2014-04-29 05:24 - 2013-08-22 04:34 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2014-04-29 05:24 - 2013-08-22 04:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2014-04-29 05:24 - 2013-08-22 04:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2014-04-29 05:24 - 2013-08-22 04:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-04-29 05:24 - 2013-08-22 04:14 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2014-04-29 05:24 - 2013-08-22 04:11 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-04-29 05:24 - 2013-08-22 03:49 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-04-29 05:24 - 2013-08-22 03:47 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-04-29 05:24 - 2013-08-22 03:46 - 02862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2014-04-29 05:24 - 2013-08-22 03:43 - 02289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2014-04-29 05:24 - 2013-08-22 03:34 - 00876544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-04-29 05:24 - 2013-08-22 03:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2014-04-29 05:24 - 2013-08-22 03:32 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-04-29 05:24 - 2013-08-22 03:32 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-04-29 05:24 - 2013-08-22 03:31 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2014-04-29 05:24 - 2013-08-22 03:30 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2014-04-29 05:24 - 2013-08-22 03:24 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2014-04-29 05:24 - 2013-08-22 03:21 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-04-29 05:24 - 2013-08-22 03:19 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2014-04-29 05:24 - 2013-08-22 03:19 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2014-04-29 05:24 - 2013-08-22 03:18 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2014-04-29 05:24 - 2013-08-22 03:17 - 01542144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2014-04-29 05:24 - 2013-08-22 03:15 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2014-04-29 05:24 - 2013-08-22 03:13 - 02705920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2014-04-29 05:24 - 2013-08-22 03:13 - 01225728 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2014-04-29 05:24 - 2013-08-22 03:13 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-04-29 05:24 - 2013-08-22 03:08 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2014-04-29 05:24 - 2013-08-22 03:08 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2014-04-29 05:24 - 2013-08-22 03:07 - 02634240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-04-29 05:24 - 2013-08-22 03:05 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-04-29 05:24 - 2013-08-22 03:04 - 03594240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2014-04-29 05:24 - 2013-08-22 03:04 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-04-29 05:24 - 2013-08-22 03:02 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2014-04-29 05:24 - 2013-08-22 03:01 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2014-04-29 05:24 - 2013-08-22 02:57 - 00429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-04-29 05:24 - 2013-08-22 02:55 - 00564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-04-29 05:24 - 2013-08-22 02:54 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2014-04-29 05:24 - 2013-08-22 02:54 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2014-04-29 05:24 - 2013-08-22 02:54 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-04-29 05:24 - 2013-08-22 02:53 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-04-29 05:24 - 2013-08-22 02:52 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2014-04-29 05:24 - 2013-08-22 02:50 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2014-04-29 05:24 - 2013-08-22 02:48 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2014-04-29 05:24 - 2013-08-22 02:47 - 00967680 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2014-04-29 05:24 - 2013-08-22 02:46 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2014-04-29 05:24 - 2013-08-22 02:46 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2014-04-29 05:24 - 2013-08-22 02:46 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2014-04-29 05:24 - 2013-08-22 02:41 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-04-29 05:24 - 2013-08-22 02:39 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2014-04-29 05:24 - 2013-08-22 02:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2014-04-29 05:24 - 2013-08-22 02:38 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-04-29 05:24 - 2013-08-22 02:30 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2014-04-29 05:24 - 2013-08-22 02:29 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-04-29 05:24 - 2013-08-22 02:26 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-04-29 05:24 - 2013-08-22 02:26 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2014-04-29 05:24 - 2013-08-22 02:22 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll
2014-04-29 05:24 - 2013-08-22 02:18 - 01766912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2014-04-29 05:24 - 2013-08-22 02:15 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2014-04-29 05:24 - 2013-08-22 02:14 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2014-04-29 05:24 - 2013-08-22 02:12 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2014-04-29 05:24 - 2013-08-22 02:12 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-04-29 05:24 - 2013-08-22 02:09 - 01135104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-04-29 05:24 - 2013-08-22 02:08 - 00996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2014-04-29 05:24 - 2013-08-22 02:07 - 00844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2014-04-29 05:24 - 2013-08-22 02:07 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-04-29 05:24 - 2013-08-22 02:04 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2014-04-29 05:24 - 2013-08-22 02:03 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-04-29 05:24 - 2013-08-22 02:00 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2014-04-29 05:24 - 2013-08-22 01:58 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2014-04-29 05:24 - 2013-08-22 01:54 - 02758144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-04-29 05:24 - 2013-08-22 01:50 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2014-04-29 05:24 - 2013-08-22 01:47 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-04-29 05:24 - 2013-08-21 22:31 - 01766896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2014-04-29 05:24 - 2013-08-21 22:31 - 01064488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2014-04-29 05:24 - 2013-08-21 22:29 - 00235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-04-29 05:24 - 2013-08-21 22:25 - 02410504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-04-29 05:24 - 2013-08-21 22:25 - 01370776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-04-29 05:24 - 2013-08-21 22:25 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-04-29 05:24 - 2013-08-21 22:22 - 00489088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2014-04-29 05:24 - 2013-08-21 22:21 - 01085152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2014-04-29 05:24 - 2013-08-21 22:21 - 00506672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2014-04-29 05:24 - 2013-08-21 22:19 - 01011288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2014-04-29 05:24 - 2013-08-21 22:19 - 00518080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-04-29 05:24 - 2013-08-21 22:19 - 00290232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2014-04-29 05:24 - 2013-08-21 22:19 - 00283576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-04-29 05:24 - 2013-08-21 21:13 - 02428416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2014-04-29 05:24 - 2013-08-21 21:06 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2014-04-29 05:24 - 2013-08-21 21:01 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2014-04-29 05:24 - 2013-08-21 20:59 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-04-29 05:24 - 2013-08-21 20:45 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-04-29 05:24 - 2013-08-21 20:25 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2014-04-29 05:24 - 2013-08-21 20:24 - 02810880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2014-04-29 05:24 - 2013-08-21 20:16 - 00773632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-04-29 05:24 - 2013-08-21 20:16 - 00437760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-04-29 05:24 - 2013-08-21 20:15 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-04-29 05:24 - 2013-08-21 20:15 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2014-04-29 05:24 - 2013-08-21 20:14 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2014-04-29 05:24 - 2013-08-21 20:13 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2014-04-29 05:24 - 2013-08-21 20:06 - 00676864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2014-04-29 05:24 - 2013-08-21 20:06 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-04-29 05:24 - 2013-08-21 20:03 - 02214400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-04-29 05:24 - 2013-08-21 19:55 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-04-29 05:24 - 2013-08-21 19:53 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2014-04-29 05:24 - 2013-08-21 19:51 - 01363456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-04-29 05:24 - 2013-08-21 19:49 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-04-29 05:24 - 2013-08-21 19:43 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2014-04-29 05:24 - 2013-08-21 19:43 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2014-04-29 05:24 - 2013-08-21 19:42 - 00440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2014-04-29 05:24 - 2013-08-21 19:31 - 01373184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-04-29 05:24 - 2013-08-21 19:31 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2014-04-29 05:24 - 2013-08-21 19:26 - 00877568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-04-29 05:24 - 2013-08-21 19:24 - 01370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RacEngn.dll
2014-04-29 05:24 - 2013-08-21 19:19 - 00643584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2014-04-29 05:24 - 2013-08-21 19:17 - 00935936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2014-04-29 05:24 - 2013-08-21 19:17 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-04-29 05:24 - 2013-08-21 19:16 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2014-04-29 05:24 - 2013-08-21 19:13 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-04-29 05:24 - 2013-08-21 19:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2014-04-29 05:24 - 2013-08-21 19:04 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2014-04-29 05:23 - 2014-05-17 23:33 - 00189792 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-04-29 05:23 - 2014-05-17 23:33 - 00151384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-04-29 05:23 - 2014-05-17 23:33 - 00078688 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2014-04-29 05:23 - 2014-05-17 23:33 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2014-04-29 05:23 - 2014-02-01 02:00 - 00002255 _____ () C:\WINDOWS\SysWOW64\WimBootCompress.ini
2014-04-29 05:23 - 2014-02-01 02:00 - 00002255 _____ () C:\WINDOWS\system32\WimBootCompress.ini
2014-04-29 05:23 - 2013-09-20 20:38 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-04-29 05:23 - 2013-09-16 21:00 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2014-04-29 05:23 - 2013-09-12 23:30 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-04-29 05:23 - 2013-08-22 06:25 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PkgMgr.exe
2014-04-29 05:23 - 2013-08-22 06:25 - 00142576 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2014-04-29 05:23 - 2013-08-22 06:25 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SSShim.dll
2014-04-29 05:23 - 2013-08-22 06:25 - 00094056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2014-04-29 05:23 - 2013-08-22 05:49 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2014-04-29 05:23 - 2013-08-22 05:46 - 00275320 _____ (Microsoft Corporation) C:\WINDOWS\system32\powrprof.dll
2014-04-29 05:23 - 2013-08-22 05:46 - 00187992 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2014-04-29 05:23 - 2013-08-22 05:46 - 00071896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2014-04-29 05:23 - 2013-08-22 05:45 - 00028000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2014-04-29 05:23 - 2013-08-22 05:43 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-04-29 05:23 - 2013-08-22 05:42 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2014-04-29 05:23 - 2013-08-22 05:41 - 00162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2014-04-29 05:23 - 2013-08-22 05:41 - 00131168 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-04-29 05:23 - 2013-08-22 05:41 - 00054304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-04-29 05:23 - 2013-08-22 05:41 - 00032072 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2014-04-29 05:23 - 2013-08-22 05:39 - 00924512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2014-04-29 05:23 - 2013-08-22 05:39 - 00209168 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2014-04-29 05:23 - 2013-08-22 05:39 - 00143568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2014-04-29 05:23 - 2013-08-22 05:39 - 00100200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2014-04-29 05:23 - 2013-08-22 05:39 - 00041328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2014-04-29 05:23 - 2013-08-22 05:38 - 00036208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2014-04-29 05:23 - 2013-08-22 05:32 - 00994144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2014-04-29 05:23 - 2013-08-22 05:32 - 00028416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-04-29 05:23 - 2013-08-22 04:44 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-04-29 05:23 - 2013-08-22 04:41 - 00902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2014-04-29 05:23 - 2013-08-22 04:41 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2014-04-29 05:23 - 2013-08-22 04:41 - 00874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2014-04-29 05:23 - 2013-08-22 04:40 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2014-04-29 05:23 - 2013-08-22 04:39 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2014-04-29 05:23 - 2013-08-22 04:35 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2014-04-29 05:23 - 2013-08-22 04:35 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2014-04-29 05:23 - 2013-08-22 04:34 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-04-29 05:23 - 2013-08-22 04:33 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2014-04-29 05:23 - 2013-08-22 04:32 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2014-04-29 05:23 - 2013-08-22 04:32 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2014-04-29 05:23 - 2013-08-22 04:31 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-04-29 05:23 - 2013-08-22 04:31 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2014-04-29 05:23 - 2013-08-22 04:31 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
2014-04-29 05:23 - 2013-08-22 04:30 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-04-29 05:23 - 2013-08-22 04:29 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-04-29 05:23 - 2013-08-22 04:24 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2014-04-29 05:23 - 2013-08-22 04:23 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2014-04-29 05:23 - 2013-08-22 04:21 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2014-04-29 05:23 - 2013-08-22 04:21 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2014-04-29 05:23 - 2013-08-22 04:20 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-04-29 05:23 - 2013-08-22 04:20 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2014-04-29 05:23 - 2013-08-22 04:19 - 00039224 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2014-04-29 05:23 - 2013-08-22 04:16 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2014-04-29 05:23 - 2013-08-22 04:13 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2014-04-29 05:23 - 2013-08-22 04:11 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2014-04-29 05:23 - 2013-08-22 04:09 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2014-04-29 05:23 - 2013-08-22 04:08 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2014-04-29 05:23 - 2013-08-22 04:06 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-04-29 05:23 - 2013-08-22 04:06 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-04-29 05:23 - 2013-08-22 04:02 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2014-04-29 05:23 - 2013-08-22 04:01 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2014-04-29 05:23 - 2013-08-22 04:01 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-04-29 05:23 - 2013-08-22 04:00 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2014-04-29 05:23 - 2013-08-22 03:57 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-04-29 05:23 - 2013-08-22 03:53 - 00458240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2014-04-29 05:23 - 2013-08-22 03:53 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2014-04-29 05:23 - 2013-08-22 03:52 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2014-04-29 05:23 - 2013-08-22 03:51 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-04-29 05:23 - 2013-08-22 03:50 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2014-04-29 05:23 - 2013-08-22 03:50 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2014-04-29 05:23 - 2013-08-22 03:48 - 01283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2014-04-29 05:23 - 2013-08-22 03:48 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2014-04-29 05:23 - 2013-08-22 03:47 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2014-04-29 05:23 - 2013-08-22 03:47 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAConn.dll
2014-04-29 05:23 - 2013-08-22 03:46 - 00350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2014-04-29 05:23 - 2013-08-22 03:45 - 00466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-04-29 05:23 - 2013-08-22 03:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2014-04-29 05:23 - 2013-08-22 03:45 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2014-04-29 05:23 - 2013-08-22 03:43 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2014-04-29 05:23 - 2013-08-22 03:42 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2014-04-29 05:23 - 2013-08-22 03:39 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2014-04-29 05:23 - 2013-08-22 03:38 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2014-04-29 05:23 - 2013-08-22 03:34 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2014-04-29 05:23 - 2013-08-22 03:29 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-04-29 05:23 - 2013-08-22 03:28 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2014-04-29 05:23 - 2013-08-22 03:27 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-04-29 05:23 - 2013-08-22 03:27 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-04-29 05:23 - 2013-08-22 03:25 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-04-29 05:23 - 2013-08-22 03:24 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2014-04-29 05:23 - 2013-08-22 03:19 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2014-04-29 05:23 - 2013-08-22 03:17 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2014-04-29 05:23 - 2013-08-22 03:16 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2014-04-29 05:23 - 2013-08-22 03:13 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-04-29 05:23 - 2013-08-22 03:03 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2014-04-29 05:23 - 2013-08-22 03:02 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2014-04-29 05:23 - 2013-08-22 03:01 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-04-29 05:23 - 2013-08-22 03:00 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2014-04-29 05:23 - 2013-08-22 02:59 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2014-04-29 05:23 - 2013-08-22 02:57 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2014-04-29 05:23 - 2013-08-22 02:53 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll
2014-04-29 05:23 - 2013-08-22 02:53 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-29 05:23 - 2013-08-22 02:50 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2014-04-29 05:23 - 2013-08-22 02:48 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2014-04-29 05:23 - 2013-08-22 02:44 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-04-29 05:23 - 2013-08-22 02:41 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-04-29 05:23 - 2013-08-22 02:40 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2014-04-29 05:23 - 2013-08-22 02:37 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2014-04-29 05:23 - 2013-08-22 02:36 - 00660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-04-29 05:23 - 2013-08-22 02:36 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2014-04-29 05:23 - 2013-08-22 02:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-04-29 05:23 - 2013-08-22 02:34 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-04-29 05:23 - 2013-08-22 02:33 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2014-04-29 05:23 - 2013-08-22 02:32 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-04-29 05:23 - 2013-08-22 02:22 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll
2014-04-29 05:23 - 2013-08-22 02:21 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2014-04-29 05:23 - 2013-08-22 02:21 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-04-29 05:23 - 2013-08-22 02:19 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-04-29 05:23 - 2013-08-22 02:19 - 00534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2014-04-29 05:23 - 2013-08-22 02:16 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2014-04-29 05:23 - 2013-08-22 02:16 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll
2014-04-29 05:23 - 2013-08-22 02:15 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2014-04-29 05:23 - 2013-08-22 02:14 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2014-04-29 05:23 - 2013-08-22 02:13 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-04-29 05:23 - 2013-08-22 02:12 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2014-04-29 05:23 - 2013-08-22 02:10 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-04-29 05:23 - 2013-08-22 02:09 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2014-04-29 05:23 - 2013-08-22 02:08 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AltTab.dll
2014-04-29 05:23 - 2013-08-22 02:07 - 03311616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2014-04-29 05:23 - 2013-08-22 02:07 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2014-04-29 05:23 - 2013-08-22 02:07 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-04-29 05:23 - 2013-08-22 02:06 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2014-04-29 05:23 - 2013-08-22 02:06 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2014-04-29 05:23 - 2013-08-22 02:04 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Renewal.dll
2014-04-29 05:23 - 2013-08-22 02:03 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2014-04-29 05:23 - 2013-08-22 01:59 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2014-04-29 05:23 - 2013-08-22 01:57 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-04-29 05:23 - 2013-08-22 01:57 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2014-04-29 05:23 - 2013-08-22 01:50 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2014-04-29 05:23 - 2013-08-22 01:48 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2014-04-29 05:23 - 2013-08-22 01:47 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2014-04-29 05:23 - 2013-08-21 22:31 - 00251512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powrprof.dll
2014-04-29 05:23 - 2013-08-21 22:30 - 00140968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2014-04-29 05:23 - 2013-08-21 22:25 - 00137352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2014-04-29 05:23 - 2013-08-21 22:25 - 00089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2014-04-29 05:23 - 2013-08-21 22:25 - 00039208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2014-04-29 05:23 - 2013-08-21 22:25 - 00029440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2014-04-29 05:23 - 2013-08-21 22:24 - 00231872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2014-04-29 05:23 - 2013-08-21 22:24 - 00033064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2014-04-29 05:23 - 2013-08-21 22:21 - 00079504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2014-04-29 05:23 - 2013-08-21 21:13 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2014-04-29 05:23 - 2013-08-21 21:13 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2014-04-29 05:23 - 2013-08-21 21:13 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2014-04-29 05:23 - 2013-08-21 21:06 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2014-04-29 05:23 - 2013-08-21 21:06 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clrhost.dll
2014-04-29 05:23 - 2013-08-21 21:04 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2014-04-29 05:23 - 2013-08-21 21:03 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-04-29 05:23 - 2013-08-21 21:03 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2014-04-29 05:23 - 2013-08-21 20:57 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2014-04-29 05:23 - 2013-08-21 20:54 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-04-29 05:23 - 2013-08-21 20:48 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2014-04-29 05:23 - 2013-08-21 20:38 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2014-04-29 05:23 - 2013-08-21 20:37 - 00212480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cleanmgr.exe
2014-04-29 05:23 - 2013-08-21 20:34 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-29 05:23 - 2013-08-21 20:32 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2014-04-29 05:23 - 2013-08-21 20:30 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-04-29 05:23 - 2013-08-21 20:29 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2014-04-29 05:23 - 2013-08-21 20:27 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-04-29 05:23 - 2013-08-21 20:27 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2014-04-29 05:23 - 2013-08-21 20:26 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2014-04-29 05:23 - 2013-08-21 20:26 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2014-04-29 05:23 - 2013-08-21 20:26 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2014-04-29 05:23 - 2013-08-21 20:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2014-04-29 05:23 - 2013-08-21 20:23 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2014-04-29 05:23 - 2013-08-21 20:17 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2014-04-29 05:23 - 2013-08-21 20:12 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-04-29 05:23 - 2013-08-21 20:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-04-29 05:23 - 2013-08-21 20:06 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2014-04-29 05:23 - 2013-08-21 20:03 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-04-29 05:23 - 2013-08-21 20:02 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2014-04-29 05:23 - 2013-08-21 19:59 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2014-04-29 05:23 - 2013-08-21 19:58 - 03083776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2014-04-29 05:23 - 2013-08-21 19:58 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2014-04-29 05:23 - 2013-08-21 19:55 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2014-04-29 05:23 - 2013-08-21 19:54 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2014-04-29 05:23 - 2013-08-21 19:53 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2014-04-29 05:23 - 2013-08-21 19:52 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-04-29 05:23 - 2013-08-21 19:51 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2014-04-29 05:23 - 2013-08-21 19:50 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2014-04-29 05:23 - 2013-08-21 19:49 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-04-29 05:23 - 2013-08-21 19:48 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2014-04-29 05:23 - 2013-08-21 19:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-29 05:23 - 2013-08-21 19:44 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2014-04-29 05:23 - 2013-08-21 19:38 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2014-04-29 05:23 - 2013-08-21 19:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2014-04-29 05:23 - 2013-08-21 19:36 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2014-04-29 05:23 - 2013-08-21 19:35 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-04-29 05:23 - 2013-08-21 19:34 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-04-29 05:23 - 2013-08-21 19:32 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2014-04-29 05:23 - 2013-08-21 19:32 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2014-04-29 05:23 - 2013-08-21 19:29 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2014-04-29 05:23 - 2013-08-21 19:27 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slpts.dll
2014-04-29 05:23 - 2013-08-21 19:25 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2014-04-29 05:23 - 2013-08-21 19:21 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-04-29 05:23 - 2013-08-21 19:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2014-04-29 05:23 - 2013-08-21 19:21 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2014-04-29 05:23 - 2013-08-21 19:20 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2014-04-29 05:23 - 2013-08-21 19:20 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2014-04-29 05:23 - 2013-08-21 19:18 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2014-04-29 05:23 - 2013-08-21 19:17 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2014-04-29 05:23 - 2013-08-21 19:17 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2014-04-29 05:23 - 2013-08-21 19:16 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2014-04-29 05:23 - 2013-08-21 19:16 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2014-04-29 05:23 - 2013-08-21 19:16 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2014-04-29 05:23 - 2013-08-21 19:13 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2014-04-29 05:23 - 2013-08-21 19:11 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2014-04-29 05:23 - 2013-08-21 19:04 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2014-04-29 05:23 - 2013-08-21 19:01 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2014-04-29 05:22 - 2014-02-22 00:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-29 05:22 - 2014-02-22 00:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-29 05:22 - 2014-02-22 00:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-29 05:22 - 2014-02-22 00:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-29 05:22 - 2014-02-01 02:00 - 00007130 _____ () C:\WINDOWS\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2014-04-29 05:22 - 2014-02-01 02:00 - 00007130 _____ () C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms
2014-04-29 05:22 - 2013-09-20 23:17 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-04-29 05:22 - 2013-09-18 21:30 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-04-29 05:22 - 2013-08-22 04:42 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll
2014-04-29 05:22 - 2013-08-22 04:42 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-29 05:22 - 2013-08-22 04:42 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-29 05:22 - 2013-08-22 04:42 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-29 05:22 - 2013-08-22 04:41 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-29 05:22 - 2013-08-22 04:35 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncui.dll
2014-04-29 05:22 - 2013-08-22 04:35 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2014-04-29 05:22 - 2013-08-22 04:35 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2014-04-29 05:22 - 2013-08-22 04:35 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2014-04-29 05:22 - 2013-08-22 04:30 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2014-04-29 05:22 - 2013-08-22 04:22 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ocsetapi.dll
2014-04-29 05:22 - 2013-08-22 04:21 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsdyn.dll
2014-04-29 05:22 - 2013-08-22 04:18 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvcctl.dll
2014-04-29 05:22 - 2013-08-22 04:01 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-04-29 05:22 - 2013-08-22 04:01 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-04-29 05:22 - 2013-08-22 03:54 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll
2014-04-29 05:22 - 2013-08-22 03:54 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2014-04-29 05:22 - 2013-08-22 03:54 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2014-04-29 05:22 - 2013-08-22 03:54 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2014-04-29 05:22 - 2013-08-22 03:53 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll
2014-04-29 05:22 - 2013-08-22 03:45 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2014-04-29 05:22 - 2013-08-22 03:35 - 02566656 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2014-04-29 05:22 - 2013-08-22 03:29 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-04-29 05:22 - 2013-08-22 03:29 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitagent.exe
2014-04-29 05:22 - 2013-08-22 03:24 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-04-29 05:22 - 2013-08-22 03:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2014-04-29 05:22 - 2013-08-22 03:02 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2014-04-29 05:22 - 2013-08-22 03:01 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2014-04-29 05:22 - 2013-08-22 02:59 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2014-04-29 05:22 - 2013-08-22 02:57 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2014-04-29 05:22 - 2013-08-22 02:55 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2014-04-29 05:22 - 2013-08-22 02:49 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-04-29 05:22 - 2013-08-22 02:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2014-04-29 05:22 - 2013-08-22 02:16 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2014-04-29 05:22 - 2013-08-22 02:15 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AepRoam.dll
2014-04-29 05:22 - 2013-08-22 01:53 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2014-04-29 05:22 - 2013-08-21 23:57 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2014-04-29 05:22 - 2013-08-21 21:14 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\f3ahvoas.dll
2014-04-29 05:22 - 2013-08-21 21:14 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-29 05:22 - 2013-08-21 21:14 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-29 05:22 - 2013-08-21 21:13 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-29 05:22 - 2013-08-21 21:13 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-29 05:22 - 2013-08-21 21:12 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-04-29 05:22 - 2013-08-21 21:02 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2014-04-29 05:22 - 2013-08-21 21:01 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-04-29 05:22 - 2013-08-21 20:56 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-04-29 05:22 - 2013-08-21 20:55 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ocsetapi.dll
2014-04-29 05:22 - 2013-08-21 20:50 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2014-04-29 05:22 - 2013-08-21 20:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2014-04-29 05:22 - 2013-08-21 20:41 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-04-29 05:22 - 2013-08-21 20:37 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-04-29 05:22 - 2013-08-21 20:30 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2014-04-29 05:22 - 2013-08-21 20:21 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2014-04-29 05:22 - 2013-08-21 20:16 - 02544128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2014-04-29 05:22 - 2013-08-21 20:09 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-04-29 05:22 - 2013-08-21 19:53 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\finger.exe
2014-04-29 05:22 - 2013-08-21 19:52 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2014-04-29 05:22 - 2013-08-21 19:49 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2014-04-29 05:22 - 2013-08-21 19:47 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\korwbrkr.dll
2014-04-29 05:22 - 2013-08-21 19:44 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxshared.dll
2014-04-29 05:22 - 2013-08-21 19:39 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-29 05:22 - 2013-08-21 19:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2014-04-29 05:22 - 2013-08-21 19:21 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2014-04-29 05:22 - 2013-08-21 19:21 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2014-04-29 05:22 - 2013-08-21 19:16 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2014-04-29 05:22 - 2013-08-21 19:07 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2014-04-29 05:22 - 2013-08-02 21:39 - 00049963 _____ () C:\WINDOWS\system32\srms.dat
2014-04-29 05:22 - 2013-08-02 21:38 - 00098515 _____ () C:\WINDOWS\SysWOW64\RacRules.xml
2014-04-29 05:22 - 2013-08-02 21:38 - 00098515 _____ () C:\WINDOWS\system32\RacRules.xml
2014-04-29 05:22 - 2013-06-18 05:31 - 00003550 _____ () C:\WINDOWS\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2014-04-29 05:22 - 2013-06-18 05:31 - 00003550 _____ () C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms
2014-04-28 21:46 - 2014-04-28 21:46 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-04-28 21:46 - 2014-04-28 21:46 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-04-28 21:40 - 2014-04-28 21:40 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-04-28 21:40 - 2014-04-28 21:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-04-28 21:40 - 2014-04-28 21:40 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-04-28 21:40 - 2014-04-28 21:40 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-04-28 21:40 - 2014-04-28 21:40 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-04-28 21:40 - 2014-04-28 21:40 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-04-28 21:40 - 2014-04-28 21:40 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-04-28 21:40 - 2014-04-28 21:40 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-04-28 21:40 - 2014-04-28 21:40 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-04-28 21:40 - 2013-08-22 04:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-04-26 07:24 - 2014-05-24 08:36 - 00000000 ___RD () C:\Users\Yvette\Google Drive
2014-04-26 07:24 - 2014-04-26 07:24 - 00001732 _____ () C:\Users\Yvette\Desktop\Google Drive.lnk
2014-04-26 07:22 - 2014-05-07 02:53 - 00002065 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-04-26 07:22 - 2014-05-07 02:53 - 00002063 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-04-26 07:22 - 2014-05-07 02:53 - 00002053 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-04-26 07:22 - 2014-05-07 02:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-04-26 07:19 - 2014-04-26 07:19 - 00884672 _____ (Google Inc.) C:\Users\Yvette\Downloads\googledrivesync (1).exe
2014-04-25 21:35 - 2014-04-25 21:35 - 00444718 _____ () C:\Users\Yvette\Downloads\PicClaudia.htm
2014-04-25 21:35 - 2014-04-25 21:35 - 00000000 ____D () C:\Users\Yvette\Downloads\PicClaudia_files
2014-04-25 08:19 - 2014-04-25 08:19 - 00107726 _____ () C:\Users\Yvette\Downloads\PicClaudia2.jpg-large
2014-04-24 11:48 - 2014-04-24 11:48 - 00080728 _____ () C:\Users\Yvette\Downloads\PicAlain.jpg-large
2014-04-24 11:18 - 2014-04-24 11:18 - 00084235 _____ () C:\Users\Yvette\Downloads\PicKaren.jpg-large
 
==================== One Month Modified Files and Folders =======
 
2014-05-24 09:03 - 2014-05-24 09:03 - 00018080 _____ () C:\Users\Yvette\Downloads\FRST.txt
2014-05-24 09:03 - 2014-05-24 09:02 - 00000000 ____D () C:\FRST
2014-05-24 09:02 - 2014-05-24 09:02 - 02066432 _____ (Farbar) C:\Users\Yvette\Downloads\FRST64.exe
2014-05-24 09:02 - 2014-05-24 09:02 - 01055232 _____ (Farbar) C:\Users\Yvette\Downloads\FRST.exe
2014-05-24 09:02 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-05-24 09:01 - 2014-01-01 15:46 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E97CD27C-6172-4132-9500-146011B20DAD}
2014-05-24 08:56 - 2014-01-01 21:31 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-24 08:49 - 2014-01-14 22:35 - 01303028 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-24 08:45 - 2014-01-01 15:54 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-631014708-43465564-1374874319-1001
2014-05-24 08:40 - 2013-11-14 03:28 - 00973044 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-24 08:37 - 2014-05-18 19:07 - 00002170 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-24 08:36 - 2014-05-17 12:21 - 00000000 ____D () C:\Program Files\pcreg
2014-05-24 08:36 - 2014-04-26 07:24 - 00000000 ___RD () C:\Users\Yvette\Google Drive
2014-05-24 08:35 - 2014-05-21 20:47 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-24 08:35 - 2014-05-18 08:19 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 08:35 - 2014-03-26 08:13 - 00000000 ___RD () C:\Users\Yvette\SkyDrive
2014-05-24 08:35 - 2014-01-01 21:31 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-24 08:35 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-24 08:34 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-24 07:45 - 2014-05-20 21:31 - 00000955 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-05-24 07:42 - 2014-05-20 21:29 - 00007456 _____ () C:\WINDOWS\system32\SettingsFile
2014-05-24 07:28 - 2014-05-22 07:16 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\48230029.sys
2014-05-23 19:30 - 2014-01-03 20:51 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-05-23 19:29 - 2014-01-03 20:51 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-22 20:06 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-21 20:48 - 2014-05-21 20:48 - 00001122 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-05-21 20:48 - 2014-05-21 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-05-21 20:48 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-21 20:47 - 2014-05-21 20:47 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-05-21 20:47 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-05-21 20:46 - 2014-05-21 20:38 - 168766272 _____ (Kaspersky Lab) C:\Users\Yvette\Downloads\kav15.0.0.463EN_5997 (1).exe
2014-05-21 20:35 - 2013-11-14 03:20 - 01571124 _____ () C:\WINDOWS\PFRO.log
2014-05-21 20:34 - 2013-10-17 15:03 - 00000000 ____D () C:\ProgramData\Norton
2014-05-21 20:33 - 2014-05-21 20:33 - 00869456 _____ () C:\Users\Yvette\Downloads\Norton_Removal_Tool.exe
2014-05-21 20:29 - 2014-05-21 20:29 - 03105184 _____ () C:\Users\Yvette\Downloads\BitDefender_Uninstall_Tool.exe
2014-05-21 20:28 - 2014-03-10 10:18 - 00000000 ____D () C:\Users\Yvette\AppData\Local\CrashDumps
2014-05-21 20:26 - 2014-01-18 14:12 - 00003444 _____ () C:\ProgramData\hpzinstall.log
2014-05-21 20:22 - 2014-01-01 15:44 - 00000000 ____D () C:\Users\Yvette\AppData\Local\Packages
2014-05-21 20:10 - 2014-05-21 20:02 - 168766272 _____ (Kaspersky Lab) C:\Users\Yvette\Downloads\kav15.0.0.463EN_5997.exe
2014-05-21 19:50 - 2014-05-21 19:50 - 00688992 _____ (Swearware) C:\Users\Yvette\Downloads\dds (1).com
2014-05-21 19:49 - 2014-05-21 19:49 - 00688992 _____ (Swearware) C:\Users\Yvette\Downloads\dds.com
2014-05-19 20:50 - 2014-05-19 19:11 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-19 19:29 - 2014-05-19 19:11 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-19 19:11 - 2014-05-19 19:11 - 00001366 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-19 19:11 - 2014-05-19 19:11 - 00001354 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-19 19:11 - 2014-05-19 19:11 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-05-19 19:11 - 2014-05-19 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-19 19:08 - 2014-05-19 19:03 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Yvette\Downloads\spybot-2.3.exe
2014-05-18 22:10 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-05-18 19:08 - 2014-05-18 19:08 - 00918672 _____ (Google Inc.) C:\Users\Yvette\Downloads\ChromeSetup (1).exe
2014-05-18 19:07 - 2014-05-18 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-18 19:07 - 2014-01-01 21:31 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-18 19:03 - 2013-10-17 14:49 - 00000000 ____D () C:\ProgramData\WildTangent
2014-05-18 19:03 - 2013-10-17 14:49 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-05-18 18:57 - 2014-05-18 18:57 - 00918672 _____ (Google Inc.) C:\Users\Yvette\Downloads\ChromeSetup.exe
2014-05-18 16:19 - 2014-05-18 16:19 - 00000000 ____D () C:\Users\Yvette\AppData\Local\SearchProtect
2014-05-18 16:06 - 2014-05-18 16:06 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Identity Safe
2014-05-18 13:02 - 2013-10-17 14:57 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-05-18 13:02 - 2013-10-17 14:57 - 00000000 ____D () C:\Users\Public\CyberLink
2014-05-18 13:00 - 2014-05-18 13:00 - 00000000 ____D () C:\ProgramData\Recovery
2014-05-18 09:03 - 2014-05-17 21:10 - 00000180 _____ () C:\WINDOWS\Reimage.ini
2014-05-18 08:59 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-05-18 08:29 - 2014-05-17 11:33 - 00000000 ____D () C:\Program Files (x86)\Rr Savings
2014-05-18 08:29 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-05-18 08:19 - 2014-05-18 08:19 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-18 08:19 - 2014-05-18 08:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-18 08:19 - 2014-05-18 08:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-18 08:19 - 2014-05-18 08:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-18 08:18 - 2014-05-18 08:17 - 17305528 _____ (Malwarebytes Corporation ) C:\Users\Yvette\Downloads\mbam_premium.exe
2014-05-18 07:46 - 2014-05-17 21:11 - 00001924 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2014-05-18 07:46 - 2014-05-17 21:11 - 00000000 ____D () C:\rei
2014-05-18 07:43 - 2014-01-01 15:46 - 00000000 ___RD () C:\Users\Yvette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-18 07:43 - 2014-01-01 15:46 - 00000000 ___RD () C:\Users\Yvette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-18 07:38 - 2013-08-22 10:44 - 00344648 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-18 07:36 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-05-18 07:36 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-18 07:36 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-18 07:36 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-05-18 07:36 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-05-18 07:36 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-05-18 07:36 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-05-18 07:36 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-18 07:36 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-18 07:36 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-05-18 07:36 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-05-18 07:26 - 2014-05-18 07:26 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-05-18 07:26 - 2014-05-18 07:26 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-05-18 07:26 - 2014-05-18 07:26 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-05-18 07:26 - 2014-05-18 07:26 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-05-18 07:25 - 2014-05-18 07:25 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-05-18 07:25 - 2014-05-18 07:25 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-05-18 07:25 - 2014-05-18 07:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-05-18 07:25 - 2014-05-18 07:25 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-05-18 07:25 - 2014-05-18 07:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-05-18 01:14 - 2014-05-18 01:14 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-05-18 01:13 - 2014-05-18 01:13 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-05-18 01:13 - 2014-05-18 01:13 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-05-18 01:13 - 2014-05-18 01:13 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-05-18 01:12 - 2014-05-18 01:12 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-05-18 01:12 - 2014-05-18 01:12 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-05-18 01:12 - 2014-05-18 01:12 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 02008408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-05-18 01:12 - 2014-05-18 01:12 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-05-18 01:12 - 2014-05-18 01:12 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-05-18 01:12 - 2014-05-18 01:12 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-05-18 01:12 - 2014-05-18 01:12 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-05-18 01:12 - 2014-05-18 01:12 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-05-18 01:12 - 2014-05-18 01:12 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-05-18 01:12 - 2014-05-18 01:12 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-05-18 01:12 - 2014-05-18 01:12 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-05-18 01:11 - 2014-05-18 01:11 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-05-18 01:11 - 2014-05-18 01:11 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-05-18 01:11 - 2014-05-18 01:11 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-05-18 01:11 - 2014-05-18 01:11 - 01287576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 01109424 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-05-18 01:11 - 2014-05-18 01:11 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-05-18 01:11 - 2014-05-18 01:11 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-05-18 01:11 - 2014-05-18 01:11 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-05-18 01:10 - 2014-05-18 01:10 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-05-18 01:10 - 2014-05-18 01:10 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-05-18 01:10 - 2014-05-18 01:10 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-05-18 01:10 - 2014-05-18 01:10 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-18 01:10 - 2014-05-18 01:10 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-05-18 01:10 - 2014-05-18 01:10 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-05-18 01:10 - 2014-05-18 01:10 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-18 01:10 - 2014-05-18 01:10 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-18 00:54 - 2014-05-18 00:54 - 00014540 _____ () C:\WINDOWS\system32\reimage.rep
2014-05-18 00:54 - 2014-05-17 11:27 - 00000000 ____D () C:\Program Files\002
2014-05-18 00:54 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-05-18 00:54 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-05-18 00:54 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-05-18 00:54 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-05-18 00:54 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-05-17 23:39 - 2014-05-17 21:32 - 00000000 ____D () C:\ReimageUndo
2014-05-17 23:36 - 2013-08-22 11:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-05-17 23:36 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-05-17 23:36 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-05-17 23:36 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-05-17 23:35 - 2014-01-01 15:46 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-05-17 23:35 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-05-17 23:35 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-05-17 23:34 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-05-17 23:34 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-05-17 23:34 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-05-17 23:34 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-05-17 23:34 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-05-17 23:34 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-05-17 23:34 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-05-17 23:34 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-05-17 23:34 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-05-17 23:34 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-17 23:34 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-05-17 23:34 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-05-17 23:34 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-05-17 23:33 - 2014-04-29 05:29 - 00467800 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-05-17 23:33 - 2014-04-29 05:29 - 00111616 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-05-17 23:33 - 2014-04-29 05:29 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-05-17 23:33 - 2014-04-29 05:25 - 00312160 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-05-17 23:33 - 2014-04-29 05:24 - 00551776 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-05-17 23:33 - 2014-04-29 05:24 - 00522592 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2014-05-17 23:33 - 2014-04-29 05:24 - 00371032 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-05-17 23:33 - 2014-04-29 05:24 - 00325472 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-05-17 23:33 - 2014-04-29 05:24 - 00285536 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-05-17 23:33 - 2014-04-29 05:24 - 00236376 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-05-17 23:33 - 2014-04-29 05:24 - 00142688 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-05-17 23:33 - 2014-04-29 05:23 - 00189792 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-05-17 23:33 - 2014-04-29 05:23 - 00151384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-05-17 23:33 - 2014-04-29 05:23 - 00078688 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2014-05-17 23:33 - 2014-04-29 05:23 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2014-05-17 23:33 - 2014-02-15 08:10 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-05-17 23:33 - 2014-01-15 01:18 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-05-17 23:33 - 2013-11-14 03:28 - 00155488 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-05-17 23:33 - 2013-11-14 03:28 - 00056672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2014-05-17 23:33 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-05-17 23:33 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-05-17 23:33 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-05-17 23:33 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-05-17 23:33 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-05-17 23:33 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-05-17 23:32 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-05-17 23:26 - 2014-05-17 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2014-05-17 21:32 - 2014-05-17 21:32 - 00016224 _____ () C:\WINDOWS\system32\Native.exe
2014-05-17 21:26 - 2014-05-17 21:26 - 01526592 _____ (LogMeIn, Inc.) C:\Users\Yvette\Downloads\Support-LogMeInRescue.exe
2014-05-17 21:26 - 2014-05-17 21:26 - 00002268 _____ () C:\Users\Yvette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tech Support.lnk
2014-05-17 21:12 - 2014-05-17 21:12 - 00000000 ____D () C:\ProgramData\CDB
2014-05-17 21:11 - 2014-05-17 21:11 - 00000000 ____D () C:\Program Files\Reimage
2014-05-17 21:10 - 2014-05-17 21:10 - 00816808 _____ (Reimage®) C:\Users\Yvette\Downloads\ReimageRepair.exe
2014-05-17 21:04 - 2014-05-17 20:50 - 00000000 ____D () C:\Users\Yvette\AppData\Local\NPE
2014-05-17 21:00 - 2014-05-17 20:52 - 00000000 ____D () C:\NPE
2014-05-17 21:00 - 2014-05-01 21:20 - 00000000 ___RD () C:\Users\Yvette\OneDrive
2014-05-17 12:48 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-05-17 12:46 - 2014-01-01 22:17 - 01600512 ___SH () C:\Users\Yvette\Downloads\Thumbs.db
2014-05-17 12:21 - 2014-05-17 12:21 - 00003688 _____ () C:\WINDOWS\System32\Tasks\pcreg
2014-05-17 11:50 - 2014-05-17 11:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-17 11:48 - 2014-01-02 20:25 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-17 11:47 - 2014-01-02 20:25 - 93223848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-17 11:39 - 2014-05-17 11:31 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-17 11:39 - 2014-05-17 11:31 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-17 11:39 - 2014-05-17 11:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-17 11:31 - 2014-05-17 11:31 - 00000000 ____D () C:\Users\Yvette\AppData\Roaming\Mozilla
2014-05-17 11:31 - 2014-05-17 11:31 - 00000000 ____D () C:\Users\Yvette\AppData\Local\Mozilla
2014-05-17 11:31 - 2014-05-17 11:31 - 00000000 ____D () C:\ProgramData\Mozilla
2014-05-17 11:26 - 2014-05-17 11:26 - 00004384 _____ () C:\WINDOWS\System32\Tasks\BrowserSafeguard Update Task
2014-05-17 07:56 - 2014-05-17 07:56 - 00173182 _____ () C:\Users\Yvette\Downloads\PicLauren.jpg-large
2014-05-14 08:03 - 2014-05-14 08:03 - 00147564 _____ () C:\Users\Yvette\Downloads\PicYolanda.jpg-large
2014-05-14 07:15 - 2014-05-14 07:15 - 00281008 _____ () C:\WINDOWS\Minidump\051414-36718-01.dmp
2014-05-14 07:15 - 2014-05-14 07:15 - 00000000 ____D () C:\WINDOWS\Minidump
2014-05-14 07:14 - 2014-05-14 07:14 - 565868777 _____ () C:\WINDOWS\MEMORY.DMP
2014-05-12 07:39 - 2014-05-12 07:39 - 00092217 _____ () C:\Users\Yvette\Downloads\PicEvans.jpg-large
2014-05-10 15:19 - 2014-05-10 15:19 - 00155330 _____ () C:\Users\Yvette\Downloads\SrirachaHouse.htm
2014-05-10 15:19 - 2014-05-10 15:19 - 00000000 ____D () C:\Users\Yvette\Downloads\SrirachaHouse_files
2014-05-10 08:13 - 2014-05-10 08:13 - 00093127 _____ () C:\Users\Yvette\Downloads\PicEricStein.jpg-large
2014-05-09 19:28 - 2013-10-17 14:45 - 00000000 ____D () C:\Program Files\IDT
2014-05-09 19:28 - 2013-08-22 10:46 - 00379413 _____ () C:\WINDOWS\setupact.log
2014-05-09 19:27 - 2014-05-09 19:27 - 00256000 _____ (IDT, Inc.) C:\WINDOWS\system32\st646491.dll
2014-05-09 19:27 - 2013-10-17 14:45 - 02213376 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2014-05-09 19:27 - 2013-10-17 14:45 - 00697856 ____N (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2014-05-09 19:27 - 2013-10-17 14:45 - 00551936 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2014-05-09 19:27 - 2013-10-17 14:45 - 00207048 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTAC64.dll
2014-05-09 19:27 - 2013-10-17 14:38 - 06101504 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2014-05-09 19:27 - 2013-10-17 14:38 - 01897984 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2014-05-09 19:27 - 2013-10-17 14:38 - 01703424 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2014-05-09 19:27 - 2013-10-17 14:38 - 00464384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slapoi64.dll
2014-05-09 19:27 - 2013-10-17 14:38 - 00030389 _____ () C:\WINDOWS\system32\DTS_TOWER.XML
2014-05-09 19:27 - 2013-09-25 15:07 - 00000000 ____D () C:\SWSETUP
2014-05-09 08:24 - 2014-05-09 08:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-09 08:24 - 2014-05-09 08:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-09 08:24 - 2014-05-09 08:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-09 08:23 - 2014-05-09 08:23 - 00000000 __SHD () C:\Users\Yvette\AppData\Local\EmieUserList
2014-05-09 08:23 - 2014-05-09 08:23 - 00000000 __SHD () C:\Users\Yvette\AppData\Local\EmieSiteList
2014-05-09 08:19 - 2014-05-09 08:19 - 06957280 _____ (Microsoft Corporation) C:\Users\Yvette\Downloads\Silverlight.exe
2014-05-09 07:45 - 2014-05-09 07:45 - 00090467 _____ () C:\Users\Yvette\Downloads\PicFausto.jpg-large
2014-05-07 07:51 - 2014-01-01 21:31 - 00003884 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 07:51 - 2014-01-01 21:31 - 00003648 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 02:53 - 2014-05-07 02:53 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-05-07 02:53 - 2014-05-07 02:53 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-05-07 02:53 - 2014-04-26 07:22 - 00002065 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-05-07 02:53 - 2014-04-26 07:22 - 00002063 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-05-07 02:53 - 2014-04-26 07:22 - 00002053 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-05-07 02:53 - 2014-04-26 07:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-05-05 07:32 - 2014-05-05 07:32 - 00154000 _____ () C:\Users\Yvette\Downloads\PicJohnSantella.jpg-large
2014-05-04 17:35 - 2014-01-14 22:25 - 00000000 ____D () C:\Users\Yvette
2014-05-03 09:55 - 2014-05-03 09:54 - 02525066 _____ () C:\Users\Yvette\Downloads\CNN-Passion Fashion_768Kbps_360p (1).mp4
2014-05-03 09:43 - 2014-05-03 09:43 - 02525066 _____ () C:\Users\Yvette\Downloads\CNN-Passion Fashion_768Kbps_360p.mp4
2014-05-03 09:36 - 2014-05-03 09:36 - 00001363 _____ () C:\Users\Yvette\Desktop\PFF Press Release (1) - Shortcut.lnk
2014-05-01 21:21 - 2014-01-26 15:55 - 00000000 ____D () C:\Users\Yvette\Desktop\Yvette
2014-05-01 08:40 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-05-01 08:40 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-05-01 08:39 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-01 08:39 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-01 08:39 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-01 08:39 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-01 08:39 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-04-30 08:00 - 2014-04-30 08:00 - 00102362 _____ () C:\Users\Yvette\Downloads\PicAntonio&Carmen.jpg-large
2014-04-30 07:28 - 2014-04-30 07:28 - 00884672 _____ (Google Inc.) C:\Users\Yvette\Downloads\googledrivesync (2).exe
2014-04-30 07:26 - 2014-04-30 07:26 - 00044802 _____ () C:\Users\Yvette\Downloads\Fw Delivery Status Notification (Failure).eml
2014-04-30 07:26 - 2014-04-30 07:26 - 00000527 _____ () C:\Users\Yvette\Downloads\ATT00001
2014-04-28 21:46 - 2014-04-28 21:46 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-04-28 21:46 - 2014-04-28 21:46 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-04-28 21:40 - 2014-04-28 21:40 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-04-28 21:40 - 2014-04-28 21:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-04-28 21:40 - 2014-04-28 21:40 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-04-28 21:40 - 2014-04-28 21:40 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-04-28 21:40 - 2014-04-28 21:40 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-04-28 21:40 - 2014-04-28 21:40 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-04-28 21:40 - 2014-04-28 21:40 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-04-28 21:40 - 2014-04-28 21:40 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-04-28 21:40 - 2014-04-28 21:40 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-04-26 07:24 - 2014-04-26 07:24 - 00001732 _____ () C:\Users\Yvette\Desktop\Google Drive.lnk
2014-04-26 07:22 - 2014-01-01 21:31 - 00000000 ____D () C:\Users\Yvette\AppData\Local\Google
2014-04-26 07:19 - 2014-04-26 07:19 - 00884672 _____ (Google Inc.) C:\Users\Yvette\Downloads\googledrivesync (1).exe
2014-04-25 21:35 - 2014-04-25 21:35 - 00444718 _____ () C:\Users\Yvette\Downloads\PicClaudia.htm
2014-04-25 21:35 - 2014-04-25 21:35 - 00000000 ____D () C:\Users\Yvette\Downloads\PicClaudia_files
2014-04-25 08:19 - 2014-04-25 08:19 - 00107726 _____ () C:\Users\Yvette\Downloads\PicClaudia2.jpg-large
2014-04-24 11:48 - 2014-04-24 11:48 - 00080728 _____ () C:\Users\Yvette\Downloads\PicAlain.jpg-large
2014-04-24 11:18 - 2014-04-24 11:18 - 00084235 _____ () C:\Users\Yvette\Downloads\PicKaren.jpg-large
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-05-24 08:45
 
==================== End Of Log ============================
thanks Yvette 


#4 ydelgado

ydelgado
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 24 May 2014 - 08:38 AM

Hi this is the addition log:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2014
Ran by Yvette at 2014-05-24 09:04:20
Running from C:\Users\Yvette\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
 
==================== Installed Programs ======================
 
3600_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\AmUStor) (Version: 20.22.2217.13862 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver  (x32 Version: 20.22.2217.13862 - Alcor Micro Corp.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{CC6CCF1E-F361-910A-E41D-EB5176F1255C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Wireless Display v3.0 (Version: 1.0.0.13 - Advanced Micro Devices, Inc.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BPD_Scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6522 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.4.6522 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.3003 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.4.3003 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.2.4016 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.2.4016 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.2921 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.4.2921 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3007 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.4.3007 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3324 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.2.3324 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dot4 (HKLM\...\{3EEDA265-C6F3-4EC1-A317-1C9315DEDDDE}) (Version: 1.0.0.0 - HP)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Drive (HKLM-x32\...\{418BAAD1-754D-48B4-B078-46EF4F25AF42}) (Version: 1.15.6556.8063 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP OfficeJet J3600 14.0 Rel. 6 (HKLM\...\{044B74E4-1C91-4BA9-BD3C-C9213559BBC0}) (Version: 14.0 - HP)
HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6668.4491 - Hewlett-Packard)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
J3600 (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 en-US)) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pinger (HKLM-x32\...\Pinger 1.1.1.2) (Version: 1.1.1.2 - Pinger Inc.)
Pinger (x32 Version: 1.1.1.2 - Pinger Inc.) Hidden
ProductContext (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.6208 - CyberLink Corp.) Hidden
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.6.5.9 - Reimage)
RrSavings (x32 Version: 1.0.0.0 - RrSavings) Hidden <==== ATTENTION
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
 
==================== Restore Points  =========================
 
17-05-2014 15:46:29 Windows Update
18-05-2014 01:32:55 Reimage Repair Restore Point
 
==================== Hosts content: ==========================
 
2013-08-22 09:25 - 2014-05-19 20:54 - 00450709 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
 
There are 1000 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {06AB2068-0BC8-4DE3-BB45-C7E2115831BA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0C5DB3CB-8C68-40B1-B263-A049BA353E74} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {0D96B238-E3EA-4F54-862F-09904ADC9E04} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {15D430B9-8C7B-4AC1-85B6-620784A81460} - System32\Tasks\pcreg => C:\Program Files\pcreg\service.exe [2014-05-24] () <==== ATTENTION
Task: {1F378624-B62B-47A8-8B6E-0E102B78A32D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23914224-9BCA-443B-A05D-92B3371917E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {31D062B0-635C-4B1F-978F-4655D09091DE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-05-17] (Microsoft Corporation)
Task: {340460E3-6AD7-4232-9DD9-02312A11F62D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3C99BC4B-175E-4ED5-9514-F4613D557653} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe
Task: {3DCFA614-22D0-4F75-AE94-532327C9F205} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {3F9D43DA-C08C-439B-88C8-CDFFC3665C4D} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe <==== ATTENTION
Task: {486A3042-ECC4-46E6-B453-85869A6AAECF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {53EA7797-CE60-4C63-8698-89BD4001302E} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2013-08-22] (Microsoft Corporation)
Task: {556AE6DC-1155-4471-882B-14BC7061CDD7} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {58288AB0-2A0F-4A8C-ADCE-D4B157031B73} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {641DE5A5-F5C0-436A-80AB-CD5DE41C0B5B} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {68C06F63-F147-43A7-97AD-C83C2E2AEB50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2013-11-04] (Hewlett-Packard Company)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {70A9CCE7-1380-4FB0-BBE8-D6226E828B6F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7AF2265B-6018-44E3-A382-B19B108D7C19} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {7E74AC0C-D5C0-4585-9590-4913B819915C} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-12] (CyberLink)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B8411C56-1FBC-4ED7-ADF6-B708890659F7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-01] (Google Inc.)
Task: {CE96A0B6-9F72-4C5A-9058-5C8A6795850E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-01] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D0526075-875E-416C-A753-7BABF1F5BCFA} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F92B316D-C58E-4065-8CCC-7FF3B2D8C056} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForYvette.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-04-25 04:13 - 2014-04-25 04:13 - 00249024 _____ () C:\Program Files\pcreg\pcreg.exe
2013-06-05 16:51 - 2013-06-05 16:51 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2014-05-22 19:55 - 2014-05-22 19:55 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\kpcengine.2.3.dll
2014-05-19 19:11 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-05-19 19:11 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-05-19 19:11 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-05-19 19:11 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-05-19 19:11 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-05-24 08:35 - 2014-05-24 08:35 - 00098816 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\win32api.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00110080 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\pywintypes27.dll
2014-05-24 08:35 - 2014-05-24 08:35 - 00364544 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\pythoncom27.dll
2014-05-24 08:35 - 2014-05-24 08:35 - 00045568 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\_socket.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 01159680 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\_ssl.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00320512 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\win32com.shell.shell.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00713216 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\_hashlib.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 01175040 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\wx._core_.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00805888 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\wx._gdi_.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00811008 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\wx._windows_.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 01062400 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\wx._controls_.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00735232 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\wx._misc_.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00128512 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\_elementtree.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00127488 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\pyexpat.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00557056 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\pysqlite2._sqlite.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00087552 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\_ctypes.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00119808 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\win32file.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00108544 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\win32security.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00018432 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\win32event.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00038912 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\win32inet.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00070656 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\wx._html2.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00167936 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\win32gui.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00011264 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\win32crypt.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00027136 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\_multiprocessing.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00122368 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\wx._wizard.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00010240 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\select.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00024064 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\win32pipe.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00686080 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\unicodedata.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00025600 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\win32pdh.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00525640 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\windows._lib_cacheinvalidation.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00035840 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\win32process.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00017408 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\win32profile.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00022528 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\win32ts.pyd
2014-05-24 08:35 - 2014-05-24 08:35 - 00078336 _____ () C:\Users\Yvette\AppData\Local\Temp\_MEI44242\wx._animate.pyd
2013-10-17 14:49 - 2013-03-12 10:51 - 00626240 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-13 01:53 - 2013-03-13 01:53 - 00015424 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-05-23 08:16 - 2014-05-13 19:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-23 08:16 - 2014-05-13 19:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-23 08:16 - 2014-05-13 19:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-23 08:16 - 2014-05-13 19:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-23 08:16 - 2014-05-13 19:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\Yvette\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Yvette\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Yvette\SkyDrive.old:ms-properties
AlternateDataStreams: C:\Users\Yvette\Downloads\Fw Delivery Status Notification (Failure).eml:OECustomProperty
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/24/2014 08:53:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 448
 
Start Time: 01cf774e15d349b2
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 62ca2678-e342-11e3-bea7-9cb654f2ce7b
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (5912) {D4875B41-A295-4432-AF8C-3AF0664D3987}: Database recovery/restore failed with unexpected error -539.
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (5912) {BCE19448-0DD3-4C22-9FAE-3497EC69B49E}: Database recovery/restore failed with unexpected error -539.
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (5912) {C7C13D4D-64CC-4193-B36A-190E2A7E2496}: Database recovery/restore failed with unexpected error -539.
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (5912) {3F0C5AEC-7CBA-4052-BDC6-68AF7394A545}: Database recovery/restore failed with unexpected error -539.
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (5912) {DC30FA94-D91B-438E-9A12-1E211DFA92D9}: Database recovery/restore failed with unexpected error -539.
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (5912) {DF5AF594-299C-4A31-ABF5-86D3176A42CF}: Database recovery/restore failed with unexpected error -539.
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (5912) {4DB7B19F-C0F0-44E7-83A7-B3FA8E64813F}: Database recovery/restore failed with unexpected error -539.
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (5912) {B71BB0E5-FF5B-419E-9A29-F5F8F3CD5017}: Database recovery/restore failed with unexpected error -539.
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost (5912) {B5E003DA-4193-4261-8416-D679BBA72C0B}: Database recovery/restore failed with unexpected error -539.
 
 
System errors:
=============
Error: (05/24/2014 08:34:22 AM) (Source: KLIF) (EventID: 0) (User: )
Description: Ñonnection is not established
 
Error: (05/24/2014 08:34:18 AM) (Source: DCOM) (EventID: 10010) (User: YVETTE)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (05/24/2014 08:34:18 AM) (Source: DCOM) (EventID: 10010) (User: YVETTE)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (05/24/2014 08:34:12 AM) (Source: DCOM) (EventID: 10010) (User: YVETTE)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (05/24/2014 08:34:11 AM) (Source: DCOM) (EventID: 10010) (User: YVETTE)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 
Error: (05/23/2014 10:32:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly.  It has done this 9 time(s).
 
Error: (05/23/2014 08:45:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly.  It has done this 8 time(s).
 
Error: (05/23/2014 08:20:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly.  It has done this 7 time(s).
 
Error: (05/22/2014 11:34:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly.  It has done this 6 time(s).
 
Error: (05/22/2014 11:33:44 PM) (Source: DCOM) (EventID: 10010) (User: YVETTE)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
 
 
Microsoft Office Sessions:
=========================
Error: (05/24/2014 08:53:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2049844801cf774e15d349b24294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe62ca2678-e342-11e3-bea7-9cb654f2ce7bmicrosoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost5912{D4875B41-A295-4432-AF8C-3AF0664D3987}: -539
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost5912{BCE19448-0DD3-4C22-9FAE-3497EC69B49E}: -539
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost5912{C7C13D4D-64CC-4193-B36A-190E2A7E2496}: -539
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost5912{3F0C5AEC-7CBA-4052-BDC6-68AF7394A545}: -539
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost5912{DC30FA94-D91B-438E-9A12-1E211DFA92D9}: -539
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost5912{DF5AF594-299C-4A31-ABF5-86D3176A42CF}: -539
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost5912{4DB7B19F-C0F0-44E7-83A7-B3FA8E64813F}: -539
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost5912{B71BB0E5-FF5B-419E-9A29-F5F8F3CD5017}: -539
 
Error: (05/24/2014 08:46:25 AM) (Source: ESENT) (EventID: 454) (User: )
Description: SettingSyncHost5912{B5E003DA-4193-4261-8416-D679BBA72C0B}: -539
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-05-21 08:01:52.158
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-05-21 08:01:52.055
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-05-21 08:01:51.979
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-05-21 08:01:49.451
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-05-21 08:01:49.257
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-05-20 15:43:49.829
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-05-20 15:43:49.746
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-05-20 15:43:49.661
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-05-20 15:43:18.629
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-05-20 15:43:18.433
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 27%
Total physical RAM: 7365.14 MB
Available physical RAM: 5374 MB
Total Pagefile: 14789.14 MB
Available Pagefile: 11853.66 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:1842.56 GB) (Free:1785.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:18.63 GB) (Free:2.28 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: FBD07F0E)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
Thanks a bunch!
 
Yvette


#5 ydelgado

ydelgado
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 24 May 2014 - 08:44 AM

Hi Boon,

 

I also have a safesearcher.exe that comes up everytime I boot up asking me to run it. I decline. I still have some floating banners running. I have used spybot search and destroy, malware bytes and kaspersky and I still can't get rid of these banners.

 

Thanks,

Yvette



#6 ydelgado

ydelgado
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 24 May 2014 - 01:19 PM

This is the pop up that I see, once you hove over it, it disappears.

 

Disk Cleaner for window ©

 

check mark 1) Window Update Cleanup 273 MB

check mark 2) Downloaded Program Files 0 MB

check mark 3) Temporary Files 691 KB

 

Disk Clean Up Windows. You can use Disk Cleaner free up to 1.49 GB of disk space on Windows. Windows keeps copies of all installed updates from Windows Update, after installing newer versionsof updates that are no longer needed & taking up space. (You might need to restart your computer) 

 

How does Disk Cleaner work? 

 

Buttons Ok Cancel



#7 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,550 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:28 PM

Posted 26 May 2014 - 06:55 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/535133 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:28 PM

Posted 29 May 2014 - 07:42 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3323878&octid=EB_ORIGINAL_CTID&ISID=ME42C2A54-275C-4223-ADDC-B326D4FB4B47&SearchSource=58&CUI=&UM=5&UP=SPD6A6A525-7410-49D4-AC87-33E55C780137&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869
FF SelectedSearchEngine: Conduit Search
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-01-01]
R2 pcregservice; C:\Program Files\pcreg\pcreg.exe [249024 2014-04-25] ()

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===


Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#9 ydelgado

ydelgado
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 29 May 2014 - 08:47 PM

Hi Nasdaq,

 

Here is the log, Thanks, Yvette:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-05-2014
Ran by Yvette at 2014-05-29 21:41:53 Run:1
Running from C:\Users\Yvette\Desktop\Latest FST and fixlist
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
 
SearchScopes: HKCU -
DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
FF SelectedSearchEngine: Conduit Search
CHR HKLM-x32\...\Chrome\Extension:
[dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-01-01]
R2 pcregservice; C:\Program Files\pcreg\pcreg.exe [249024 2014-04-25] ()
 
End
*****************
 
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SearchScopes: HKCU - => Value not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key deleted successfully.
HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => Key deleted successfully.
HKCR\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => Key not found.
Firefox SelectedSearchEngine deleted successfully.
pcregservice => Unable to stop service
pcregservice => Service deleted successfully.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====


#10 ydelgado

ydelgado
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 29 May 2014 - 09:10 PM

I used ADwCleaner:

 

# AdwCleaner v3.211 - Report created 29/05/2014 at 22:06:40
# Updated 26/05/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Yvette - YVETTE
# Running from : C:\Users\Yvette\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\Rr Savings
Folder Deleted : C:\Program Files\002
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\Yvette\AppData\Roaming\Mozilla\Firefox\Profiles\nwdhq728.default\user.js
File Deleted : C:\WINDOWS\System32\Tasks\BrowserSafeguard Update Task
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKCU\Software\SoftwareUpdater
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3566FB70-E722-4182-8266-815EAE862998}
Key Deleted : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Key Deleted : HKLM\Software\Classes\Installer\Features\07BF6653227E2814286618E5EA689289
Key Deleted : HKLM\Software\Classes\Installer\Products\07BF6653227E2814286618E5EA689289
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16384
 
 
-\\ Mozilla Firefox v26.0 (en-US)
 
[ File : C:\Users\Yvette\AppData\Roaming\Mozilla\Firefox\Profiles\nwdhq728.default\prefs.js ]
 
 
-\\ Google Chrome v35.0.1916.114
 
[ File : C:\Users\Yvette\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1821 octets] - [29/05/2014 21:50:23]
AdwCleaner[R1].txt - [1881 octets] - [29/05/2014 22:03:07]
AdwCleaner[S0].txt - [1775 octets] - [29/05/2014 22:06:40]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1835 octets] ##########


#11 ydelgado

ydelgado
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 29 May 2014 - 09:21 PM

It looks like I still have some spyware - I just notice this disk cleanup pop up again



#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:28 PM

Posted 30 May 2014 - 07:21 AM

It looks like I still have some spyware - I just notice this disk cleanup pop up again


The disk cleanup found what?

#13 ydelgado

ydelgado
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 30 May 2014 - 08:33 AM

the disk clean up pop up is spyware. I wrote about it earlier. It is not a disk cleaner.

 

This is the pop up that I see, once you hove over it, it disappears.

 

Disk Cleaner for window ©

 

check mark 1) Window Update Cleanup 273 MB

check mark 2) Downloaded Program Files 0 MB

check mark 3) Temporary Files 691 KB

 

Disk Clean Up Windows. You can use Disk Cleaner free up to 1.49 GB of disk space on Windows. Windows keeps copies of all installed updates from Windows Update, after installing newer versionsof updates that are no longer needed & taking up space. (You might need to restart your computer) 

 

How does Disk Cleaner work? 

 

Buttons Ok Cancel

 

I also did a search on my computer and found a pcreg.exe - what is that? 



#14 nasdaq

nasdaq

  • Malware Response Team
  • 38,271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:28 PM

Posted 30 May 2014 - 12:40 PM


Delete files using Disk Cleanup
http://windows.microsoft.com/en-ca/windows/delete-files-using-disk-cleanup#delete-files-using-disk-cleanup=windows-7

Windows keeps copies of all installed updates from Windows Update, after installing newer versionsof updates that are no longer needed & taking up space. (You might need to restart your computer)


Windows updates are installed often. Delete these Updates when all is well.

You can Clean the Temporary files. Keep in mind that these files are created by the operating system when required.
Here again clean them when all is well.

R2 pcregservice; C:\Program Files\pcreg\pcreg.exe [249024 2014-04-25] ()

The service was removed.

You can delete the folder in bold.
C:\Program Files\pcreg

---

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

#15 ydelgado

ydelgado
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:28 PM

Posted 31 May 2014 - 09:21 AM

 Results of screen317's Security Check version 0.99.83 
   x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Kaspersky Anti-Virus  
Windows Defender      
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 MVPS Hosts File 
 Spybot - Search & Destroy
 Mozilla Firefox (26.0)
 Google Chrome 34.0.1847.137 
 Google Chrome 35.0.1916.114 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Spybot Teatimer.exe is disabled!
 Kaspersky Lab Kaspersky Anti-Virus 15.0.0 avp.exe 
 Kaspersky Lab Kaspersky Anti-Virus 15.0.0 avpui.exe 
 Kaspersky Lab Kaspersky Anti-Virus 15.0.0 x64 klwtblfs.exe
 Malwarebytes Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users