Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible virus and/or browser redirection. Help with DDS report.


  • Please log in to reply
24 replies to this topic

#1 ol2shews

ol2shews

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:04 AM

Posted 07 July 2014 - 10:11 AM

I have windows vista and it seems as though I have a virus and/or a browser redirection problem. I did run a DDS report, but I have no

clue as to what it means. I would really appreciate the help. I disabled windows defender before I ran the DDS report. I purchased

Micro Trend Maximum Security, but I am unable to unstall it.

 

Please note:  I am unable to attach the DDS attach file.

 

 

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16555  BrowserJavaVersion: 10.40.2
Run by Drama Llama at 21:32:39 on 2014-07-06
#Option Extended Search is enabled.
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.2550.1112 [GMT -7:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\AVHealthMonitor\HealthMon.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\ehome\ehRecvr.exe
C:\Windows\ehome\ehsched.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k ipripsvc
C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
C:\TOSHIBA\IVP\ISM\pinger.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\System32\snmp.exe
C:\Windows\system32\svchost.exe -k imgsvc
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
uSearch Bar = Preserve
mSearch Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-System: EnableUIADesktopToggle = dword:0
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{175E3F69-E398-4EA4-8CEC-8E02AA242B4A} : DHCPNameServer = 192.168.1.1
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - <is not referencing any dll>
x64-mStart Page = hxxp://www.toshibadirect.com/dpdstart
x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
x64-mPolicies-Explorer: NoDrives = dword:0
x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
x64-mPolicies-Explorer: NoDriveAutoRun = dword:67108863
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-6-28 52856]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\Windows\System32\drivers\tos_sps64.sys [2009-3-18 531968]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\EEK\Run\a2ddax64.sys [2014-6-17 26176]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2013-6-23 30752]
R1 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2014-7-5 85424]
R2 AVHealthMon;AV Health Monitor;C:\Windows\AVHealthMonitor\HealthMon.exe [2014-6-23 114712]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2007-12-25 40960]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
R2 iprip;RIP Listener;C:\Windows\System32\svchost.exe -k ipripsvc [2008-1-20 27648]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe [2007-12-3 175104]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2007-8-3 293376]
R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;C:\Windows\System32\drivers\CHDART64.sys [2008-2-1 222720]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;C:\Windows\System32\drivers\IntcHdmi.sys [2007-6-6 125440]
R3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2009-3-4 5430272]
R3 O2MDRDR;O2MDRDR;C:\Windows\System32\drivers\o2mdx64.sys [2008-1-15 58328]
R3 O2SDRDR;O2SDRDR;C:\Windows\System32\drivers\o2sdx64.sys [2008-1-8 51544]
R3 QIOMem;Generic IO & Memory Access;C:\Windows\System32\drivers\QIOMem.sys [2007-4-9 9728]
R3 RDPDISPM;RDPDISPM;C:\Windows\System32\drivers\rdpdispm.sys [2010-8-31 10752]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk60x64.sys [2007-12-28 391680]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 cleanhlp;cleanhlp;C:\EEK\Run\cleanhlp64.sys [2014-6-17 57024]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-12-3 89920]
S3 NETw3v64;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw3v64.sys [2008-1-20 3154432]
S3 NETw4v64;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw4v64.sys [2007-9-26 3196416]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2014-6-14 31800]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-7-20 1022632]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-12-3 24064]
S4 KR10I64;KR10I64;C:\Windows\System32\drivers\KR10I64.sys [2008-2-20 248320]
S4 KR10N64;KR10N64;C:\Windows\System32\drivers\KR10N64.sys [2008-2-20 237568]
S4 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2010-1-24 18216]
.
=============== File Associations ===============
.
FileExt: .ini: inifile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 60 ================
.
.
==================== Find6M  ====================
.
2014-06-23 00:49:23 1587 ----a-w- C:\ProgramData\1403484563.bdinstall.bin
2014-06-23 00:10:29 62717 ----a-w- C:\ProgramData\1403482217.bdinstall.bin
2014-06-23 00:10:26 270667 ----a-w- C:\ProgramData\1403481236.bdinstall.bin
2014-06-22 19:49:19 704813 ----a-w- C:\ProgramData\1403465663.bdinstall.bin
2014-06-13 14:38:44 95414520 ----a-w- C:\Windows\System32\mrt.exe
2014-05-28 18:53:05 17857536 ----a-w- C:\Windows\System32\mshtml.dll
2014-05-28 18:37:06 2338816 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-28 18:35:43 10890240 ----a-w- C:\Windows\System32\ieframe.dll
2014-05-28 18:31:53 1348608 ----a-w- C:\Windows\System32\urlmon.dll
2014-05-28 18:31:31 1392128 ----a-w- C:\Windows\System32\wininet.dll
2014-05-28 18:30:24 1494016 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-28 18:30:06 237056 ----a-w- C:\Windows\System32\url.dll
2014-05-28 18:29:57 86016 ----a-w- C:\Windows\System32\jsproxy.dll
2014-05-28 18:29:28 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-28 18:29:19 599040 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-28 18:29:19 2148352 ----a-w- C:\Windows\System32\iertutil.dll
2014-05-28 18:29:11 816640 ----a-w- C:\Windows\System32\jscript.dll
2014-05-28 18:29:09 729088 ----a-w- C:\Windows\System32\msfeeds.dll
2014-05-28 18:28:40 55296 ----a-w- C:\Windows\System32\msfeedsbs.dll
2014-05-28 18:28:38 453120 ----a-w- C:\Windows\System32\dxtmsft.dll
2014-05-28 18:28:34 282112 ----a-w- C:\Windows\System32\dxtrans.dll
2014-05-28 18:28:30 11264 ----a-w- C:\Windows\System32\msfeedssync.exe
2014-05-28 18:28:20 96768 ----a-w- C:\Windows\System32\mshtmled.dll
2014-05-28 18:28:10 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-28 18:28:02 12800 ----a-w- C:\Windows\System32\mshta.exe
2014-05-28 18:27:30 248320 ----a-w- C:\Windows\System32\ieui.dll
2014-05-28 16:48:31 12356608 ----a-w- C:\Windows\SysWow64\mshtml.dll
2014-05-28 16:39:36 1810432 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-28 16:38:21 9711104 ----a-w- C:\Windows\SysWow64\ieframe.dll
2014-05-28 16:33:46 1106432 ----a-w- C:\Windows\SysWow64\urlmon.dll
2014-05-28 16:32:59 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-28 16:32:25 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-28 16:31:33 231936 ----a-w- C:\Windows\SysWow64\url.dll
2014-05-28 16:31:17 65536 ----a-w- C:\Windows\SysWow64\jsproxy.dll
2014-05-28 16:30:53 421376 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-28 16:30:53 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-28 16:30:44 717824 ----a-w- C:\Windows\SysWow64\jscript.dll
2014-05-28 16:30:31 1796096 ----a-w- C:\Windows\SysWow64\iertutil.dll
2014-05-28 16:30:25 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll
2014-05-28 16:30:08 353792 ----a-w- C:\Windows\SysWow64\dxtmsft.dll
2014-05-28 16:30:00 41472 ----a-w- C:\Windows\SysWow64\msfeedsbs.dll
2014-05-28 16:29:58 223232 ----a-w- C:\Windows\SysWow64\dxtrans.dll
2014-05-28 16:29:49 10752 ----a-w- C:\Windows\SysWow64\msfeedssync.exe
2014-05-28 16:29:44 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll
2014-05-28 16:29:31 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-28 16:29:27 11776 ----a-w- C:\Windows\SysWow64\mshta.exe
2014-05-28 16:28:35 176640 ----a-w- C:\Windows\SysWow64\ieui.dll
2014-04-26 18:21:07 622592 ----a-w- C:\Windows\System32\usp10.dll
2014-04-26 16:01:22 502784 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-04-05 04:26:44 1417664 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-04-05 02:32:17 40448 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2014-03-31 16:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-03-25 16:30:37 12900864 ----a-w- C:\Windows\System32\shell32.dll
2014-03-25 13:26:04 11587584 ----a-w- C:\Windows\SysWow64\shell32.dll
2014-03-10 06:26:46 1794560 ----a-w- C:\Windows\System32\msxml6.dll
2014-03-10 06:26:45 1869824 ----a-w- C:\Windows\System32\msxml3.dll
2014-03-10 01:22:58 1401344 ----a-w- C:\Windows\SysWow64\msxml6.dll
2014-03-10 01:22:58 1248768 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-02-07 12:11:49 2776064 ----a-w- C:\Windows\System32\win32k.sys
2014-02-06 04:21:53 1212416 ----a-w- C:\Windows\System32\kernel32.dll
2014-02-06 01:57:42 861696 ----a-w- C:\Windows\SysWow64\kernel32.dll
2014-02-03 13:20:59 619008 ----a-w- C:\Windows\System32\qedit.dll
2014-02-03 10:37:54 505344 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-01-30 10:12:47 1111040 ----a-w- C:\Windows\System32\wer.dll
2014-01-30 07:46:58 876032 ----a-w- C:\Windows\SysWow64\wer.dll
.
============= FINISH: 21:33:26.44 ===============
 

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,510 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:04 AM

Posted 12 July 2014 - 08:23 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

Let me know what problem persists.

p.s.
Use the Reply to this topic button top right corner of your post.
Follow the instructions to attach a log.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 40,510 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:04 AM

Posted 18 July 2014 - 08:43 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,510 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:04 AM

Posted 20 July 2014 - 07:21 AM

This topic has been re-opened at the request of the person who originally posted.

#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,510 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:04 AM

Posted 26 July 2014 - 07:24 AM

Are you still with me?

#6 ol2shews

ol2shews
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:04 AM

Posted 26 July 2014 - 12:09 PM

Hi,

 

I was unable to download the farbar scan tool. When I tried a red box showed up on the bottom of the screen where a normal

download would and said that this could harm my computer.

 

On several sites it will say that I am using an old browser. I am also seeing about:blank. It seems as though I am being redirected.

 

Thank you for your time and patience,

 

Karen

 

 

 

 

 

 

 

 

 

Malwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 7/26/2014

Scan Time: 9:25:27 AM

Logfile: mbam.txt

Administrator: Yes

Version: 2.00.2.1012

Malware Database: v2014.07.26.07

Rootkit Database: v2014.07.17.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Enabled

OS: Windows 8

CPU: x64

File System: NTFS

User: Karen S

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 309214

Time Elapsed: 12 min, 30 sec

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

Processes: 0

(No malicious items detected)

Modules: 0

(No malicious items detected)

Registry Keys: 0

(No malicious items detected)

Registry Values: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Folders: 0

(No malicious items detected)

Files: 0

(No malicious items detected)

Physical Sectors: 0

(No malicious items detected)

 

(end)

 

 

 

 

 

 

 

 

 

# AdwCleaner v3.216 - Report created 26/07/2014 at 09:55:08

# Updated 17/07/2014 by Xplode

# Operating System : Windows 8 (64 bits)

# Username : Karen S - SAMSUNG

# Running from : C:\Users\Karen S\Desktop\adwcleaner_3.216.exe

# Option : Clean

***** [ Services ] *****

 

***** [ Files / Folders ] *****

 

***** [ Shortcuts ] *****

 

***** [ Registry ] *****

 

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17028

 

*************************

AdwCleaner[R0].txt - [612 octets] - [20/07/2014 00:56:03]

AdwCleaner[R1].txt - [736 octets] - [26/07/2014 09:50:33]

AdwCleaner[S0].txt - [672 octets] - [20/07/2014 01:09:09]

AdwCleaner[S1].txt - [658 octets] - [26/07/2014 09:55:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [717 octets] ##########



#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,510 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:04 AM

Posted 26 July 2014 - 01:05 PM

I get people to use it everyday. It's clean.

Accept the download.

#8 ol2shews

ol2shews
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:04 AM

Posted 26 July 2014 - 05:33 PM

ok, here's the farbar reports.

 

thanks,

 

Karen

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Karen S (administrator) on SAMSUNG on 26-07-2014 15:25:56
Running from C:\Users\Karen S\Desktop
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Safe Mode (with Networking)

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [229824 2013-10-09] (Trend Micro Inc.)
HKLM\...\Run: [WLM] => C:\Program Files\Trend Micro\Titanium\Plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe [44152 2013-07-23] (Trend Micro Inc.)
HKU\S-1-5-21-2961404673-414218333-4232183137-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [405504 2012-07-25] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com
SearchScopes: HKLM - DefaultScope {C9EB2C4F-47E5-411E-85DA-B6F748ED2C13} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {C9EB2C4F-47E5-411E-85DA-B6F748ED2C13} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {C9EB2C4F-47E5-411E-85DA-B6F748ED2C13} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - DefaultScope {C1BB3022-96C3-4BB1-8FAA-0611B60D2B01} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {23CD745B-4617-478F-8FE4-203160E31914} URL = http://search.lycos.com/setup.php?src=ie&query={searchTerms}
SearchScopes: HKCU - {2C4ED2CE-783E-45E1-AC66-52CE41CC03B0} URL = http://cnet.search.com/search?chkpt=astg.cnet.fd.search.cnet&q={searchTerms}&tag=srch
SearchScopes: HKCU - {C1BB3022-96C3-4BB1-8FAA-0611B60D2B01} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {C9EB2C4F-47E5-411E-85DA-B6F748ED2C13} URL =
SearchScopes: HKCU - {EF10D8C9-31AB-4259-841D-614734818090} URL = http://search.microsoft.com/results.aspx?mkt=en-US&setlang=en-US&q={searchTerms}
BHO: TSToolbarBHO -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
BHO: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1313\1.6.1102\TmopIEPlg.dll (Trend Micro Inc.)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TSToolbarBHO -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1313\1.6.1102\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dll (Trend Micro Inc.)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1313\1.6.1102\TmopIEPlg.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} -  No File
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1313\1.6.1102\TmopIEPlg32.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension [2014-07-13]
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2014-07-12]
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2014-07-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=nb -dt=60000 -ad -bt=0 [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
S1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-30] (Windows ® Win 7 DDK provider)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-07-17] (Realsil Semiconductor Corporation)
S1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [117312 2013-12-03] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [283160 2013-12-03] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2013-07-01] (Trend Micro Inc.)
S2 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [100640 2013-06-12] (Trend Micro Inc.)
S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [37904 2013-07-10] (Trend Micro Inc.)
S1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [85936 2013-12-03] (Trend Micro Inc.)
S2 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [303392 2013-05-14] (Trend Micro Inc.)
S2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [103712 2013-07-07] (Trend Micro Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-26 15:25 - 2014-07-26 15:26 - 00009721 _____ () C:\Users\Karen S\Desktop\FRST.txt
2014-07-26 15:25 - 2014-07-26 15:25 - 02093568 _____ (Farbar) C:\Users\Karen S\Desktop\FRST64.exe
2014-07-26 15:25 - 2014-07-26 15:25 - 00000000 ____D () C:\FRST
2014-07-26 10:03 - 2014-07-26 10:03 - 00001041 _____ () C:\Users\Karen S\Desktop\mbam.txt
2014-07-26 09:58 - 2014-07-26 09:58 - 00000796 _____ () C:\Users\Karen S\Desktop\AdwCleaner[S1].txt
2014-07-26 09:53 - 2014-07-26 09:53 - 00000736 _____ () C:\Users\Karen S\Desktop\AdwCleaner[R1].txt
2014-07-26 09:47 - 2014-07-26 09:47 - 01354223 _____ () C:\Users\Karen S\Desktop\adwcleaner_3.216.exe
2014-07-26 09:42 - 2014-07-26 09:42 - 00001057 _____ () C:\Users\Karen S\Desktop\7-26-2014  mbam scan.txt
2014-07-26 09:19 - 2014-07-26 15:15 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-26 09:19 - 2014-07-26 09:19 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-26 09:19 - 2014-07-26 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-26 09:19 - 2014-07-26 09:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-26 09:19 - 2014-07-26 09:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-26 09:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-26 09:19 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-26 09:19 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-26 09:04 - 2014-07-26 09:11 - 00005406 _____ () C:\Users\Karen S\Desktop\7-26-2014  bleeping.txt
2014-07-24 21:56 - 2014-07-24 21:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Karen S\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-20 08:16 - 2014-07-20 13:36 - 19919261 _____ () C:\Users\Karen S\Desktop\Windows8-RT-KB2974008-x64.msu
2014-07-20 00:55 - 2014-07-26 09:55 - 00000000 ____D () C:\AdwCleaner
2014-07-19 22:34 - 2014-07-19 22:35 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Karen S\Desktop\mbam-setup.exe
2014-07-19 22:32 - 2014-07-19 22:32 - 02650408 _____ (Malwarebytes ) C:\Users\Karen S\Desktop\mbae-setup-1.03.1.1220.exe
2014-07-19 22:29 - 2014-07-19 22:29 - 00854390 _____ () C:\Users\Karen S\Desktop\SecurityCheck.exe
2014-07-19 22:20 - 2014-07-19 22:20 - 00291606 _____ () C:\Users\Karen S\Desktop\TCPView.zip
2014-07-19 22:16 - 2014-07-19 22:16 - 05329480 _____ (Secunia) C:\Users\Karen S\Desktop\PSISetup.exe
2014-07-19 22:12 - 2014-07-19 22:12 - 00330240 _____ (BiniSoft.org) C:\Users\Karen S\Desktop\wfc4setup.exe
2014-07-19 22:11 - 2014-07-19 22:11 - 01272912 _____ () C:\Users\Karen S\Desktop\Tweaking.com-RepairWindowsFirewall.exe
2014-07-19 17:57 - 2014-07-19 23:32 - 00007620 _____ () C:\Users\Karen S\AppData\Local\Resmon.ResmonCfg
2014-07-19 13:54 - 2014-07-19 13:54 - 00001081 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-07-19 13:54 - 2014-07-19 13:54 - 00000000 ____D () C:\Users\Karen S\AppData\Local\VS Revo Group
2014-07-19 13:54 - 2014-07-19 13:54 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-07-19 13:54 - 2014-07-19 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-07-19 13:54 - 2014-07-19 13:54 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-19 13:54 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2014-07-19 13:50 - 2014-07-19 23:24 - 00002366 _____ () C:\Users\Karen S\Desktop\7-19-2014  windows 8.txt
2014-07-19 13:48 - 2014-07-19 13:48 - 10619688 _____ (VS Revo Group ) C:\Users\Karen S\Desktop\RevoUninProSetup.exe
2014-07-19 11:35 - 2014-07-19 11:36 - 120214108 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\RansomFix64.exe
2014-07-17 18:58 - 2014-07-17 18:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-07-17 18:58 - 2014-07-17 18:57 - 00465624 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsPer.sys
2014-07-17 18:58 - 2014-07-17 18:57 - 00359128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsPStor.sys
2014-07-17 18:58 - 2014-07-17 18:57 - 00331992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsUVStor.sys
2014-07-17 18:58 - 2014-07-17 18:57 - 00313048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsBaStor.sys
2014-07-17 18:58 - 2014-07-17 18:57 - 00291544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsP2Stor.sys
2014-07-17 18:58 - 2014-07-17 18:57 - 00271064 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsUStor.sys
2014-07-17 18:57 - 2014-07-17 18:57 - 09889352 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2014-07-17 18:57 - 2014-07-17 18:57 - 00000000 ____D () C:\Users\Karen S\Desktop\RtsXStor_6.3.273.37
2014-07-17 18:57 - 2014-07-17 18:57 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-07-17 18:54 - 2014-07-17 18:56 - 12171007 _____ () C:\Users\Karen S\Desktop\RtsXStor_6.3.273.37.zip
2014-07-17 15:06 - 2014-07-17 16:58 - 00000440 _____ () C:\Users\Karen S\Documents\7-17-2014 msg to Carmen-Etsy.txt
2014-07-17 13:58 - 2014-07-17 13:58 - 00686608 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\TMEEC.exe
2014-07-17 13:57 - 2014-07-17 13:57 - 07001616 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\BGSetup3.0.1009.exe
2014-07-17 13:57 - 2014-07-17 13:57 - 02473936 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\HousecallLauncher64.exe
2014-07-17 13:56 - 2014-07-17 13:56 - 06229392 _____ (Trend Micro, Inc. ) C:\Users\Karen S\Desktop\RUBottedSetup.exe
2014-07-17 13:54 - 2014-07-17 13:54 - 14839344 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\RootkitBusterV5.0-1171x64.exe
2014-07-17 13:30 - 2014-07-17 13:30 - 00000000 ____D () C:\WINDOWS\LastGood
2014-07-17 13:28 - 2014-07-17 13:29 - 00281088 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-16 18:37 - 2014-07-16 18:37 - 00000000 ____D () C:\Users\Karen S\AppData\Local\Adobe
2014-07-16 18:35 - 2014-07-16 18:35 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-16 18:35 - 2014-07-16 18:35 - 00002029 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-07-16 18:35 - 2014-07-16 18:35 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-16 18:34 - 2014-07-16 18:37 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-16 18:31 - 2014-07-16 18:31 - 00000000 ___HD () C:\ProgramData\CanonIJFAX
2014-07-16 18:31 - 2011-10-14 11:57 - 00300544 _____ (CANON INC.) C:\WINDOWS\system32\CNC_B2C.dll
2014-07-16 18:31 - 2011-10-14 11:57 - 00102912 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B2U.dll
2014-07-16 18:31 - 2011-10-14 11:56 - 00109568 _____ (CANON INC.) C:\WINDOWS\system32\CNC_B2I.dll
2014-07-16 18:31 - 2011-09-22 08:59 - 00358912 _____ (CANON INC.) C:\WINDOWS\system32\CNC_B2L.dll
2014-07-16 18:31 - 2011-09-22 08:57 - 00316416 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B2L.dll
2014-07-16 18:31 - 2011-06-30 13:41 - 00069376 _____ () C:\WINDOWS\SysWOW64\CNC175CD.TBL
2014-07-16 18:31 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA6.dll
2014-07-16 18:31 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2014-07-16 18:30 - 2011-09-21 05:00 - 00302592 _____ (CANON INC.) C:\WINDOWS\system32\CNCALB2.DLL
2014-07-16 18:28 - 2014-07-16 18:28 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-07-16 18:27 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMB2.DLL
2014-07-16 11:20 - 2014-07-16 18:32 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-07-14 17:22 - 2014-06-26 13:53 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-07-14 17:22 - 2014-06-26 13:53 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-14 15:47 - 2014-07-14 15:47 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-12 18:05 - 2013-06-16 15:41 - 00997632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-07-12 18:05 - 2013-06-01 04:34 - 02391280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-07-12 18:05 - 2013-06-01 04:26 - 00327936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-07-12 18:05 - 2013-06-01 03:24 - 02106176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-07-12 18:05 - 2013-06-01 02:24 - 01453568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-07-12 18:05 - 2013-06-01 02:24 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2014-07-12 18:05 - 2013-06-01 02:24 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2014-07-12 18:05 - 2013-06-01 02:23 - 01842176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-07-12 18:05 - 2013-06-01 02:23 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2014-07-12 18:05 - 2013-06-01 02:22 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2014-07-12 18:05 - 2013-06-01 02:21 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2014-07-12 18:05 - 2013-06-01 02:21 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2014-07-12 18:05 - 2013-06-01 02:20 - 02219520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-07-12 18:05 - 2013-06-01 02:20 - 01527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-07-12 18:05 - 2013-06-01 02:20 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2014-07-12 18:05 - 2013-06-01 02:20 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2014-07-12 18:05 - 2013-06-01 02:19 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-07-12 18:05 - 2013-06-01 02:19 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2014-07-12 18:05 - 2013-05-24 15:09 - 01403296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-07-12 18:05 - 2013-05-24 15:09 - 01271584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-07-12 18:05 - 2013-05-24 15:09 - 01217352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-07-12 18:05 - 2013-05-24 15:09 - 01093904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-07-12 18:04 - 2013-06-01 02:25 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2014-07-12 18:04 - 2013-06-01 02:22 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2014-07-12 18:04 - 2013-05-31 20:08 - 00037632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys
2014-07-12 18:03 - 2014-02-03 16:56 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-07-12 18:03 - 2014-02-03 16:56 - 00278872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-07-12 18:03 - 2014-01-30 17:48 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-07-12 18:03 - 2014-01-30 17:06 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-07-12 18:03 - 2014-01-26 20:39 - 01939288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-07-12 18:03 - 2014-01-15 16:42 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-07-12 18:03 - 2014-01-10 23:48 - 05979648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-07-12 18:03 - 2014-01-10 22:06 - 05092352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-07-12 18:03 - 2014-01-02 16:35 - 00365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-07-12 18:03 - 2014-01-02 16:32 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-07-12 17:50 - 2014-04-03 04:19 - 00328024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-07-12 17:50 - 2014-04-02 20:44 - 00619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-07-12 17:50 - 2014-03-31 15:08 - 00387268 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-07-12 17:50 - 2014-03-24 16:42 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-07-12 17:50 - 2014-03-24 15:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-07-12 17:42 - 2013-10-08 18:33 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-12 17:42 - 2013-10-08 15:30 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-12 17:42 - 2013-10-08 15:30 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-07-12 17:42 - 2013-10-08 15:30 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-12 17:42 - 2013-10-08 15:30 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-07-12 17:42 - 2013-10-08 15:28 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-07-12 17:42 - 2013-10-08 15:27 - 03279872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-12 17:42 - 2013-10-08 15:27 - 01622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-07-12 17:42 - 2013-10-08 15:27 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-12 17:42 - 2013-10-08 15:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-07-12 17:42 - 2013-10-08 15:27 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-07-12 17:42 - 2013-10-08 15:27 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-07-12 17:42 - 2013-10-08 15:27 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-12 17:42 - 2013-10-04 23:10 - 00285016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-07-12 17:42 - 2013-10-01 19:50 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-07-12 17:42 - 2013-09-27 22:48 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-07-12 17:42 - 2013-09-27 20:58 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-07-12 17:42 - 2013-09-19 00:32 - 01455448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-07-12 17:42 - 2013-08-29 22:19 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-07-12 17:42 - 2013-08-29 22:18 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-07-12 17:42 - 2013-08-29 16:48 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-07-12 17:42 - 2013-08-29 16:47 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-07-12 17:38 - 2013-09-13 15:36 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll
2014-07-12 17:38 - 2013-09-13 15:33 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-07-12 17:38 - 2013-08-29 22:43 - 00061784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2014-07-12 17:38 - 2013-08-29 22:20 - 01173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2014-07-12 17:38 - 2013-08-29 16:48 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2014-07-12 17:38 - 2013-08-20 23:39 - 00465240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-07-12 17:38 - 2013-08-09 23:30 - 00151896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2014-07-12 17:38 - 2013-07-24 16:10 - 10799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-07-12 17:38 - 2013-07-24 16:07 - 13661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-07-12 17:34 - 2013-07-09 01:04 - 00120144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-07-12 17:34 - 2013-07-08 23:18 - 00439488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-07-12 17:34 - 2013-07-08 21:25 - 00385768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-07-12 17:34 - 2013-07-08 20:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-07-12 17:34 - 2013-07-08 15:46 - 00543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-07-12 17:34 - 2013-07-08 15:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-07-12 17:34 - 2013-07-08 15:46 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanadvui.dll
2014-07-12 17:34 - 2013-07-08 15:45 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-07-12 17:34 - 2013-07-02 17:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2014-07-12 17:34 - 2013-07-02 17:22 - 02839552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-07-12 17:34 - 2013-07-02 17:11 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-07-12 17:34 - 2013-07-02 17:10 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-07-12 17:34 - 2013-06-30 15:30 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\openfiles.exe
2014-07-12 17:34 - 2013-06-30 15:29 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\openfiles.exe
2014-07-12 17:34 - 2013-06-28 23:15 - 00195416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-07-12 17:34 - 2013-06-28 23:15 - 00125784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-07-12 17:34 - 2013-06-25 20:01 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2014-07-12 17:34 - 2013-06-25 19:59 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2014-07-12 17:34 - 2013-06-24 15:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2014-07-12 17:34 - 2013-06-24 15:54 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-07-12 17:34 - 2013-06-24 15:54 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-07-12 17:34 - 2013-06-18 22:36 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-07-12 17:34 - 2013-06-18 22:36 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-07-12 17:34 - 2013-06-18 15:38 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-07-12 17:34 - 2013-06-18 15:38 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-07-12 17:34 - 2013-06-11 16:43 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2014-07-12 17:34 - 2013-06-11 16:26 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2014-07-12 17:34 - 2013-06-06 01:03 - 00119040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-07-12 17:12 - 2012-10-23 21:54 - 00396008 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-07-12 17:12 - 2012-10-16 21:32 - 01172992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2014-07-12 17:12 - 2012-10-16 21:32 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2014-07-12 17:12 - 2012-10-16 21:32 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-07-12 17:12 - 2012-10-16 20:57 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2014-07-12 17:12 - 2012-10-16 20:57 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2014-07-12 17:12 - 2012-10-16 20:57 - 00513024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-07-12 17:12 - 2012-10-11 23:13 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dskquota.dll
2014-07-12 17:12 - 2012-10-11 22:39 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dskquota.dll
2014-07-12 17:11 - 2012-10-11 00:47 - 00793200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-07-12 17:11 - 2012-10-11 00:25 - 00056552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2014-07-12 17:11 - 2012-10-11 00:23 - 00441576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-07-12 17:11 - 2012-10-11 00:13 - 00033512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\battc.sys
2014-07-12 17:11 - 2012-10-10 22:46 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-07-12 17:11 - 2012-10-10 22:46 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Compression.dll
2014-07-12 17:11 - 2012-10-10 22:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2014-07-12 17:11 - 2012-10-10 22:45 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2014-07-12 17:11 - 2012-10-10 22:45 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2014-07-12 17:11 - 2012-10-10 22:45 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2014-07-12 17:11 - 2012-10-10 22:44 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2014-07-12 17:11 - 2012-10-10 22:44 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2014-07-12 17:11 - 2012-10-10 22:44 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2014-07-12 17:11 - 2012-10-10 22:43 - 01280000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-07-12 17:11 - 2012-10-10 22:43 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-07-12 17:11 - 2012-10-10 22:43 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-07-12 17:11 - 2012-10-10 22:43 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-07-12 17:11 - 2012-10-10 22:43 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-07-12 17:11 - 2012-10-10 22:43 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-07-12 17:11 - 2012-10-10 22:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-07-12 17:11 - 2012-10-10 22:42 - 00612416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-07-12 17:11 - 2012-10-10 22:23 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-pdc.dll
2014-07-12 17:11 - 2012-10-10 22:23 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdhebl3.dll
2014-07-12 17:11 - 2012-10-10 22:07 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2014-07-12 17:11 - 2012-10-10 22:07 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2014-07-12 17:11 - 2012-10-10 22:07 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Compression.dll
2014-07-12 17:11 - 2012-10-10 22:07 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2014-07-12 17:11 - 2012-10-10 22:06 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2014-07-12 17:11 - 2012-10-10 22:06 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-07-12 17:11 - 2012-10-10 22:06 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2014-07-12 17:11 - 2012-10-10 22:06 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-07-12 17:11 - 2012-10-10 22:06 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-07-12 17:11 - 2012-10-10 22:06 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-07-12 17:11 - 2012-10-10 22:05 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-07-12 17:11 - 2012-10-10 21:42 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdhebl3.dll
2014-07-12 17:11 - 2012-10-10 17:45 - 00478424 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-07-12 17:11 - 2012-10-10 17:44 - 00478424 _____ () C:\WINDOWS\system32\locale.nls
2014-07-12 16:59 - 2014-05-02 23:34 - 06974808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-07-12 16:59 - 2014-05-02 23:33 - 01824808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-07-12 16:59 - 2014-05-02 21:51 - 01408976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-07-12 16:59 - 2014-05-01 15:37 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-07-12 16:59 - 2014-04-29 15:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-07-12 16:59 - 2014-04-29 15:32 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-07-12 16:59 - 2014-04-23 16:51 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-12 16:59 - 2014-04-23 16:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-12 16:59 - 2014-04-23 16:38 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-12 16:59 - 2014-04-23 16:38 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-12 16:59 - 2014-02-07 21:34 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-07-12 16:56 - 2013-10-30 22:56 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2014-07-12 16:56 - 2013-10-30 22:56 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2014-07-12 16:56 - 2013-10-30 21:01 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2014-07-12 16:56 - 2013-10-30 20:42 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2014-07-12 16:56 - 2013-10-13 13:49 - 00100696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2014-07-12 16:56 - 2013-08-26 22:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-07-12 16:56 - 2013-08-26 22:19 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-07-12 16:56 - 2013-08-26 15:29 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-07-12 16:56 - 2013-08-26 15:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-07-12 16:56 - 2012-10-10 22:46 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2014-07-12 16:56 - 2012-10-10 22:44 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2014-07-12 16:56 - 2012-10-10 22:07 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2014-07-12 16:50 - 2013-05-14 19:25 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2014-07-12 16:50 - 2013-05-14 19:25 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-07-12 16:50 - 2013-05-14 19:24 - 00793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2014-07-12 16:50 - 2013-05-14 19:24 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-07-12 16:46 - 2012-11-26 23:39 - 01122768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2014-07-12 16:46 - 2012-11-26 21:49 - 01027152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2014-07-12 16:46 - 2012-11-26 21:20 - 01217536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-07-12 16:46 - 2012-11-26 21:20 - 01123840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2014-07-12 16:46 - 2012-11-26 21:20 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2014-07-12 16:46 - 2012-11-26 21:20 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2014-07-12 16:46 - 2012-11-26 21:20 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2014-07-12 16:46 - 2012-11-26 21:20 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2014-07-12 16:46 - 2012-11-26 21:20 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vds_ps.dll
2014-07-12 16:46 - 2012-11-26 21:19 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-07-12 16:46 - 2012-11-26 21:19 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2014-07-12 16:46 - 2012-11-26 21:19 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-07-12 16:46 - 2012-11-26 21:19 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2014-07-12 16:46 - 2012-09-10 22:28 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsldr.exe
2014-07-12 16:46 - 2012-09-10 22:27 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds_ps.dll
2014-07-12 16:39 - 2013-08-09 22:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-07-12 16:39 - 2013-08-01 23:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2014-07-12 16:39 - 2013-04-09 16:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-07-12 16:39 - 2013-04-09 15:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-07-12 16:39 - 2012-11-19 22:24 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-07-12 16:39 - 2012-11-19 22:17 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-07-12 16:39 - 2012-11-19 22:02 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKURD.DLL
2014-07-12 16:39 - 2012-11-19 21:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDKURD.DLL
2014-07-12 16:38 - 2013-08-09 22:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2014-07-12 16:38 - 2013-08-09 20:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-07-12 16:38 - 2013-08-02 23:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2014-07-12 16:38 - 2013-08-02 23:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2014-07-12 16:38 - 2013-08-02 23:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2014-07-12 16:38 - 2013-08-02 22:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2014-07-12 16:38 - 2013-08-02 22:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2014-07-12 16:38 - 2013-08-02 22:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2014-07-12 16:38 - 2013-08-01 22:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2014-07-12 16:38 - 2013-07-24 16:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2014-07-12 16:38 - 2013-07-24 16:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2014-07-12 16:37 - 2012-11-06 00:33 - 01566432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-07-12 16:37 - 2012-11-05 21:48 - 01150160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-07-12 16:37 - 2012-11-05 21:20 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2014-07-12 16:37 - 2012-11-05 21:20 - 00516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2014-07-12 16:37 - 2012-11-05 21:20 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-07-12 16:37 - 2012-11-05 21:20 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2014-07-12 16:37 - 2012-11-05 21:20 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2014-07-12 16:37 - 2012-11-05 21:20 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-07-12 16:37 - 2012-11-05 21:20 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2014-07-12 16:37 - 2012-11-05 21:20 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2014-07-12 16:37 - 2012-11-05 21:19 - 08552448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2014-07-12 16:37 - 2012-11-05 21:19 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-07-12 16:37 - 2012-11-05 21:19 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2014-07-12 16:37 - 2012-11-05 21:19 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-07-12 16:37 - 2012-11-05 21:19 - 00466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2014-07-12 16:37 - 2012-11-05 21:19 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-07-12 16:37 - 2012-11-05 21:19 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-07-12 16:37 - 2012-11-05 21:19 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2014-07-12 16:37 - 2012-11-05 21:19 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-07-12 16:37 - 2012-11-05 21:19 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2014-07-12 16:37 - 2012-11-05 21:19 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapPeerProxy.dll
2014-07-12 16:37 - 2012-11-05 21:19 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapAuthProxy.dll
2014-07-12 16:37 - 2012-11-05 21:18 - 11459584 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2014-07-12 16:37 - 2012-11-05 21:18 - 00189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2014-07-12 16:37 - 2012-11-05 21:18 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-07-12 16:37 - 2012-11-05 21:18 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2014-07-12 16:37 - 2012-11-05 21:18 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2014-07-12 16:37 - 2012-11-05 21:17 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2014-07-12 16:37 - 2012-11-05 21:17 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2014-07-12 16:37 - 2012-11-05 21:00 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2014-07-12 16:37 - 2012-11-05 20:58 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-07-12 16:37 - 2012-11-05 20:56 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-07-12 16:37 - 2012-11-05 20:55 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2014-07-12 16:37 - 2012-11-05 20:55 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2014-07-12 16:37 - 2012-11-05 20:55 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2014-07-12 16:37 - 2012-11-05 20:55 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2014-07-12 16:37 - 2012-11-05 20:55 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fxppm.sys
2014-07-12 16:34 - 2014-03-01 02:47 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-07-12 16:34 - 2014-03-01 02:47 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-07-12 16:34 - 2014-03-01 01:07 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-07-12 16:34 - 2014-02-28 23:59 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-07-12 16:34 - 2014-02-26 16:18 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-07-12 16:34 - 2014-02-26 16:18 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-07-12 16:34 - 2014-02-26 16:18 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-07-12 16:34 - 2014-02-14 21:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-07-12 16:34 - 2013-11-25 16:17 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-07-12 13:41 - 2014-07-12 13:41 - 00186328 _____ (trend_company_name) C:\WINDOWS\system32\Drivers\tmrkb.sys
2014-07-12 12:54 - 2014-07-12 12:56 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-12 12:54 - 2014-06-26 17:40 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-12 11:37 - 2014-04-29 15:32 - 01301504 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-07-12 11:37 - 2014-04-29 15:22 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-07-12 11:37 - 2012-10-10 00:04 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\synceng.dll
2014-07-12 11:37 - 2012-10-09 23:31 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\synceng.dll
2014-07-12 11:36 - 2013-01-09 18:53 - 00028904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2014-07-12 11:36 - 2013-01-09 18:29 - 00091880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2014-07-12 11:36 - 2013-01-09 16:26 - 01752064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2014-07-12 11:36 - 2013-01-09 16:26 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2014-07-12 11:36 - 2013-01-09 16:26 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2014-07-12 11:36 - 2013-01-09 16:26 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-07-12 11:36 - 2013-01-09 16:26 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaacmgr.exe
2014-07-12 11:36 - 2013-01-09 16:23 - 02094592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2014-07-12 11:36 - 2013-01-09 16:23 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2014-07-12 11:36 - 2013-01-09 16:23 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2014-07-12 11:36 - 2013-01-09 16:23 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-07-12 11:36 - 2013-01-09 16:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-07-12 11:36 - 2013-01-09 16:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaacmgr.exe
2014-07-12 11:36 - 2013-01-09 16:22 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-07-12 11:36 - 2013-01-09 16:22 - 00666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2014-07-12 11:36 - 2013-01-09 16:22 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2014-07-12 11:36 - 2012-11-01 22:19 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2014-07-12 11:36 - 2012-11-01 22:18 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-07-12 11:36 - 2012-11-01 22:18 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-07-12 11:36 - 2012-11-01 22:18 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhapi.dll
2014-07-12 11:36 - 2012-11-01 22:18 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2014-07-12 11:36 - 2012-11-01 22:18 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2014-07-12 11:35 - 2014-05-02 22:47 - 03246592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-07-12 11:35 - 2014-05-02 20:34 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-07-12 11:35 - 2013-07-05 17:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2014-07-12 11:35 - 2013-07-03 19:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2014-07-12 11:35 - 2012-10-12 01:08 - 00027880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-07-12 11:35 - 2012-10-11 23:14 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-07-12 11:34 - 2014-04-19 02:39 - 00628024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationUI.exe
2014-07-12 11:34 - 2014-03-28 01:23 - 19759104 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-07-12 11:34 - 2014-03-27 23:18 - 17562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-07-12 11:34 - 2014-01-30 17:48 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-07-12 11:34 - 2013-10-18 22:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-07-12 11:34 - 2013-10-18 21:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-07-12 11:33 - 2013-08-15 22:41 - 00058200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2014-07-12 11:33 - 2013-08-15 22:39 - 02371728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-07-12 11:33 - 2013-08-15 22:22 - 04917760 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-07-12 11:33 - 2013-08-15 22:21 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-07-12 11:33 - 2013-08-15 22:21 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-07-12 11:33 - 2013-08-15 22:21 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-07-12 11:33 - 2013-08-15 22:21 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-07-12 11:33 - 2013-08-15 22:21 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2014-07-12 11:33 - 2013-08-15 22:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-07-12 11:33 - 2013-08-15 22:21 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2014-07-12 11:33 - 2013-08-15 22:21 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-07-12 11:33 - 2013-08-15 22:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-07-12 11:33 - 2013-08-15 22:20 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2014-07-12 11:33 - 2013-08-15 15:43 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-07-12 11:33 - 2013-08-15 15:43 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2014-07-12 11:33 - 2013-08-15 15:43 - 00083968 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-07-12 11:33 - 2013-08-15 15:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-07-12 11:33 - 2013-08-15 15:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-07-12 11:33 - 2013-08-15 15:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2014-07-12 11:30 - 2014-06-17 16:27 - 01440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-12 11:30 - 2014-06-17 16:24 - 01557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-12 11:30 - 2014-06-10 21:18 - 04038144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-12 11:30 - 2014-05-29 16:31 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-07-12 11:30 - 2014-05-29 16:03 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-07-12 11:30 - 2014-05-29 16:02 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-12 11:30 - 2014-05-29 16:02 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-07-12 11:30 - 2013-12-08 17:45 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-07-12 11:30 - 2013-12-08 16:59 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-07-12 11:30 - 2012-11-25 21:21 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-07-12 11:30 - 2012-11-25 21:20 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-07-12 11:29 - 2013-10-10 04:53 - 00096600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-07-12 11:29 - 2013-10-10 02:21 - 01160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-07-12 11:29 - 2013-10-10 02:20 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-07-12 11:29 - 2013-06-10 12:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-07-12 11:29 - 2013-06-10 12:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-07-12 11:29 - 2013-06-10 12:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-07-12 11:29 - 2013-06-10 12:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-07-12 11:28 - 2014-06-30 15:42 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-12 11:28 - 2014-06-30 15:42 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-12 11:28 - 2014-06-30 15:42 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-07-12 11:28 - 2014-06-27 20:35 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-12 11:28 - 2014-03-28 12:19 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-07-12 11:28 - 2014-03-23 15:11 - 00269592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-07-12 11:24 - 2013-04-08 22:33 - 00489576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-07-12 11:24 - 2013-04-08 22:33 - 00446792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-07-12 11:24 - 2013-04-08 22:33 - 00253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-07-12 11:24 - 2013-04-08 22:20 - 00306952 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_10ec.dll
2014-07-12 11:24 - 2013-04-08 22:20 - 00086280 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2014-07-12 11:24 - 2013-04-08 22:18 - 00077960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdvm.dll
2014-07-12 11:24 - 2013-04-08 21:52 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2014-07-12 11:24 - 2013-04-08 21:52 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2014-07-12 11:24 - 2013-04-08 21:52 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2014-07-12 11:24 - 2013-04-08 21:52 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2014-07-12 11:24 - 2013-04-08 21:51 - 14267904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2014-07-12 11:24 - 2013-04-08 21:51 - 03552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2014-07-12 11:24 - 2013-04-08 21:51 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-07-12 11:24 - 2013-04-08 21:51 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-07-12 11:24 - 2013-04-08 21:51 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-07-12 11:24 - 2013-04-08 21:51 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-07-12 11:24 - 2013-04-08 21:50 - 02107904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2014-07-12 11:24 - 2013-04-08 21:50 - 00745984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2014-07-12 11:24 - 2013-04-08 21:50 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2014-07-12 11:24 - 2013-04-08 21:50 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenuineCenter.dll
2014-07-12 11:24 - 2013-04-08 21:50 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2014-07-12 11:24 - 2013-04-08 21:50 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2014-07-12 11:24 - 2013-04-08 21:50 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2014-07-12 11:24 - 2013-04-08 21:49 - 01444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2014-07-12 11:24 - 2013-04-08 21:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-07-12 11:24 - 2013-04-08 21:49 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-07-12 11:24 - 2013-04-08 21:49 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2014-07-12 11:24 - 2013-04-08 21:49 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2014-07-12 11:24 - 2013-04-08 21:49 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2014-07-12 11:24 - 2013-04-08 21:49 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2014-07-12 11:24 - 2013-04-08 21:49 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fmifs.dll
2014-07-12 11:24 - 2013-04-08 21:48 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-07-12 11:24 - 2013-04-08 19:34 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2014-07-12 11:24 - 2013-04-08 19:33 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2014-07-12 11:24 - 2013-04-08 19:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2014-07-12 11:24 - 2013-04-08 19:31 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2014-07-12 11:24 - 2013-04-08 16:44 - 00123880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2014-07-12 11:24 - 2013-04-08 16:37 - 00426024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-07-12 11:24 - 2013-04-08 16:37 - 00324368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-07-12 11:24 - 2013-04-08 14:52 - 11878912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2014-07-12 11:24 - 2013-04-08 14:52 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2014-07-12 11:24 - 2013-04-08 14:52 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2014-07-12 11:24 - 2013-04-08 14:52 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2014-07-12 11:24 - 2013-04-08 14:51 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2014-07-12 11:24 - 2013-04-08 14:51 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2014-07-12 11:24 - 2013-04-08 14:51 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2014-07-12 11:24 - 2013-04-08 14:51 - 00659456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2014-07-12 11:24 - 2013-04-08 14:51 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-07-12 11:24 - 2013-04-08 14:51 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2014-07-12 11:24 - 2013-04-08 14:51 - 00361984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-07-12 11:24 - 2013-04-08 14:51 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-07-12 11:24 - 2013-04-08 14:51 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2014-07-12 11:24 - 2013-04-08 14:51 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2014-07-12 11:24 - 2013-04-08 14:51 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fmifs.dll
2014-07-12 11:24 - 2013-04-08 14:51 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2014-07-12 11:24 - 2013-04-08 14:51 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2014-07-12 11:24 - 2013-04-04 16:30 - 00503080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2014-07-12 11:24 - 2013-03-15 15:05 - 00298456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-07-12 11:24 - 2013-03-15 15:05 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-07-12 11:24 - 2013-02-02 01:40 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsRasterService.dll
2014-07-12 11:24 - 2013-02-02 01:23 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsRasterService.dll
2014-07-12 11:24 - 2013-01-09 18:40 - 00303848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-07-12 11:24 - 2012-11-06 00:33 - 00522640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-07-12 11:24 - 2012-11-05 22:00 - 00463768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-07-12 11:24 - 2012-11-05 21:18 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-07-12 11:24 - 2012-10-10 22:44 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2014-07-12 11:24 - 2012-10-10 22:44 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2014-07-12 11:24 - 2012-10-10 22:06 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2014-07-12 11:24 - 2012-10-10 22:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2014-07-12 11:20 - 2013-05-04 00:58 - 00120736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2014-07-12 11:20 - 2013-05-03 23:59 - 01483776 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-07-12 11:20 - 2013-05-03 23:59 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2014-07-12 11:20 - 2013-05-03 23:58 - 01332736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2014-07-12 11:20 - 2013-05-03 23:58 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2014-07-12 11:20 - 2013-05-03 23:58 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-07-12 11:20 - 2013-05-03 23:58 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2014-07-12 11:20 - 2013-05-03 23:58 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2014-07-12 11:20 - 2013-05-03 23:58 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-07-12 11:20 - 2013-05-03 23:57 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-07-12 11:20 - 2013-05-03 23:57 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-07-12 11:20 - 2013-05-03 23:57 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-07-12 11:20 - 2013-05-03 23:57 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-07-12 11:20 - 2013-05-03 23:57 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2014-07-12 11:20 - 2013-05-03 23:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-07-12 11:20 - 2013-05-03 23:57 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2014-07-12 11:20 - 2013-05-03 23:57 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\muifontsetup.dll
2014-07-12 11:20 - 2013-05-03 23:56 - 00419840 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2014-07-12 11:20 - 2013-05-03 21:58 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2014-07-12 11:20 - 2013-05-03 21:57 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-07-12 11:20 - 2013-05-03 21:57 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2014-07-12 11:20 - 2013-05-03 21:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2014-07-12 11:20 - 2013-05-03 21:57 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2014-07-12 11:20 - 2013-05-03 21:57 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\muifontsetup.dll
2014-07-12 11:20 - 2013-05-03 21:56 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2014-07-12 11:20 - 2013-05-03 21:56 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-07-12 11:20 - 2013-05-03 21:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2014-07-12 11:20 - 2013-05-03 21:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2014-07-12 11:20 - 2013-05-03 21:55 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2014-07-12 11:20 - 2013-05-03 21:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs
2014-07-12 11:20 - 2013-05-03 21:48 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-07-12 11:20 - 2013-05-03 21:47 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-07-12 11:20 - 2013-05-03 21:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2014-07-12 11:20 - 2013-03-01 19:45 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2014-07-12 11:20 - 2013-03-01 19:45 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2014-07-12 11:20 - 2013-02-02 01:39 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2014-07-12 11:20 - 2013-02-02 01:39 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll
2014-07-12 11:17 - 2013-03-02 03:57 - 00077544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2014-07-12 11:17 - 2013-03-02 03:39 - 00495336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-07-12 11:17 - 2013-03-02 02:59 - 00411880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-07-12 11:17 - 2013-03-02 01:23 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-07-12 11:17 - 2013-03-02 01:23 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2014-07-12 11:17 - 2013-03-02 01:23 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-07-12 11:17 - 2013-03-02 01:23 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncInfo.dll
2014-07-12 11:17 - 2013-03-02 01:22 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-07-12 11:17 - 2013-03-02 01:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2014-07-12 11:17 - 2013-03-02 01:21 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-07-12 11:17 - 2013-03-02 01:21 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevDispItemProvider.dll
2014-07-12 11:17 - 2013-03-01 19:45 - 01149952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-07-12 11:17 - 2013-03-01 19:45 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-07-12 11:17 - 2013-03-01 19:45 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2014-07-12 11:17 - 2013-03-01 19:45 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-07-12 11:17 - 2013-03-01 19:45 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-07-12 11:17 - 2013-03-01 19:45 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe
2014-07-12 11:17 - 2013-03-01 19:45 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-07-12 11:17 - 2013-03-01 19:45 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2014-07-12 11:17 - 2013-03-01 19:45 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-07-12 11:17 - 2013-03-01 19:45 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDPrintProxy.DLL
2014-07-12 11:17 - 2013-03-01 19:44 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2014-07-12 11:17 - 2013-03-01 19:44 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-07-12 11:17 - 2013-03-01 19:44 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2014-07-12 11:17 - 2013-03-01 19:44 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\NdisImPlatform.dll
2014-07-12 11:17 - 2013-03-01 19:44 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevDispItemProvider.dll
2014-07-12 11:17 - 2013-03-01 19:43 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-07-12 11:17 - 2013-03-01 19:15 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2014-07-12 11:17 - 2013-02-28 21:56 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2014-07-12 11:17 - 2013-02-28 21:56 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2014-07-12 11:17 - 2013-02-28 21:55 - 01175040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-07-12 11:17 - 2013-01-08 20:59 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2014-07-12 11:17 - 2013-01-08 20:58 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2014-07-12 11:17 - 2012-11-05 21:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-07-12 11:17 - 2012-11-05 21:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wushareduxresources.dll
2014-07-12 11:11 - 2012-08-30 17:53 - 00017888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2014-07-12 11:11 - 2012-08-30 17:52 - 00017888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2014-07-12 10:56 - 2013-06-21 22:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2014-07-12 10:56 - 2013-06-21 22:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2014-07-12 10:45 - 2013-07-05 15:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2014-07-12 10:45 - 2013-07-05 15:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2014-07-12 10:45 - 2013-07-01 15:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2014-07-12 10:45 - 2013-07-01 15:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2014-07-12 10:45 - 2013-06-28 20:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2014-07-12 10:45 - 2013-05-23 16:02 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-07-12 10:45 - 2013-05-23 15:25 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-07-12 10:45 - 2012-10-10 22:19 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WSDScan.sys
2014-07-12 10:44 - 2014-07-12 10:44 - 00000000 ____D () C:\Users\Karen S\AppData\Roaming\Macromedia
2014-07-12 10:44 - 2014-06-02 15:33 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2014-07-12 10:44 - 2014-04-12 02:10 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-07-12 10:44 - 2014-04-12 02:08 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-07-12 10:44 - 2014-04-12 02:08 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2014-07-12 10:44 - 2014-04-12 00:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2014-07-12 10:44 - 2014-04-12 00:22 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-07-12 10:44 - 2014-03-10 17:41 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-07-12 10:44 - 2014-03-10 17:38 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-07-12 10:44 - 2014-03-10 17:38 - 00684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2014-07-12 10:44 - 2014-03-10 17:38 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-07-12 10:44 - 2014-03-10 17:38 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2014-07-12 10:44 - 2014-03-03 16:07 - 00570216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-12 10:44 - 2013-10-01 16:37 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-07-12 10:44 - 2013-10-01 16:26 - 01890816 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-07-12 10:43 - 2014-04-12 02:27 - 00172888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-07-12 10:43 - 2014-04-12 02:09 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-07-12 10:43 - 2014-04-12 02:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2014-07-12 10:43 - 2014-04-12 02:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2014-07-12 10:43 - 2014-04-12 02:07 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2014-07-12 10:43 - 2014-04-12 00:23 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-07-12 10:43 - 2014-04-12 00:23 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2014-07-12 10:43 - 2014-04-12 00:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2014-07-12 10:43 - 2014-04-12 00:22 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2014-07-12 10:43 - 2014-04-11 23:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll
2014-07-12 10:43 - 2014-03-10 20:25 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2014-07-12 10:43 - 2014-03-10 17:41 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2014-07-12 10:43 - 2014-03-10 17:41 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dimsroam.dll
2014-07-12 10:43 - 2014-03-10 17:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2014-07-12 10:43 - 2014-03-10 17:38 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-07-12 10:43 - 2014-03-10 17:38 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2014-07-12 10:43 - 2014-03-10 17:38 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2014-07-12 10:43 - 2014-03-09 20:05 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-07-12 10:43 - 2014-03-09 18:27 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2014-07-12 10:42 - 2013-04-11 15:30 - 01421312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-07-12 10:42 - 2013-04-11 15:22 - 01838080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-07-12 10:39 - 2014-07-12 10:39 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-07-12 10:36 - 2013-04-23 16:13 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2014-07-12 10:36 - 2013-04-23 16:12 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptnet.dll
2014-07-12 10:36 - 2013-04-23 15:56 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2014-07-12 10:36 - 2013-04-23 15:55 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet.dll
2014-07-12 10:34 - 2013-02-02 01:40 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlroamextension.dll
2014-07-12 10:34 - 2013-02-02 01:40 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2014-07-12 10:34 - 2013-02-02 01:40 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2014-07-12 10:34 - 2013-02-02 01:40 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tasklist.exe
2014-07-12 10:34 - 2013-02-02 01:40 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskkill.exe
2014-07-12 10:34 - 2013-02-02 01:39 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2014-07-12 10:34 - 2013-02-02 01:38 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2014-07-12 10:34 - 2013-02-02 01:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskkill.exe
2014-07-12 10:34 - 2013-02-02 01:24 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\tasklist.exe
2014-07-12 10:34 - 2013-02-02 01:23 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2014-07-12 10:34 - 2013-02-02 01:23 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlroamextension.dll
2014-07-12 10:34 - 2013-02-02 01:23 - 00475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2014-07-12 10:34 - 2013-02-02 01:23 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-07-12 10:34 - 2013-02-02 01:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2014-07-12 10:34 - 2013-02-02 01:21 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2014-07-12 10:34 - 2013-02-02 01:20 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2014-07-12 10:34 - 2013-02-02 01:20 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hotspotauth.dll
2014-07-12 10:34 - 2013-02-02 00:25 - 00297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-07-12 10:34 - 2012-11-26 20:57 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-07-12 10:34 - 2012-11-26 20:55 - 00029952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthhfHid.sys
2014-07-12 10:34 - 2012-11-19 21:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys
2014-07-12 10:34 - 2012-11-19 21:54 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidi2c.sys
2014-07-12 10:33 - 2013-05-26 16:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2014-07-12 10:33 - 2013-05-26 15:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2014-07-12 10:33 - 2013-05-24 20:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2014-07-12 10:33 - 2013-05-24 19:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2014-07-12 10:33 - 2013-02-01 22:41 - 01437184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-07-12 10:33 - 2013-02-01 22:31 - 01690624 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-07-12 10:33 - 2012-11-07 21:24 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2014-07-12 10:33 - 2012-11-07 21:24 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2014-07-12 10:33 - 2012-11-07 21:20 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2014-07-12 10:33 - 2012-11-07 21:20 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2014-07-12 10:33 - 2012-11-07 21:02 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2014-07-12 10:33 - 2012-11-07 21:01 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2014-07-12 10:31 - 2014-07-12 10:32 - 95020520 _____ (trend_company_name) C:\Users\Karen S\Desktop\supportcustomizedpackage64.exe
2014-07-12 10:30 - 2014-07-16 20:10 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2961404673-414218333-4232183137-1001
2014-07-12 10:28 - 2012-10-23 20:25 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-07-12 10:28 - 2012-10-23 19:48 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2014-07-12 10:23 - 2013-03-02 01:23 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-07-12 10:23 - 2013-03-01 19:44 - 01011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-07-12 10:23 - 2012-12-14 21:55 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-07-12 10:23 - 2012-11-02 22:26 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysreset.exe
2014-07-12 10:23 - 2012-11-02 22:25 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\resetengmig.dll
2014-07-12 09:52 - 2014-07-12 09:52 - 00001373 _____ () C:\Users\Karen S\Desktop\Trend Micro Titanium Maximum Security.lnk
2014-07-12 09:52 - 2014-07-12 09:52 - 00000000 ____D () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security
2014-07-12 09:52 - 2014-07-12 09:52 - 00000000 ____D () C:\Users\Karen S\AppData\Local\Trend Micro
2014-07-12 09:51 - 2013-12-03 01:57 - 00283160 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2014-07-12 09:51 - 2013-12-03 01:57 - 00117312 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmactmon.sys
2014-07-12 09:51 - 2013-12-03 01:57 - 00085936 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmevtmgr.sys
2014-07-12 09:51 - 2013-07-10 14:39 - 00037904 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmel.sys
2014-07-12 09:51 - 2013-07-07 15:16 - 00103712 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmusa.sys
2014-07-12 09:51 - 2013-07-01 01:08 - 00050976 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\TMEBC64.sys
2014-07-12 09:51 - 2013-06-12 18:35 - 00100640 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmeevw.sys
2014-07-12 09:51 - 2013-05-14 22:23 - 00303392 ____N (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmnciesc.sys
2014-07-12 09:49 - 2014-07-12 09:49 - 00003270 _____ () C:\WINDOWS\System32\Tasks\Titanium BTC
2014-07-12 09:47 - 2014-07-12 09:47 - 00000059 _____ () C:\WINDOWS\system32\SupportTool.exe.bat
2014-07-12 09:44 - 2014-07-12 09:45 - 00000000 ____D () C:\Program Files\Trend Micro
2014-07-12 09:43 - 2014-07-20 00:49 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-07-12 09:42 - 2014-07-12 09:42 - 00000036 _____ () C:\Users\Karen S\AppData\Local\housecall.guid.cache
2014-07-12 09:31 - 2014-07-16 18:37 - 00000000 ____D () C:\Users\Karen S\AppData\Roaming\Adobe
2014-07-12 09:31 - 2014-07-12 09:31 - 00001442 _____ () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-12 09:31 - 2014-07-12 09:31 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-07-12 09:30 - 2014-07-19 11:29 - 00000000 ____D () C:\Users\Karen S\AppData\Local\VirtualStore
2014-07-12 09:29 - 2014-07-12 09:29 - 00000020 ___SH () C:\Users\Karen S\ntuser.ini
2014-07-12 09:28 - 2013-06-30 18:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-07-12 09:28 - 2013-06-30 18:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-07-12 09:28 - 2013-06-30 18:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-07-12 09:28 - 2013-06-30 18:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-07-12 09:28 - 2013-06-28 20:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-07-12 09:28 - 2013-06-28 20:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-07-12 09:28 - 2013-02-11 17:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2014-07-10 15:56 - 2014-07-12 12:36 - 00000000 ____D () C:\Windows.old
2014-07-10 15:56 - 2013-03-06 00:10 - 00112872 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-07-10 15:56 - 2013-03-05 23:29 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-07-10 15:52 - 2013-12-04 16:43 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-07-10 15:52 - 2013-12-04 16:37 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-07-10 15:51 - 2014-06-18 19:12 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-10 15:51 - 2014-06-18 19:12 - 01366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-10 15:51 - 2014-06-18 19:12 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-07-10 15:51 - 2014-06-18 19:12 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-07-10 15:51 - 2014-06-18 19:12 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-10 15:51 - 2014-06-18 19:11 - 19277312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-10 15:51 - 2014-06-18 19:11 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-07-10 15:51 - 2014-06-18 19:11 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-10 15:51 - 2014-06-18 19:10 - 15369728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-10 15:51 - 2014-06-18 19:10 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-10 15:51 - 2014-06-18 19:10 - 02650624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-10 15:51 - 2014-06-18 19:10 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-07-10 15:51 - 2014-06-18 19:10 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-10 15:51 - 2014-06-18 19:10 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-10 15:51 - 2014-06-18 19:10 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-10 15:51 - 2014-06-18 19:10 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-10 15:51 - 2014-06-18 19:10 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-07-10 15:51 - 2014-06-18 19:10 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-07-10 15:51 - 2014-06-18 19:10 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-07-10 15:51 - 2014-06-18 19:10 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-07-10 15:51 - 2014-06-18 19:09 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-10 15:51 - 2014-06-18 17:53 - 14368768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-10 15:51 - 2014-06-18 17:53 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-10 15:51 - 2014-06-18 17:53 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-10 15:51 - 2014-06-18 17:53 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-10 15:51 - 2014-06-18 17:53 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-07-10 15:51 - 2014-06-18 17:53 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-10 15:51 - 2014-06-18 17:53 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-07-10 15:51 - 2014-06-18 17:52 - 13732352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-10 15:51 - 2014-06-18 17:52 - 02863616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-10 15:51 - 2014-06-18 17:52 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-10 15:51 - 2014-06-18 17:52 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-10 15:51 - 2014-06-18 17:52 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-07-10 15:51 - 2014-06-18 17:52 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-10 15:51 - 2014-06-18 17:52 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-10 15:51 - 2014-06-18 17:52 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-10 15:51 - 2014-06-18 17:52 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-07-10 15:51 - 2014-06-18 17:52 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-07-10 15:51 - 2014-06-18 17:52 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-07-10 15:51 - 2014-06-18 17:52 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-07-10 15:51 - 2014-06-18 17:33 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-07-10 15:51 - 2014-06-18 17:30 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-07-10 15:51 - 2014-06-18 15:05 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-07-10 15:51 - 2013-07-19 15:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-07-10 15:51 - 2013-07-19 15:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-07-10 15:51 - 2013-05-03 23:59 - 02842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-07-10 15:51 - 2013-05-03 21:57 - 02620928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-07-10 15:51 - 2013-04-26 22:20 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-07-10 15:47 - 2014-07-10 15:47 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-07-10 15:47 - 2013-10-10 02:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-07-10 15:47 - 2013-10-10 02:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-07-10 15:47 - 2013-10-10 02:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-07-10 15:47 - 2013-10-10 02:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-07-10 15:47 - 2013-10-10 02:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-07-10 15:47 - 2013-10-10 02:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-07-10 15:47 - 2013-10-10 02:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-07-10 15:47 - 2012-10-23 20:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2014-07-10 15:47 - 2012-10-23 20:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2014-07-10 15:47 - 2012-10-23 20:24 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2014-07-10 15:47 - 2012-10-23 20:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2014-07-10 15:46 - 2013-07-12 23:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-07-10 15:46 - 2013-07-12 23:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2014-07-10 15:46 - 2013-07-12 23:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2014-07-10 15:46 - 2013-07-12 23:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2014-07-10 15:46 - 2013-07-12 21:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-07-10 15:46 - 2013-07-12 21:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2014-07-10 15:46 - 2013-07-12 21:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2014-07-10 15:44 - 2013-07-01 18:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-07-10 15:44 - 2013-07-01 18:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-07-10 15:44 - 2012-11-02 22:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2014-07-10 15:44 - 2012-11-02 22:26 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2014-07-10 15:44 - 2012-11-02 22:24 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2014-07-10 15:44 - 2012-11-02 22:24 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2014-07-10 15:44 - 2012-11-02 22:24 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2014-07-10 15:44 - 2012-11-02 22:24 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2014-07-10 15:44 - 2012-11-02 22:24 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2014-07-10 15:44 - 2012-11-02 22:24 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2014-07-10 15:44 - 2012-11-02 22:24 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2014-07-10 15:44 - 2012-11-02 22:24 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2014-07-10 15:44 - 2012-11-02 22:04 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2014-07-10 15:44 - 2012-11-02 22:04 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2014-07-10 15:44 - 2012-11-02 22:00 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2014-07-10 15:44 - 2012-11-02 22:00 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2014-07-10 15:43 - 2014-03-28 01:23 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-07-10 15:43 - 2014-01-12 16:30 - 02238976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-07-10 15:43 - 2014-01-12 16:30 - 02032640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-07-10 15:43 - 2013-11-19 17:15 - 03842560 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-07-10 15:43 - 2013-11-19 16:57 - 03288576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-07-10 15:42 - 2013-03-14 17:17 - 00861184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2014-07-10 15:40 - 2013-08-23 00:22 - 02062848 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-07-10 15:40 - 2013-08-22 18:44 - 01711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-07-10 15:39 - 2014-05-29 15:24 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-10 15:39 - 2013-11-22 23:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-07-10 15:39 - 2013-11-22 22:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-07-10 15:39 - 2013-03-21 20:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2014-07-10 15:39 - 2013-03-21 15:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2014-07-10 15:34 - 2014-06-06 07:06 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-10 15:34 - 2014-06-06 03:17 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-10 15:32 - 2014-04-03 04:22 - 02233176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-07-10 15:32 - 2014-01-30 17:48 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-07-10 15:32 - 2014-01-30 17:06 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-07-10 15:32 - 2013-04-02 16:37 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdlg.dll
2014-07-10 15:32 - 2013-04-02 16:12 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdlg.dll
2014-07-10 15:31 - 2013-09-27 20:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-07-10 15:31 - 2012-10-10 22:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2014-07-10 15:31 - 2012-10-10 22:19 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys
2014-07-10 15:31 - 2012-10-10 22:18 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys
2014-07-10 15:29 - 2014-03-06 17:47 - 01419264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-07-10 15:29 - 2014-03-06 17:08 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-07-10 15:29 - 2013-10-01 16:37 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-07-10 15:29 - 2013-10-01 16:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-07-10 15:29 - 2013-08-06 22:15 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll
2014-07-10 15:29 - 2013-08-01 23:28 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-10 15:29 - 2013-08-01 22:08 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-10 15:29 - 2013-03-02 03:39 - 00069864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-07-10 15:29 - 2013-03-01 19:43 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-07-10 15:29 - 2013-02-06 18:33 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-07-10 15:29 - 2012-11-09 21:23 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-07-10 15:29 - 2012-11-09 21:23 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-07-10 15:29 - 2012-11-09 21:22 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDWebAI.dll
2014-07-10 15:29 - 2012-11-09 21:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmHostAI.dll
2014-07-10 15:29 - 2012-11-09 21:20 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appserverai.dll
2014-07-10 15:29 - 2012-10-31 21:41 - 01802240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-07-10 15:29 - 2012-10-31 21:40 - 02361344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-07-10 15:29 - 2012-10-31 21:21 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2014-07-10 15:29 - 2012-10-31 21:21 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2014-07-10 15:29 - 2012-10-31 21:20 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2014-07-10 15:29 - 2012-10-31 21:20 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2014-07-10 15:22 - 2013-10-31 22:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-07-10 15:22 - 2013-10-31 20:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-07-10 15:21 - 2012-12-12 21:00 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2014-07-10 15:21 - 2012-12-12 20:59 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2014-07-10 15:11 - 2014-07-10 15:11 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-07-10 15:11 - 2014-07-10 15:11 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-07-10 14:59 - 2014-07-12 09:31 - 00000000 ____D () C:\Users\Karen S
2014-07-10 14:59 - 2014-07-10 14:59 - 00022863 _____ () C:\WINDOWS\diagwrn.xml
2014-07-10 14:59 - 2014-07-10 14:59 - 00022863 _____ () C:\WINDOWS\diagerr.xml
2014-07-10 14:59 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-10 14:59 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-10 14:59 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 14:59 - 2012-07-26 01:13 - 00000000 ____D () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-10 14:07 - 2014-07-10 14:07 - 00000000 ____D () C:\$WINDOWS.~BT
2014-07-10 14:06 - 2014-07-12 12:11 - 00000000 ___HD () C:\$SysReset
2014-07-10 13:36 - 2014-07-17 13:50 - 00000000 ____D () C:\Users\Karen S\AppData\Local\Packages
2014-07-09 17:07 - 2014-07-10 12:01 - 00000000 ____D () C:\Users\Karen S\Desktop\homer
2014-07-04 08:36 - 2014-07-04 08:36 - 00000000 ____D () C:\AMD
2014-07-04 04:24 - 2014-07-04 04:24 - 00000000 __SHD () C:\Recovery
2014-07-03 10:11 - 2014-07-12 09:54 - 00000000 ___HD () C:\TMRescueDisk
2014-07-01 12:34 - 2014-07-09 16:17 - 00005552 _____ () C:\Users\Karen S\Desktop\7-1-2014  windows 8 errors.txt
2014-07-01 09:59 - 2014-07-12 13:41 - 00000000 ____D () C:\Users\Karen S\Desktop\TMRBLog
2014-07-01 09:59 - 2014-07-01 09:59 - 00000000 ____D () C:\Users\Karen S\Desktop\log
2014-06-30 16:42 - 2014-06-30 16:42 - 00001754 _____ () C:\sc-cleaner.txt
2014-06-30 16:40 - 2014-06-30 16:42 - 00173128 _____ () C:\Users\Karen S\Desktop\Show-Hidden.txt
2014-06-30 16:18 - 2014-06-30 16:18 - 00401920 _____ (Farbar) C:\Users\Karen S\Desktop\MiniToolBox.exe
2014-06-30 16:17 - 2014-06-30 16:17 - 01402880 _____ () C:\Users\Karen S\Desktop\HiJackThis.msi
2014-06-30 16:16 - 2014-06-30 16:16 - 00602112 _____ (OldTimer Tools) C:\Users\Karen S\Desktop\OTL.exe
2014-06-30 16:15 - 2014-06-30 16:15 - 04721240 _____ () C:\Users\Karen S\Desktop\RogueKiller.exe
2014-06-30 10:42 - 2014-06-30 10:42 - 00000546 _____ () C:\Users\Karen S\Desktop\Emsisoft Emergency Kit.lnk
2014-06-30 10:42 - 2014-06-30 10:42 - 00000000 ____D () C:\EEK
2014-06-26 14:52 - 2014-06-26 14:52 - 00000000 ____D () C:\OETemp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-26 15:26 - 2014-07-26 15:25 - 00009721 _____ () C:\Users\Karen S\Desktop\FRST.txt
2014-07-26 15:25 - 2014-07-26 15:25 - 02093568 _____ (Farbar) C:\Users\Karen S\Desktop\FRST64.exe
2014-07-26 15:25 - 2014-07-26 15:25 - 00000000 ____D () C:\FRST
2014-07-26 15:19 - 2012-11-13 22:18 - 01753784 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-26 15:15 - 2014-07-26 09:19 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-26 15:15 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-26 10:03 - 2014-07-26 10:03 - 00001041 _____ () C:\Users\Karen S\Desktop\mbam.txt
2014-07-26 09:58 - 2014-07-26 09:58 - 00000796 _____ () C:\Users\Karen S\Desktop\AdwCleaner[S1].txt
2014-07-26 09:58 - 2012-07-26 00:21 - 00043539 _____ () C:\WINDOWS\setupact.log
2014-07-26 09:58 - 2012-07-25 22:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-26 09:56 - 2012-08-05 14:07 - 00007236 _____ () C:\WINDOWS\PFRO.log
2014-07-26 09:56 - 2012-07-26 00:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-26 09:55 - 2014-07-20 00:55 - 00000000 ____D () C:\AdwCleaner
2014-07-26 09:53 - 2014-07-26 09:53 - 00000736 _____ () C:\Users\Karen S\Desktop\AdwCleaner[R1].txt
2014-07-26 09:47 - 2014-07-26 09:47 - 01354223 _____ () C:\Users\Karen S\Desktop\adwcleaner_3.216.exe
2014-07-26 09:42 - 2014-07-26 09:42 - 00001057 _____ () C:\Users\Karen S\Desktop\7-26-2014  mbam scan.txt
2014-07-26 09:19 - 2014-07-26 09:19 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-26 09:19 - 2014-07-26 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-26 09:19 - 2014-07-26 09:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-26 09:19 - 2014-07-26 09:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-26 09:11 - 2014-07-26 09:04 - 00005406 _____ () C:\Users\Karen S\Desktop\7-26-2014  bleeping.txt
2014-07-25 23:31 - 2012-07-25 22:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-25 23:29 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-07-24 21:57 - 2014-07-24 21:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Karen S\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-20 13:36 - 2014-07-20 08:16 - 19919261 _____ () C:\Users\Karen S\Desktop\Windows8-RT-KB2974008-x64.msu
2014-07-20 00:49 - 2014-07-12 09:43 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-07-19 23:32 - 2014-07-19 17:57 - 00007620 _____ () C:\Users\Karen S\AppData\Local\Resmon.ResmonCfg
2014-07-19 23:24 - 2014-07-19 13:50 - 00002366 _____ () C:\Users\Karen S\Desktop\7-19-2014  windows 8.txt
2014-07-19 22:35 - 2014-07-19 22:34 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Karen S\Desktop\mbam-setup.exe
2014-07-19 22:32 - 2014-07-19 22:32 - 02650408 _____ (Malwarebytes ) C:\Users\Karen S\Desktop\mbae-setup-1.03.1.1220.exe
2014-07-19 22:29 - 2014-07-19 22:29 - 00854390 _____ () C:\Users\Karen S\Desktop\SecurityCheck.exe
2014-07-19 22:20 - 2014-07-19 22:20 - 00291606 _____ () C:\Users\Karen S\Desktop\TCPView.zip
2014-07-19 22:16 - 2014-07-19 22:16 - 05329480 _____ (Secunia) C:\Users\Karen S\Desktop\PSISetup.exe
2014-07-19 22:12 - 2014-07-19 22:12 - 00330240 _____ (BiniSoft.org) C:\Users\Karen S\Desktop\wfc4setup.exe
2014-07-19 22:11 - 2014-07-19 22:11 - 01272912 _____ () C:\Users\Karen S\Desktop\Tweaking.com-RepairWindowsFirewall.exe
2014-07-19 16:19 - 2012-08-05 15:44 - 00000000 ____D () C:\WINDOWS\Sec
2014-07-19 16:19 - 2012-08-05 15:07 - 00000000 ____D () C:\WINDOWS\Panther
2014-07-19 13:54 - 2014-07-19 13:54 - 00001081 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-07-19 13:54 - 2014-07-19 13:54 - 00000000 ____D () C:\Users\Karen S\AppData\Local\VS Revo Group
2014-07-19 13:54 - 2014-07-19 13:54 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-07-19 13:54 - 2014-07-19 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-07-19 13:54 - 2014-07-19 13:54 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-19 13:48 - 2014-07-19 13:48 - 10619688 _____ (VS Revo Group ) C:\Users\Karen S\Desktop\RevoUninProSetup.exe
2014-07-19 11:58 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-19 11:58 - 2012-07-26 00:28 - 00848230 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-19 11:36 - 2014-07-19 11:35 - 120214108 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\RansomFix64.exe
2014-07-19 11:29 - 2014-07-12 09:30 - 00000000 ____D () C:\Users\Karen S\AppData\Local\VirtualStore
2014-07-17 18:58 - 2014-07-17 18:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-07-17 18:58 - 2012-11-13 22:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-17 18:57 - 2014-07-17 18:58 - 00465624 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsPer.sys
2014-07-17 18:57 - 2014-07-17 18:58 - 00359128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsPStor.sys
2014-07-17 18:57 - 2014-07-17 18:58 - 00331992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsUVStor.sys
2014-07-17 18:57 - 2014-07-17 18:58 - 00313048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsBaStor.sys
2014-07-17 18:57 - 2014-07-17 18:58 - 00291544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsP2Stor.sys
2014-07-17 18:57 - 2014-07-17 18:58 - 00271064 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsUStor.sys
2014-07-17 18:57 - 2014-07-17 18:57 - 09889352 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2014-07-17 18:57 - 2014-07-17 18:57 - 00000000 ____D () C:\Users\Karen S\Desktop\RtsXStor_6.3.273.37
2014-07-17 18:57 - 2014-07-17 18:57 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-07-17 18:56 - 2014-07-17 18:54 - 12171007 _____ () C:\Users\Karen S\Desktop\RtsXStor_6.3.273.37.zip
2014-07-17 16:58 - 2014-07-17 15:06 - 00000440 _____ () C:\Users\Karen S\Documents\7-17-2014 msg to Carmen-Etsy.txt
2014-07-17 16:09 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\MsDtc
2014-07-17 15:39 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\Registration
2014-07-17 13:58 - 2014-07-17 13:58 - 00686608 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\TMEEC.exe
2014-07-17 13:57 - 2014-07-17 13:57 - 07001616 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\BGSetup3.0.1009.exe
2014-07-17 13:57 - 2014-07-17 13:57 - 02473936 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\HousecallLauncher64.exe
2014-07-17 13:56 - 2014-07-17 13:56 - 06229392 _____ (Trend Micro, Inc. ) C:\Users\Karen S\Desktop\RUBottedSetup.exe
2014-07-17 13:54 - 2014-07-17 13:54 - 14839344 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\RootkitBusterV5.0-1171x64.exe
2014-07-17 13:50 - 2014-07-10 13:36 - 00000000 ____D () C:\Users\Karen S\AppData\Local\Packages
2014-07-17 13:30 - 2014-07-17 13:30 - 00000000 ____D () C:\WINDOWS\LastGood
2014-07-17 13:29 - 2014-07-17 13:28 - 00281088 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-16 20:10 - 2014-07-12 10:30 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2961404673-414218333-4232183137-1001
2014-07-16 18:37 - 2014-07-16 18:37 - 00000000 ____D () C:\Users\Karen S\AppData\Local\Adobe
2014-07-16 18:37 - 2014-07-16 18:34 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-16 18:37 - 2014-07-12 09:31 - 00000000 ____D () C:\Users\Karen S\AppData\Roaming\Adobe
2014-07-16 18:35 - 2014-07-16 18:35 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-16 18:35 - 2014-07-16 18:35 - 00002029 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-07-16 18:35 - 2014-07-16 18:35 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-16 18:32 - 2014-07-16 11:20 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-07-16 18:32 - 2012-07-26 01:12 - 00000000 __RSD () C:\WINDOWS\Media
2014-07-16 18:31 - 2014-07-16 18:31 - 00000000 ___HD () C:\ProgramData\CanonIJFAX
2014-07-16 18:28 - 2014-07-16 18:28 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-07-15 05:18 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-14 15:48 - 2012-07-26 01:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-14 15:48 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-14 15:48 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-07-14 15:48 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-07-14 15:47 - 2014-07-14 15:47 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-14 15:47 - 2012-07-26 01:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-14 15:47 - 2012-07-26 01:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-14 15:47 - 2012-07-26 01:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-14 15:47 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-07-14 15:47 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-07-14 15:47 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-07-14 15:47 - 2012-07-25 22:38 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-07-14 15:46 - 2012-07-26 00:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-14 15:45 - 2012-07-26 01:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-14 15:45 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-07-14 15:45 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-07-14 15:45 - 2012-07-25 22:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-07-14 15:45 - 2012-07-25 22:38 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-07-12 15:27 - 2012-07-25 22:37 - 00000000 ____D () C:\WINDOWS\servicing
2014-07-12 13:41 - 2014-07-12 13:41 - 00186328 _____ (trend_company_name) C:\WINDOWS\system32\Drivers\tmrkb.sys
2014-07-12 13:41 - 2014-07-01 09:59 - 00000000 ____D () C:\Users\Karen S\Desktop\TMRBLog
2014-07-12 12:56 - 2014-07-12 12:54 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-12 12:36 - 2014-07-10 15:56 - 00000000 ____D () C:\Windows.old
2014-07-12 12:11 - 2014-07-10 14:06 - 00000000 ___HD () C:\$SysReset
2014-07-12 11:41 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-07-12 10:44 - 2014-07-12 10:44 - 00000000 ____D () C:\Users\Karen S\AppData\Roaming\Macromedia
2014-07-12 10:39 - 2014-07-12 10:39 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-07-12 10:32 - 2014-07-12 10:31 - 95020520 _____ (trend_company_name) C:\Users\Karen S\Desktop\supportcustomizedpackage64.exe
2014-07-12 10:12 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-07-12 10:12 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2014-07-12 10:12 - 2012-07-25 22:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-07-12 10:11 - 2012-07-26 01:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-07-12 10:11 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-07-12 10:11 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2014-07-12 10:11 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-07-12 10:11 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-07-12 10:11 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-07-12 10:11 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2014-07-12 10:11 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2014-07-12 10:11 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-07-12 10:09 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-07-12 10:09 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2014-07-12 10:09 - 2012-07-25 22:38 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-07-12 10:08 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-07-12 10:08 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\Com
2014-07-12 10:08 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2014-07-12 09:54 - 2014-07-03 10:11 - 00000000 ___HD () C:\TMRescueDisk
2014-07-12 09:52 - 2014-07-12 09:52 - 00001373 _____ () C:\Users\Karen S\Desktop\Trend Micro Titanium Maximum Security.lnk
2014-07-12 09:52 - 2014-07-12 09:52 - 00000000 ____D () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security
2014-07-12 09:52 - 2014-07-12 09:52 - 00000000 ____D () C:\Users\Karen S\AppData\Local\Trend Micro
2014-07-12 09:51 - 2012-07-26 01:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-12 09:49 - 2014-07-12 09:49 - 00003270 _____ () C:\WINDOWS\System32\Tasks\Titanium BTC
2014-07-12 09:47 - 2014-07-12 09:47 - 00000059 _____ () C:\WINDOWS\system32\SupportTool.exe.bat
2014-07-12 09:45 - 2014-07-12 09:44 - 00000000 ____D () C:\Program Files\Trend Micro
2014-07-12 09:42 - 2014-07-12 09:42 - 00000036 _____ () C:\Users\Karen S\AppData\Local\housecall.guid.cache
2014-07-12 09:31 - 2014-07-12 09:31 - 00001442 _____ () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-12 09:31 - 2014-07-12 09:31 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-07-12 09:31 - 2014-07-10 14:59 - 00000000 ____D () C:\Users\Karen S
2014-07-12 09:29 - 2014-07-12 09:29 - 00000020 ___SH () C:\Users\Karen S\ntuser.ini
2014-07-10 15:56 - 2012-07-26 01:13 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-07-10 15:47 - 2014-07-10 15:47 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-07-10 15:11 - 2014-07-10 15:11 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-07-10 15:11 - 2014-07-10 15:11 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-07-10 15:00 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-07-10 15:00 - 2012-07-25 22:37 - 00000000 __RHD () C:\Users\Default
2014-07-10 14:59 - 2014-07-10 14:59 - 00022863 _____ () C:\WINDOWS\diagwrn.xml
2014-07-10 14:59 - 2014-07-10 14:59 - 00022863 _____ () C:\WINDOWS\diagerr.xml
2014-07-10 14:59 - 2012-07-26 01:12 - 00000000 __RHD () C:\Users\Public\Libraries
2014-07-10 14:58 - 2012-08-05 14:10 - 00000000 ____D () C:\Users\Administrator
2014-07-10 14:07 - 2014-07-10 14:07 - 00000000 ____D () C:\$WINDOWS.~BT
2014-07-10 12:01 - 2014-07-09 17:07 - 00000000 ____D () C:\Users\Karen S\Desktop\homer
2014-07-09 18:33 - 2014-05-29 12:43 - 00003094 _____ () C:\Users\Karen S\Desktop\Rkill.txt
2014-07-09 16:58 - 2014-05-29 12:31 - 00030682 _____ () C:\Users\Karen S\Desktop\Result.txt
2014-07-09 16:17 - 2014-07-01 12:34 - 00005552 _____ () C:\Users\Karen S\Desktop\7-1-2014  windows 8 errors.txt
2014-07-04 14:01 - 2014-05-27 13:24 - 00000000 ____D () C:\Users\Karen S\Documents\Bluetooth Folder
2014-07-04 08:36 - 2014-07-04 08:36 - 00000000 ____D () C:\AMD
2014-07-04 04:24 - 2014-07-04 04:24 - 00000000 __SHD () C:\Recovery
2014-07-01 09:59 - 2014-07-01 09:59 - 00000000 ____D () C:\Users\Karen S\Desktop\log
2014-06-30 16:42 - 2014-06-30 16:42 - 00001754 _____ () C:\sc-cleaner.txt
2014-06-30 16:42 - 2014-06-30 16:40 - 00173128 _____ () C:\Users\Karen S\Desktop\Show-Hidden.txt
2014-06-30 16:18 - 2014-06-30 16:18 - 00401920 _____ (Farbar) C:\Users\Karen S\Desktop\MiniToolBox.exe
2014-06-30 16:17 - 2014-06-30 16:17 - 01402880 _____ () C:\Users\Karen S\Desktop\HiJackThis.msi
2014-06-30 16:16 - 2014-06-30 16:16 - 00602112 _____ (OldTimer Tools) C:\Users\Karen S\Desktop\OTL.exe
2014-06-30 16:15 - 2014-06-30 16:15 - 04721240 _____ () C:\Users\Karen S\Desktop\RogueKiller.exe
2014-06-30 15:42 - 2014-07-12 11:28 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-30 15:42 - 2014-07-12 11:28 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-06-30 15:42 - 2014-07-12 11:28 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-06-30 10:42 - 2014-06-30 10:42 - 00000546 _____ () C:\Users\Karen S\Desktop\Emsisoft Emergency Kit.lnk
2014-06-30 10:42 - 2014-06-30 10:42 - 00000000 ____D () C:\EEK
2014-06-27 20:35 - 2014-07-12 11:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-26 17:40 - 2014-07-12 12:54 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-26 14:52 - 2014-06-26 14:52 - 00000000 ____D () C:\OETemp
2014-06-26 13:53 - 2014-07-14 17:22 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 13:53 - 2014-07-14 17:22 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Karen S\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-17 22:14

==================== End Of Log ============================

Attached Files



#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,510 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:04 AM

Posted 27 July 2014 - 07:33 AM




Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start
SearchScopes: HKLM-x32 - DefaultScope value is missing.
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} -  No File
S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=nb -dt=60000 -ad -bt=0 [X]

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

If you still have this tool delete it.
Get the latest version, run it and post the log for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/
===

How is the computer running now?

#10 ol2shews

ol2shews
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:04 AM

Posted 29 July 2014 - 01:50 PM

Hi,

 

Sorry it has taken me this long to respond to your last post. I have been trying to figure out why I am unable to find

the FRST64 app on my desktop to save the notepad with the code into. Even though it is on my desktop (I can

visually see it), when I go to save as "desktop" it is not there (the FRST app file). Only a few of my items on my desk-

top are showing. As I am not that tech savy I am hoping that you can help me figure a way around this.

 

Thanks,

 

Karen



#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,510 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:04 AM

Posted 30 July 2014 - 06:57 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Karen S (administrator) on SAMSUNG on 26-07-2014 15:25:56
Running from C:\Users\Karen S\Desktop <-- location of the FRST tool.

Are you in the Karen S profile?
===

I asked that the file for the Fix should be named fixlist.txt ON the Desktop.

If it was named destop.txt then remove that file.

Create the fixlist.txt make sure it's on the Desktop and run the FRST tool.

#12 nasdaq

nasdaq

  • Malware Response Team
  • 40,510 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:04 AM

Posted 05 August 2014 - 08:35 AM

Are you still with me?

#13 ol2shews

ol2shews
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:04 AM

Posted 05 August 2014 - 10:52 AM

Attached File  Addition.txt   16.19KB   1 downloadsHi,

 

I apologize for the confusion. I think I must have had a blonde moment. I re read everything and I am enclosing all of the

reports that you requested.

 

Thanks,

 

Karen

 

 

 

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-08-2014

Ran by Karen S at 2014-08-05 07:53:27 Run:1

Running from C:\Users\Karen S\Desktop

Boot Mode: Normal

==============================================

Content of fixlist:

*****************

start

SearchScopes: HKLM-x32 - DefaultScope value is missing.

Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - No File

S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=nb -dt=60000 -ad -bt=0 [X]

End

*****************

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

"HKCR\PROTOCOLS\Handler\tmtbim" => Key deleted successfully.

"HKCR\CLSID\{0B37915C-8B98-4B9E-80D4-464D2C830D10}" => Key not found.

Amsp => Unable to stop service

Amsp => Error deleting Service

==== End of Fixlog ====

 

 

 

 

 

 

 

 Results of screen317's Security Check version 0.99.86 
   x64 (UAC is enabled) 
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Trend Micro Titanium Maximum Security  
Windows Defender                       
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Reader XI 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe  
 Trend Micro AMSP coreServiceShell.exe 
 Trend Micro UniClient UiFrmWrk uiWatchDog.exe
 Trend Micro AMSP coreFrameworkHost.exe 
 Trend Micro UniClient UiFrmWrk uiSeAgnt.exe
 Trend Micro Titanium Plugin TMAS\TMAS_WLM\TMAS_WLMMon.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 

 

 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014

Ran by Karen S (administrator) on SAMSUNG on 05-08-2014 08:34:20

Running from C:\Users\Karen S\Desktop

Platform: Windows 8 (X64) OS Language: English (United States)

Internet Explorer Version 10

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe

(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe

(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe

(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe

() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe

(Microsoft Corporation) C:\Windows\System32\StikyNot.exe

(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe

(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

 

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [229824 2013-10-09] (Trend Micro Inc.)

HKLM\...\Run: [WLM] => C:\Program Files\Trend Micro\Titanium\Plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe [44152 2013-07-23] (Trend Micro Inc.)

HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133760 2014-01-07] ( (Qualcomm®Atheros®))

HKU\S-1-5-21-2961404673-414218333-4232183137-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [405504 2012-07-25] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com

SearchScopes: HKLM - DefaultScope {C9EB2C4F-47E5-411E-85DA-B6F748ED2C13} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS

SearchScopes: HKLM - {C9EB2C4F-47E5-411E-85DA-B6F748ED2C13} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS

SearchScopes: HKLM-x32 - {C9EB2C4F-47E5-411E-85DA-B6F748ED2C13} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS

SearchScopes: HKCU - DefaultScope {C1BB3022-96C3-4BB1-8FAA-0611B60D2B01} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

SearchScopes: HKCU - {23CD745B-4617-478F-8FE4-203160E31914} URL = http://search.lycos.com/setup.php?src=ie&query={searchTerms}

SearchScopes: HKCU - {2C4ED2CE-783E-45E1-AC66-52CE41CC03B0} URL = http://cnet.search.com/search?chkpt=astg.cnet.fd.search.cnet&q={searchTerms}&tag=srch

SearchScopes: HKCU - {C1BB3022-96C3-4BB1-8FAA-0611B60D2B01} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

SearchScopes: HKCU - {C9EB2C4F-47E5-411E-85DA-B6F748ED2C13} URL =

SearchScopes: HKCU - {EF10D8C9-31AB-4259-841D-614734818090} URL = http://search.microsoft.com/results.aspx?mkt=en-US&setlang=en-US&q={searchTerms}

BHO: TSToolbarBHO -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)

BHO: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1313\1.6.1102\TmopIEPlg.dll (Trend Micro Inc.)

BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe64.dll (Trend Micro Inc.)

BHO-x32: TSToolbarBHO -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)

BHO-x32: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1313\1.6.1102\TmopIEPlg32.dll (Trend Micro Inc.)

BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dll (Trend Micro Inc.)

Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)

Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)

Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe64.dll (Trend Micro Inc.)

Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1313\1.6.1102\TmopIEPlg.dll (Trend Micro Inc.)

Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)

Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\TmBpIe32.dll (Trend Micro Inc.)

Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.0.1313\1.6.1102\TmopIEPlg32.dll (Trend Micro Inc.)

Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:

========

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension

FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension [2014-07-13]

FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1170\8.0.1170\firefoxextension

FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension

FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2014-07-12]

FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension

FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2014-07-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [318592 2014-01-07] (Windows ® Win 7 DDK provider)

R4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3020632 2014-04-04] (Samsung Electronics CO., LTD.)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=nb -dt=60000 -ad -bt=0 [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 BtFilter; C:\Windows\System32\Drivers\BtFilter.sys [565760 2012-08-29] (Qualcomm Atheros)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)

R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-05] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)

R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-30] (Windows ® Win 7 DDK provider)

U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-07-17] (Realsil Semiconductor Corporation)

R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [117312 2013-12-03] (Trend Micro Inc.)

R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [283160 2013-12-03] (Trend Micro Inc.)

R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2013-07-01] (Trend Micro Inc.)

R2 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [100640 2013-06-12] (Trend Micro Inc.)

S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [37904 2013-07-10] (Trend Micro Inc.)

R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [85936 2013-12-03] (Trend Micro Inc.)

R2 tmnciesc; C:\Windows\system32\DRIVERS\tmnciesc.sys [303392 2013-05-14] (Trend Micro Inc.)

R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [103712 2013-07-07] (Trend Micro Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-05 08:34 - 2014-08-05 08:34 - 00011081 _____ () C:\Users\Karen S\Desktop\FRST.txt

2014-08-05 08:32 - 2014-08-05 08:32 - 02094080 _____ (Farbar) C:\Users\Karen S\Desktop\FRST64.exe

2014-08-05 07:53 - 2014-08-05 08:34 - 00000000 ____D () C:\FRST

2014-08-05 07:49 - 2014-08-05 07:50 - 00001362 _____ () C:\Users\Karen S\Desktop\8-5-2014 bleeping inst.txt

2014-08-05 07:47 - 2014-08-05 07:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Karen S\Desktop\mbam-setup-2.0.2.1012.exe

2014-08-04 21:34 - 2014-08-04 21:34 - 00001200 _____ () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk

2014-08-04 21:33 - 2014-08-04 21:33 - 00000000 ____D () C:\Users\Karen S\AppData\Roaming\Atheros

2014-08-04 21:33 - 2014-08-04 21:33 - 00000000 ____D () C:\ProgramData\Atheros

2014-08-04 21:31 - 2014-08-04 21:31 - 00000000 ____D () C:\Users\Karen S\AppData\Local\Samsung

2014-08-04 21:14 - 2013-02-21 16:59 - 02063240 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe

2014-08-04 21:14 - 2013-01-12 23:51 - 00003004 _____ () C:\ProgramData\MakeMarkerFile.xml

2014-08-04 21:12 - 2014-08-04 21:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program

2014-08-04 21:12 - 2014-08-04 21:12 - 00000000 ____D () C:\Program Files\Common Files\QCA_Bluetooth

2014-08-04 21:12 - 2014-08-04 21:12 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite

2014-08-04 21:05 - 2014-08-04 21:07 - 00000000 ____D () C:\ProgramData\Samsung

2014-07-29 11:33 - 2014-07-29 11:33 - 00000327 _____ () C:\Users\Karen S\Desktop\7-29-2014 wave broadband.txt

2014-07-27 17:13 - 2014-07-27 17:13 - 02093568 _____ (Farbar) C:\Users\Karen S\Downloads\FRST64.exe

2014-07-27 16:02 - 2014-07-27 16:02 - 00854390 _____ () C:\Users\Karen S\Desktop\SecurityCheck.exe

2014-07-27 15:55 - 2014-07-27 15:55 - 00001442 _____ () C:\Users\Karen S\Desktop\7-27-2014 bleeping instructions.txt

2014-07-27 15:09 - 2014-07-27 15:09 - 00000656 _____ () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop.lnk

2014-07-27 14:56 - 2014-07-28 18:38 - 00001055 _____ () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRST64.lnk

2014-07-27 13:01 - 2014-07-27 13:01 - 00000000 ____D () C:\Users\Karen S\AppData\Local\Microsoft_Corporation

2014-07-26 15:27 - 2014-07-26 15:27 - 00013063 _____ () C:\Users\Karen S\Desktop\Addition.txt

2014-07-26 10:03 - 2014-07-26 10:03 - 00001041 _____ () C:\Users\Karen S\Desktop\mbam.txt

2014-07-26 09:58 - 2014-07-26 09:58 - 00000796 _____ () C:\Users\Karen S\Desktop\AdwCleaner[S1].txt

2014-07-26 09:53 - 2014-07-26 09:53 - 00000736 _____ () C:\Users\Karen S\Desktop\AdwCleaner[R1].txt

2014-07-26 09:47 - 2014-07-26 09:47 - 01354223 _____ () C:\Users\Karen S\Desktop\adwcleaner_3.216.exe

2014-07-26 09:42 - 2014-07-26 09:42 - 00001057 _____ () C:\Users\Karen S\Desktop\7-26-2014 mbam scan.txt

2014-07-26 09:19 - 2014-08-05 08:05 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-07-26 09:19 - 2014-07-26 09:19 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-26 09:19 - 2014-07-26 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-26 09:19 - 2014-07-26 09:19 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-26 09:19 - 2014-07-26 09:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-26 09:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2014-07-26 09:19 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2014-07-26 09:19 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2014-07-26 09:04 - 2014-07-26 09:11 - 00005406 _____ () C:\Users\Karen S\Desktop\7-26-2014 bleeping.txt

2014-07-20 08:16 - 2014-07-20 13:36 - 19919261 _____ () C:\Users\Karen S\Desktop\Windows8-RT-KB2974008-x64.msu

2014-07-20 00:55 - 2014-07-26 09:55 - 00000000 ____D () C:\AdwCleaner

2014-07-19 22:34 - 2014-07-19 22:35 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Karen S\Desktop\mbam-setup.exe

2014-07-19 22:32 - 2014-07-19 22:32 - 02650408 _____ (Malwarebytes ) C:\Users\Karen S\Desktop\mbae-setup-1.03.1.1220.exe

2014-07-19 22:20 - 2014-07-19 22:20 - 00291606 _____ () C:\Users\Karen S\Desktop\TCPView.zip

2014-07-19 22:16 - 2014-07-19 22:16 - 05329480 _____ (Secunia) C:\Users\Karen S\Desktop\PSISetup.exe

2014-07-19 22:12 - 2014-07-19 22:12 - 00330240 _____ (BiniSoft.org) C:\Users\Karen S\Desktop\wfc4setup.exe

2014-07-19 22:11 - 2014-07-19 22:11 - 01272912 _____ () C:\Users\Karen S\Desktop\Tweaking.com-RepairWindowsFirewall.exe

2014-07-19 17:57 - 2014-07-19 23:32 - 00007620 _____ () C:\Users\Karen S\AppData\Local\Resmon.ResmonCfg

2014-07-19 13:54 - 2014-07-19 13:54 - 00001081 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk

2014-07-19 13:54 - 2014-07-19 13:54 - 00000000 ____D () C:\Users\Karen S\AppData\Local\VS Revo Group

2014-07-19 13:54 - 2014-07-19 13:54 - 00000000 ____D () C:\ProgramData\VS Revo Group

2014-07-19 13:54 - 2014-07-19 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro

2014-07-19 13:54 - 2014-07-19 13:54 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-07-19 13:54 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys

2014-07-19 13:50 - 2014-07-19 23:24 - 00002366 _____ () C:\Users\Karen S\Desktop\7-19-2014 windows 8.txt

2014-07-19 13:48 - 2014-07-19 13:48 - 10619688 _____ (VS Revo Group ) C:\Users\Karen S\Desktop\RevoUninProSetup.exe

2014-07-19 11:35 - 2014-07-19 11:36 - 120214108 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\RansomFix64.exe

2014-07-17 18:58 - 2014-07-17 18:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda

2014-07-17 18:58 - 2014-07-17 18:57 - 00465624 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsPer.sys

2014-07-17 18:58 - 2014-07-17 18:57 - 00359128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsPStor.sys

2014-07-17 18:58 - 2014-07-17 18:57 - 00331992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsUVStor.sys

2014-07-17 18:58 - 2014-07-17 18:57 - 00313048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsBaStor.sys

2014-07-17 18:58 - 2014-07-17 18:57 - 00291544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsP2Stor.sys

2014-07-17 18:58 - 2014-07-17 18:57 - 00271064 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsUStor.sys

2014-07-17 18:57 - 2014-07-17 18:57 - 09889352 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll

2014-07-17 18:57 - 2014-07-17 18:57 - 00000000 ____D () C:\Users\Karen S\Desktop\RtsXStor_6.3.273.37

2014-07-17 18:57 - 2014-07-17 18:57 - 00000000 ____D () C:\Program Files (x86)\Realtek

2014-07-17 18:54 - 2014-07-17 18:56 - 12171007 _____ () C:\Users\Karen S\Desktop\RtsXStor_6.3.273.37.zip

2014-07-17 15:06 - 2014-07-17 16:58 - 00000440 _____ () C:\Users\Karen S\Documents\7-17-2014 msg to Carmen-Etsy.txt

2014-07-17 13:58 - 2014-07-17 13:58 - 00686608 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\TMEEC.exe

2014-07-17 13:57 - 2014-07-17 13:57 - 07001616 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\BGSetup3.0.1009.exe

2014-07-17 13:57 - 2014-07-17 13:57 - 02473936 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\HousecallLauncher64.exe

2014-07-17 13:56 - 2014-07-17 13:56 - 06229392 _____ (Trend Micro, Inc. ) C:\Users\Karen S\Desktop\RUBottedSetup.exe

2014-07-17 13:54 - 2014-07-17 13:54 - 14839344 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\RootkitBusterV5.0-1171x64.exe

2014-07-17 13:30 - 2014-07-17 13:30 - 00000000 ____D () C:\WINDOWS\LastGood

2014-07-17 13:28 - 2014-07-17 13:29 - 00281088 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-07-16 18:37 - 2014-07-16 18:37 - 00000000 ____D () C:\Users\Karen S\AppData\Local\Adobe

2014-07-16 18:35 - 2014-07-16 18:35 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-07-16 18:35 - 2014-07-16 18:35 - 00002029 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-07-16 18:35 - 2014-07-16 18:35 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-07-16 18:34 - 2014-07-16 18:37 - 00000000 ____D () C:\ProgramData\Adobe

2014-07-16 18:31 - 2014-07-16 18:31 - 00000000 ___HD () C:\ProgramData\CanonIJFAX

2014-07-16 18:31 - 2011-10-14 11:57 - 00300544 _____ (CANON INC.) C:\WINDOWS\system32\CNC_B2C.dll

2014-07-16 18:31 - 2011-10-14 11:57 - 00102912 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B2U.dll

2014-07-16 18:31 - 2011-10-14 11:56 - 00109568 _____ (CANON INC.) C:\WINDOWS\system32\CNC_B2I.dll

2014-07-16 18:31 - 2011-09-22 08:59 - 00358912 _____ (CANON INC.) C:\WINDOWS\system32\CNC_B2L.dll

2014-07-16 18:31 - 2011-09-22 08:57 - 00316416 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B2L.dll

2014-07-16 18:31 - 2011-06-30 13:41 - 00069376 _____ () C:\WINDOWS\SysWOW64\CNC175CD.TBL

2014-07-16 18:31 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA6.dll

2014-07-16 18:31 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll

2014-07-16 18:30 - 2011-09-21 05:00 - 00302592 _____ (CANON INC.) C:\WINDOWS\system32\CNCALB2.DLL

2014-07-16 18:28 - 2014-07-16 18:28 - 00000000 ___HD () C:\ProgramData\CanonBJ

2014-07-16 18:27 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMB2.DLL

2014-07-16 11:20 - 2014-07-16 18:32 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp

2014-07-14 17:22 - 2014-06-26 13:53 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-07-14 17:22 - 2014-06-26 13:53 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-14 15:47 - 2014-07-14 15:47 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2014-07-12 18:05 - 2013-06-16 15:41 - 00997632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2014-07-12 18:05 - 2013-06-01 04:34 - 02391280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2014-07-12 18:05 - 2013-06-01 04:26 - 00327936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys

2014-07-12 18:05 - 2013-06-01 03:24 - 02106176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2014-07-12 18:05 - 2013-06-01 02:24 - 01453568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2014-07-12 18:05 - 2013-06-01 02:24 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll

2014-07-12 18:05 - 2013-06-01 02:24 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll

2014-07-12 18:05 - 2013-06-01 02:23 - 01842176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2014-07-12 18:05 - 2013-06-01 02:23 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe

2014-07-12 18:05 - 2013-06-01 02:22 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe

2014-07-12 18:05 - 2013-06-01 02:21 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll

2014-07-12 18:05 - 2013-06-01 02:21 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll

2014-07-12 18:05 - 2013-06-01 02:20 - 02219520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2014-07-12 18:05 - 2013-06-01 02:20 - 01527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2014-07-12 18:05 - 2013-06-01 02:20 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll

2014-07-12 18:05 - 2013-06-01 02:20 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll

2014-07-12 18:05 - 2013-06-01 02:19 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2014-07-12 18:05 - 2013-06-01 02:19 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll

2014-07-12 18:05 - 2013-05-24 15:09 - 01403296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2014-07-12 18:05 - 2013-05-24 15:09 - 01271584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2014-07-12 18:05 - 2013-05-24 15:09 - 01217352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2014-07-12 18:05 - 2013-05-24 15:09 - 01093904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2014-07-12 18:04 - 2013-06-01 02:25 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll

2014-07-12 18:04 - 2013-06-01 02:22 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll

2014-07-12 18:04 - 2013-05-31 20:08 - 00037632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys

2014-07-12 18:03 - 2014-02-03 16:56 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys

2014-07-12 18:03 - 2014-02-03 16:56 - 00278872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys

2014-07-12 18:03 - 2014-01-30 17:48 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll

2014-07-12 18:03 - 2014-01-30 17:06 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll

2014-07-12 18:03 - 2014-01-26 20:39 - 01939288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2014-07-12 18:03 - 2014-01-15 16:42 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys

2014-07-12 18:03 - 2014-01-10 23:48 - 05979648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2014-07-12 18:03 - 2014-01-10 22:06 - 05092352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2014-07-12 18:03 - 2014-01-02 16:35 - 00365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll

2014-07-12 18:03 - 2014-01-02 16:32 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll

2014-07-12 17:50 - 2014-04-03 04:19 - 00328024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys

2014-07-12 17:50 - 2014-04-02 20:44 - 00619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys

2014-07-12 17:50 - 2014-03-31 15:08 - 00387268 _____ () C:\WINDOWS\system32\ApnDatabase.xml

2014-07-12 17:50 - 2014-03-24 16:42 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe

2014-07-12 17:50 - 2014-03-24 15:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe

2014-07-12 17:42 - 2013-10-08 18:33 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2014-07-12 17:42 - 2013-10-08 15:30 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2014-07-12 17:42 - 2013-10-08 15:30 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll

2014-07-12 17:42 - 2013-10-08 15:30 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2014-07-12 17:42 - 2013-10-08 15:30 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe

2014-07-12 17:42 - 2013-10-08 15:28 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe

2014-07-12 17:42 - 2013-10-08 15:27 - 03279872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2014-07-12 17:42 - 2013-10-08 15:27 - 01622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2014-07-12 17:42 - 2013-10-08 15:27 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2014-07-12 17:42 - 2013-10-08 15:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2014-07-12 17:42 - 2013-10-08 15:27 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2014-07-12 17:42 - 2013-10-08 15:27 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll

2014-07-12 17:42 - 2013-10-08 15:27 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2014-07-12 17:42 - 2013-10-04 23:10 - 00285016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2014-07-12 17:42 - 2013-10-01 19:50 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2014-07-12 17:42 - 2013-09-27 22:48 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2014-07-12 17:42 - 2013-09-27 20:58 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2014-07-12 17:42 - 2013-09-19 00:32 - 01455448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2014-07-12 17:42 - 2013-08-29 22:19 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll

2014-07-12 17:42 - 2013-08-29 22:18 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll

2014-07-12 17:42 - 2013-08-29 16:48 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll

2014-07-12 17:42 - 2013-08-29 16:47 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll

2014-07-12 17:38 - 2013-09-13 15:36 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll

2014-07-12 17:38 - 2013-09-13 15:33 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll

2014-07-12 17:38 - 2013-08-29 22:43 - 00061784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys

2014-07-12 17:38 - 2013-08-29 22:20 - 01173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll

2014-07-12 17:38 - 2013-08-29 16:48 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll

2014-07-12 17:38 - 2013-08-20 23:39 - 00465240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys

2014-07-12 17:38 - 2013-08-09 23:30 - 00151896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys

2014-07-12 17:38 - 2013-07-24 16:10 - 10799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2014-07-12 17:38 - 2013-07-24 16:07 - 13661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2014-07-12 17:34 - 2013-07-09 01:04 - 00120144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys

2014-07-12 17:34 - 2013-07-08 23:18 - 00439488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe

2014-07-12 17:34 - 2013-07-08 21:25 - 00385768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe

2014-07-12 17:34 - 2013-07-08 20:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll

2014-07-12 17:34 - 2013-07-08 15:46 - 00543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll

2014-07-12 17:34 - 2013-07-08 15:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll

2014-07-12 17:34 - 2013-07-08 15:46 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanadvui.dll

2014-07-12 17:34 - 2013-07-08 15:45 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll

2014-07-12 17:34 - 2013-07-02 17:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll

2014-07-12 17:34 - 2013-07-02 17:22 - 02839552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2014-07-12 17:34 - 2013-07-02 17:11 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll

2014-07-12 17:34 - 2013-07-02 17:10 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2014-07-12 17:34 - 2013-06-30 15:30 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\openfiles.exe

2014-07-12 17:34 - 2013-06-30 15:29 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\openfiles.exe

2014-07-12 17:34 - 2013-06-28 23:15 - 00195416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2014-07-12 17:34 - 2013-06-28 23:15 - 00125784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2014-07-12 17:34 - 2013-06-25 20:01 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys

2014-07-12 17:34 - 2013-06-25 19:59 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys

2014-07-12 17:34 - 2013-06-24 15:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2014-07-12 17:34 - 2013-06-24 15:54 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2014-07-12 17:34 - 2013-06-24 15:54 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll

2014-07-12 17:34 - 2013-06-18 22:36 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll

2014-07-12 17:34 - 2013-06-18 22:36 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll

2014-07-12 17:34 - 2013-06-18 15:38 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll

2014-07-12 17:34 - 2013-06-18 15:38 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll

2014-07-12 17:34 - 2013-06-11 16:43 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll

2014-07-12 17:34 - 2013-06-11 16:26 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll

2014-07-12 17:34 - 2013-06-06 01:03 - 00119040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS

2014-07-12 17:12 - 2012-10-23 21:54 - 00396008 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2014-07-12 17:12 - 2012-10-16 21:32 - 01172992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll

2014-07-12 17:12 - 2012-10-16 21:32 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll

2014-07-12 17:12 - 2012-10-16 21:32 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2014-07-12 17:12 - 2012-10-16 20:57 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll

2014-07-12 17:12 - 2012-10-16 20:57 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll

2014-07-12 17:12 - 2012-10-16 20:57 - 00513024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2014-07-12 17:12 - 2012-10-11 23:13 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dskquota.dll

2014-07-12 17:12 - 2012-10-11 22:39 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dskquota.dll

2014-07-12 17:11 - 2012-10-11 00:47 - 00793200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2014-07-12 17:11 - 2012-10-11 00:25 - 00056552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys

2014-07-12 17:11 - 2012-10-11 00:23 - 00441576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys

2014-07-12 17:11 - 2012-10-11 00:13 - 00033512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\battc.sys

2014-07-12 17:11 - 2012-10-10 22:46 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll

2014-07-12 17:11 - 2012-10-10 22:46 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Compression.dll

2014-07-12 17:11 - 2012-10-10 22:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe

2014-07-12 17:11 - 2012-10-10 22:45 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll

2014-07-12 17:11 - 2012-10-10 22:45 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll

2014-07-12 17:11 - 2012-10-10 22:45 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll

2014-07-12 17:11 - 2012-10-10 22:44 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll

2014-07-12 17:11 - 2012-10-10 22:44 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll

2014-07-12 17:11 - 2012-10-10 22:44 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll

2014-07-12 17:11 - 2012-10-10 22:43 - 01280000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2014-07-12 17:11 - 2012-10-10 22:43 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll

2014-07-12 17:11 - 2012-10-10 22:43 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll

2014-07-12 17:11 - 2012-10-10 22:43 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll

2014-07-12 17:11 - 2012-10-10 22:43 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll

2014-07-12 17:11 - 2012-10-10 22:43 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll

2014-07-12 17:11 - 2012-10-10 22:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll

2014-07-12 17:11 - 2012-10-10 22:42 - 00612416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll

2014-07-12 17:11 - 2012-10-10 22:23 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-pdc.dll

2014-07-12 17:11 - 2012-10-10 22:23 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdhebl3.dll

2014-07-12 17:11 - 2012-10-10 22:07 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll

2014-07-12 17:11 - 2012-10-10 22:07 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll

2014-07-12 17:11 - 2012-10-10 22:07 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Compression.dll

2014-07-12 17:11 - 2012-10-10 22:07 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll

2014-07-12 17:11 - 2012-10-10 22:06 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll

2014-07-12 17:11 - 2012-10-10 22:06 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll

2014-07-12 17:11 - 2012-10-10 22:06 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll

2014-07-12 17:11 - 2012-10-10 22:06 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll

2014-07-12 17:11 - 2012-10-10 22:06 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll

2014-07-12 17:11 - 2012-10-10 22:06 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll

2014-07-12 17:11 - 2012-10-10 22:05 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll

2014-07-12 17:11 - 2012-10-10 21:42 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdhebl3.dll

2014-07-12 17:11 - 2012-10-10 17:45 - 00478424 _____ () C:\WINDOWS\SysWOW64\locale.nls

2014-07-12 17:11 - 2012-10-10 17:44 - 00478424 _____ () C:\WINDOWS\system32\locale.nls

2014-07-12 16:59 - 2014-05-02 23:34 - 06974808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2014-07-12 16:59 - 2014-05-02 23:33 - 01824808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2014-07-12 16:59 - 2014-05-02 21:51 - 01408976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2014-07-12 16:59 - 2014-05-01 15:37 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2014-07-12 16:59 - 2014-04-29 15:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe

2014-07-12 16:59 - 2014-04-29 15:32 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe

2014-07-12 16:59 - 2014-04-23 16:51 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2014-07-12 16:59 - 2014-04-23 16:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-12 16:59 - 2014-04-23 16:38 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2014-07-12 16:59 - 2014-04-23 16:38 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-12 16:59 - 2014-02-07 21:34 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys

2014-07-12 16:56 - 2013-10-30 22:56 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll

2014-07-12 16:56 - 2013-10-30 22:56 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll

2014-07-12 16:56 - 2013-10-30 21:01 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll

2014-07-12 16:56 - 2013-10-30 20:42 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys

2014-07-12 16:56 - 2013-10-13 13:49 - 00100696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys

2014-07-12 16:56 - 2013-08-26 22:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll

2014-07-12 16:56 - 2013-08-26 22:19 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll

2014-07-12 16:56 - 2013-08-26 15:29 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll

2014-07-12 16:56 - 2013-08-26 15:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll

2014-07-12 16:56 - 2012-10-10 22:46 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll

2014-07-12 16:56 - 2012-10-10 22:44 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll

2014-07-12 16:56 - 2012-10-10 22:07 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll

2014-07-12 16:50 - 2013-05-14 19:25 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe

2014-07-12 16:50 - 2013-05-14 19:25 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll

2014-07-12 16:50 - 2013-05-14 19:24 - 00793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe

2014-07-12 16:50 - 2013-05-14 19:24 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll

2014-07-12 16:46 - 2012-11-26 23:39 - 01122768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe

2014-07-12 16:46 - 2012-11-26 21:49 - 01027152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe

2014-07-12 16:46 - 2012-11-26 21:20 - 01217536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll

2014-07-12 16:46 - 2012-11-26 21:20 - 01123840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe

2014-07-12 16:46 - 2012-11-26 21:20 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe

2014-07-12 16:46 - 2012-11-26 21:20 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll

2014-07-12 16:46 - 2012-11-26 21:20 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll

2014-07-12 16:46 - 2012-11-26 21:20 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2014-07-12 16:46 - 2012-11-26 21:20 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vds_ps.dll

2014-07-12 16:46 - 2012-11-26 21:19 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll

2014-07-12 16:46 - 2012-11-26 21:19 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll

2014-07-12 16:46 - 2012-11-26 21:19 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll

2014-07-12 16:46 - 2012-11-26 21:19 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2014-07-12 16:46 - 2012-09-10 22:28 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsldr.exe

2014-07-12 16:46 - 2012-09-10 22:27 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds_ps.dll

2014-07-12 16:39 - 2013-08-09 22:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll

2014-07-12 16:39 - 2013-08-01 23:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll

2014-07-12 16:39 - 2013-04-09 16:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2014-07-12 16:39 - 2013-04-09 15:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2014-07-12 16:39 - 2012-11-19 22:24 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll

2014-07-12 16:39 - 2012-11-19 22:17 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll

2014-07-12 16:39 - 2012-11-19 22:02 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKURD.DLL

2014-07-12 16:39 - 2012-11-19 21:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDKURD.DLL

2014-07-12 16:38 - 2013-08-09 22:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll

2014-07-12 16:38 - 2013-08-09 20:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll

2014-07-12 16:38 - 2013-08-02 23:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll

2014-07-12 16:38 - 2013-08-02 23:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll

2014-07-12 16:38 - 2013-08-02 23:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx

2014-07-12 16:38 - 2013-08-02 22:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx

2014-07-12 16:38 - 2013-08-02 22:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll

2014-07-12 16:38 - 2013-08-02 22:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll

2014-07-12 16:38 - 2013-08-01 22:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll

2014-07-12 16:38 - 2013-07-24 16:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll

2014-07-12 16:38 - 2013-07-24 16:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll

2014-07-12 16:37 - 2012-11-06 00:33 - 01566432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2014-07-12 16:37 - 2012-11-05 21:48 - 01150160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2014-07-12 16:37 - 2012-11-05 21:20 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe

2014-07-12 16:37 - 2012-11-05 21:20 - 00516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll

2014-07-12 16:37 - 2012-11-05 21:20 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll

2014-07-12 16:37 - 2012-11-05 21:20 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll

2014-07-12 16:37 - 2012-11-05 21:20 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe

2014-07-12 16:37 - 2012-11-05 21:20 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll

2014-07-12 16:37 - 2012-11-05 21:20 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll

2014-07-12 16:37 - 2012-11-05 21:20 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll

2014-07-12 16:37 - 2012-11-05 21:19 - 08552448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll

2014-07-12 16:37 - 2012-11-05 21:19 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll

2014-07-12 16:37 - 2012-11-05 21:19 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll

2014-07-12 16:37 - 2012-11-05 21:19 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll

2014-07-12 16:37 - 2012-11-05 21:19 - 00466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll

2014-07-12 16:37 - 2012-11-05 21:19 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll

2014-07-12 16:37 - 2012-11-05 21:19 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll

2014-07-12 16:37 - 2012-11-05 21:19 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll

2014-07-12 16:37 - 2012-11-05 21:19 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll

2014-07-12 16:37 - 2012-11-05 21:19 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll

2014-07-12 16:37 - 2012-11-05 21:19 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapPeerProxy.dll

2014-07-12 16:37 - 2012-11-05 21:19 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapAuthProxy.dll

2014-07-12 16:37 - 2012-11-05 21:18 - 11459584 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll

2014-07-12 16:37 - 2012-11-05 21:18 - 00189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl

2014-07-12 16:37 - 2012-11-05 21:18 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll

2014-07-12 16:37 - 2012-11-05 21:18 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll

2014-07-12 16:37 - 2012-11-05 21:18 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll

2014-07-12 16:37 - 2012-11-05 21:17 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl

2014-07-12 16:37 - 2012-11-05 21:17 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll

2014-07-12 16:37 - 2012-11-05 21:00 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll

2014-07-12 16:37 - 2012-11-05 20:58 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll

2014-07-12 16:37 - 2012-11-05 20:56 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll

2014-07-12 16:37 - 2012-11-05 20:55 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys

2014-07-12 16:37 - 2012-11-05 20:55 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys

2014-07-12 16:37 - 2012-11-05 20:55 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys

2014-07-12 16:37 - 2012-11-05 20:55 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys

2014-07-12 16:37 - 2012-11-05 20:55 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fxppm.sys

2014-07-12 16:34 - 2014-03-01 02:47 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll

2014-07-12 16:34 - 2014-03-01 02:47 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll

2014-07-12 16:34 - 2014-03-01 01:07 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll

2014-07-12 16:34 - 2014-02-28 23:59 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll

2014-07-12 16:34 - 2014-02-26 16:18 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2014-07-12 16:34 - 2014-02-26 16:18 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys

2014-07-12 16:34 - 2014-02-26 16:18 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys

2014-07-12 16:34 - 2014-02-14 21:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys

2014-07-12 16:34 - 2013-11-25 16:17 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys

2014-07-12 13:41 - 2014-07-12 13:41 - 00186328 _____ (trend_company_name) C:\WINDOWS\system32\Drivers\tmrkb.sys

2014-07-12 12:54 - 2014-07-12 12:56 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-07-12 12:54 - 2014-06-26 17:40 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-07-12 11:37 - 2014-04-29 15:32 - 01301504 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

2014-07-12 11:37 - 2014-04-29 15:22 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2014-07-12 11:37 - 2012-10-10 00:04 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\synceng.dll

2014-07-12 11:37 - 2012-10-09 23:31 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\synceng.dll

2014-07-12 11:36 - 2013-01-09 18:53 - 00028904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys

2014-07-12 11:36 - 2013-01-09 18:29 - 00091880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys

2014-07-12 11:36 - 2013-01-09 16:26 - 01752064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll

2014-07-12 11:36 - 2013-01-09 16:26 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe

2014-07-12 11:36 - 2013-01-09 16:26 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL

2014-07-12 11:36 - 2013-01-09 16:26 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2014-07-12 11:36 - 2013-01-09 16:26 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaacmgr.exe

2014-07-12 11:36 - 2013-01-09 16:23 - 02094592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe

2014-07-12 11:36 - 2013-01-09 16:23 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll

2014-07-12 11:36 - 2013-01-09 16:23 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll

2014-07-12 11:36 - 2013-01-09 16:23 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2014-07-12 11:36 - 2013-01-09 16:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll

2014-07-12 11:36 - 2013-01-09 16:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaacmgr.exe

2014-07-12 11:36 - 2013-01-09 16:22 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll

2014-07-12 11:36 - 2013-01-09 16:22 - 00666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL

2014-07-12 11:36 - 2013-01-09 16:22 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll

2014-07-12 11:36 - 2012-11-01 22:19 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll

2014-07-12 11:36 - 2012-11-01 22:18 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll

2014-07-12 11:36 - 2012-11-01 22:18 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll

2014-07-12 11:36 - 2012-11-01 22:18 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhapi.dll

2014-07-12 11:36 - 2012-11-01 22:18 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll

2014-07-12 11:36 - 2012-11-01 22:18 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll

2014-07-12 11:35 - 2014-05-02 22:47 - 03246592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2014-07-12 11:35 - 2014-05-02 20:34 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2014-07-12 11:35 - 2013-07-05 17:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll

2014-07-12 11:35 - 2013-07-03 19:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll

2014-07-12 11:35 - 2012-10-12 01:08 - 00027880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys

2014-07-12 11:35 - 2012-10-11 23:14 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll

2014-07-12 11:34 - 2014-04-19 02:39 - 00628024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationUI.exe

2014-07-12 11:34 - 2014-03-28 01:23 - 19759104 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2014-07-12 11:34 - 2014-03-27 23:18 - 17562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2014-07-12 11:34 - 2014-01-30 17:48 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2014-07-12 11:34 - 2013-10-18 22:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll

2014-07-12 11:34 - 2013-10-18 21:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll

2014-07-12 11:33 - 2013-08-15 22:41 - 00058200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys

2014-07-12 11:33 - 2013-08-15 22:39 - 02371728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll

2014-07-12 11:33 - 2013-08-15 22:22 - 04917760 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe

2014-07-12 11:33 - 2013-08-15 22:21 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll

2014-07-12 11:33 - 2013-08-15 22:21 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll

2014-07-12 11:33 - 2013-08-15 22:21 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll

2014-07-12 11:33 - 2013-08-15 22:21 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2014-07-12 11:33 - 2013-08-15 22:21 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll

2014-07-12 11:33 - 2013-08-15 22:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll

2014-07-12 11:33 - 2013-08-15 22:21 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll

2014-07-12 11:33 - 2013-08-15 22:21 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2014-07-12 11:33 - 2013-08-15 22:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2014-07-12 11:33 - 2013-08-15 22:20 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll

2014-07-12 11:33 - 2013-08-15 15:43 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll

2014-07-12 11:33 - 2013-08-15 15:43 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll

2014-07-12 11:33 - 2013-08-15 15:43 - 00083968 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll

2014-07-12 11:33 - 2013-08-15 15:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2014-07-12 11:33 - 2013-08-15 15:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll

2014-07-12 11:33 - 2013-08-15 15:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll

2014-07-12 11:30 - 2014-06-17 16:27 - 01440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe

2014-07-12 11:30 - 2014-06-17 16:24 - 01557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe

2014-07-12 11:30 - 2014-06-10 21:18 - 04038144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-07-12 11:30 - 2014-05-29 16:31 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll

2014-07-12 11:30 - 2014-05-29 16:03 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll

2014-07-12 11:30 - 2014-05-29 16:02 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2014-07-12 11:30 - 2014-05-29 16:02 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll

2014-07-12 11:30 - 2013-12-08 17:45 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2014-07-12 11:30 - 2013-12-08 16:59 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2014-07-12 11:30 - 2012-11-25 21:21 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll

2014-07-12 11:30 - 2012-11-25 21:20 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll

2014-07-12 11:29 - 2013-10-10 04:53 - 00096600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys

2014-07-12 11:29 - 2013-10-10 02:21 - 01160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL

2014-07-12 11:29 - 2013-10-10 02:20 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2014-07-12 11:29 - 2013-06-10 12:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll

2014-07-12 11:29 - 2013-06-10 12:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL

2014-07-12 11:29 - 2013-06-10 12:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll

2014-07-12 11:29 - 2013-06-10 12:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL

2014-07-12 11:28 - 2014-06-30 15:42 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2014-07-12 11:28 - 2014-06-30 15:42 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2014-07-12 11:28 - 2014-06-30 15:42 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2014-07-12 11:28 - 2014-06-27 20:35 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2014-07-12 11:28 - 2014-03-28 12:19 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys

2014-07-12 11:28 - 2014-03-23 15:11 - 00269592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys

2014-07-12 11:24 - 2013-04-08 22:33 - 00489576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2014-07-12 11:24 - 2013-04-08 22:33 - 00446792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2014-07-12 11:24 - 2013-04-08 22:33 - 00253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2014-07-12 11:24 - 2013-04-08 22:20 - 00306952 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_10ec.dll

2014-07-12 11:24 - 2013-04-08 22:20 - 00086280 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll

2014-07-12 11:24 - 2013-04-08 22:18 - 00077960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdvm.dll

2014-07-12 11:24 - 2013-04-08 21:52 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe

2014-07-12 11:24 - 2013-04-08 21:52 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe

2014-07-12 11:24 - 2013-04-08 21:52 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe

2014-07-12 11:24 - 2013-04-08 21:52 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe

2014-07-12 11:24 - 2013-04-08 21:51 - 14267904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll

2014-07-12 11:24 - 2013-04-08 21:51 - 03552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll

2014-07-12 11:24 - 2013-04-08 21:51 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll

2014-07-12 11:24 - 2013-04-08 21:51 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2014-07-12 11:24 - 2013-04-08 21:51 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe

2014-07-12 11:24 - 2013-04-08 21:51 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll

2014-07-12 11:24 - 2013-04-08 21:50 - 02107904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll

2014-07-12 11:24 - 2013-04-08 21:50 - 00745984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll

2014-07-12 11:24 - 2013-04-08 21:50 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll

2014-07-12 11:24 - 2013-04-08 21:50 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenuineCenter.dll

2014-07-12 11:24 - 2013-04-08 21:50 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

2014-07-12 11:24 - 2013-04-08 21:50 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll

2014-07-12 11:24 - 2013-04-08 21:50 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll

2014-07-12 11:24 - 2013-04-08 21:49 - 01444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll

2014-07-12 11:24 - 2013-04-08 21:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2014-07-12 11:24 - 2013-04-08 21:49 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll

2014-07-12 11:24 - 2013-04-08 21:49 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll

2014-07-12 11:24 - 2013-04-08 21:49 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll

2014-07-12 11:24 - 2013-04-08 21:49 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll

2014-07-12 11:24 - 2013-04-08 21:49 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll

2014-07-12 11:24 - 2013-04-08 21:49 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fmifs.dll

2014-07-12 11:24 - 2013-04-08 21:48 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2014-07-12 11:24 - 2013-04-08 19:34 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys

2014-07-12 11:24 - 2013-04-08 19:33 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys

2014-07-12 11:24 - 2013-04-08 19:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys

2014-07-12 11:24 - 2013-04-08 19:31 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys

2014-07-12 11:24 - 2013-04-08 16:44 - 00123880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll

2014-07-12 11:24 - 2013-04-08 16:37 - 00426024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2014-07-12 11:24 - 2013-04-08 16:37 - 00324368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2014-07-12 11:24 - 2013-04-08 14:52 - 11878912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll

2014-07-12 11:24 - 2013-04-08 14:52 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe

2014-07-12 11:24 - 2013-04-08 14:52 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe

2014-07-12 11:24 - 2013-04-08 14:52 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe

2014-07-12 11:24 - 2013-04-08 14:51 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll

2014-07-12 11:24 - 2013-04-08 14:51 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll

2014-07-12 11:24 - 2013-04-08 14:51 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll

2014-07-12 11:24 - 2013-04-08 14:51 - 00659456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll

2014-07-12 11:24 - 2013-04-08 14:51 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll

2014-07-12 11:24 - 2013-04-08 14:51 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll

2014-07-12 11:24 - 2013-04-08 14:51 - 00361984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2014-07-12 11:24 - 2013-04-08 14:51 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll

2014-07-12 11:24 - 2013-04-08 14:51 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll

2014-07-12 11:24 - 2013-04-08 14:51 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll

2014-07-12 11:24 - 2013-04-08 14:51 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fmifs.dll

2014-07-12 11:24 - 2013-04-08 14:51 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll

2014-07-12 11:24 - 2013-04-08 14:51 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll

2014-07-12 11:24 - 2013-04-04 16:30 - 00503080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2014-07-12 11:24 - 2013-03-15 15:05 - 00298456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll

2014-07-12 11:24 - 2013-03-15 15:05 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll

2014-07-12 11:24 - 2013-02-02 01:40 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsRasterService.dll

2014-07-12 11:24 - 2013-02-02 01:23 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsRasterService.dll

2014-07-12 11:24 - 2013-01-09 18:40 - 00303848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2014-07-12 11:24 - 2012-11-06 00:33 - 00522640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2014-07-12 11:24 - 2012-11-05 22:00 - 00463768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll

2014-07-12 11:24 - 2012-11-05 21:18 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll

2014-07-12 11:24 - 2012-10-10 22:44 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll

2014-07-12 11:24 - 2012-10-10 22:44 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll

2014-07-12 11:24 - 2012-10-10 22:06 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll

2014-07-12 11:24 - 2012-10-10 22:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll

2014-07-12 11:20 - 2013-05-04 00:58 - 00120736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe

2014-07-12 11:20 - 2013-05-03 23:59 - 01483776 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe

2014-07-12 11:20 - 2013-05-03 23:59 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe

2014-07-12 11:20 - 2013-05-03 23:58 - 01332736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll

2014-07-12 11:20 - 2013-05-03 23:58 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll

2014-07-12 11:20 - 2013-05-03 23:58 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll

2014-07-12 11:20 - 2013-05-03 23:58 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll

2014-07-12 11:20 - 2013-05-03 23:58 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll

2014-07-12 11:20 - 2013-05-03 23:58 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

2014-07-12 11:20 - 2013-05-03 23:57 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2014-07-12 11:20 - 2013-05-03 23:57 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2014-07-12 11:20 - 2013-05-03 23:57 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2014-07-12 11:20 - 2013-05-03 23:57 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll

2014-07-12 11:20 - 2013-05-03 23:57 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll

2014-07-12 11:20 - 2013-05-03 23:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2014-07-12 11:20 - 2013-05-03 23:57 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll

2014-07-12 11:20 - 2013-05-03 23:57 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\muifontsetup.dll

2014-07-12 11:20 - 2013-05-03 23:56 - 00419840 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl

2014-07-12 11:20 - 2013-05-03 21:58 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe

2014-07-12 11:20 - 2013-05-03 21:57 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll

2014-07-12 11:20 - 2013-05-03 21:57 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll

2014-07-12 11:20 - 2013-05-03 21:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll

2014-07-12 11:20 - 2013-05-03 21:57 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll

2014-07-12 11:20 - 2013-05-03 21:57 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\muifontsetup.dll

2014-07-12 11:20 - 2013-05-03 21:56 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll

2014-07-12 11:20 - 2013-05-03 21:56 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2014-07-12 11:20 - 2013-05-03 21:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll

2014-07-12 11:20 - 2013-05-03 21:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll

2014-07-12 11:20 - 2013-05-03 21:55 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl

2014-07-12 11:20 - 2013-05-03 21:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs

2014-07-12 11:20 - 2013-05-03 21:48 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys

2014-07-12 11:20 - 2013-05-03 21:47 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys

2014-07-12 11:20 - 2013-05-03 21:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs

2014-07-12 11:20 - 2013-03-01 19:45 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe

2014-07-12 11:20 - 2013-03-01 19:45 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe

2014-07-12 11:20 - 2013-02-02 01:39 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll

2014-07-12 11:20 - 2013-02-02 01:39 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll

2014-07-12 11:17 - 2013-03-02 03:57 - 00077544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys

2014-07-12 11:17 - 2013-03-02 03:39 - 00495336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys

2014-07-12 11:17 - 2013-03-02 02:59 - 00411880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2014-07-12 11:17 - 2013-03-02 01:23 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll

2014-07-12 11:17 - 2013-03-02 01:23 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll

2014-07-12 11:17 - 2013-03-02 01:23 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll

2014-07-12 11:17 - 2013-03-02 01:23 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncInfo.dll

2014-07-12 11:17 - 2013-03-02 01:22 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll

2014-07-12 11:17 - 2013-03-02 01:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll

2014-07-12 11:17 - 2013-03-02 01:21 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl

2014-07-12 11:17 - 2013-03-02 01:21 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevDispItemProvider.dll

2014-07-12 11:17 - 2013-03-01 19:45 - 01149952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll

2014-07-12 11:17 - 2013-03-01 19:45 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll

2014-07-12 11:17 - 2013-03-01 19:45 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll

2014-07-12 11:17 - 2013-03-01 19:45 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll

2014-07-12 11:17 - 2013-03-01 19:45 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll

2014-07-12 11:17 - 2013-03-01 19:45 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe

2014-07-12 11:17 - 2013-03-01 19:45 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll

2014-07-12 11:17 - 2013-03-01 19:45 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll

2014-07-12 11:17 - 2013-03-01 19:45 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll

2014-07-12 11:17 - 2013-03-01 19:45 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDPrintProxy.DLL

2014-07-12 11:17 - 2013-03-01 19:44 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll

2014-07-12 11:17 - 2013-03-01 19:44 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll

2014-07-12 11:17 - 2013-03-01 19:44 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll

2014-07-12 11:17 - 2013-03-01 19:44 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\NdisImPlatform.dll

2014-07-12 11:17 - 2013-03-01 19:44 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevDispItemProvider.dll

2014-07-12 11:17 - 2013-03-01 19:43 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl

2014-07-12 11:17 - 2013-03-01 19:15 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys

2014-07-12 11:17 - 2013-02-28 21:56 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys

2014-07-12 11:17 - 2013-02-28 21:56 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys

2014-07-12 11:17 - 2013-02-28 21:55 - 01175040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2014-07-12 11:17 - 2013-01-08 20:59 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS

2014-07-12 11:17 - 2013-01-08 20:58 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys

2014-07-12 11:17 - 2012-11-05 21:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll

2014-07-12 11:17 - 2012-11-05 21:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wushareduxresources.dll

2014-07-12 11:11 - 2012-08-30 17:53 - 00017888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll

2014-07-12 11:11 - 2012-08-30 17:52 - 00017888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll

2014-07-12 10:56 - 2013-06-21 22:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys

2014-07-12 10:56 - 2013-06-21 22:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys

2014-07-12 10:45 - 2013-07-05 15:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys

2014-07-12 10:45 - 2013-07-05 15:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys

2014-07-12 10:45 - 2013-07-01 15:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys

2014-07-12 10:45 - 2013-07-01 15:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys

2014-07-12 10:45 - 2013-06-28 20:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys

2014-07-12 10:45 - 2013-05-23 16:02 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll

2014-07-12 10:45 - 2013-05-23 15:25 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll

2014-07-12 10:45 - 2012-10-10 22:19 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WSDScan.sys

2014-07-12 10:44 - 2014-07-12 10:44 - 00000000 ____D () C:\Users\Karen S\AppData\Roaming\Macromedia

2014-07-12 10:44 - 2014-06-02 15:33 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll

2014-07-12 10:44 - 2014-04-12 02:10 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2014-07-12 10:44 - 2014-04-12 02:08 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2014-07-12 10:44 - 2014-04-12 02:08 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll

2014-07-12 10:44 - 2014-04-12 00:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll

2014-07-12 10:44 - 2014-04-12 00:22 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2014-07-12 10:44 - 2014-03-10 17:41 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll

2014-07-12 10:44 - 2014-03-10 17:38 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2014-07-12 10:44 - 2014-03-10 17:38 - 00684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll

2014-07-12 10:44 - 2014-03-10 17:38 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2014-07-12 10:44 - 2014-03-10 17:38 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll

2014-07-12 10:44 - 2014-03-03 16:07 - 00570216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2014-07-12 10:44 - 2013-10-01 16:37 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll

2014-07-12 10:44 - 2013-10-01 16:26 - 01890816 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll

2014-07-12 10:43 - 2014-04-12 02:27 - 00172888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys

2014-07-12 10:43 - 2014-04-12 02:09 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll

2014-07-12 10:43 - 2014-04-12 02:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll

2014-07-12 10:43 - 2014-04-12 02:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll

2014-07-12 10:43 - 2014-04-12 02:07 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll

2014-07-12 10:43 - 2014-04-12 00:23 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll

2014-07-12 10:43 - 2014-04-12 00:23 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll

2014-07-12 10:43 - 2014-04-12 00:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll

2014-07-12 10:43 - 2014-04-12 00:22 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll

2014-07-12 10:43 - 2014-04-11 23:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll

2014-07-12 10:43 - 2014-03-10 20:25 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys

2014-07-12 10:43 - 2014-03-10 17:41 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll

2014-07-12 10:43 - 2014-03-10 17:41 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dimsroam.dll

2014-07-12 10:43 - 2014-03-10 17:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe

2014-07-12 10:43 - 2014-03-10 17:38 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll

2014-07-12 10:43 - 2014-03-10 17:38 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll

2014-07-12 10:43 - 2014-03-10 17:38 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll

2014-07-12 10:43 - 2014-03-09 20:05 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2014-07-12 10:43 - 2014-03-09 18:27 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll

2014-07-12 10:42 - 2013-04-11 15:30 - 01421312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2014-07-12 10:42 - 2013-04-11 15:22 - 01838080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2014-07-12 10:39 - 2014-07-12 10:39 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

2014-07-12 10:36 - 2013-04-23 16:13 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe

2014-07-12 10:36 - 2013-04-23 16:12 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptnet.dll

2014-07-12 10:36 - 2013-04-23 15:56 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe

2014-07-12 10:36 - 2013-04-23 15:55 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet.dll

2014-07-12 10:34 - 2013-02-02 01:40 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlroamextension.dll

2014-07-12 10:34 - 2013-02-02 01:40 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll

2014-07-12 10:34 - 2013-02-02 01:40 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll

2014-07-12 10:34 - 2013-02-02 01:40 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tasklist.exe

2014-07-12 10:34 - 2013-02-02 01:40 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskkill.exe

2014-07-12 10:34 - 2013-02-02 01:39 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll

2014-07-12 10:34 - 2013-02-02 01:38 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll

2014-07-12 10:34 - 2013-02-02 01:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskkill.exe

2014-07-12 10:34 - 2013-02-02 01:24 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\tasklist.exe

2014-07-12 10:34 - 2013-02-02 01:23 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll

2014-07-12 10:34 - 2013-02-02 01:23 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlroamextension.dll

2014-07-12 10:34 - 2013-02-02 01:23 - 00475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll

2014-07-12 10:34 - 2013-02-02 01:23 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll

2014-07-12 10:34 - 2013-02-02 01:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll

2014-07-12 10:34 - 2013-02-02 01:21 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll

2014-07-12 10:34 - 2013-02-02 01:20 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll

2014-07-12 10:34 - 2013-02-02 01:20 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hotspotauth.dll

2014-07-12 10:34 - 2013-02-02 00:25 - 00297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys

2014-07-12 10:34 - 2012-11-26 20:57 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys

2014-07-12 10:34 - 2012-11-26 20:55 - 00029952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthhfHid.sys

2014-07-12 10:34 - 2012-11-19 21:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys

2014-07-12 10:34 - 2012-11-19 21:54 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidi2c.sys

2014-07-12 10:33 - 2013-05-26 16:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2014-07-12 10:33 - 2013-05-26 15:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2014-07-12 10:33 - 2013-05-24 20:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2014-07-12 10:33 - 2013-05-24 19:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2014-07-12 10:33 - 2013-02-01 22:41 - 01437184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll

2014-07-12 10:33 - 2013-02-01 22:31 - 01690624 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll

2014-07-12 10:33 - 2012-11-07 21:24 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll

2014-07-12 10:33 - 2012-11-07 21:24 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll

2014-07-12 10:33 - 2012-11-07 21:20 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll

2014-07-12 10:33 - 2012-11-07 21:20 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll

2014-07-12 10:33 - 2012-11-07 21:02 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll

2014-07-12 10:33 - 2012-11-07 21:01 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll

2014-07-12 10:31 - 2014-07-12 10:32 - 95020520 _____ (trend_company_name) C:\Users\Karen S\Desktop\supportcustomizedpackage64.exe

2014-07-12 10:30 - 2014-07-27 17:22 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2961404673-414218333-4232183137-1001

2014-07-12 10:28 - 2012-10-23 20:25 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe

2014-07-12 10:28 - 2012-10-23 19:48 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe

2014-07-12 10:23 - 2013-03-02 01:23 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll

2014-07-12 10:23 - 2013-03-01 19:44 - 01011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2014-07-12 10:23 - 2012-12-14 21:55 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll

2014-07-12 10:23 - 2012-11-02 22:26 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysreset.exe

2014-07-12 10:23 - 2012-11-02 22:25 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\resetengmig.dll

2014-07-12 09:52 - 2014-07-12 09:52 - 00001373 _____ () C:\Users\Karen S\Desktop\Trend Micro Titanium Maximum Security.lnk

2014-07-12 09:52 - 2014-07-12 09:52 - 00000000 ____D () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security

2014-07-12 09:52 - 2014-07-12 09:52 - 00000000 ____D () C:\Users\Karen S\AppData\Local\Trend Micro

2014-07-12 09:51 - 2013-12-03 01:57 - 00283160 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys

2014-07-12 09:51 - 2013-12-03 01:57 - 00117312 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmactmon.sys

2014-07-12 09:51 - 2013-12-03 01:57 - 00085936 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmevtmgr.sys

2014-07-12 09:51 - 2013-07-10 14:39 - 00037904 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmel.sys

2014-07-12 09:51 - 2013-07-07 15:16 - 00103712 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmusa.sys

2014-07-12 09:51 - 2013-07-01 01:08 - 00050976 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\TMEBC64.sys

2014-07-12 09:51 - 2013-06-12 18:35 - 00100640 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmeevw.sys

2014-07-12 09:51 - 2013-05-14 22:23 - 00303392 ____N (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmnciesc.sys

2014-07-12 09:49 - 2014-07-12 09:49 - 00003270 _____ () C:\WINDOWS\System32\Tasks\Titanium BTC

2014-07-12 09:47 - 2014-07-12 09:47 - 00000059 _____ () C:\WINDOWS\system32\SupportTool.exe.bat

2014-07-12 09:44 - 2014-07-12 09:45 - 00000000 ____D () C:\Program Files\Trend Micro

2014-07-12 09:43 - 2014-08-04 20:36 - 00000000 ____D () C:\ProgramData\Trend Micro

2014-07-12 09:42 - 2014-07-12 09:42 - 00000036 _____ () C:\Users\Karen S\AppData\Local\housecall.guid.cache

2014-07-12 09:31 - 2014-07-16 18:37 - 00000000 ____D () C:\Users\Karen S\AppData\Roaming\Adobe

2014-07-12 09:31 - 2014-07-12 09:31 - 00001442 _____ () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-07-12 09:31 - 2014-07-12 09:31 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD

2014-07-12 09:30 - 2014-07-19 11:29 - 00000000 ____D () C:\Users\Karen S\AppData\Local\VirtualStore

2014-07-12 09:29 - 2014-07-12 09:29 - 00000020 ___SH () C:\Users\Karen S\ntuser.ini

2014-07-12 09:28 - 2013-06-30 18:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys

2014-07-12 09:28 - 2013-06-30 18:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys

2014-07-12 09:28 - 2013-06-30 18:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys

2014-07-12 09:28 - 2013-06-30 18:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys

2014-07-12 09:28 - 2013-06-28 20:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys

2014-07-12 09:28 - 2013-06-28 20:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys

2014-07-12 09:28 - 2013-02-11 17:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys

2014-07-10 15:56 - 2014-07-12 12:36 - 00000000 ____D () C:\Windows.old

2014-07-10 15:56 - 2013-03-06 00:10 - 00112872 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe

2014-07-10 15:56 - 2013-03-05 23:29 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll

2014-07-10 15:52 - 2013-12-04 16:43 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll

2014-07-10 15:52 - 2013-12-04 16:37 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll

2014-07-10 15:51 - 2014-06-18 19:12 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-07-10 15:51 - 2014-06-18 19:12 - 01366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-07-10 15:51 - 2014-06-18 19:12 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll

2014-07-10 15:51 - 2014-06-18 19:12 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll

2014-07-10 15:51 - 2014-06-18 19:12 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-07-10 15:51 - 2014-06-18 19:11 - 19277312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-07-10 15:51 - 2014-06-18 19:11 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll

2014-07-10 15:51 - 2014-06-18 19:11 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-07-10 15:51 - 2014-06-18 19:10 - 15369728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-07-10 15:51 - 2014-06-18 19:10 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-07-10 15:51 - 2014-06-18 19:10 - 02650624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-07-10 15:51 - 2014-06-18 19:10 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2014-07-10 15:51 - 2014-06-18 19:10 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-07-10 15:51 - 2014-06-18 19:10 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-07-10 15:51 - 2014-06-18 19:10 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-07-10 15:51 - 2014-06-18 19:10 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-07-10 15:51 - 2014-06-18 19:10 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll

2014-07-10 15:51 - 2014-06-18 19:10 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll

2014-07-10 15:51 - 2014-06-18 19:10 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2014-07-10 15:51 - 2014-06-18 19:10 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2014-07-10 15:51 - 2014-06-18 19:09 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-07-10 15:51 - 2014-06-18 17:53 - 14368768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-07-10 15:51 - 2014-06-18 17:53 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-07-10 15:51 - 2014-06-18 17:53 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-07-10 15:51 - 2014-06-18 17:53 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-07-10 15:51 - 2014-06-18 17:53 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll

2014-07-10 15:51 - 2014-06-18 17:53 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2014-07-10 15:51 - 2014-06-18 17:53 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll

2014-07-10 15:51 - 2014-06-18 17:52 - 13732352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-07-10 15:51 - 2014-06-18 17:52 - 02863616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-07-10 15:51 - 2014-06-18 17:52 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-07-10 15:51 - 2014-06-18 17:52 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-07-10 15:51 - 2014-06-18 17:52 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2014-07-10 15:51 - 2014-06-18 17:52 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2014-07-10 15:51 - 2014-06-18 17:52 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2014-07-10 15:51 - 2014-06-18 17:52 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2014-07-10 15:51 - 2014-06-18 17:52 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll

2014-07-10 15:51 - 2014-06-18 17:52 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll

2014-07-10 15:51 - 2014-06-18 17:52 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2014-07-10 15:51 - 2014-06-18 17:52 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll

2014-07-10 15:51 - 2014-06-18 17:33 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2014-07-10 15:51 - 2014-06-18 17:30 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2014-07-10 15:51 - 2014-06-18 15:05 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll

2014-07-10 15:51 - 2013-07-19 15:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2014-07-10 15:51 - 2013-07-19 15:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2014-07-10 15:51 - 2013-05-03 23:59 - 02842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL

2014-07-10 15:51 - 2013-05-03 21:57 - 02620928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL

2014-07-10 15:51 - 2013-04-26 22:20 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll

2014-07-10 15:47 - 2014-07-10 15:47 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff

2014-07-10 15:47 - 2013-10-10 02:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe

2014-07-10 15:47 - 2013-10-10 02:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll

2014-07-10 15:47 - 2013-10-10 02:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll

2014-07-10 15:47 - 2013-10-10 02:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx

2014-07-10 15:47 - 2013-10-10 02:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe

2014-07-10 15:47 - 2013-10-10 02:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll

2014-07-10 15:47 - 2013-10-10 02:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll

2014-07-10 15:47 - 2012-10-23 20:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe

2014-07-10 15:47 - 2012-10-23 20:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll

2014-07-10 15:47 - 2012-10-23 20:24 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll

2014-07-10 15:47 - 2012-10-23 20:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll

2014-07-10 15:46 - 2013-07-12 23:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll

2014-07-10 15:46 - 2013-07-12 23:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll

2014-07-10 15:46 - 2013-07-12 23:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll

2014-07-10 15:46 - 2013-07-12 23:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll

2014-07-10 15:46 - 2013-07-12 21:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll

2014-07-10 15:46 - 2013-07-12 21:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll

2014-07-10 15:46 - 2013-07-12 21:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll

2014-07-10 15:44 - 2013-07-01 18:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2014-07-10 15:44 - 2013-07-01 18:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS

2014-07-10 15:44 - 2012-11-02 22:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe

2014-07-10 15:44 - 2012-11-02 22:26 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe

2014-07-10 15:44 - 2012-11-02 22:24 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll

2014-07-10 15:44 - 2012-11-02 22:24 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll

2014-07-10 15:44 - 2012-11-02 22:24 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll

2014-07-10 15:44 - 2012-11-02 22:24 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll

2014-07-10 15:44 - 2012-11-02 22:24 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll

2014-07-10 15:44 - 2012-11-02 22:24 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll

2014-07-10 15:44 - 2012-11-02 22:24 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll

2014-07-10 15:44 - 2012-11-02 22:24 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll

2014-07-10 15:44 - 2012-11-02 22:04 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll

2014-07-10 15:44 - 2012-11-02 22:04 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll

2014-07-10 15:44 - 2012-11-02 22:00 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll

2014-07-10 15:44 - 2012-11-02 22:00 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll

2014-07-10 15:43 - 2014-03-28 01:23 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2014-07-10 15:43 - 2014-01-12 16:30 - 02238976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll

2014-07-10 15:43 - 2014-01-12 16:30 - 02032640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll

2014-07-10 15:43 - 2013-11-19 17:15 - 03842560 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll

2014-07-10 15:43 - 2013-11-19 16:57 - 03288576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2014-07-10 15:42 - 2013-03-14 17:17 - 00861184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2014-07-10 15:40 - 2013-08-23 00:22 - 02062848 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2014-07-10 15:40 - 2013-08-22 18:44 - 01711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2014-07-10 15:39 - 2014-05-29 15:24 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys

2014-07-10 15:39 - 2013-11-22 23:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll

2014-07-10 15:39 - 2013-11-22 22:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll

2014-07-10 15:39 - 2013-03-21 20:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll

2014-07-10 15:39 - 2013-03-21 15:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll

2014-07-10 15:34 - 2014-06-06 07:06 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll

2014-07-10 15:34 - 2014-06-06 03:17 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll

2014-07-10 15:32 - 2014-04-03 04:22 - 02233176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2014-07-10 15:32 - 2014-01-30 17:48 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll

2014-07-10 15:32 - 2014-01-30 17:06 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll

2014-07-10 15:32 - 2013-04-02 16:37 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdlg.dll

2014-07-10 15:32 - 2013-04-02 16:12 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdlg.dll

2014-07-10 15:31 - 2013-09-27 20:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys

2014-07-10 15:31 - 2012-10-10 22:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll

2014-07-10 15:31 - 2012-10-10 22:19 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys

2014-07-10 15:31 - 2012-10-10 22:18 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys

2014-07-10 15:29 - 2014-03-06 17:47 - 01419264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

2014-07-10 15:29 - 2014-03-06 17:08 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2014-07-10 15:29 - 2013-10-01 16:37 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2014-07-10 15:29 - 2013-10-01 16:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2014-07-10 15:29 - 2013-08-06 22:15 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll

2014-07-10 15:29 - 2013-08-01 23:28 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-07-10 15:29 - 2013-08-01 22:08 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2014-07-10 15:29 - 2013-03-02 03:39 - 00069864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys

2014-07-10 15:29 - 2013-03-01 19:43 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2014-07-10 15:29 - 2013-02-06 18:33 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2014-07-10 15:29 - 2012-11-09 21:23 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

2014-07-10 15:29 - 2012-11-09 21:23 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

2014-07-10 15:29 - 2012-11-09 21:22 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDWebAI.dll

2014-07-10 15:29 - 2012-11-09 21:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmHostAI.dll

2014-07-10 15:29 - 2012-11-09 21:20 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appserverai.dll

2014-07-10 15:29 - 2012-10-31 21:41 - 01802240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2014-07-10 15:29 - 2012-10-31 21:40 - 02361344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2014-07-10 15:29 - 2012-10-31 21:21 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll

2014-07-10 15:29 - 2012-10-31 21:21 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll

2014-07-10 15:29 - 2012-10-31 21:20 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll

2014-07-10 15:29 - 2012-10-31 21:20 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll

2014-07-10 15:22 - 2013-10-31 22:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll

2014-07-10 15:22 - 2013-10-31 20:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll

2014-07-10 15:21 - 2012-12-12 21:00 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll

2014-07-10 15:21 - 2012-12-12 20:59 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll

2014-07-10 15:11 - 2014-07-10 15:11 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies

2014-07-10 15:11 - 2014-07-10 15:11 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin

2014-07-10 14:59 - 2014-07-12 09:31 - 00000000 ____D () C:\Users\Karen S

2014-07-10 14:59 - 2014-07-10 14:59 - 00022863 _____ () C:\WINDOWS\diagwrn.xml

2014-07-10 14:59 - 2014-07-10 14:59 - 00022863 _____ () C:\WINDOWS\diagerr.xml

2014-07-10 14:59 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-07-10 14:59 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-07-10 14:59 - 2012-07-26 01:13 - 00000000 ___RD () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-10 14:59 - 2012-07-26 01:13 - 00000000 ____D () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-07-10 14:07 - 2014-07-10 14:07 - 00000000 ____D () C:\$WINDOWS.~BT

2014-07-10 14:06 - 2014-07-12 12:11 - 00000000 ___HD () C:\$SysReset

2014-07-10 13:36 - 2014-07-17 13:50 - 00000000 ____D () C:\Users\Karen S\AppData\Local\Packages

2014-07-09 17:07 - 2014-07-10 12:01 - 00000000 ____D () C:\Users\Karen S\Desktop\homer

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-05 08:34 - 2014-08-05 08:34 - 00011081 _____ () C:\Users\Karen S\Desktop\FRST.txt

2014-08-05 08:34 - 2014-08-05 07:53 - 00000000 ____D () C:\FRST

2014-08-05 08:32 - 2014-08-05 08:32 - 02094080 _____ (Farbar) C:\Users\Karen S\Desktop\FRST64.exe

2014-08-05 08:09 - 2012-11-13 22:18 - 01256854 _____ () C:\WINDOWS\WindowsUpdate.log

2014-08-05 08:05 - 2014-07-26 09:19 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-08-05 08:00 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-08-05 07:59 - 2012-07-26 00:21 - 00051205 _____ () C:\WINDOWS\setupact.log

2014-08-05 07:59 - 2012-07-25 22:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-08-05 07:57 - 2012-07-26 00:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-08-05 07:50 - 2014-08-05 07:49 - 00001362 _____ () C:\Users\Karen S\Desktop\8-5-2014 bleeping inst.txt

2014-08-05 07:47 - 2014-08-05 07:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Karen S\Desktop\mbam-setup-2.0.2.1012.exe

2014-08-05 07:22 - 2012-07-26 00:28 - 00848230 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-08-04 21:34 - 2014-08-04 21:34 - 00001200 _____ () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk

2014-08-04 21:33 - 2014-08-04 21:33 - 00000000 ____D () C:\Users\Karen S\AppData\Roaming\Atheros

2014-08-04 21:33 - 2014-08-04 21:33 - 00000000 ____D () C:\ProgramData\Atheros

2014-08-04 21:31 - 2014-08-04 21:31 - 00000000 ____D () C:\Users\Karen S\AppData\Local\Samsung

2014-08-04 21:12 - 2014-08-04 21:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program

2014-08-04 21:12 - 2014-08-04 21:12 - 00000000 ____D () C:\Program Files\Common Files\QCA_Bluetooth

2014-08-04 21:12 - 2014-08-04 21:12 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite

2014-08-04 21:07 - 2014-08-04 21:05 - 00000000 ____D () C:\ProgramData\Samsung

2014-08-04 21:07 - 2012-11-13 22:18 - 00001956 _____ () C:\Users\Public\Desktop\SW Update.lnk

2014-08-04 21:07 - 2012-11-13 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung

2014-08-04 20:37 - 2012-07-25 22:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2014-08-04 20:36 - 2014-07-12 09:43 - 00000000 ____D () C:\ProgramData\Trend Micro

2014-08-04 20:36 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\registration

2014-07-29 11:33 - 2014-07-29 11:33 - 00000327 _____ () C:\Users\Karen S\Desktop\7-29-2014 wave broadband.txt

2014-07-28 18:38 - 2014-07-27 14:56 - 00001055 _____ () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRST64.lnk

2014-07-27 17:22 - 2014-07-12 10:30 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2961404673-414218333-4232183137-1001

2014-07-27 17:13 - 2014-07-27 17:13 - 02093568 _____ (Farbar) C:\Users\Karen S\Downloads\FRST64.exe

2014-07-27 16:02 - 2014-07-27 16:02 - 00854390 _____ () C:\Users\Karen S\Desktop\SecurityCheck.exe

2014-07-27 15:55 - 2014-07-27 15:55 - 00001442 _____ () C:\Users\Karen S\Desktop\7-27-2014 bleeping instructions.txt

2014-07-27 15:09 - 2014-07-27 15:09 - 00000656 _____ () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop.lnk

2014-07-27 14:10 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\AppLocker

2014-07-27 13:01 - 2014-07-27 13:01 - 00000000 ____D () C:\Users\Karen S\AppData\Local\Microsoft_Corporation

2014-07-26 15:27 - 2014-07-26 15:27 - 00013063 _____ () C:\Users\Karen S\Desktop\Addition.txt

2014-07-26 10:03 - 2014-07-26 10:03 - 00001041 _____ () C:\Users\Karen S\Desktop\mbam.txt

2014-07-26 09:58 - 2014-07-26 09:58 - 00000796 _____ () C:\Users\Karen S\Desktop\AdwCleaner[S1].txt

2014-07-26 09:56 - 2012-08-05 14:07 - 00007236 _____ () C:\WINDOWS\PFRO.log

2014-07-26 09:55 - 2014-07-20 00:55 - 00000000 ____D () C:\AdwCleaner

2014-07-26 09:53 - 2014-07-26 09:53 - 00000736 _____ () C:\Users\Karen S\Desktop\AdwCleaner[R1].txt

2014-07-26 09:47 - 2014-07-26 09:47 - 01354223 _____ () C:\Users\Karen S\Desktop\adwcleaner_3.216.exe

2014-07-26 09:42 - 2014-07-26 09:42 - 00001057 _____ () C:\Users\Karen S\Desktop\7-26-2014 mbam scan.txt

2014-07-26 09:19 - 2014-07-26 09:19 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-26 09:19 - 2014-07-26 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-26 09:19 - 2014-07-26 09:19 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-26 09:19 - 2014-07-26 09:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-26 09:11 - 2014-07-26 09:04 - 00005406 _____ () C:\Users\Karen S\Desktop\7-26-2014 bleeping.txt

2014-07-25 23:29 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\NDF

2014-07-20 13:36 - 2014-07-20 08:16 - 19919261 _____ () C:\Users\Karen S\Desktop\Windows8-RT-KB2974008-x64.msu

2014-07-19 23:32 - 2014-07-19 17:57 - 00007620 _____ () C:\Users\Karen S\AppData\Local\Resmon.ResmonCfg

2014-07-19 23:24 - 2014-07-19 13:50 - 00002366 _____ () C:\Users\Karen S\Desktop\7-19-2014 windows 8.txt

2014-07-19 22:35 - 2014-07-19 22:34 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Karen S\Desktop\mbam-setup.exe

2014-07-19 22:32 - 2014-07-19 22:32 - 02650408 _____ (Malwarebytes ) C:\Users\Karen S\Desktop\mbae-setup-1.03.1.1220.exe

2014-07-19 22:20 - 2014-07-19 22:20 - 00291606 _____ () C:\Users\Karen S\Desktop\TCPView.zip

2014-07-19 22:16 - 2014-07-19 22:16 - 05329480 _____ (Secunia) C:\Users\Karen S\Desktop\PSISetup.exe

2014-07-19 22:12 - 2014-07-19 22:12 - 00330240 _____ (BiniSoft.org) C:\Users\Karen S\Desktop\wfc4setup.exe

2014-07-19 22:11 - 2014-07-19 22:11 - 01272912 _____ () C:\Users\Karen S\Desktop\Tweaking.com-RepairWindowsFirewall.exe

2014-07-19 16:19 - 2012-08-05 15:44 - 00000000 ____D () C:\WINDOWS\Sec

2014-07-19 16:19 - 2012-08-05 15:07 - 00000000 ____D () C:\WINDOWS\Panther

2014-07-19 13:54 - 2014-07-19 13:54 - 00001081 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk

2014-07-19 13:54 - 2014-07-19 13:54 - 00000000 ____D () C:\Users\Karen S\AppData\Local\VS Revo Group

2014-07-19 13:54 - 2014-07-19 13:54 - 00000000 ____D () C:\ProgramData\VS Revo Group

2014-07-19 13:54 - 2014-07-19 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro

2014-07-19 13:54 - 2014-07-19 13:54 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-07-19 13:48 - 2014-07-19 13:48 - 10619688 _____ (VS Revo Group ) C:\Users\Karen S\Desktop\RevoUninProSetup.exe

2014-07-19 11:58 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\rescache

2014-07-19 11:36 - 2014-07-19 11:35 - 120214108 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\RansomFix64.exe

2014-07-19 11:29 - 2014-07-12 09:30 - 00000000 ____D () C:\Users\Karen S\AppData\Local\VirtualStore

2014-07-17 18:58 - 2014-07-17 18:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda

2014-07-17 18:58 - 2012-11-13 22:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-07-17 18:57 - 2014-07-17 18:58 - 00465624 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsPer.sys

2014-07-17 18:57 - 2014-07-17 18:58 - 00359128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsPStor.sys

2014-07-17 18:57 - 2014-07-17 18:58 - 00331992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsUVStor.sys

2014-07-17 18:57 - 2014-07-17 18:58 - 00313048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsBaStor.sys

2014-07-17 18:57 - 2014-07-17 18:58 - 00291544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsP2Stor.sys

2014-07-17 18:57 - 2014-07-17 18:58 - 00271064 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsUStor.sys

2014-07-17 18:57 - 2014-07-17 18:57 - 09889352 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll

2014-07-17 18:57 - 2014-07-17 18:57 - 00000000 ____D () C:\Users\Karen S\Desktop\RtsXStor_6.3.273.37

2014-07-17 18:57 - 2014-07-17 18:57 - 00000000 ____D () C:\Program Files (x86)\Realtek

2014-07-17 18:56 - 2014-07-17 18:54 - 12171007 _____ () C:\Users\Karen S\Desktop\RtsXStor_6.3.273.37.zip

2014-07-17 16:58 - 2014-07-17 15:06 - 00000440 _____ () C:\Users\Karen S\Documents\7-17-2014 msg to Carmen-Etsy.txt

2014-07-17 16:09 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\MsDtc

2014-07-17 13:58 - 2014-07-17 13:58 - 00686608 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\TMEEC.exe

2014-07-17 13:57 - 2014-07-17 13:57 - 07001616 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\BGSetup3.0.1009.exe

2014-07-17 13:57 - 2014-07-17 13:57 - 02473936 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\HousecallLauncher64.exe

2014-07-17 13:56 - 2014-07-17 13:56 - 06229392 _____ (Trend Micro, Inc. ) C:\Users\Karen S\Desktop\RUBottedSetup.exe

2014-07-17 13:54 - 2014-07-17 13:54 - 14839344 _____ (Trend Micro Inc.) C:\Users\Karen S\Desktop\RootkitBusterV5.0-1171x64.exe

2014-07-17 13:50 - 2014-07-10 13:36 - 00000000 ____D () C:\Users\Karen S\AppData\Local\Packages

2014-07-17 13:30 - 2014-07-17 13:30 - 00000000 ____D () C:\WINDOWS\LastGood

2014-07-17 13:29 - 2014-07-17 13:28 - 00281088 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-07-16 18:37 - 2014-07-16 18:37 - 00000000 ____D () C:\Users\Karen S\AppData\Local\Adobe

2014-07-16 18:37 - 2014-07-16 18:34 - 00000000 ____D () C:\ProgramData\Adobe

2014-07-16 18:37 - 2014-07-12 09:31 - 00000000 ____D () C:\Users\Karen S\AppData\Roaming\Adobe

2014-07-16 18:35 - 2014-07-16 18:35 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-07-16 18:35 - 2014-07-16 18:35 - 00002029 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-07-16 18:35 - 2014-07-16 18:35 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-07-16 18:32 - 2014-07-16 11:20 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp

2014-07-16 18:32 - 2012-07-26 01:12 - 00000000 __RSD () C:\WINDOWS\Media

2014-07-16 18:31 - 2014-07-16 18:31 - 00000000 ___HD () C:\ProgramData\CanonIJFAX

2014-07-16 18:28 - 2014-07-16 18:28 - 00000000 ___HD () C:\ProgramData\CanonBJ

2014-07-15 05:18 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2014-07-14 15:48 - 2012-07-26 01:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-14 15:48 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\WinStore

2014-07-14 15:48 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions

2014-07-14 15:48 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared

2014-07-14 15:47 - 2014-07-14 15:47 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2014-07-14 15:47 - 2012-07-26 01:12 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-07-14 15:47 - 2012-07-26 01:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-07-14 15:47 - 2012-07-26 01:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2014-07-14 15:47 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates

2014-07-14 15:47 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files\Windows Defender

2014-07-14 15:47 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2014-07-14 15:47 - 2012-07-25 22:38 - 00000000 ____D () C:\WINDOWS\system32\oobe

2014-07-14 15:46 - 2012-07-26 00:52 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-14 15:45 - 2012-07-26 01:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools

2014-07-14 15:45 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer

2014-07-14 15:45 - 2012-07-26 01:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer

2014-07-14 15:45 - 2012-07-25 22:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism

2014-07-14 15:45 - 2012-07-25 22:38 - 00000000 ____D () C:\WINDOWS\system32\Dism

2014-07-12 15:27 - 2012-07-25 22:37 - 00000000 ____D () C:\WINDOWS\servicing

2014-07-12 13:41 - 2014-07-12 13:41 - 00186328 _____ (trend_company_name) C:\WINDOWS\system32\Drivers\tmrkb.sys

2014-07-12 13:41 - 2014-07-01 09:59 - 00000000 ____D () C:\Users\Karen S\Desktop\TMRBLog

2014-07-12 12:56 - 2014-07-12 12:54 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-07-12 12:36 - 2014-07-10 15:56 - 00000000 ____D () C:\Windows.old

2014-07-12 12:11 - 2014-07-10 14:06 - 00000000 ___HD () C:\$SysReset

2014-07-12 11:41 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent

2014-07-12 10:44 - 2014-07-12 10:44 - 00000000 ____D () C:\Users\Karen S\AppData\Roaming\Macromedia

2014-07-12 10:39 - 2014-07-12 10:39 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

2014-07-12 10:32 - 2014-07-12 10:31 - 95020520 _____ (trend_company_name) C:\Users\Karen S\Desktop\supportcustomizedpackage64.exe

2014-07-12 10:12 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz

2014-07-12 10:12 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm

2014-07-12 10:12 - 2012-07-25 22:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe

2014-07-12 10:11 - 2012-07-26 01:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel

2014-07-12 10:11 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI

2014-07-12 10:11 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com

2014-07-12 10:11 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\migwiz

2014-07-12 10:11 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN

2014-07-12 10:11 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep

2014-07-12 10:11 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr

2014-07-12 10:11 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts

2014-07-12 10:11 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\system32\winrm

2014-07-12 10:09 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\system32\WCN

2014-07-12 10:09 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\system32\slmgr

2014-07-12 10:09 - 2012-07-25 22:38 - 00000000 ____D () C:\WINDOWS\system32\Sysprep

2014-07-12 10:08 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform

2014-07-12 10:08 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\Com

2014-07-12 10:08 - 2012-07-26 00:51 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts

2014-07-12 09:54 - 2014-07-03 10:11 - 00000000 ___HD () C:\TMRescueDisk

2014-07-12 09:52 - 2014-07-12 09:52 - 00001373 _____ () C:\Users\Karen S\Desktop\Trend Micro Titanium Maximum Security.lnk

2014-07-12 09:52 - 2014-07-12 09:52 - 00000000 ____D () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security

2014-07-12 09:52 - 2014-07-12 09:52 - 00000000 ____D () C:\Users\Karen S\AppData\Local\Trend Micro

2014-07-12 09:51 - 2012-07-26 01:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP

2014-07-12 09:49 - 2014-07-12 09:49 - 00003270 _____ () C:\WINDOWS\System32\Tasks\Titanium BTC

2014-07-12 09:47 - 2014-07-12 09:47 - 00000059 _____ () C:\WINDOWS\system32\SupportTool.exe.bat

2014-07-12 09:45 - 2014-07-12 09:44 - 00000000 ____D () C:\Program Files\Trend Micro

2014-07-12 09:42 - 2014-07-12 09:42 - 00000036 _____ () C:\Users\Karen S\AppData\Local\housecall.guid.cache

2014-07-12 09:31 - 2014-07-12 09:31 - 00001442 _____ () C:\Users\Karen S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-07-12 09:31 - 2014-07-12 09:31 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD

2014-07-12 09:31 - 2014-07-10 14:59 - 00000000 ____D () C:\Users\Karen S

2014-07-12 09:29 - 2014-07-12 09:29 - 00000020 ___SH () C:\Users\Karen S\ntuser.ini

2014-07-10 15:56 - 2012-07-26 01:13 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template

2014-07-10 15:47 - 2014-07-10 15:47 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff

2014-07-10 15:11 - 2014-07-10 15:11 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies

2014-07-10 15:11 - 2014-07-10 15:11 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin

2014-07-10 15:00 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\system32\Recovery

2014-07-10 15:00 - 2012-07-25 22:37 - 00000000 __RHD () C:\Users\Default

2014-07-10 14:59 - 2014-07-10 14:59 - 00022863 _____ () C:\WINDOWS\diagwrn.xml

2014-07-10 14:59 - 2014-07-10 14:59 - 00022863 _____ () C:\WINDOWS\diagerr.xml

2014-07-10 14:59 - 2012-07-26 01:12 - 00000000 __RHD () C:\Users\Public\Libraries

2014-07-10 14:58 - 2012-08-05 14:10 - 00000000 ____D () C:\Users\Administrator

2014-07-10 14:07 - 2014-07-10 14:07 - 00000000 ____D () C:\$WINDOWS.~BT

2014-07-10 12:01 - 2014-07-09 17:07 - 00000000 ____D () C:\Users\Karen S\Desktop\homer

2014-07-09 18:33 - 2014-05-29 12:43 - 00003094 _____ () C:\Users\Karen S\Desktop\Rkill.txt

2014-07-09 16:58 - 2014-05-29 12:31 - 00030682 _____ () C:\Users\Karen S\Desktop\Result.txt

2014-07-09 16:17 - 2014-07-01 12:34 - 00005552 _____ () C:\Users\Karen S\Desktop\7-1-2014 windows 8 errors.txt

Files to move or delete:

====================

C:\ProgramData\MakeMarkerFile.exe

 

Some content of TEMP:

====================

C:\Users\Karen S\AppData\Local\Temp\Quarantine.exe

 

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

LastRegBack: 2014-07-30 14:35

==================== End Of Log ============================

 

 

 

 

 

 



#14 nasdaq

nasdaq

  • Malware Response Team
  • 40,510 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:04 AM

Posted 06 August 2014 - 07:05 AM

Your logs are clean.

How is the computer running now?

#15 ol2shews

ol2shews
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:04 AM

Posted 07 August 2014 - 03:48 PM

I hope you don't mind I ran a cbs.log, (it's a little long - let me know if you want me to attach it) show hidden

and a mini tool box. There are also a few things that I have noticed one is a

Generic Credentials

virtualapp/didlogical

internet or network address: virtualapp/

didlogical

user name: 02qaoqaakhig

persistence: local computer

 

I keep removing it, but it keeps coming back.   The notification area shows this item:  objlist.ex

 

and

 

 

windows 8

system info

platform role:

mobile ?

PCR7 configuration:

binding not possible ?

hyper v - vm monitor mode extensions - value/yes ?

should be off

hv - second level

address translation

extensions: yes

hv - virtualization enabled in firmware: yes

hv - data execution protection: yes

problem devices: device - not available

pnp device ID:

USB\VID_ 0CF3&PID_3004\

ALASKA_DAY_2006

 

and

 

 

in indexing options under included locations/users

it shows exclude AppData; AppData

 

There are also 2 Norton Symantec files showing up even though I have used the Norton

removal tool.

 

I also want to let you know how much I appreciate the help. I don't have a lot of extra money,

but on my next payroll check I will definitely donate.

 

Thank you,

 

Karen

 

 

 

Show Hidden by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2014 BleepingComputer.com

Show Hidden will display all hidden folders on your computer.

You can use the -f argument to display hidden files as well.

Program started at: 08/07/2014 10:58:53 AM

Windows Version: Windows 8

Please be patient while your hard drives are scanned.

Scanning the C:\ drive

* C:\$Recycle.Bin

* C:\$Recycle.Bin\S-1-5-18

* C:\$Recycle.Bin\S-1-5-21-2961404673-414218333-4232183137-1001

* C:\$SysReset

* C:\$WINDOWS.~BT\Sources\en

* C:\$WINDOWS.~BT\Sources\en-US

* C:\Config.Msi

* C:\Program Files\Uninstall Information

* C:\Program Files\Windows Sidebar

* C:\Program Files\WindowsApps

* C:\Program Files\WindowsApps\Microsoft.Adera_1.0.0.4957_x86__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.Adera_1.5.1.27141_x86__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.BingFinance_1.2.0.135_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.BingFinance_2.0.0.308_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.BingMaps_1.2.0.136_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.BingMaps_1.6.1821.2624_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.BingNews_1.2.0.135_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.BingNews_2.0.0.308_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.BingSports_1.2.0.135_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.BingSports_2.0.0.310_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.BingTravel_1.2.0.145_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.BingTravel_2.0.0.319_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.BingWeather_1.2.0.135_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.BingWeather_2.0.0.310_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.Bing_1.2.0.137_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.Camera_6.2.8514.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.Camera_6.2.9200.20523_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.Media.PlayReadyClient_2.3.1662.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.Media.PlayReadyClient_2.3.1662.0_x86__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.Media.PlayReadyClient_2.3.1678.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.Media.PlayReadyClient_2.3.1678.0_x86__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\microsoft.microsoftskydrive_16.4.4396.311_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.Reader_6.2.8516.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.Reader_6.2.9200.20780_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.VCLibs.110.00_11.0.50712.1_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.VCLibs.110.00_11.0.50712.1_x86__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.VCLibs.110.00_11.0.50727.1_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.VCLibs.110.00_11.0.50727.1_x86__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.VCLibs.110.00_11.0.51106.1_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.VCLibs.110.00_11.0.51106.1_x86__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4396.311_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.WinJS.1.0_1.0.8514.0_neutral__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.WinJS.1.0_1.0.9200.20602_neutral__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.WinJS.1.0_1.0.9200.20789_neutral__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.0.927.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.3.10.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.ZuneMusic_1.0.927.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.ZuneMusic_1.5.216.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.ZuneVideo_1.0.927.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files\WindowsApps\Microsoft.ZuneVideo_1.5.902.0_x64__8wekyb3d8bbwe\microsoft.system.package.metadata

* C:\Program Files (x86)\InstallShield Installation Information

* C:\Program Files (x86)\Windows Sidebar

* C:\ProgramData

* C:\ProgramData\CanonBJ

* C:\ProgramData\CanonBJ\IJPrinter

* C:\ProgramData\CanonBJ\IJPrinter\CNMWINDOWS

* C:\ProgramData\CanonBJ\IJPrinter\CNMWINDOWS\Canon MX510 series Printer

* C:\ProgramData\CanonIJFAX

* C:\ProgramData\CanonIJFAX\Canon MX510 series FAX

* C:\ProgramData\Microsoft\DRM\Server

* C:\ProgramData\Microsoft\Windows\DeviceMetadataCache\dmrccache\downloads

* C:\ProgramData\Microsoft\Windows\DRM

* C:\ProgramData\Microsoft\Windows\DRM\Cache

* C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC

* C:\ProgramData\Microsoft\WwanSvc

* C:\ProgramData\Microsoft\WwanSvc\Profiles

* C:\Recovery

* C:\Recovery\Logs

* C:\System Volume Information

* C:\System Volume Information\Chkdsk

* C:\System Volume Information\SPP

* C:\System Volume Information\SPP\OnlineMetadataCache

* C:\System Volume Information\SPP\SppCbsHiveStore

* C:\System Volume Information\SPP\SppGroupCache

* C:\System Volume Information\SystemRestore

* C:\System Volume Information\SystemRestore\FRStaging

* C:\System Volume Information\SystemRestore\WmiStaging

* C:\TMRescueDisk

* C:\TMRescueDisk\Config

* C:\TMRescueDisk\Config\2014-07-03-17-11-38

* C:\TMRescueDisk\Config\2014-07-03-18-08-18

* C:\TMRescueDisk\Config\2014-07-12-16-54-56

* C:\TMRescueDisk\MBR

* C:\TMRescueDisk\MBR\2014-07-03-17-11-38

* C:\TMRescueDisk\MBR\2014-07-03-18-08-18

* C:\TMRescueDisk\MBR\2014-07-12-16-54-56

* C:\TMRescueDisk\VBR

* C:\TMRescueDisk\VBR\4f494d44

* C:\TMRescueDisk\VBR\4f494d44\2014-07-03-17-11-38

* C:\TMRescueDisk\VBR\4f494d44\2014-07-03-18-08-18

* C:\TMRescueDisk\VBR\4f494d44\2014-07-12-16-54-56

* C:\Users\Administrator\AppData

* C:\Users\Administrator\AppData\Local\Microsoft\Feeds Cache

* C:\Users\Administrator\AppData\Local\Microsoft\Windows\Burn\Burn

* C:\Users\Administrator\AppData\Local\Microsoft\Windows\History\History.IE5

* C:\Users\Administrator\AppData\Local\Microsoft\Windows\Notifications\170437f8df4211e1be67e8039a654ffb

* C:\Users\Administrator\AppData\Local\Microsoft\Windows\SettingSync

* C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files

* C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache

* C:\Users\Administrator\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache

* C:\Users\Administrator\AppData\Local\Packages\windows_ie_ac_001\AC\INetCookies

* C:\Users\Administrator\AppData\Local\Packages\windows_ie_ac_001\AC\INetHistory

* C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned

* C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies

* C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IECompatCache

* C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IECompatCache\Low

* C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IECompatUACache

* C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low

* C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\PrivacIE

* C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\PrivacIE\Low

* C:\Users\Default

* C:\Users\Default\AppData

* C:\Users\Karen S\AppData

* C:\Users\Karen S\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~

* C:\Users\Karen S\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~

* C:\Users\Karen S\AppData\Local\Microsoft\Feeds Cache

* C:\Users\Karen S\AppData\Local\Microsoft\Internet Explorer\DOMStore

* C:\Users\Karen S\AppData\Local\Microsoft\Internet Explorer\DOMStore\BTQVV09Z

* C:\Users\Karen S\AppData\Local\Microsoft\Internet Explorer\DOMStore\KXAYL367

* C:\Users\Karen S\AppData\Local\Microsoft\Internet Explorer\DOMStore\LSPCILDI

* C:\Users\Karen S\AppData\Local\Microsoft\Internet Explorer\DOMStore\LX6HE9OO

* C:\Users\Karen S\AppData\Local\Microsoft\Internet Explorer\IEFlipAheadCache

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\AppCache

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\AppCache\QCC15NAO

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\Burn\Burn

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\History\History.IE5

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014072820140804

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014080420140805

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014080520140806

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014080620140807

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012014080720140808

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\History\Low\History.IE5

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\IECompatCache

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\IECompatCache\Low

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\IECompatUACache

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\IECompatUACache\Low

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\IEDownloadHistory

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\2GC6N3B2

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\3H8P1C6S

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\8LYJX093

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\A5W3F3LL

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\EQZMKLGN

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\EUBQ9DF5

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\FVKUVSMI

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\H7G6HESZ

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\H9Y073OQ

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\KI7SKN8B

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\LD5IV48E

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\SKNDH99E

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\T0XERD0T

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\XEPNZEBG

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\XJOYSLXK

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\YQZQ7X3L

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Virtualized

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\INetCookies

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\Notifications\ff29a11009e111e4be6c50b7c3e0dde8

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\PrivacIE

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\PrivacIE\Low

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\SettingSync

* C:\Users\Karen S\AppData\Local\Microsoft\Windows\WebCache

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.Adera_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\Microsoft\Internet Explorer\DOMStore

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\Microsoft\Internet Explorer\DOMStore\2PANFEY0

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\Microsoft\Internet Explorer\DOMStore\AWIDIVVV

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\Microsoft\Internet Explorer\DOMStore\EZUUASZ9

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\Microsoft\Internet Explorer\DOMStore\WFLKBCZ2

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.Camera_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.Camera_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.Camera_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.Media.PlayReadyClient_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.Media.PlayReadyClient_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.Media.PlayReadyClient_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\microsoft.microsoftskydrive_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\microsoft.microsoftskydrive_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\microsoft.microsoftskydrive_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\INetCache\03HZ9EDZ

* C:\Users\Karen S\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\INetCache\5QZJQHXC

* C:\Users\Karen S\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\INetCache\76QXNR5C

* C:\Users\Karen S\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\INetCache\LVEUAKHT

* C:\Users\Karen S\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\INetHistory\BackgroundTransferApi

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\AppCache

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\AppCache\5D7W243D

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\IECompatCache

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\iecompatuaCache

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\IEDownloadHistory

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\3Y24DM3E

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache\E4E6TWNX

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\Internet Explorer\DOMStore

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\Internet Explorer\DOMStore\1LSKRJ2E

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\Internet Explorer\DOMStore\63KRVGXI

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\Internet Explorer\DOMStore\91TJZYFA

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\Internet Explorer\DOMStore\Q6Z0ZWJN

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\UserData

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\UserData\461MM1MX

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\UserData\Q7WSQGUZ

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\UserData\Q9QAFE5A

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\UserData\R8E6255G

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\AppCache

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\AppCache\H745M988

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\IECompatCache

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\iecompatuaCache

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\IEDownloadHistory

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\INetCache\3LTIWA2E

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\INetCache\FGGKD8CU

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\INetCache\UEESJP9V

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\INetCache\V39TPU5J

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\INetHistory

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\Microsoft\Internet Explorer\DOMStore

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\Microsoft\Internet Explorer\DOMStore\553014BQ

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\Microsoft\Internet Explorer\DOMStore\A4LFSAD9

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\Microsoft\Internet Explorer\DOMStore\LYKQ4C8K

* C:\Users\Karen S\AppData\Local\Packages\windows_ie_ac_122\AC\Microsoft\Internet Explorer\DOMStore\XB5ADLC2

* C:\Users\Karen S\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\AppCache

* C:\Users\Karen S\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\AppCache\13D7BDQ0

* C:\Users\Karen S\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\INetCache

* C:\Users\Karen S\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\INetCache\C55DDRSI

* C:\Users\Karen S\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\INetCache\PEFJ7IU2

* C:\Users\Karen S\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\INetCache\RNK97OCF

* C:\Users\Karen S\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\INetCache\VDY1CSNJ

* C:\Users\Karen S\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\INetCookies

* C:\Users\Karen S\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\INetHistory

* C:\Users\Karen S\AppData\Local\VirtualStore\ProgramData

* C:\Users\Karen S\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore

* C:\Users\Karen S\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\E64Q7YQ9

* C:\Users\Karen S\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\NZAOAON9

* C:\Users\Karen S\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\TFHRCRPY

* C:\Users\Karen S\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\WLPM49ZT

* C:\Users\Karen S\AppData\LocalLow\Microsoft\Windows\AppCache

* C:\Users\Karen S\AppData\LocalLow\Microsoft\Windows\AppCache\3NH3QM30

* C:\Users\Karen S\AppData\LocalLow\Microsoft\Windows\AppCache\DD23YNXD

* C:\Users\Karen S\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned

* C:\Users\Karen S\AppData\Roaming\Microsoft\Internet Explorer\UserData

* C:\Users\Karen S\AppData\Roaming\Microsoft\Internet Explorer\UserData\0S72F60U

* C:\Users\Karen S\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low\688SFX33

* C:\Users\Karen S\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low\MHL2CW3T

* C:\Users\Karen S\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low\RRLQIHOY

* C:\Users\Karen S\AppData\Roaming\Microsoft\Internet Explorer\UserData\Low\XCE64ICM

* C:\Users\Karen S\AppData\Roaming\Microsoft\Internet Explorer\UserData\QV6GQE0Z

* C:\Users\Karen S\AppData\Roaming\Microsoft\Internet Explorer\UserData\S1UZ0PTD

* C:\Users\Karen S\AppData\Roaming\Microsoft\Internet Explorer\UserData\VN7274GN

* C:\Users\Karen S\Pictures\DVD RW Drive\System Volume Information

* C:\Users\Karen S\Pictures\Jul 12 2014 Etsy\SD Card (F)\.Trashes

* C:\Users\Public\AccountPictures

* C:\Users\Public\Desktop

* C:\Users\Public\Libraries

* C:\Windows\ELAMBKUP

* C:\Windows\ImmersiveControlPanel\microsoft.system.package.metadata

* C:\Windows\Installer

* C:\Windows\Installer\$PatchCache$

* C:\Windows\Installer\$PatchCache$\Managed

* C:\Windows\Installer\$PatchCache$\Managed\1BF4A48A307DBD84980E866B94D98210

* C:\Windows\Installer\$PatchCache$\Managed\1BF4A48A307DBD84980E866B94D98210\8.0.1

* C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010

* C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0

* C:\Windows\ServiceProfiles\LocalService\AppData

* C:\Windows\ServiceProfiles\NetworkService\AppData

* C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5

* C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files

* C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5

* C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies

* C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5

* C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files

* C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5

* C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies

* C:\Windows\WinStore\microsoft.system.package.metadata

* C:\Windows.old\Users\Administrator\AppData

* C:\Windows.old\Users\Administrator\AppData\Local\Microsoft\Feeds Cache

* C:\Windows.old\Users\Administrator\AppData\Local\Microsoft\Windows\Burn\Burn

* C:\Windows.old\Users\Administrator\AppData\Local\Microsoft\Windows\History\History.IE5

* C:\Windows.old\Users\Administrator\AppData\Local\Microsoft\Windows\Notifications\170437f8df4211e1be67e8039a654ffb

* C:\Windows.old\Users\Administrator\AppData\Local\Microsoft\Windows\SettingSync

* C:\Windows.old\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files

* C:\Windows.old\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache

* C:\Windows.old\Users\Administrator\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache

* C:\Windows.old\Users\Administrator\AppData\Local\Packages\windows_ie_ac_001\AC\INetCookies

* C:\Windows.old\Users\Administrator\AppData\Local\Packages\windows_ie_ac_001\AC\INetHistory

* C:\Windows.old\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned

* C:\Windows.old\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies

* C:\Windows.old\Users\Administrator\AppData\Roaming\Microsoft\Windows\IECompatCache

* C:\Windows.old\Users\Administrator\AppData\Roaming\Microsoft\Windows\IECompatCache\Low

* C:\Windows.old\Users\Administrator\AppData\Roaming\Microsoft\Windows\IECompatUACache

* C:\Windows.old\Users\Administrator\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low

* C:\Windows.old\Users\Administrator\AppData\Roaming\Microsoft\Windows\PrivacIE

* C:\Windows.old\Users\Administrator\AppData\Roaming\Microsoft\Windows\PrivacIE\Low

* C:\Windows.old\Users\Default

* C:\Windows.old\Users\Default\AppData

* C:\Windows.old\Users\Karen S\AppData

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\Burn\Burn

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\History\History.IE5

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\IECompatCache

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\IECompatCache\Low

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\IECompatUACache

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\IECompatUACache\Low

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\6N3K65I3

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\7Z6LM7XL

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\9463KY40

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\G4PPOKEG

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\INetCache\Virtualized

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\Notifications\6bc03945087211e4be6c50b7c3e0dde8

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\PrivacIE

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\PrivacIE\Low

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\SettingSync

* C:\Windows.old\Users\Karen S\AppData\Local\Microsoft\Windows\WebCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.Camera_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.Camera_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.Camera_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.Media.PlayReadyClient_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.Media.PlayReadyClient_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.Media.PlayReadyClient_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\microsoft.microsoftskydrive_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\microsoft.microsoftskydrive_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\microsoft.microsoftskydrive_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.Reader_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.VCLibs.110.00_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\microsoft.windowsphotos_8wekyb3d8bbwe\AC\INetHistory\BackgroundTransferApi

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.WinJS.1.0_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.ZuneMusic_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\windows_ie_ac_001\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\INetCache

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\INetCookies

* C:\Windows.old\Users\Karen S\AppData\Local\Packages\WinStore_cw5n1h2txyewy\AC\INetHistory

* C:\Windows.old\Users\Karen S\AppData\LocalLow\EmieSiteList

* C:\Windows.old\Users\Karen S\AppData\LocalLow\EmieUserList

* C:\Windows.old\Users\Karen S\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore

* C:\Windows.old\Users\Karen S\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\4Z5750TN

* C:\Windows.old\Users\Karen S\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\AC5B9514

* C:\Windows.old\Users\Karen S\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\HPCHEO9R

* C:\Windows.old\Users\Karen S\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\U1IUXXBO

* C:\Windows.old\Users\Karen S\AppData\LocalLow\Microsoft\Windows\AppCache

* C:\Windows.old\Users\Karen S\AppData\LocalLow\Microsoft\Windows\AppCache\1ABDXJKW

* C:\Windows.old\Users\Karen S\AppData\LocalLow\Microsoft\Windows\AppCache\MXMR8I7W

* C:\Windows.old\Users\Karen S\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned

* C:\Windows.old\Users\Public\Desktop

* C:\Windows.old\Users\Public\Libraries

Finished scanning the C:\ drive. 433 hidden items found.

Program finished at: 08/07/2014 11:01:24 AM

Execution time: 0 hours(s), 2 minute(s), and 30 seconds(s)

 

 

 

 

 

 

 

 

 

 

 

 

MiniToolBox by Farbar  Version: 25-06-2014
Ran by Karen S (administrator) on 07-08-2014 at 13:27:57
Running from "C:\Users\Karen S\Desktop"
Microsoft Windows 8  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

========================= IP Configuration: ================================

Qualcomm Atheros AR9485WB-EG Wireless Network Adapter = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Samsung
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : wavecable.com

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 20-89-84-17-8B-4F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : wavecable.com
   Description . . . . . . . . . . . : Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
   Physical Address. . . . . . . . . : 50-B7-C3-E0-DD-E7
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b0b0:7557:57a:1572%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, August 7, 2014 10:27:09 AM
   Lease Expires . . . . . . . . . . : Friday, August 8, 2014 10:27:09 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 266863514
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-56-2C-34-20-89-84-17-8B-4F
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.wavecable.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : wavecable.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:3c3e:5d2:3f57:fe9b(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3c3e:5d2:3f57:fe9b%16(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  Cisco16192
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4005:800::1003
   74.125.239.102
   74.125.239.104
   74.125.239.103
   74.125.239.97
   74.125.239.98
   74.125.239.105
   74.125.239.100
   74.125.239.99
   74.125.239.96
   74.125.239.110
   74.125.239.101

Pinging google.com [74.125.239.101] with 32 bytes of data:
Reply from 74.125.239.101: bytes=32 time=22ms TTL=54
Reply from 74.125.239.101: bytes=32 time=29ms TTL=54

Ping statistics for 74.125.239.101:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 22ms, Maximum = 29ms, Average = 25ms
Server:  Cisco16192
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=105ms TTL=45
Reply from 98.139.183.24: bytes=32 time=106ms TTL=45

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 105ms, Maximum = 106ms, Average = 105ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...20 89 84 17 8b 4f ......Realtek PCIe GBE Family Controller
 12...50 b7 c3 e0 dd e7 ......Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.100     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.100    281
    192.168.1.100  255.255.255.255         On-link     192.168.1.100    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.100    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.100    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.100    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 16    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 16    306 2001::/32                On-link
 16    306 2001:0:9d38:90d7:3c3e:5d2:3f57:fe9b/128
                                    On-link
 12    281 fe80::/64                On-link
 16    306 fe80::/64                On-link
 16    306 fe80::3c3e:5d2:3f57:fe9b/128
                                    On-link
 12    281 fe80::b0b0:7557:57a:1572/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [64000] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/07/2014 08:57:01 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.17028, time stamp: 0x53a2084a
Faulting module name: MSHTML.dll, version: 10.0.9200.17028, time stamp: 0x53a2120a
Exception code: 0xc0000005
Fault offset: 0x0000000000294abf
Faulting process id: 0xb98
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5

Error: (08/07/2014 08:53:33 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.17028, time stamp: 0x53a2084a
Faulting module name: MSHTML.dll, version: 10.0.9200.17028, time stamp: 0x53a2120a
Exception code: 0xc0000005
Fault offset: 0x0000000000294abf
Faulting process id: 0x10bc
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5

Error: (08/07/2014 08:50:59 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.17028, time stamp: 0x53a2084a
Faulting module name: MSHTML.dll, version: 10.0.9200.17028, time stamp: 0x53a2120a
Exception code: 0xc0000005
Fault offset: 0x0000000000294abf
Faulting process id: 0x1368
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5

Error: (08/07/2014 08:49:52 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.17028, time stamp: 0x53a2084a
Faulting module name: MSHTML.dll, version: 10.0.9200.17028, time stamp: 0x53a2120a
Exception code: 0xc0000005
Fault offset: 0x0000000000294abf
Faulting process id: 0x125c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5

Error: (08/07/2014 08:49:24 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.17028, time stamp: 0x53a2084a
Faulting module name: MSHTML.dll, version: 10.0.9200.17028, time stamp: 0x53a2120a
Exception code: 0xc0000005
Fault offset: 0x0000000000294abf
Faulting process id: 0x3bc
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Faulting package full name: iexplore.exe4
Faulting package-relative application ID: iexplore.exe5

Error: (08/07/2014 08:10:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Samsung)
Description: Activation of app microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe:Microsoft.WindowsLive.ModernPhotos.AppXsjk229593yvkhw8w13eans3t0eh9strp.wwa failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/07/2014 08:09:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Samsung)
Description: Activation of app microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe:Microsoft.WindowsLive.ModernPhotos.AppXsjk229593yvkhw8w13eans3t0eh9strp.wwa failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/07/2014 08:09:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Samsung)
Description: Activation of app microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe:Microsoft.WindowsLive.ModernPhotos.AppXsjk229593yvkhw8w13eans3t0eh9strp.wwa failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/06/2014 10:20:11 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (08/06/2014 10:15:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: MsiExec.exe, version: 5.0.9200.16384, time stamp: 0x5010a60b
Faulting module name: MSVCR100.dll, version: 10.0.40219.1, time stamp: 0x4d5f0c22
Exception code: 0xc0000005
Fault offset: 0x00013157
Faulting process id: 0x125c
Faulting application start time: 0xMsiExec.exe0
Faulting application path: MsiExec.exe1
Faulting module path: MsiExec.exe2
Report Id: MsiExec.exe3
Faulting package full name: MsiExec.exe4
Faulting package-relative application ID: MsiExec.exe5

System errors:
=============
Error: (08/07/2014 11:47:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Qualcomm Atheros Communications - Bluetooth Controller - Qualcomm Atheros AR3012 Bluetooth 4.0 + HS.

Error: (08/07/2014 11:45:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Qualcomm Atheros Communications - Bluetooth Controller - Qualcomm Atheros AR3012 Bluetooth 4.0 + HS.

Error: (08/07/2014 11:10:08 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Qualcomm Atheros Communications - Bluetooth Controller - Qualcomm Atheros AR3012 Bluetooth 4.0 + HS.

Error: (08/07/2014 11:08:39 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: Qualcomm Atheros Communications - Bluetooth Controller - Qualcomm Atheros AR3012 Bluetooth 4.0 + HS.

Error: (08/07/2014 08:27:41 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:55:27 AM on ‎8/‎7/‎2014 was unexpected.

Error: (08/07/2014 08:25:53 AM) (Source: DCOM) (User: Samsung)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/07/2014 08:25:33 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/07/2014 08:25:33 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/07/2014 08:25:33 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/07/2014 08:24:06 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (08/07/2014 08:57:01 AM) (Source: Application Error)(User: )
Description: iexplore.exe10.0.9200.1702853a2084aMSHTML.dll10.0.9200.1702853a2120ac00000050000000000294abfb9801cfb257bfdc19d3C:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\SYSTEM32\MSHTML.dll7790ba42-1e4b-11e4-bea7-208984178b4f

Error: (08/07/2014 08:53:33 AM) (Source: Application Error)(User: )
Description: iexplore.exe10.0.9200.1702853a2084aMSHTML.dll10.0.9200.1702853a2120ac00000050000000000294abf10bc01cfb25763b31d75C:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\SYSTEM32\MSHTML.dllfbdcfdc4-1e4a-11e4-bea7-208984178b4f

Error: (08/07/2014 08:50:59 AM) (Source: Application Error)(User: )
Description: iexplore.exe10.0.9200.1702853a2084aMSHTML.dll10.0.9200.1702853a2120ac00000050000000000294abf136801cfb2573e10f6ceC:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\SYSTEM32\MSHTML.dll9f91ddab-1e4a-11e4-bea7-208984178b4f

Error: (08/07/2014 08:49:52 AM) (Source: Application Error)(User: )
Description: iexplore.exe10.0.9200.1702853a2084aMSHTML.dll10.0.9200.1702853a2120ac00000050000000000294abf125c01cfb2572ee5182cC:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\SYSTEM32\MSHTML.dll77c0513b-1e4a-11e4-bea7-208984178b4f

Error: (08/07/2014 08:49:24 AM) (Source: Application Error)(User: )
Description: iexplore.exe10.0.9200.1702853a2084aMSHTML.dll10.0.9200.1702853a2120ac00000050000000000294abf3bc01cfb2545ffaa426C:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\SYSTEM32\MSHTML.dll67400d20-1e4a-11e4-bea7-208984178b4f

Error: (08/07/2014 08:10:01 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: Samsung)
Description: microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe:Microsoft.WindowsLive.ModernPhotos.AppXsjk229593yvkhw8w13eans3t0eh9strp.wwa-2144927149

Error: (08/07/2014 08:09:40 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: Samsung)
Description: microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe:Microsoft.WindowsLive.ModernPhotos.AppXsjk229593yvkhw8w13eans3t0eh9strp.wwa-2144927149

Error: (08/07/2014 08:09:00 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: Samsung)
Description: microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe:Microsoft.WindowsLive.ModernPhotos.AppXsjk229593yvkhw8w13eans3t0eh9strp.wwa-2144927149

Error: (08/06/2014 10:20:11 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (08/06/2014 10:15:23 PM) (Source: Application Error)(User: )
Description: MsiExec.exe5.0.9200.163845010a60bMSVCR100.dll10.0.40219.14d5f0c22c000000500013157125c01cfb1fe7808fbf6C:\Windows\syswow64\MsiExec.exeC:\Windows\SYSTEM32\MSVCR100.dlld510e572-1df1-11e4-bea3-208984178b4f

 

=========================== Installed Programs ============================
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
S Agent (Version: 1.1.47 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{D2B5F1E3-EA56-4D84-A453-A213B32974CB}) (Version: 2.1.25 - Samsung Electronics CO., LTD.)
Trend Micro Titanium (Version: 7.0 - Trend Micro Inc.) Hidden
Trend Micro Titanium Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 7.0 - Trend Micro Inc.)

========================= Devices: ================================

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 3547.09 MB
Available physical RAM: 1986.68 MB
Total Pagefile: 4187.09 MB
Available Pagefile: 2392.34 MB
Total Virtual: 4095.88 MB
Available Virtual: 3975.43 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:440.17 GB) (Free:393.39 GB) NTFS

========================= Users: ========================================

User accounts for \\SAMSUNG

Administrator            Guest                    Karen S                 

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

17-07-2014 20:24:58 Windows Update
22-07-2014 05:52:44 Windows Update
26-07-2014 16:38:58 Windows Update
30-07-2014 19:07:22 Windows Update
05-08-2014 01:36:50 Windows Update
05-08-2014 03:07:51 Restore Operation
05-08-2014 04:06:35 Installed SW Update

**** End of log ****






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users