Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus or hijack?


  • This topic is locked This topic is locked
6 replies to this topic

#1 rmshaff1

rmshaff1

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington
  • Local time:05:04 AM

Posted 31 May 2015 - 05:53 PM

I am desperate at this point!

Something is going on with my computer and I just can't figure out exactly how to stop it. I have a HP Pavilion DV7-7121nr laptop, I rely on it for work, as I work at home so its very imperative that I can fix this. I am pretty sure that this has something to do with a network but since I am not computer literate, I am not sure what to look for. I recently installed the windows 8.1 update and thats when I really noticed big problems although I was pretty sure they were there before. 

I ran a thorough scan with Avast antivirus and the network scan said my router was infected. Certain programs and software don't work, for example, Internet Explorer stopped working ~ it will open but I cannot type anything into it. Nothing seems to update, my drivers are wrong, my graphics are horrible and they should be HD. The sound is working but very tinny and generic sounding, it had beats mobile on it. The programs are all "old" looking, like they are from old versions of windows but maybe thats my graphics. I have turned off remote connections yet they still get in. I am using wifi on my laptop but have a router wired to desktop computer. I used to be able to log in to router page from my laptop and change the password which i did frequently, but now I am unable to. I can log in from desktop but according to the antivirus program, it says my user name and password are too weak and its not the same as the one I use. If you can offer any help I would be forever grateful! I have tried all kinds of things, but the "advice" I keep getting isnt working. I've ran scans, fixes, anything I could find and nothing. I reset the router but it didnt seem to change anything at all. I hope I have explained it enough but please if you need me to tell you anything at all, let me know! 

Thank you so much in advance~

 

Here is the Frst scan:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-05-2015
Ran by Rita (administrator) on RITAS on 31-05-2015 13:47:06
Running from C:\Users\Rita\Downloads
Loaded Profiles: Rita (Available Profiles: Rita)
Platform: Microsoft Windows 8.1 Pro (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Users\Rita\Desktop\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Hewlett-Packard Company) C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Users\Rita\Desktop\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
(ATI Technologies Inc.) C:\Users\Rita\Desktop\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Insight Software Solutions, Inc.) C:\Program Files\ShortKeys 3\shortkey.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Kayako Infotech Ltd.) C:\Program Files\Kayako\Desktop\KayakoDesktop.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x86__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16.0.3327.1043_x86__8wekyb3d8bbwe\onenoteim.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\...\Run: [StartCCC] => C:\Users\Rita\Desktop\ATI.ACE\Core-Static\x86\CLIStart.exe [748232 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [HP CoolSense] => C:\Program Files\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM Group Policy restriction on software: C:\Windows\System32\comsvcs.dll <====== ATTENTION
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [28919424 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [370912 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\...\Run: [AppleIEDAV] => C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe [1079592 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Heimdal.lnk [2015-05-31]
ShortcutTarget: Heimdal.lnk -> C:\Program Files\Heimdal\Client\HeimdalAgent.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ShortKeys 3.lnk [2015-05-27]
ShortcutTarget: ShortKeys 3.lnk -> C:\Program Files\ShortKeys 3\shortkey.exe (Insight Software Solutions, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3649269765-1493721424-2895019357-1001 -> {CA852356-48DC-43AA-BA3A-DCFC03D89431} URL = http://www.youtube.com/results?search_query={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-22] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-22] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-05-22] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\..\Interfaces\{DE1CC5D0-0765-477C-A40D-659C2C5F8877}: [NameServer] 8.8.8.8 4.2.2.3
 
FireFox:
========
FF ProfilePath: C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\r90e9flw.default
FF DefaultSearchEngine.US: Google
FF NetworkProxy: "type", 0
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-22] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-30]
CHR Extension: (Google Docs) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-30]
CHR Extension: (Google Drive) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-30]
CHR Extension: (YouTube) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-30]
CHR Extension: (Google Search) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-30]
CHR Extension: (Google Sheets) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-30]
CHR Extension: (Bookmark Manager) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-30]
CHR Extension: (Google Wallet) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-30]
CHR Extension: (Gmail) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-30]
CHR Profile: C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (OpenOffice Writer on rollApp) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aefnmlhnadcihhnfplfbmcmodoiannan [2015-05-31]
CHR Extension: (Google Drive) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-30]
CHR Extension: (YouTube) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-30]
CHR Extension: (Google Search) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-30]
CHR Extension: (Gmail Offline) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-05-31]
CHR Extension: (Word Online) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2015-05-31]
CHR Extension: (Bookmark Manager) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-30]
CHR Extension: (HackerTarget.com) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gnikiapabimimdaghiakglffkdplamfp [2015-05-31]
CHR Extension: (CloudConvert) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hfpmbfgodkfcebpgheiedaddoikmljkk [2015-05-31]
CHR Extension: (My IP) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ikbgmfgkdplpkdnamkjbdanfcgfeejmg [2015-05-31]
CHR Extension: (Excel Online) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2015-05-31]
CHR Extension: (Online PDF Tools) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jddfpnmfhodaljeelokfceepbeapgbdn [2015-05-31]
CHR Extension: (ZeroPC Cloud) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kgkinkhhmalgmcpcjlohfoencnigfngl [2015-05-31]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-30]
CHR Extension: (OneDrive) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2015-05-31]
CHR Extension: (TextNow) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nkjdngkmnogclafejjgbgjjegoaahihg [2015-05-31]
CHR Extension: (Google Wallet) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-30]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2015-05-31]
CHR Extension: (Outlook.com) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2015-05-31]
CHR Extension: (Gmail) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-30]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Users\Rita\Desktop\ATI.ACE\Fuel\Fuel.Service.exe [276992 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
S3 BthHFSrv; C:\WINDOWS\System32\BthHFSrv.dll [250880 2014-11-21] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1856176 2015-04-07] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 NZERDP; C:\Users\Rita\AppData\Local\Temp\NZERDP.exe [531328 2015-05-31] (Sysinternals - www.sysinternals.com) [File not signed]
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [103936 2014-11-21] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [284488 2015-05-21] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2014-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22200 2015-05-21] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [15528 2012-09-22] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Users\Rita\Desktop\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [187072 2014-10-28] (AppEx Networks Corporation)
R3 athr; C:\WINDOWS\system32\DRIVERS\athw8.sys [2795520 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB3.sys [200704 2014-06-21] (Advanced Micro Devices)
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-11-21] (Microsoft Corporation)
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [10320 2013-09-30] ()
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [34504 2015-05-27] (Synaptics Incorporated)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [84800 2015-05-21] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver86.sys [18752 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-11-21] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [190976 2014-11-21] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-31 13:47 - 2015-05-31 13:47 - 00018473 _____ () C:\Users\Rita\Downloads\FRST.txt
2015-05-31 13:46 - 2015-05-31 13:47 - 00000000 ____D () C:\FRST
2015-05-31 13:43 - 2015-05-31 13:43 - 01147392 _____ (Farbar) C:\Users\Rita\Downloads\FRST.exe
2015-05-31 13:41 - 2015-05-31 13:41 - 00000470 _____ () C:\Users\Rita\Downloads\defogger_disable.log
2015-05-31 13:41 - 2015-05-31 13:41 - 00000000 _____ () C:\Users\Rita\defogger_reenable
2015-05-31 13:38 - 2015-05-31 13:38 - 00050477 _____ () C:\Users\Rita\Downloads\Defogger.exe
2015-05-31 13:11 - 2015-05-31 13:11 - 00005686 _____ () C:\Users\Rita\Downloads\Room List 5-31 Basecamp.csv
2015-05-31 13:01 - 2015-05-31 13:01 - 205734963 _____ () C:\WINDOWS\MEMORY.DMP
2015-05-31 13:01 - 2015-05-31 13:01 - 00149136 _____ () C:\WINDOWS\Minidump\053115-21156-01.dmp
2015-05-31 13:01 - 2015-05-31 13:01 - 00000000 ____D () C:\WINDOWS\Minidump
2015-05-31 12:50 - 2015-05-31 12:50 - 00035935 _____ () C:\Users\Rita\Desktop\dds.txt
2015-05-31 12:50 - 2015-05-31 12:50 - 00018610 _____ () C:\Users\Rita\Desktop\attach.txt
2015-05-31 12:43 - 2015-05-31 12:44 - 00688992 ____R (Swearware) C:\Users\Rita\Downloads\dds.com
2015-05-31 12:41 - 2015-01-14 11:27 - 02894848 _____ () C:\WINDOWS\system32\pwNative.exe
2015-05-31 12:41 - 2013-09-30 16:26 - 00015688 ____N () C:\WINDOWS\system32\pwdrvio.sys
2015-05-31 12:40 - 2013-09-30 16:26 - 00010320 ____N () C:\WINDOWS\system32\pwdspio.sys
2015-05-31 12:38 - 2015-05-31 13:44 - 00000000 ____D () C:\Program Files\MiniTool Partition Wizard Free 9.0
2015-05-31 12:30 - 2015-05-31 12:30 - 31973976 _____ (MiniTool Solution Ltd. ) C:\Users\Rita\Downloads\pwfree9.exe
2015-05-31 12:29 - 2015-05-31 12:29 - 00000000 ____D () C:\Users\Rita\Downloads\TCPView
2015-05-31 12:28 - 2015-05-31 12:28 - 00291606 _____ () C:\Users\Rita\Downloads\TCPView.zip
2015-05-31 11:50 - 2015-05-31 11:51 - 00000000 ____D () C:\Users\Rita\Downloads\RootkitRevealer
2015-05-31 11:50 - 2015-05-31 11:50 - 00231390 _____ () C:\Users\Rita\Downloads\RootkitRevealer.zip
2015-05-31 11:49 - 2015-05-31 11:49 - 00464491 _____ () C:\Users\Rita\Downloads\RootRepeal (1).zip
2015-05-31 11:47 - 2015-05-31 11:47 - 00464491 _____ () C:\Users\Rita\Downloads\RootRepeal.zip
2015-05-31 11:43 - 2015-05-31 11:43 - 04177016 _____ (CSIS Security Group) C:\Users\Rita\Downloads\HeimdalSetup.exe
2015-05-31 11:43 - 2015-05-31 11:43 - 00000000 ____D () C:\ProgramData\CSIS
2015-05-31 01:01 - 2015-05-31 01:01 - 00001166 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-31 01:01 - 2015-05-31 01:01 - 00001154 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-31 01:01 - 2015-05-31 01:01 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Mozilla
2015-05-31 01:01 - 2015-05-31 01:01 - 00000000 ____D () C:\Users\Rita\AppData\Local\Mozilla
2015-05-31 01:01 - 2015-05-31 01:01 - 00000000 ____D () C:\ProgramData\Mozilla
2015-05-31 01:01 - 2015-05-31 01:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-31 01:00 - 2015-05-31 01:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-05-31 00:59 - 2015-05-31 00:59 - 00243344 _____ () C:\Users\Rita\Downloads\Firefox Setup Stub 38.0.1.exe
2015-05-31 00:24 - 2015-05-31 00:24 - 00000017 _____ () C:\Users\Rita\AppData\Local\resmon.resmoncfg
2015-05-30 22:33 - 2015-05-31 13:27 - 00002412 _____ () C:\Users\Rita\Desktop\Rita - Chrome.lnk
2015-05-30 22:32 - 2015-05-30 22:32 - 00208804 ____H () C:\WINDOWS\system32\mlfcache.dat
2015-05-30 17:15 - 2015-05-30 17:15 - 00008707 _____ () C:\Users\Rita\Desktop\Book1.xlsx
2015-05-30 15:04 - 2015-05-30 15:04 - 00000000 ____D () C:\WINDOWS\Sun
2015-05-30 13:01 - 2015-05-30 13:01 - 00002302 _____ () C:\Users\Rita\Desktop\Chrome App Launcher.lnk
2015-05-30 13:01 - 2015-05-30 13:01 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-30 12:53 - 2015-05-31 11:07 - 00000000 ____D () C:\Users\Rita\AppData\Local\20F87B15-4F03-49D2-9A74-8699A7C8C9F1.aplzod
2015-05-30 12:52 - 2015-05-31 13:04 - 00000000 ___RD () C:\Users\Rita\iCloudDrive
2015-05-30 12:52 - 2015-05-31 00:23 - 00000000 ____D () C:\Users\Rita\Documents\Outlook Files
2015-05-30 12:52 - 2015-05-30 12:52 - 00000000 ____D () C:\Users\Rita\AppData\Local\Apple Inc
2015-05-30 12:41 - 2015-05-30 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-05-30 12:40 - 2015-05-30 12:56 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak2
2015-05-30 12:40 - 2015-05-30 12:40 - 00001860 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-05-30 12:40 - 2015-05-30 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-05-30 12:39 - 2015-05-30 12:40 - 00000000 ____D () C:\Program Files\QuickTime
2015-05-29 23:14 - 2015-05-30 17:16 - 00001735 _____ () C:\Users\Rita\Desktop\keno 5-30.txt
2015-05-29 21:05 - 2015-05-30 22:38 - 00001798 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-05-29 21:05 - 2015-05-30 12:58 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Apple Computer
2015-05-29 21:05 - 2015-05-30 12:55 - 00000000 ____D () C:\Users\Rita\AppData\Local\Apple Computer
2015-05-29 21:05 - 2015-05-29 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-29 21:04 - 2012-10-03 16:14 - 00026840 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2015-05-29 21:03 - 2015-05-31 00:34 - 00000000 ____D () C:\Program Files\iTunes
2015-05-29 21:03 - 2015-05-30 12:52 - 00000000 ____D () C:\Users\Rita\AppData\Local\Apple
2015-05-29 21:03 - 2015-05-29 21:04 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-05-29 21:03 - 2015-05-29 21:03 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-05-29 21:03 - 2015-05-29 21:03 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-05-29 21:03 - 2015-05-29 21:03 - 00000000 ____D () C:\Program Files\iPod
2015-05-29 21:03 - 2015-05-29 21:03 - 00000000 ____D () C:\Program Files\Apple Software Update
2015-05-29 21:02 - 2015-05-30 12:40 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-29 21:02 - 2015-05-29 21:03 - 00000000 ____D () C:\ProgramData\Apple
2015-05-29 21:02 - 2015-05-29 21:03 - 00000000 ____D () C:\Program Files\Bonjour
2015-05-29 16:16 - 2015-05-29 16:16 - 00000000 ____D () C:\Users\Rita\AppData\Local\AMD
2015-05-29 16:15 - 2015-05-29 16:15 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\ATI
2015-05-29 16:15 - 2015-05-29 16:15 - 00000000 ____D () C:\Users\Rita\AppData\Local\ATI
2015-05-29 16:15 - 2015-05-29 16:15 - 00000000 ____D () C:\Users\Rita\AppData\Local\AppEx Networks
2015-05-29 16:15 - 2015-05-29 16:15 - 00000000 ____D () C:\ProgramData\ATI
2015-05-29 16:13 - 2015-05-31 12:59 - 00065536 _____ () C:\WINDOWS\system32\spu_storage.bin
2015-05-29 16:06 - 2015-05-29 16:06 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\library_dir
2015-05-29 16:05 - 2015-05-29 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2015-05-29 16:05 - 2015-05-29 16:05 - 00000000 ____D () C:\Program Files\AMD Quick Stream
2015-05-29 16:05 - 2015-05-29 16:05 - 00000000 ____D () C:\Program Files\AMD AVT
2015-05-29 16:05 - 2014-10-28 14:24 - 00187072 _____ (AppEx Networks Corporation) C:\WINDOWS\system32\Drivers\appexDrv.sys
2015-05-29 16:04 - 2015-05-29 16:04 - 00062404 _____ () C:\WINDOWS\system32\CCCInstall_201505291604583168.log
2015-05-29 16:04 - 2015-05-29 16:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-05-29 16:03 - 2015-05-29 16:05 - 00000000 ____D () C:\ProgramData\AMD
2015-05-29 16:02 - 2015-05-29 16:02 - 00000000 ____D () C:\Program Files\AMD
2015-05-29 16:01 - 2015-05-29 16:04 - 00000000 ____D () C:\Users\Rita\Desktop\ATI.ACE
2015-05-29 15:58 - 2015-05-29 15:58 - 00000000 ____D () C:\AMD
2015-05-29 15:23 - 2015-05-29 15:23 - 00011891 _____ () C:\Users\Rita\Downloads\Schedule Effective May 30 - June 5.xlsx
2015-05-29 00:05 - 2015-05-29 15:20 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak1
2015-05-28 16:10 - 2015-05-30 23:29 - 00000000 ____D () C:\Users\Rita\AppData\Local\Microsoft Help
2015-05-28 15:50 - 2015-05-28 15:50 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-05-28 15:50 - 2015-05-28 15:50 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2015-05-28 13:27 - 2015-05-28 13:27 - 00000299 _____ () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2015-05-28 13:09 - 2015-05-28 13:23 - 00000000 ____D () C:\ProgramData\RiYtkJ
2015-05-28 13:08 - 2015-05-28 13:23 - 00000000 ____D () C:\Program Files\ORBTR
2015-05-28 13:08 - 2015-05-28 13:22 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Desktop Search
2015-05-28 13:08 - 2015-05-28 13:22 - 00000000 ____D () C:\ProgramData\DesktopSearch
2015-05-28 13:08 - 2015-05-28 13:11 - 00000000 ____D () C:\Users\Rita\AppData\Local\WebBar
2015-05-28 13:08 - 2015-05-28 13:08 - 00000000 ____D () C:\ProgramData\InstallSightSDK
2015-05-28 13:07 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\Edu App
2015-05-28 12:09 - 2015-05-29 01:41 - 00000000 ____D () C:\Users\Rita\AppData\Local\avabvcxvyx
2015-05-28 12:08 - 2015-05-28 13:22 - 00000000 ____D () C:\ProgramData\{d1c9f557-9291-ae4c-d1c9-9f557929d55e}
2015-05-28 12:08 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\WebBar
2015-05-28 12:08 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\BubbleSound
2015-05-28 12:08 - 2015-05-28 12:09 - 00000000 ____D () C:\Program Files\SearchProtect
2015-05-28 12:08 - 2015-05-28 12:08 - 00000000 ____D () C:\Users\Rita\AppData\Local\SearchProtect
2015-05-28 11:59 - 2015-05-28 12:03 - 00000000 ____D () C:\Users\Rita\AppData\Local\Games Bot
2015-05-28 11:56 - 2015-05-28 12:08 - 00000112 _____ () C:\ProgramData\551a7ju.dat
2015-05-28 11:40 - 2015-05-28 11:40 - 00000000 ____D () C:\Users\Rita\AppData\Local\Consumer Input
2015-05-28 11:39 - 2015-05-28 13:23 - 00000000 ____D () C:\Program Files\CinemaPlus-3.2cV28.05
2015-05-28 11:39 - 2015-05-28 13:22 - 00000000 ____D () C:\Users\Rita\AppData\Local\gmsd_us_627
2015-05-28 11:39 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\gmsd_us_627
2015-05-28 11:39 - 2015-05-28 11:39 - 00000005 _____ () C:\end
2015-05-28 11:38 - 2015-05-28 13:23 - 00000000 ____D () C:\Program Files\Coupoon
2015-05-28 11:38 - 2015-05-28 11:51 - 00000000 ____D () C:\ProgramData\abc
2015-05-28 11:38 - 2015-05-28 11:38 - 00000000 ____D () C:\Users\Rita\AppData\Local\Crossbrowse
2015-05-28 11:37 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\Consumer Input
2015-05-28 11:37 - 2015-05-28 11:37 - 00000000 ____D () C:\Program Files\Crossbrowse
2015-05-28 11:36 - 2015-05-28 13:23 - 00000000 ____D () C:\ProgramData\FlashBeat
2015-05-28 11:36 - 2015-05-28 13:22 - 00000000 ____D () C:\ProgramData\0f8be51fc7a84a16a49ae00b238d2a95
2015-05-28 11:36 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\Common Files\Umbrella
2015-05-28 11:36 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\Common Files\IMGUpdater
2015-05-28 11:36 - 2015-05-28 11:36 - 00000000 ____D () C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-05-28 11:36 - 2015-05-28 11:36 - 00000000 ____D () C:\Program Files\Iminent
2015-05-28 11:35 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\Infonaut_1.10.0.14
2015-05-28 11:34 - 2015-05-28 11:34 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Super Optimizer
2015-05-28 11:32 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\user extensions
2015-05-28 11:32 - 2015-05-28 11:32 - 00000064 _____ () C:\Users\Rita\AppData\Local\026917dab9ae4d79f21beb64d61a7123
2015-05-28 11:32 - 2015-05-28 11:32 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Tny_cassiopesa
2015-05-28 11:31 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\Tny_Cassiopesa
2015-05-28 11:31 - 2015-05-28 11:31 - 00000000 ____D () C:\Users\Rita\AppData\Local\Boost
2015-05-28 11:31 - 2015-05-28 11:31 - 00000000 ____D () C:\ProgramData\{CA4E228D-9ACC-F30B-2B4A-8389FBC85007}
2015-05-28 11:30 - 2015-05-28 11:30 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Itibiti
2015-05-28 11:29 - 2015-05-28 13:23 - 00000000 ____D () C:\Program Files\SafeGuard
2015-05-28 11:29 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\Itibiti Soft Phone
2015-05-28 11:29 - 2015-05-28 11:29 - 00000000 ____D () C:\Users\Rita\AppData\Local\SafeGuard
2015-05-28 11:28 - 2015-05-28 13:23 - 00000000 ____D () C:\Program Files\Super Optimizer
2015-05-28 11:28 - 2015-05-28 13:22 - 00000000 ____D () C:\ProgramData\{bdcdc238-cfa5-616c-bdcd-dc238cfa08e3}
2015-05-28 11:27 - 2015-05-28 13:22 - 00000000 ____D () C:\Users\Rita\AppData\Local\205DE133-1432812431-E111-A2AB-F678E23D4077
2015-05-28 11:26 - 2015-05-28 13:22 - 00000000 ____D () C:\Users\Rita\AppData\Local\205DE133-1432812413-E111-A2AB-F678E23D4077
2015-05-28 11:24 - 2015-05-28 13:22 - 00000000 ____D () C:\Users\Rita\AppData\Local\205DE133-1432812273-E111-A2AB-F678E23D4077
2015-05-28 11:23 - 2015-05-29 01:52 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\205DE133-1432837422-E111-A2AB-F678E23D4077
2015-05-28 11:22 - 2015-05-28 11:22 - 00000000 ____D () C:\Users\Rita\AppData\Local\globalUpdate
2015-05-28 11:22 - 2015-05-28 11:22 - 00000000 ____D () C:\Program Files\globalUpdate
2015-05-28 11:21 - 2015-05-28 13:23 - 00000000 ____D () C:\Program Files\HQCinema Pro 2.1V28.05
2015-05-28 11:11 - 2015-05-28 11:12 - 00000000 ____D () C:\Users\Rita\Documents\Insight Software
2015-05-27 11:13 - 2015-05-27 11:13 - 01637784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00472264 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-05-27 11:13 - 2015-05-27 11:13 - 00419528 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00217800 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00206536 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo27.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00034504 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF.sys
2015-05-27 09:57 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\ShortKeys 3
2015-05-27 09:57 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\Common Files\Insight Software Solutions
2015-05-27 09:57 - 2015-05-27 09:57 - 00001047 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShortKeys 3.lnk
2015-05-27 09:57 - 2015-05-27 09:57 - 00000000 ____D () C:\ProgramData\Insight Software Solutions
2015-05-27 09:55 - 2015-05-27 09:55 - 07403160 _____ () C:\Users\Rita\Downloads\shkey.exe
2015-05-26 12:28 - 2015-05-28 13:22 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-26 01:54 - 2015-05-31 11:33 - 00000000 ____D () C:\Users\Rita\Desktop\sherlock
2015-05-26 01:54 - 2015-04-30 13:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-26 01:54 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-05-25 19:48 - 2015-05-25 19:48 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2015-05-25 19:08 - 2015-05-25 19:08 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-05-25 19:08 - 2015-05-25 19:08 - 00000000 ____D () C:\Program Files\MSBuild
2015-05-25 19:05 - 2013-08-02 21:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-05-25 19:02 - 2015-05-25 19:48 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\PortForward.com
2015-05-25 19:02 - 2015-05-25 19:02 - 00000000 ____D () C:\Users\Rita\AppData\Local\Downloaded Installations
2015-05-24 15:13 - 2015-05-24 15:13 - 00000000 ___RD () C:\Users\Rita\Documents\Notes
2015-05-24 13:14 - 2015-05-24 13:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-24 13:13 - 2015-05-24 13:13 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-23 22:39 - 2015-05-23 22:39 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2015-05-23 22:30 - 2015-05-23 22:30 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-05-23 21:05 - 2015-05-23 21:05 - 00009080 _____ () C:\Users\Rita\Documents\ASTEROIDS NIGHT.xlsx
2015-05-23 19:42 - 2015-05-23 19:42 - 00009646 _____ () C:\Users\Rita\Documents\KENO CLAIMS.xlsx
2015-05-23 13:14 - 2015-05-23 13:14 - 00000000 __RHD () C:\MSOCache
2015-05-23 12:16 - 2015-05-23 12:16 - 00000357 _____ () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2015-05-23 03:27 - 2015-05-23 03:27 - 00000600 _____ () C:\Users\Rita\Documents\bentley.txt
2015-05-23 02:51 - 2015-01-05 19:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-05-23 02:51 - 2015-01-05 19:17 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-05-23 02:51 - 2015-01-05 18:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-05-23 02:50 - 2015-04-24 13:49 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-23 02:50 - 2015-04-15 23:22 - 00259928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-05-23 02:50 - 2015-04-13 15:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-05-23 02:50 - 2015-04-09 17:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-05-23 02:50 - 2015-04-08 15:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rgb9rast.dll
2015-05-23 02:50 - 2015-04-08 15:07 - 00410336 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-23 02:50 - 2015-04-01 15:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-05-23 02:50 - 2015-03-31 19:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-05-23 02:50 - 2015-03-31 19:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-05-23 02:50 - 2015-03-31 19:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-05-23 02:50 - 2015-03-31 19:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-05-23 02:50 - 2015-03-31 19:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-05-23 02:50 - 2015-03-31 19:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-05-23 02:50 - 2015-03-19 19:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-05-23 02:50 - 2015-03-19 18:57 - 00873984 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-05-23 02:50 - 2015-03-04 16:08 - 00977920 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-23 02:50 - 2015-03-01 18:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-05-23 02:40 - 2015-05-23 02:40 - 00000178 _____ () C:\Users\Rita\Documents\location.txt
2015-05-23 02:29 - 2015-05-23 02:29 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-05-23 02:28 - 2015-05-23 02:32 - 00000000 ____D () C:\Users\Rita\AppData\Local\PackageStaging
2015-05-23 01:12 - 2015-05-23 02:32 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak
2015-05-22 23:02 - 2015-05-22 23:02 - 00000178 _____ () C:\Users\Rita\keno 5-23.txt
2015-05-22 20:10 - 2015-05-25 19:21 - 00002182 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-22 20:10 - 2015-05-22 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-22 20:09 - 2015-05-31 13:19 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-22 20:09 - 2015-05-31 13:03 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-22 20:09 - 2015-05-22 20:10 - 00000000 ____D () C:\Program Files\Google
2015-05-22 20:08 - 2015-05-22 20:10 - 00000000 ____D () C:\Users\Rita\AppData\Local\Google
2015-05-22 19:52 - 2015-05-22 19:52 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-05-22 19:52 - 2015-05-22 19:52 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-05-22 19:48 - 2015-05-22 19:48 - 00011784 _____ () C:\Users\Rita\Downloads\Schedule Effective May 23 - May 29.xlsx
2015-05-22 19:40 - 2015-05-22 19:40 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-05-22 19:35 - 2015-05-22 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-22 19:33 - 2015-05-22 19:33 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-05-22 18:46 - 2015-05-22 23:00 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\TeamViewer
2015-05-22 18:38 - 2015-05-31 13:43 - 00000000 ____D () C:\Program Files\TeamViewer
2015-05-22 17:18 - 2015-05-22 17:18 - 00000000 ____D () C:\Users\Rita\Tracing
2015-05-22 17:17 - 2015-05-31 13:42 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Skype
2015-05-22 17:17 - 2015-05-29 15:17 - 00000000 ___RD () C:\Program Files\Skype
2015-05-22 17:17 - 2015-05-22 17:17 - 00002701 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-05-22 17:17 - 2015-05-22 17:17 - 00000000 ____D () C:\Users\Rita\AppData\Local\Skype
2015-05-22 17:17 - 2015-05-22 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-05-22 17:17 - 2015-05-22 17:17 - 00000000 ____D () C:\Program Files\Common Files\Skype
2015-05-22 16:53 - 2015-05-22 16:54 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-22 16:53 - 2015-05-22 16:53 - 00096352 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-05-22 16:53 - 2015-05-22 16:53 - 00000000 ____D () C:\ProgramData\Sun
2015-05-22 16:53 - 2015-05-22 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-22 16:53 - 2015-05-22 16:53 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-05-22 16:52 - 2015-05-22 16:52 - 00000000 ____D () C:\Program Files\Java
2015-05-22 16:45 - 2015-05-28 13:15 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-22 16:45 - 2015-05-22 16:45 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Kayako
2015-05-22 16:34 - 2015-05-22 16:34 - 00000000 ____D () C:\4c8cd9ddf9fa745ccf35863725
2015-05-22 16:21 - 2015-05-22 17:17 - 00000000 ____D () C:\ProgramData\Skype
2015-05-22 16:20 - 2015-05-22 16:21 - 43031680 _____ (Skype Technologies S.A.) C:\Users\Rita\Downloads\SkypeSetupFull.exe
2015-05-22 16:20 - 2015-05-22 16:20 - 00000000 ____D () C:\Program Files\Kayako
2015-05-22 15:35 - 2015-05-22 15:35 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-RITAS-Windows-8.1-Pro-(32-bit).dat
2015-05-22 15:35 - 2015-05-22 15:35 - 00000000 ____D () C:\RegBackup
2015-05-22 14:45 - 2015-05-22 14:45 - 00000000 _____ () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-05-22 14:34 - 2015-05-22 14:34 - 00000000 ____D () C:\Users\Rita\Documents\Security
2015-05-22 14:28 - 2015-05-22 17:31 - 00045698 __RSH () C:\ProgramData\ntuser.pol
2015-05-22 13:57 - 2014-04-15 16:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-05-22 13:56 - 2015-01-19 11:36 - 01192552 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-05-22 13:55 - 2015-03-22 15:44 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-05-22 13:55 - 2015-03-22 15:07 - 00896000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-05-22 13:55 - 2015-03-22 15:07 - 00859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-05-22 13:55 - 2015-03-22 15:07 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-05-22 13:55 - 2015-03-22 15:07 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-05-22 13:55 - 2015-03-22 15:07 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-05-22 13:55 - 2015-03-22 15:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-05-22 13:55 - 2015-01-28 17:56 - 00602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-05-22 13:55 - 2014-12-02 16:09 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-05-22 13:55 - 2014-11-09 16:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-05-22 13:54 - 2014-07-23 20:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-05-21 23:57 - 2015-05-28 13:22 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-05-21 23:54 - 2015-05-21 23:54 - 00000000 __SHD () C:\Users\Rita\AppData\Local\EmieUserList
2015-05-21 23:54 - 2015-05-21 23:54 - 00000000 __SHD () C:\Users\Rita\AppData\Local\EmieSiteList
2015-05-21 23:54 - 2015-05-21 23:54 - 00000000 __SHD () C:\Users\Rita\AppData\Local\EmieBrowserModeList
2015-05-21 23:42 - 2015-05-21 23:44 - 00002256 _____ () C:\Users\Rita\Documents\Default.rdp
2015-05-21 23:37 - 2015-05-21 23:29 - 00000000 ___DC () C:\WINDOWS\Panther
2015-05-21 23:33 - 2015-05-21 23:33 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-21 23:33 - 2015-05-21 23:33 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-05-21 23:33 - 2015-05-21 23:33 - 00376128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-21 23:33 - 2015-05-21 23:33 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-05-21 23:33 - 2015-05-21 23:33 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-05-21 23:33 - 2015-05-21 23:33 - 00049664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-21 23:32 - 2015-05-31 13:05 - 00000000 ____D () C:\Users\Rita\OneDrive
2015-05-21 23:32 - 2015-05-21 23:32 - 03040768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 02309120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-05-21 23:32 - 2015-05-21 23:32 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-05-21 23:32 - 2015-05-21 23:32 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-05-21 23:31 - 2015-05-21 23:31 - 01117696 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-21 23:31 - 2015-05-21 23:31 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-05-21 23:31 - 2015-05-21 23:31 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-05-21 23:31 - 2015-05-21 23:31 - 00478776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-21 23:30 - 2015-05-21 23:30 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-05-21 23:30 - 2015-05-21 23:30 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-05-21 23:30 - 2015-05-21 23:30 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-05-21 23:30 - 2015-05-21 23:30 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-05-21 23:30 - 2015-05-21 23:30 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-05-21 23:30 - 2015-05-21 23:30 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-05-21 23:30 - 2015-05-21 23:30 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-21 23:30 - 2015-05-21 23:30 - 00083456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-05-21 23:30 - 2015-05-21 23:30 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-05-21 23:30 - 2015-05-21 23:30 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-05-21 23:29 - 2015-05-21 23:29 - 00001446 _____ () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-21 23:28 - 2015-05-21 23:28 - 00485544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-05-21 23:28 - 2015-05-21 23:28 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-05-21 23:28 - 2015-05-21 23:28 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-05-21 23:28 - 2015-05-21 23:28 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-05-21 23:28 - 2015-05-21 23:28 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-05-21 23:28 - 2015-05-21 23:28 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-05-21 23:28 - 2015-05-21 23:28 - 00000020 ___SH () C:\Users\Rita\ntuser.ini
2015-05-21 23:27 - 2015-05-21 23:27 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 03999232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 02975744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 01856320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-05-21 23:27 - 2015-05-21 23:27 - 00897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-05-21 23:27 - 2015-05-21 23:27 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00869696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-05-21 23:27 - 2015-05-21 23:27 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-05-21 23:27 - 2015-05-21 23:27 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-05-21 23:27 - 2015-05-21 23:27 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00410944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00335168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00286528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-05-21 23:27 - 2015-05-21 23:27 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-05-21 23:27 - 2015-05-21 23:27 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-05-21 23:27 - 2015-05-21 23:27 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-05-21 23:27 - 2015-05-21 23:27 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-05-21 23:27 - 2015-05-21 23:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-05-21 23:27 - 2015-05-21 23:27 - 00083456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00076096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00069440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00051520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00045888 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00041792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-05-21 23:27 - 2015-05-21 23:27 - 00036160 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00022528 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00019968 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-05-21 23:26 - 2015-05-21 23:26 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-05-21 23:26 - 2015-05-21 23:26 - 00227136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-05-21 23:26 - 2015-05-21 23:26 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-05-21 23:26 - 2015-05-21 23:26 - 00084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-05-21 23:26 - 2015-05-21 23:26 - 00038392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-05-21 23:26 - 2015-05-21 23:26 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 03543552 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-21 23:25 - 2015-05-21 23:25 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 01088512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 00148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-05-21 23:25 - 2015-05-21 23:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-05-21 23:25 - 2015-05-21 23:25 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-21 23:24 - 2015-05-21 23:24 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 01619968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00738112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-05-21 23:24 - 2015-05-21 23:24 - 00529352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-05-21 23:24 - 2015-05-21 23:24 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00333624 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-21 23:24 - 2015-05-21 23:24 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00224168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-05-21 23:24 - 2015-05-21 23:24 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-05-21 23:24 - 2015-05-21 23:24 - 00041296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-05-21 23:24 - 2015-05-21 23:24 - 00035840 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-21 23:23 - 2015-05-21 23:23 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-21 23:23 - 2015-05-21 23:23 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-21 23:23 - 2015-05-21 23:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-21 23:22 - 2015-05-21 23:22 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-05-21 23:22 - 2015-05-21 23:22 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-05-21 23:22 - 2015-05-21 23:22 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-05-21 23:22 - 2015-05-21 23:22 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-21 23:22 - 2015-05-21 23:22 - 00279360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-05-21 23:22 - 2015-05-21 23:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-05-21 23:22 - 2015-05-21 23:22 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-05-21 23:21 - 2015-05-21 23:21 - 05782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-05-21 23:21 - 2015-05-21 23:21 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-21 23:21 - 2015-05-21 23:21 - 01468920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-05-21 23:21 - 2015-05-21 23:21 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-05-21 23:21 - 2015-05-21 23:21 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-05-21 23:21 - 2015-05-21 23:21 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-05-21 23:21 - 2015-05-21 23:21 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-21 23:21 - 2015-05-21 23:21 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-05-21 23:21 - 2015-05-21 23:21 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-05-21 23:21 - 2015-05-21 23:21 - 00200000 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-21 23:21 - 2015-05-21 23:21 - 00131904 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-21 23:20 - 2015-05-21 23:20 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-05-21 23:19 - 2015-05-21 23:19 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-21 22:58 - 2015-05-31 13:23 - 01356465 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-21 22:57 - 2015-05-21 22:57 - 00021348 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-05-21 22:51 - 2015-05-24 16:51 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-05-21 22:49 - 2015-05-21 22:58 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2015-05-21 22:49 - 2015-05-21 22:58 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2015-05-21 22:49 - 2015-05-21 22:49 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-05-21 22:48 - 2015-05-31 13:41 - 00000000 ____D () C:\Users\Rita
2015-05-21 22:48 - 2015-05-28 13:22 - 00000000 ___RD () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-21 22:48 - 2015-05-28 13:22 - 00000000 ___RD () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-21 22:48 - 2015-05-28 13:22 - 00000000 ___RD () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-21 22:48 - 2014-11-21 17:58 - 00000369 _____ () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-21 22:48 - 2014-11-21 17:58 - 00000369 _____ () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-21 22:48 - 2013-08-22 01:17 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-21 22:40 - 2015-05-21 22:40 - 00000000 ____D () C:\Program Files\Synaptics
2015-05-21 22:40 - 2015-05-21 22:40 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-05-21 22:40 - 2015-05-21 22:40 - 00000000 _____ () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-05-21 22:40 - 2015-05-21 22:40 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2015-05-21 22:05 - 2015-05-21 22:58 - 00006680 _____ () C:\WINDOWS\comsetup.log
2015-05-21 20:42 - 2015-05-28 15:50 - 00000000 ____D () C:\ProgramData\Synaptics
2015-05-21 20:42 - 2015-05-21 20:42 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Synaptics
2015-05-21 20:30 - 2015-05-22 14:10 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-05-21 20:15 - 2015-03-03 06:16 - 00246920 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-05-21 19:28 - 2015-05-31 13:04 - 00000000 ____D () C:\Users\Rita\AppData\Local\Hewlett-Packard
2015-05-21 19:18 - 2015-05-21 19:18 - 00000052 _____ () C:\WINDOWS\system32\DOErrors.log
2015-05-21 19:17 - 2015-05-21 19:17 - 00000000 ____D () C:\Program Files\Hp
2015-05-21 19:15 - 2015-05-21 19:18 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-21 19:15 - 2015-04-30 10:07 - 137310008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-21 19:13 - 2015-05-31 11:20 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\hpqLog
2015-05-21 19:13 - 2015-05-31 11:20 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-05-21 19:13 - 2015-05-21 19:13 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-05-21 19:03 - 2015-05-21 19:03 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Macromedia
2015-05-21 18:50 - 2015-05-21 18:50 - 00000156 _____ () C:\WINDOWS\system32\netcfg-4179469.txt
2015-05-21 18:16 - 2013-05-03 21:10 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2015-05-21 17:52 - 2015-05-21 17:52 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Adobe
2015-05-21 17:51 - 2015-05-22 19:35 - 00000000 ____D () C:\Users\Rita\AppData\Local\VirtualStore
2015-05-21 17:51 - 2015-05-21 22:49 - 00000000 ____D () C:\ProgramData\PRICache
2015-05-21 17:51 - 2015-05-21 17:51 - 00000000 ____D () C:\WINDOWS\CSC
2015-05-21 17:50 - 2015-05-21 17:50 - 00001131 _____ () C:\WINDOWS\system32\netcfg-566252.txt
2015-05-21 17:50 - 2015-05-21 17:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-585690.txt
2015-05-21 17:50 - 2015-05-21 17:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-579325.txt
2015-05-21 17:50 - 2015-05-21 17:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-563896.txt
2015-05-21 17:41 - 2015-05-21 22:12 - 01069051 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-05-21 17:39 - 2015-05-21 17:39 - 00001128 _____ () C:\WINDOWS\system32\netcfg-172802.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00001128 _____ () C:\WINDOWS\system32\netcfg-160181.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000189 _____ () C:\WINDOWS\system32\netcfg-161055.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000177 _____ () C:\WINDOWS\system32\netcfg-168512.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000156 _____ () C:\WINDOWS\system32\netcfg-162334.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000153 _____ () C:\WINDOWS\system32\netcfg-164456.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000152 _____ () C:\WINDOWS\system32\netcfg-164035.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000152 _____ () C:\WINDOWS\system32\netcfg-163364.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000152 _____ () C:\WINDOWS\system32\netcfg-158980.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000151 _____ () C:\WINDOWS\system32\netcfg-162989.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000149 _____ () C:\WINDOWS\system32\netcfg-163676.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000149 _____ () C:\WINDOWS\system32\netcfg-159464.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000142 _____ () C:\WINDOWS\system32\netcfg-162646.txt
2015-05-21 16:17 - 2015-05-23 15:37 - 00000000 __RHD () C:\ESD
2015-05-21 15:46 - 2008-05-07 22:03 - 00303616 _____ ( ) C:\SetACL.exe
2015-05-21 15:41 - 2004-06-11 16:33 - 00290304 _____ (Microsoft Corporation) C:\subinacl.exe
2015-05-20 18:10 - 2015-05-28 19:04 - 00000000 __SHD () C:\Recovery
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-31 13:04 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\tracing
2015-05-31 13:03 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-05-31 13:01 - 2013-08-22 00:23 - 00306677 _____ () C:\WINDOWS\setupact.log
2015-05-31 13:01 - 2013-08-22 00:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-31 13:00 - 2013-08-21 23:13 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-31 12:59 - 2013-08-22 01:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-31 12:00 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-30 21:31 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-30 20:58 - 2012-07-25 23:43 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-29 16:11 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-29 16:04 - 2014-11-21 18:00 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-29 15:16 - 2014-11-21 17:51 - 00887010 _____ () C:\WINDOWS\PFRO.log
2015-05-29 01:53 - 2015-04-19 05:20 - 00000626 _____ () C:\Users\Rita\AppData\Roaming\nKXPTkNe84kHX5x9ItR
2015-05-29 01:52 - 2015-04-19 05:20 - 00000626 _____ () C:\Users\Rita\AppData\Roaming\Ec6P3v2bAkcoUG4ixS7
2015-05-28 13:23 - 2013-08-21 23:13 - 00000194 _____ () C:\WINDOWS\win.ini
2015-05-28 13:22 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-28 13:22 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-28 13:22 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-28 13:22 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-28 13:22 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-28 13:22 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-28 13:22 - 2013-08-22 01:17 - 00000000 ____D () C:\Program Files\Windows Defender
2015-05-28 13:17 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\registration
2015-05-26 20:07 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-23 21:47 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-05-23 02:54 - 2013-08-22 01:17 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-05-23 02:23 - 2013-08-22 00:22 - 00478976 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-22 19:52 - 2013-08-22 01:17 - 00000000 ____D () C:\Program Files\Microsoft.NET
2015-05-22 19:52 - 2013-08-22 01:17 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-05-22 16:05 - 2012-07-25 21:17 - 00000855 _____ () C:\WINDOWS\system32\Drivers\etc\hosts_bak_639
2015-05-22 14:23 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2015-05-22 14:10 - 2014-11-21 19:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-05-22 14:10 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-05-22 14:10 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-05-22 14:01 - 2013-08-21 23:13 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-05-22 13:05 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\Macromed
2015-05-21 23:43 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-05-21 23:36 - 2013-08-22 01:17 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-05-21 23:26 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\WinStore
2015-05-21 23:25 - 2013-08-22 01:17 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-21 23:25 - 2013-08-21 23:21 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-21 23:21 - 2014-11-21 17:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-21 22:57 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
2015-05-21 22:56 - 2013-08-22 01:17 - 00000000 __RSD () C:\WINDOWS\Media
2015-05-21 22:55 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Public\Libraries
2015-05-21 22:51 - 2013-08-22 01:18 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-05-21 22:51 - 2012-07-25 21:43 - 00000000 ____D () C:\Users\Default.migrated
2015-05-21 22:50 - 2014-11-21 17:27 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-05-21 22:50 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-05-21 22:50 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-05-21 22:50 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-05-21 22:49 - 2014-11-21 17:27 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-05-21 22:49 - 2013-08-22 01:17 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-05-21 22:49 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-05-21 22:49 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\Help
2015-05-21 22:49 - 2013-08-21 23:21 - 00000000 ___RD () C:\Users\Public
2015-05-21 22:39 - 2013-08-21 23:21 - 00000000 ___RD () C:\Users\Default
2015-05-21 21:46 - 2012-07-25 23:53 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-05-21 20:45 - 2012-07-25 21:17 - 00000762 _____ () C:\WINDOWS\system32\Drivers\etc\hosts_bak_251
2015-05-05 10:59 - 2014-11-21 19:46 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-05-05 10:59 - 2014-11-21 19:46 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2015-04-19 05:20 - 2015-05-29 01:52 - 0000626 _____ () C:\Users\Rita\AppData\Roaming\Ec6P3v2bAkcoUG4ixS7
2015-04-19 05:20 - 2015-05-29 01:53 - 0000626 _____ () C:\Users\Rita\AppData\Roaming\nKXPTkNe84kHX5x9ItR
2015-05-28 11:32 - 2015-05-28 11:32 - 0000064 _____ () C:\Users\Rita\AppData\Local\026917dab9ae4d79f21beb64d61a7123
2015-05-31 00:24 - 2015-05-31 00:24 - 0000017 _____ () C:\Users\Rita\AppData\Local\resmon.resmoncfg
2015-05-28 11:56 - 2015-05-28 12:08 - 0000112 _____ () C:\ProgramData\551a7ju.dat
 
Files to move or delete:
====================
C:\ProgramData\551a7ju.dat
 
 
Some files in TEMP:
====================
C:\Users\Rita\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win8.1-32bit.exe
C:\Users\Rita\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Rita\AppData\Local\Temp\NZERDP.exe
C:\Users\Rita\AppData\Local\Temp\raptrpatch.exe
C:\Users\Rita\AppData\Local\Temp\raptr_stub.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-21 22:38
 
==================== End of log ============================


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,752 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:04 AM

Posted 02 June 2015 - 08:25 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.


start

CreateRestorePoint:
CloseProcesses:

HKLM Group Policy restriction on software: C:\Windows\System32\comsvcs.dll <====== ATTENTION
ShortcutTarget: Heimdal.lnk -> C:\Program Files\Heimdal\Client\HeimdalAgent.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
C:\Users\Rita\AppData\Roaming\Ec6P3v2bAkcoUG4ixS7
C:\Users\Rita\AppData\Roaming\nKXPTkNe84kHX5x9ItR
C:\Users\Rita\AppData\Local\026917dab9ae4d79f21beb64d61a7123
C:\Users\Rita\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win8.1-32bit.exe
C:\Users\Rita\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Rita\AppData\Local\Temp\NZERDP.exe
C:\Users\Rita\AppData\Local\Temp\raptrpatch.exe
C:\Users\Rita\AppData\Local\Temp\raptr_stub.exe
C:\ProgramData\551a7ju.dat

End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
POST THE LOG FOR MY REVIEW.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

How is the computer running now?

#3 rmshaff1

rmshaff1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington
  • Local time:05:04 AM

Posted 02 June 2015 - 10:42 PM

Hi Nasdaq,

I so appreciate you taking the time to answer me. However, my son made a trip to fix it by re installing everything. All of the old files are gone. He reformatted the hard drive and got the recovery partition back with the factory disc I had overnighted from HP. So hopefully the problem is solved. I am a bit worried though and maybe its my imagination now, but for instance, I tried to download Chrome today and the file should be chrome.exe or something similar, correct? Instead its chrome.temp."C:\users\Rita\appdata\local\temp\7zS5FB/UAC:1F0508/ncrc"  I didnt download it because it just didnt seem ok to me. I have an issue with the manipulation of some of my files to "redirect" me away from seeing certain content on someones web pages. I am hoping that isnt the case now but still see alot of stuff that doesnt look ok to me. I'd much rather be safe than sorry! I hope this doesnt sound crazy, I swear im not ~ I am aware that its hard to notice the sdks or apis or whatever they are called, I just want my freedom of choosing back. Is there anything to prevent this type of activity? I have windows defender and replaced my router with a new one.

I really do appreciate all your help, this place is to computers what triple AAA is to cars!!! Amazing work all of you!

Thanks for your time :smash: :bananas:



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,752 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:04 AM

Posted 03 June 2015 - 08:12 AM

Please run the Fabar tool and post a fresh FRST log for my review.

Will take it from there.

#5 rmshaff1

rmshaff1
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington
  • Local time:05:04 AM

Posted 03 June 2015 - 05:34 PM

Hi Nasdaq,

Thanks so much! Here is the log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by Rita (administrator) on IZZIE on 03-06-2015 15:26:19
Running from C:\Users\Rita\Downloads
Loaded Profiles: Rita (Available Profiles: Rita)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe
() C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6r2thbel.dev-edition-default\extensions\adbhelper@mozilla.org\win32\adb.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-618370299-2702776604-2184558157-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28920448 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-21-618370299-2702776604-2184558157-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [788480 2014-11-21] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-618370299-2702776604-2184558157-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-02] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-02] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-02] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-02] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-06-02] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{30397986-36DF-40A7-9038-9332F54087C2}: [NameServer] 8.8.8.8 4.2.2.3

FireFox:
========
FF ProfilePath: C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\au6wujqm.default
FF DefaultSearchEngine.US: Google
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-06-02] (Microsoft Corporation)
FF Extension: ADB Helper - C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6r2thbel.dev-edition-default\Extensions\adbhelper@mozilla.org [2015-06-03]
FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6r2thbel.dev-edition-default\Extensions\donottrackplus@abine.com [2015-06-03]
FF Extension: Valence - C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6r2thbel.dev-edition-default\Extensions\fxdevtools-adapters@mozilla.org [2015-06-03]
FF Extension: Integrated Inbox for Gmail & Google Apps - C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6r2thbel.dev-edition-default\Extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi [2015-06-03]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Firefox Developer Edition\firefox.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2015-06-03] (Microsoft Corporation)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [35328 2013-10-30] (Validity Sensors, Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2015-06-03] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2015-06-03] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-06-02] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-06-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-22] (Qualcomm Atheros Communications, Inc.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2015-06-03] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [273040 2012-08-08] (Realtek Semiconductor Corp.)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [42184 2015-05-27] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-06-02] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 15:26 - 2015-06-03 15:26 - 00008459 _____ C:\Users\Rita\Downloads\FRST.txt
2015-06-03 15:26 - 2015-06-03 15:26 - 00000000 ____D C:\FRST
2015-06-03 15:23 - 2015-06-03 15:23 - 02108928 _____ (Farbar) C:\Users\Rita\Downloads\FRST64.exe
2015-06-03 15:13 - 2015-06-03 15:13 - 00241262 _____ C:\Users\Rita\Downloads\Error 0x80070005 in Windows Update when you try to install updates.htm
2015-06-03 15:13 - 2015-06-03 15:13 - 00000000 ____D C:\Users\Rita\Downloads\Error 0x80070005 in Windows Update when you try to install updates_files
2015-06-03 15:09 - 2015-06-03 15:09 - 00000444 _____ C:\Users\Rita\Documents\Reset.cmd
2015-06-03 15:09 - 2015-06-03 15:09 - 00000000 ____D C:\windir
2015-06-03 14:48 - 2015-06-03 14:48 - 00379392 _____ C:\WINDOWS\system32\subinacl.msi
2015-06-03 14:46 - 2015-06-03 14:46 - 00027021 _____ C:\WINDOWS\iis.log
2015-06-03 14:45 - 2015-06-03 14:45 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-06-03 14:45 - 2015-06-03 14:45 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-06-03 14:45 - 2015-06-03 14:45 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-06-03 14:45 - 2015-06-03 14:45 - 00000000 ____D C:\inetpub
2015-06-03 09:52 - 2015-06-03 09:52 - 00000000 ____D C:\WINDOWS\Sun
2015-06-03 09:51 - 2015-06-03 09:51 - 00000000 ____D C:\Users\Rita\AppData\Local\GWX
2015-06-03 09:40 - 2015-06-03 09:40 - 00000000 ____D C:\Users\Rita\.android
2015-06-03 09:37 - 2015-06-03 09:37 - 00001241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk
2015-06-03 09:37 - 2015-06-03 09:37 - 00001229 _____ C:\Users\Public\Desktop\Firefox Developer Edition.lnk
2015-06-03 09:37 - 2015-06-03 09:37 - 00000000 ____D C:\Program Files (x86)\Firefox Developer Edition
2015-06-03 09:33 - 2015-06-03 09:34 - 00476424 _____ C:\Users\Rita\Downloads\firefox-40.0a2.en-US.win32.installer-stub.exe
2015-06-02 22:33 - 2014-04-15 16:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-06-02 22:33 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-06-02 22:32 - 2015-05-25 06:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-02 22:32 - 2015-05-25 06:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-02 22:32 - 2015-05-22 06:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-02 22:32 - 2015-05-21 06:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-02 22:32 - 2015-05-21 06:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-02 22:32 - 2015-05-21 06:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-02 22:32 - 2015-05-21 06:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-02 22:32 - 2015-05-21 06:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-02 22:32 - 2015-05-21 06:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-02 22:32 - 2015-04-16 15:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-02 22:32 - 2015-04-15 23:17 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-02 22:32 - 2015-04-13 15:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-02 22:32 - 2015-04-13 15:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-02 22:32 - 2015-04-09 17:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-02 22:32 - 2015-04-09 17:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-02 22:32 - 2015-04-08 15:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-02 22:32 - 2015-04-08 15:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-02 22:32 - 2015-04-01 15:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-02 22:32 - 2015-04-01 15:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-02 22:32 - 2015-03-31 21:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-02 22:32 - 2015-03-31 21:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-02 22:32 - 2015-03-31 21:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-02 22:32 - 2015-03-31 21:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-02 22:32 - 2015-03-31 20:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-02 22:32 - 2015-03-31 20:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-02 22:32 - 2015-03-31 20:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-02 22:32 - 2015-03-31 19:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-02 22:32 - 2015-03-31 19:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-02 22:32 - 2015-03-31 19:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-02 22:32 - 2015-03-31 19:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-02 22:32 - 2015-03-31 19:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-02 22:32 - 2015-03-31 19:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-02 22:32 - 2015-03-19 20:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-02 22:32 - 2015-03-19 20:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-02 22:32 - 2015-03-19 19:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-02 22:32 - 2015-03-19 19:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-02 22:32 - 2015-03-01 18:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-02 22:32 - 2015-03-01 18:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-02 22:32 - 2015-01-05 20:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-06-02 22:32 - 2015-01-05 19:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-06-02 22:32 - 2015-01-05 18:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-06-02 22:32 - 2015-01-05 18:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-06-02 21:39 - 2015-05-05 10:59 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-02 21:39 - 2015-05-05 10:59 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-02 21:31 - 2015-04-30 13:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-02 21:31 - 2015-04-30 13:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-02 20:56 - 2015-06-03 14:14 - 00008524 _____ C:\Users\Rita\Documents\PLAYER APP BONUS THURSDAY 6-5.xlsx
2015-06-02 20:22 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-06-02 20:22 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-06-02 20:21 - 2015-01-28 18:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-06-02 20:21 - 2015-01-19 11:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-06-02 20:21 - 2014-11-09 16:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-06-02 20:21 - 2014-11-09 16:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-06-02 20:17 - 2014-07-23 20:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-06-02 20:17 - 2014-07-23 20:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-06-02 20:06 - 2015-05-15 15:01 - 00133288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-06-02 20:06 - 2015-05-15 14:05 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-06-02 20:06 - 2015-05-15 13:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-06-02 20:06 - 2015-05-15 13:23 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-06-02 20:06 - 2015-05-15 12:42 - 03682304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-06-02 20:06 - 2015-05-15 12:32 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-06-02 20:06 - 2015-05-15 12:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-06-02 20:06 - 2015-05-15 12:28 - 02223104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-06-02 20:06 - 2015-05-15 12:28 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-06-02 20:06 - 2015-05-15 12:28 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-06-02 20:06 - 2015-05-15 12:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-06-02 20:06 - 2015-05-15 12:21 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-06-02 20:06 - 2015-05-15 12:21 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-06-02 20:06 - 2015-05-15 12:19 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-06-02 20:06 - 2015-05-15 12:19 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-06-02 17:24 - 2015-06-02 17:25 - 00000000 ____D C:\Users\Rita\AppData\Local\Microsoft Help
2015-06-02 16:29 - 2015-06-02 16:29 - 00008579 _____ C:\Users\Rita\Documents\MILKY WAY.xlsx
2015-06-02 16:07 - 2015-06-02 19:59 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-06-02 16:07 - 2015-06-02 16:07 - 00000000 ____D C:\Users\Rita\AppData\Roaming\TeamViewer
2015-06-02 12:59 - 2015-06-02 12:59 - 00000000 __RHD C:\MSOCache
2015-06-02 12:53 - 2015-06-02 12:58 - 00000000 ____D C:\Users\Rita\AppData\Roaming\Mozilla
2015-06-02 12:53 - 2015-06-02 12:58 - 00000000 ____D C:\Users\Rita\AppData\Local\Mozilla
2015-06-02 12:53 - 2015-06-02 12:53 - 00001094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-02 12:53 - 2015-06-02 12:53 - 00001064 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-02 12:53 - 2015-06-02 12:53 - 00000000 ____D C:\ProgramData\Sun
2015-06-02 12:53 - 2015-06-02 12:53 - 00000000 ____D C:\ProgramData\Mozilla
2015-06-02 12:53 - 2015-06-02 12:52 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-06-02 12:52 - 2015-06-03 09:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-02 12:52 - 2015-06-02 12:53 - 00000000 ____D C:\ProgramData\Oracle
2015-06-02 12:52 - 2015-06-02 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-02 12:52 - 2015-06-02 12:52 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-02 12:51 - 2015-06-02 12:53 - 00022042 _____ C:\Users\Rita\AppData\Local\install.log
2015-06-02 12:51 - 2015-06-02 12:53 - 00000000 ____D C:\Users\Rita\AppData\Local\uninstall
2015-06-02 12:51 - 2015-06-02 12:51 - 00000000 ____D C:\Users\Rita\AppData\Local\webapprt
2015-06-02 12:51 - 2015-06-02 12:51 - 00000000 ____D C:\Users\Rita\AppData\Local\gmp-clearkey
2015-06-02 12:51 - 2015-06-02 12:51 - 00000000 ____D C:\Users\Rita\AppData\Local\dictionaries
2015-06-02 12:51 - 2015-06-02 12:51 - 00000000 ____D C:\Users\Rita\AppData\Local\defaults
2015-06-02 12:51 - 2015-06-02 12:51 - 00000000 ____D C:\Users\Rita\AppData\Local\browser
2015-06-02 12:51 - 2015-05-25 18:15 - 00005936 _____ C:\Users\Rita\AppData\Local\voucher.bin
2015-06-02 12:51 - 2015-05-25 18:15 - 00002278 _____ C:\Users\Rita\AppData\Local\precomplete
2015-06-02 12:51 - 2015-05-25 18:14 - 11717290 _____ C:\Users\Rita\AppData\Local\omni.ja
2015-06-02 12:51 - 2015-05-25 18:14 - 00127064 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\wow_helper.exe
2015-06-02 12:51 - 2015-05-25 18:13 - 35363440 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\xul.dll
2015-06-02 12:51 - 2015-05-25 18:13 - 00298608 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\updater.exe
2015-06-02 12:51 - 2015-05-25 18:13 - 00210032 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\sandboxbroker.dll
2015-06-02 12:51 - 2015-05-25 18:13 - 00172144 _____ (Mozilla Corporation) C:\Users\Rita\AppData\Local\plugin-hang-ui.exe
2015-06-02 12:51 - 2015-05-25 18:13 - 00152688 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\softokn3.dll
2015-06-02 12:51 - 2015-05-25 18:13 - 00132720 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\webapprt-stub.exe
2015-06-02 12:51 - 2015-05-25 18:13 - 00091032 _____ (Mozilla Corporation) C:\Users\Rita\AppData\Local\webapp-uninstaller.exe
2015-06-02 12:51 - 2015-05-25 18:13 - 00000899 _____ C:\Users\Rita\AppData\Local\softokn3.chk
2015-06-02 12:51 - 2015-05-25 18:12 - 10397296 _____ (The ICU Project) C:\Users\Rita\AppData\Local\icudt52.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 01681008 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\nss3.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 01079920 _____ (The ICU Project) C:\Users\Rita\AppData\Local\icuin52.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 00895088 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\libGLESv2.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 00825456 _____ (The ICU Project) C:\Users\Rita\AppData\Local\icuuc52.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 00430704 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\nssckbi.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 00376944 _____ (Mozilla Corporation) C:\Users\Rita\AppData\Local\firefox.exe
2015-06-02 12:51 - 2015-05-25 18:12 - 00330864 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\freebl3.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 00283248 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\crashreporter.exe
2015-06-02 12:51 - 2015-05-25 18:12 - 00270960 _____ (Mozilla Corporation) C:\Users\Rita\AppData\Local\plugin-container.exe
2015-06-02 12:51 - 2015-05-25 18:12 - 00185432 _____ (Mozilla Corporation) C:\Users\Rita\AppData\Local\maintenanceservice_installer.exe
2015-06-02 12:51 - 2015-05-25 18:12 - 00148080 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\maintenanceservice.exe
2015-06-02 12:51 - 2015-05-25 18:12 - 00109680 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\breakpadinjector.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 00105072 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\mozglue.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 00093808 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\nssdbm3.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 00042096 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\libEGL.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 00020592 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\AccessibleMarshal.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 00017008 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\mozalloc.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 00000899 _____ C:\Users\Rita\AppData\Local\nssdbm3.chk
2015-06-02 12:51 - 2015-05-25 18:12 - 00000899 _____ C:\Users\Rita\AppData\Local\freebl3.chk
2015-06-02 12:51 - 2015-05-25 17:58 - 00001245 _____ C:\Users\Rita\AppData\Local\updater.ini
2015-06-02 12:51 - 2015-05-25 17:58 - 00000143 _____ C:\Users\Rita\AppData\Local\platform.ini
2015-06-02 12:51 - 2015-05-25 17:53 - 00000093 _____ C:\Users\Rita\AppData\Local\dependentlibs.list
2015-06-02 12:51 - 2015-05-25 16:22 - 00000662 _____ C:\Users\Rita\AppData\Local\removed-files
2015-06-02 12:51 - 2015-05-25 16:18 - 00000132 _____ C:\Users\Rita\AppData\Local\update-settings.ini
2015-06-02 12:51 - 2015-05-25 15:16 - 00000667 _____ C:\Users\Rita\AppData\Local\application.ini
2015-06-02 12:51 - 2015-05-25 15:10 - 00004003 _____ C:\Users\Rita\AppData\Local\crashreporter.ini
2015-06-02 12:51 - 2013-10-05 02:38 - 00970912 _____ (Microsoft Corporation) C:\Users\Rita\AppData\Local\msvcr120.dll
2015-06-02 12:51 - 2013-10-05 02:38 - 00455328 _____ (Microsoft Corporation) C:\Users\Rita\AppData\Local\msvcp120.dll
2015-06-02 12:51 - 2013-08-21 22:03 - 03466856 _____ (Microsoft Corporation) C:\Users\Rita\AppData\Local\d3dcompiler_47.dll
2015-06-02 12:51 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Users\Rita\AppData\Local\D3DCompiler_43.dll
2015-06-02 12:45 - 2015-06-02 12:45 - 00243408 _____ C:\Users\Rita\Downloads\Firefox Setup Stub 38.0.5.exe
2015-06-02 12:33 - 2015-06-03 14:14 - 00004956 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for IZZIE-Rita Izzie
2015-06-02 12:33 - 2015-06-03 09:33 - 00003088 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-618370299-2702776604-2184558157-1001
2015-06-02 12:32 - 2015-06-02 12:32 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-06-02 12:18 - 2015-06-02 12:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-06-02 12:15 - 2015-06-02 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-02 12:10 - 2015-06-02 12:11 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-02 12:05 - 2015-06-02 12:05 - 00931408 _____ (Google Inc.) C:\Users\Rita\Downloads\ChromeSetup.exe
2015-06-02 12:05 - 2015-06-02 12:05 - 00000000 ____D C:\Users\Rita\AppData\Local\Google
2015-06-02 11:38 - 2015-06-02 11:50 - 00000000 ____D C:\WINDOWS\Hewlett-Packard
2015-06-02 11:34 - 2015-06-02 11:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-02 11:34 - 2015-06-02 11:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-06-02 11:34 - 2015-06-02 11:34 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-06-02 11:34 - 2012-08-08 19:17 - 09888912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtsP2StorIcon.dll
2015-06-02 11:34 - 2012-08-08 19:17 - 00273040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsP2Stor.sys
2015-06-02 10:48 - 2015-06-02 10:48 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-06-02 10:48 - 2015-06-02 10:48 - 00000000 ____D C:\Program Files\MSBuild
2015-06-02 10:48 - 2015-06-02 10:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-06-02 10:48 - 2015-06-02 10:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-06-02 10:45 - 2013-08-02 21:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-06-02 10:45 - 2013-08-02 21:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-06-02 10:43 - 2015-06-02 10:43 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-06-02 10:43 - 2015-06-02 10:43 - 00000000 ____D C:\Users\Rita\AppData\Local\Hewlett-Packard
2015-06-02 10:41 - 2015-06-02 10:41 - 00000000 ____D C:\Program Files (x86)\Hp
2015-06-02 10:39 - 2015-06-02 10:39 - 02803704 _____ (Hewlett-Packard ) C:\Users\Rita\Downloads\sp59835.exe
2015-06-02 10:29 - 2015-06-02 10:29 - 00000000 ____D C:\Users\Rita\AppData\Roaming\Kayako
2015-06-02 10:21 - 2015-06-02 09:52 - 00000000 ___DC C:\WINDOWS\Panther
2015-06-02 10:14 - 2015-06-02 10:41 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-06-02 10:14 - 2015-06-02 10:14 - 00000000 ____D C:\Users\Rita\AppData\Roaming\hpqLog
2015-06-02 10:13 - 2015-06-02 10:13 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-06-02 10:13 - 2015-06-02 10:13 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-02 10:13 - 2015-06-02 10:13 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-06-02 10:12 - 2015-06-02 10:12 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-06-02 10:12 - 2015-06-02 10:12 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-06-02 10:12 - 2015-06-02 10:12 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-06-02 10:12 - 2015-06-02 10:12 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-06-02 10:12 - 2015-06-02 10:12 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-06-02 10:12 - 2015-06-02 10:12 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-06-02 10:12 - 2015-06-02 10:12 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-06-02 10:12 - 2015-06-02 10:12 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-06-02 10:12 - 2015-06-02 10:12 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-06-02 10:12 - 2015-06-02 10:12 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-06-02 10:12 - 2015-06-02 10:12 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-06-02 10:12 - 2015-06-02 10:12 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-06-02 10:12 - 2015-06-02 10:12 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-06-02 10:12 - 2015-06-02 10:12 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-06-02 10:12 - 2015-06-02 10:12 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-06-02 10:12 - 2015-06-02 10:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-06-02 10:12 - 2015-06-02 10:12 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-06-02 10:12 - 2015-06-02 10:12 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-06-02 10:12 - 2015-06-02 10:12 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-06-02 10:12 - 2015-06-02 10:12 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-06-02 10:12 - 2015-06-02 10:12 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-06-02 10:12 - 2015-06-02 10:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-06-02 10:12 - 2015-06-02 10:12 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-06-02 10:12 - 2015-06-02 10:12 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-06-02 10:12 - 2015-06-02 10:12 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-06-02 10:12 - 2015-06-02 10:12 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-06-02 10:12 - 2015-06-02 10:12 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-06-02 10:12 - 2015-06-02 10:12 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-06-02 10:12 - 2015-06-02 10:12 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-06-02 10:12 - 2015-06-02 10:12 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-06-02 10:12 - 2015-06-02 10:12 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-06-02 10:12 - 2015-06-02 10:12 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-06-02 10:12 - 2015-06-02 10:12 - 00000000 ____D C:\Program Files (x86)\Kayako
2015-06-02 10:11 - 2015-06-02 10:11 - 00000000 ____D C:\Users\Rita\Tracing
2015-06-02 10:10 - 2015-06-02 10:10 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-06-02 10:10 - 2015-06-02 10:10 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-06-02 10:10 - 2015-06-02 10:10 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-06-02 10:10 - 2015-06-02 10:10 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-06-02 10:10 - 2015-06-02 10:10 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-06-02 10:10 - 2015-06-02 10:10 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-06-02 10:10 - 2015-06-02 10:10 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-06-02 10:10 - 2015-06-02 10:10 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-06-02 10:10 - 2015-06-02 10:10 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-06-02 10:10 - 2015-06-02 10:10 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-06-02 10:10 - 2015-06-02 10:10 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-06-02 10:10 - 2015-06-02 10:10 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-06-02 10:10 - 2015-06-02 10:10 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-06-02 10:10 - 2015-06-02 10:10 - 00000000 ____D C:\Users\Rita\AppData\Local\Skype
2015-06-02 10:09 - 2015-06-03 15:02 - 00000000 ____D C:\Users\Rita\AppData\Roaming\Skype
2015-06-02 10:09 - 2015-06-02 10:09 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-06-02 10:09 - 2015-06-02 10:09 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-06-02 10:09 - 2015-06-02 10:09 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-06-02 10:09 - 2015-06-02 10:09 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-06-02 10:09 - 2015-06-02 10:09 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-06-02 10:09 - 2015-06-02 10:09 - 00002713 _____ C:\Users\Public\Desktop\Skype.lnk
2015-06-02 10:09 - 2015-06-02 10:09 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-02 10:09 - 2015-06-02 10:09 - 00000000 ____D C:\ProgramData\Skype
2015-06-02 10:09 - 2015-06-02 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-06-02 10:08 - 2015-06-02 10:08 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-06-02 10:08 - 2015-06-02 10:08 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-06-02 10:08 - 2015-06-02 10:08 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-06-02 10:08 - 2015-06-02 10:08 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-06-02 10:08 - 2015-06-02 10:08 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-06-02 10:08 - 2015-06-02 10:08 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-06-02 10:08 - 2015-06-02 10:08 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-06-02 10:08 - 2015-06-02 10:08 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-06-02 10:08 - 2015-06-02 10:08 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-06-02 10:08 - 2015-06-02 10:08 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-02 10:08 - 2015-06-02 10:08 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-06-02 10:08 - 2015-06-02 10:08 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-02 10:08 - 2015-06-02 10:08 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-06-02 10:08 - 2015-06-02 10:08 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-06-02 10:06 - 2015-06-02 10:06 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-06-02 10:06 - 2015-06-02 10:06 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-06-02 10:06 - 2015-06-02 10:06 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-06-02 10:06 - 2015-06-02 10:06 - 00000000 ____D C:\Users\Rita\AppData\Local\PackageStaging
2015-06-02 10:05 - 2015-06-02 22:25 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-06-02 10:05 - 2015-06-02 21:35 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-06-02 10:05 - 2015-06-02 10:05 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-06-02 10:05 - 2015-06-02 10:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-06-02 10:05 - 2015-06-02 10:05 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-06-02 10:05 - 2015-06-02 10:05 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-06-02 10:05 - 2015-06-02 10:05 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-06-02 10:05 - 2015-06-02 10:05 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-06-02 10:05 - 2015-06-02 10:05 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-06-02 10:05 - 2015-06-02 10:05 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-06-02 10:04 - 2015-06-03 09:30 - 00003910 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B2581257-1438-4F95-9DBF-7A3CA8772820}
2015-06-02 10:04 - 2015-06-02 10:04 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-06-02 10:04 - 2015-06-02 10:04 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-06-02 10:04 - 2015-06-02 10:04 - 00513488 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-06-02 10:04 - 2015-06-02 10:04 - 00513488 _____ C:\WINDOWS\system32\locale.nls
2015-06-02 10:04 - 2015-06-02 10:04 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-06-02 10:04 - 2015-06-02 10:04 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-06-02 10:04 - 2015-06-02 10:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-06-02 10:04 - 2015-06-02 10:04 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-06-02 10:04 - 2015-06-02 10:04 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-06-02 10:04 - 2015-06-02 10:04 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-06-02 10:04 - 2015-06-02 10:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-06-02 10:04 - 2015-06-02 10:04 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-06-02 10:04 - 2015-06-02 10:04 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-06-02 10:04 - 2015-06-02 10:04 - 00000000 __SHD C:\Users\Rita\AppData\Local\EmieUserList
2015-06-02 10:04 - 2015-06-02 10:04 - 00000000 __SHD C:\Users\Rita\AppData\Local\EmieSiteList
2015-06-02 10:04 - 2015-06-02 10:04 - 00000000 __SHD C:\Users\Rita\AppData\Local\EmieBrowserModeList
2015-06-02 10:04 - 2015-06-02 10:04 - 00000000 ____D C:\Users\Rita\AppData\Roaming\Macromedia
2015-06-02 10:03 - 2015-06-02 10:03 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-06-02 10:03 - 2015-06-02 10:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-06-02 10:03 - 2015-06-02 10:03 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-06-02 10:03 - 2015-06-02 10:03 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-06-02 10:03 - 2015-06-02 10:03 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-06-02 10:03 - 2015-06-02 10:03 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-06-02 10:03 - 2015-06-02 10:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-06-02 10:03 - 2015-06-02 10:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-06-02 10:03 - 2015-06-02 10:03 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-06-02 10:03 - 2015-06-02 10:03 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-06-02 10:03 - 2015-06-02 10:03 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-06-02 10:03 - 2015-06-02 10:03 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-06-02 10:03 - 2015-06-02 10:03 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-06-02 10:02 - 2015-06-02 10:02 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-06-02 10:02 - 2015-06-02 10:02 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-06-02 10:02 - 2015-06-02 10:02 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-06-02 10:02 - 2015-06-02 10:02 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-06-02 10:02 - 2015-06-02 10:02 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-06-02 10:02 - 2015-06-02 10:02 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-06-02 10:02 - 2015-06-02 10:02 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-06-02 10:02 - 2015-06-02 10:02 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-06-02 10:02 - 2015-06-02 10:02 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-06-02 10:02 - 2015-06-02 10:02 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-06-02 10:02 - 2015-06-02 10:02 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-06-02 10:02 - 2015-06-02 10:02 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-06-02 10:02 - 2015-06-02 10:02 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-06-02 10:02 - 2015-06-02 10:02 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-06-02 10:02 - 2015-06-02 10:02 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-06-02 10:02 - 2015-06-02 10:02 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-06-02 10:02 - 2015-06-02 10:02 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-06-02 10:01 - 2015-06-02 10:01 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-06-02 10:01 - 2015-06-02 10:01 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-06-02 10:01 - 2015-06-02 10:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-06-02 10:01 - 2015-06-02 10:01 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-06-02 10:01 - 2015-06-02 10:01 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-06-02 10:00 - 2015-06-02 10:00 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-02 10:00 - 2015-06-02 10:00 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-06-02 10:00 - 2015-06-02 10:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-06-02 10:00 - 2015-06-02 10:00 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-06-02 10:00 - 2015-06-02 10:00 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-06-02 10:00 - 2015-06-02 10:00 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-06-02 10:00 - 2015-06-02 10:00 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-06-02 09:59 - 2015-06-02 10:00 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-06-02 09:59 - 2015-06-02 09:59 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-06-02 09:58 - 2015-06-02 09:58 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-06-02 09:58 - 2015-06-02 09:58 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-06-02 09:58 - 2015-06-02 09:58 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-06-02 09:58 - 2015-06-02 09:58 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-06-02 09:57 - 2015-06-02 09:57 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-02 09:57 - 2015-06-02 09:57 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-02 09:57 - 2015-06-02 09:57 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-06-02 09:57 - 2015-06-02 09:57 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-06-02 09:57 - 2015-06-02 09:57 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-02 09:57 - 2015-06-02 09:57 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-02 09:57 - 2015-06-02 09:57 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-02 09:57 - 2015-06-02 09:57 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-06-02 09:55 - 2015-06-02 09:55 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-06-02 09:55 - 2015-06-02 09:55 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-06-02 09:55 - 2015-06-02 09:55 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-06-02 09:55 - 2015-06-02 09:55 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-06-02 09:54 - 2015-06-03 09:51 - 00000000 ___DO C:\Users\Rita\OneDrive
2015-06-02 09:54 - 2015-06-02 09:54 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2015-06-02 09:54 - 2015-06-02 09:54 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-06-02 09:54 - 2015-06-02 09:54 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-06-02 09:54 - 2015-06-02 09:54 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-06-02 09:54 - 2015-06-02 09:54 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-06-02 09:54 - 2015-06-02 09:54 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-06-02 09:54 - 2015-06-02 09:54 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-06-02 09:53 - 2015-06-02 09:53 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-06-02 09:53 - 2015-06-02 09:53 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-06-02 09:51 - 2015-06-02 09:51 - 00001442 _____ C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-02 09:51 - 2015-06-02 09:51 - 00000020 ___SH C:\Users\Rita\ntuser.ini
2015-06-02 09:44 - 2015-06-03 15:26 - 02067938 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-02 09:44 - 2015-06-02 09:44 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-06-02 09:34 - 2015-06-02 09:34 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-02 09:33 - 2015-06-02 09:33 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-06-02 09:32 - 2015-06-03 09:40 - 00000000 ____D C:\Users\Rita
2015-06-02 09:32 - 2015-06-02 09:44 - 00020958 _____ C:\WINDOWS\diagwrn.xml
2015-06-02 09:32 - 2015-06-02 09:44 - 00020958 _____ C:\WINDOWS\diagerr.xml
2015-06-02 09:32 - 2015-06-02 09:33 - 00000000 ___RD C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-02 09:32 - 2014-11-21 09:17 - 00000000 ___RD C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-02 09:32 - 2014-11-21 09:17 - 00000000 ___RD C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-02 09:32 - 2014-11-21 01:53 - 00000369 _____ C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-06-02 09:32 - 2014-11-21 01:53 - 00000369 _____ C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-06-02 09:32 - 2013-08-22 08:36 - 00000000 ____D C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-02 09:25 - 2015-06-02 09:25 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2015-06-02 09:25 - 2015-06-02 09:25 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_wbf_vfs_0018_01_09_00.Wdf
2015-06-02 09:25 - 2015-06-02 09:25 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-06-02 09:25 - 2015-06-02 09:25 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2015-06-02 09:25 - 2015-06-02 09:25 - 00000000 ____D C:\Program Files\Validity Sensors
2015-06-02 09:25 - 2015-06-02 09:25 - 00000000 ____D C:\Program Files\Synaptics
2015-06-02 09:25 - 2015-06-02 09:25 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2015-06-02 09:24 - 2015-06-02 09:24 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-06-02 08:24 - 2015-06-02 09:44 - 00006580 _____ C:\WINDOWS\comsetup.log
2015-06-02 07:29 - 2015-06-02 07:29 - 00000000 ____D C:\Users\Rita\AppData\Roaming\Synaptics
2015-06-02 07:29 - 2015-06-02 07:29 - 00000000 ____D C:\ProgramData\Synaptics
2015-06-02 07:10 - 2015-06-03 09:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-02 06:03 - 2015-06-02 06:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-02 06:03 - 2015-04-30 10:07 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-02 05:55 - 2015-03-03 06:17 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-06-02 05:11 - 2015-06-02 05:11 - 00000000 ____D C:\ProgramData\Validity
2015-06-02 04:49 - 2015-06-02 04:49 - 00000319 _____ C:\WINDOWS\system32\netcfg-2670830.txt
2015-06-02 04:49 - 2015-06-02 04:49 - 00000117 _____ C:\WINDOWS\system32\netcfg-2672297.txt
2015-06-02 04:49 - 2015-06-02 04:49 - 00000117 _____ C:\WINDOWS\system32\netcfg-2668693.txt
2015-06-02 04:45 - 2015-06-02 04:45 - 00002982 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2015-06-02 04:06 - 2015-06-02 04:06 - 00000117 _____ C:\WINDOWS\system32\netcfg-55785.txt
2015-06-02 04:04 - 2015-06-02 04:04 - 00000117 _____ C:\WINDOWS\system32\netcfg-5118798.txt
2015-06-02 03:30 - 2013-05-03 21:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs
2015-06-02 03:30 - 2013-05-03 21:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2015-06-02 02:58 - 2015-06-03 11:14 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-618370299-2702776604-2184558157-1001
2015-06-02 02:51 - 2015-06-02 09:53 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-06-02 02:51 - 2015-06-02 02:51 - 00000000 ____D C:\Users\Rita\AppData\Roaming\Adobe
2015-06-02 02:50 - 2015-06-02 22:35 - 00000000 ____D C:\Users\Rita\AppData\Local\Packages
2015-06-02 02:50 - 2015-06-02 12:13 - 00000000 ____D C:\Users\Rita\AppData\Local\VirtualStore
2015-06-02 02:49 - 2015-06-02 09:33 - 00000000 ____D C:\ProgramData\PRICache
2015-06-02 02:48 - 2015-06-02 02:48 - 00000000 ____D C:\WINDOWS\CSC
2015-06-02 02:47 - 2015-06-02 02:47 - 00000117 _____ C:\WINDOWS\system32\netcfg-488361.txt
2015-06-02 02:47 - 2015-06-02 02:47 - 00000117 _____ C:\WINDOWS\system32\netcfg-485225.txt
2015-06-02 02:47 - 2015-06-02 02:47 - 00000117 _____ C:\WINDOWS\system32\netcfg-478954.txt
2015-06-02 02:46 - 2015-06-02 02:46 - 00001139 _____ C:\WINDOWS\system32\netcfg-425477.txt
2015-06-02 02:40 - 2015-06-02 08:44 - 01387202 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-06-02 02:36 - 2015-06-02 02:36 - 00001136 _____ C:\WINDOWS\system32\netcfg-85067.txt
2015-06-02 02:36 - 2015-06-02 02:36 - 00000185 _____ C:\WINDOWS\system32\netcfg-79435.txt
2015-06-02 02:36 - 2015-06-02 02:36 - 00000164 _____ C:\WINDOWS\system32\netcfg-76596.txt
2015-06-02 02:36 - 2015-06-02 02:36 - 00000161 _____ C:\WINDOWS\system32\netcfg-78920.txt
2015-06-02 02:36 - 2015-06-02 02:36 - 00000160 _____ C:\WINDOWS\system32\netcfg-78468.txt
2015-06-02 02:36 - 2015-06-02 02:36 - 00000160 _____ C:\WINDOWS\system32\netcfg-77766.txt
2015-06-02 02:36 - 2015-06-02 02:36 - 00000159 _____ C:\WINDOWS\system32\netcfg-77345.txt
2015-06-02 02:36 - 2015-06-02 02:36 - 00000157 _____ C:\WINDOWS\system32\netcfg-78078.txt
2015-06-02 02:36 - 2015-06-02 02:36 - 00000150 _____ C:\WINDOWS\system32\netcfg-76986.txt
2015-06-02 02:35 - 2015-06-02 02:35 - 00001136 _____ C:\WINDOWS\system32\netcfg-71635.txt
2015-06-02 02:35 - 2015-06-02 02:35 - 00000197 _____ C:\WINDOWS\system32\netcfg-72275.txt
2015-06-02 02:35 - 2015-06-02 02:35 - 00000160 _____ C:\WINDOWS\system32\netcfg-70808.txt
2015-06-02 02:35 - 2015-06-02 02:35 - 00000157 _____ C:\WINDOWS\system32\netcfg-74365.txt
2015-06-02 01:27 - 2015-06-02 01:27 - 00000000 __RHD C:\ESD
2015-06-02 01:21 - 2015-06-02 01:21 - 00000000 ____D C:\AuthLog
2015-05-27 11:13 - 2015-05-27 11:13 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00042184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 15:00 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-03 14:49 - 2012-07-26 00:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-03 14:45 - 2014-11-21 02:18 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsec.dll
2015-06-03 14:45 - 2014-11-21 02:18 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqad.dll
2015-06-03 14:45 - 2014-11-21 02:18 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll
2015-06-03 14:45 - 2014-11-21 02:18 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcmiplugin.dll
2015-06-03 14:45 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-06-03 14:45 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-06-03 14:45 - 2013-08-22 04:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-06-03 14:45 - 2013-08-22 04:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-06-03 14:45 - 2013-08-22 04:44 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-06-03 14:45 - 2013-08-22 04:44 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-06-03 14:45 - 2013-08-22 04:40 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-06-03 14:45 - 2013-08-22 04:35 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-06-03 14:45 - 2013-08-22 04:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-06-03 14:45 - 2013-08-22 03:19 - 00788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-06-03 14:45 - 2013-08-22 02:50 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-06-03 14:45 - 2013-08-21 21:16 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-06-03 14:45 - 2013-08-21 21:16 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-06-03 14:45 - 2013-08-21 21:16 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-06-03 14:45 - 2013-08-21 21:16 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-06-03 14:45 - 2013-08-21 21:06 - 00563712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-06-03 14:45 - 2013-08-21 20:54 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-06-03 14:45 - 2013-08-21 20:31 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-06-03 14:45 - 2013-08-21 20:08 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-06-03 14:45 - 2013-08-21 20:05 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-06-03 14:45 - 2013-08-21 16:55 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-06-03 14:44 - 2014-11-21 02:18 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsec.dll
2015-06-03 14:44 - 2014-11-21 02:18 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqad.dll
2015-06-03 14:44 - 2014-11-21 02:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-06-03 14:44 - 2014-11-21 02:18 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-06-03 14:44 - 2014-11-21 02:18 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll
2015-06-03 14:44 - 2014-11-21 02:18 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqmigplugin.dll
2015-06-03 14:44 - 2014-11-21 02:18 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-06-03 14:44 - 2014-11-21 02:18 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-06-03 14:44 - 2014-11-21 02:18 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-06-03 14:44 - 2014-11-21 02:18 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-06-03 14:44 - 2014-11-21 02:18 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-06-03 14:44 - 2014-11-21 02:18 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-06-03 14:44 - 2014-11-21 02:18 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-06-03 14:44 - 2014-11-21 02:18 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-06-03 14:44 - 2014-11-21 02:18 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-06-03 14:44 - 2014-11-21 02:18 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-06-03 14:44 - 2013-08-22 04:32 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-06-03 14:44 - 2013-08-22 04:26 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-06-03 14:44 - 2013-08-22 03:53 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-06-03 14:44 - 2013-08-22 03:23 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-06-03 14:44 - 2013-08-22 03:10 - 01408512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-06-03 14:44 - 2013-08-21 23:59 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-06-03 09:55 - 2014-11-21 01:43 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-03 09:49 - 2013-08-22 07:46 - 00296291 _____ C:\WINDOWS\setupact.log
2015-06-03 09:49 - 2013-08-22 07:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-03 09:47 - 2014-11-21 09:17 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-03 09:47 - 2013-08-22 08:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-03 09:47 - 2013-08-22 06:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-06-03 09:45 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\tracing
2015-06-03 09:31 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\AppCompat
2015-06-02 22:36 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-02 21:37 - 2013-08-22 07:44 - 00487024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-02 21:36 - 2014-11-21 01:34 - 00004996 _____ C:\WINDOWS\PFRO.log
2015-06-02 21:35 - 2013-08-22 08:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-02 21:35 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2015-06-02 21:35 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2015-06-02 21:35 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\setup
2015-06-02 21:35 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-02 12:03 - 2011-02-10 12:23 - 00000000 ____D C:\SWSetup
2015-06-02 10:20 - 2013-08-22 08:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-06-02 10:13 - 2013-08-22 08:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-06-02 10:13 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-06-02 10:13 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\restore
2015-06-02 10:08 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-06-02 10:05 - 2013-08-22 08:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-02 10:05 - 2013-08-22 08:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-02 10:05 - 2013-08-22 08:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-06-02 10:05 - 2013-08-22 08:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-06-02 09:57 - 2014-11-21 01:25 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-02 09:54 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-06-02 09:53 - 2014-11-21 15:07 - 00000000 ___HD C:\$Windows.~BT
2015-06-02 09:46 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-02 09:44 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\Registration
2015-06-02 09:44 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-06-02 09:39 - 2013-08-22 08:36 - 00000000 __RSD C:\WINDOWS\Media
2015-06-02 09:39 - 2013-08-22 08:36 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-02 09:35 - 2013-08-22 08:37 - 00005217 _____ C:\WINDOWS\DtcInstall.log
2015-06-02 09:35 - 2012-07-25 22:37 - 00000000 ____D C:\Users\Default.migrated
2015-06-02 09:34 - 2014-11-21 01:00 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-06-02 09:34 - 2014-11-21 01:00 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-06-02 09:34 - 2014-11-21 01:00 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-06-02 09:34 - 2013-08-22 08:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-06-02 09:34 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-06-02 09:34 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-06-02 09:34 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-06-02 09:34 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\spool
2015-06-02 09:34 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-06-02 09:34 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\IME
2015-06-02 09:34 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\Help
2015-06-02 09:34 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2015-06-02 09:33 - 2013-08-22 08:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-06-02 09:33 - 2013-08-22 08:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-06-02 09:33 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-06-02 09:33 - 2013-08-22 08:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-02 09:27 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-06-02 09:27 - 2007-01-01 18:32 - 00000000 __SHD C:\Recovery
2015-06-02 09:25 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-06-02 09:23 - 2013-08-22 06:36 - 00000000 __RHD C:\Users\Default
2015-06-02 08:02 - 2012-07-26 01:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2015-06-02 00:02 - 2011-11-29 19:23 - 00000000 ___HD C:\HP
2015-06-01 19:46 - 2011-02-10 12:23 - 00000000 ___HD C:\SYSTEM.SAV

==================== Files in the root of some directories =======

2015-06-02 12:51 - 2015-05-25 18:12 - 0020592 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\AccessibleMarshal.dll
2015-06-02 12:51 - 2015-05-25 15:16 - 0000667 _____ () C:\Users\Rita\AppData\Local\application.ini
2015-06-02 12:51 - 2015-05-25 18:12 - 0109680 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\breakpadinjector.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 0283248 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\crashreporter.exe
2015-06-02 12:51 - 2015-05-25 15:10 - 0004003 _____ () C:\Users\Rita\AppData\Local\crashreporter.ini
2015-06-02 12:51 - 2010-05-26 11:41 - 2106216 _____ (Microsoft Corporation) C:\Users\Rita\AppData\Local\D3DCompiler_43.dll
2015-06-02 12:51 - 2013-08-21 22:03 - 3466856 _____ (Microsoft Corporation) C:\Users\Rita\AppData\Local\d3dcompiler_47.dll
2015-06-02 12:51 - 2015-05-25 17:53 - 0000093 _____ () C:\Users\Rita\AppData\Local\dependentlibs.list
2015-06-02 12:51 - 2015-05-25 18:12 - 0376944 _____ (Mozilla Corporation) C:\Users\Rita\AppData\Local\firefox.exe
2015-06-02 12:51 - 2015-05-25 18:12 - 0000899 _____ () C:\Users\Rita\AppData\Local\freebl3.chk
2015-06-02 12:51 - 2015-05-25 18:12 - 0330864 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\freebl3.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 10397296 _____ (The ICU Project) C:\Users\Rita\AppData\Local\icudt52.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 1079920 _____ (The ICU Project) C:\Users\Rita\AppData\Local\icuin52.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 0825456 _____ (The ICU Project) C:\Users\Rita\AppData\Local\icuuc52.dll
2015-06-02 12:51 - 2015-06-02 12:53 - 0022042 _____ () C:\Users\Rita\AppData\Local\install.log
2015-06-02 12:51 - 2015-05-25 18:12 - 0042096 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\libEGL.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 0895088 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\libGLESv2.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 0148080 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\maintenanceservice.exe
2015-06-02 12:51 - 2015-05-25 18:12 - 0185432 _____ (Mozilla Corporation) C:\Users\Rita\AppData\Local\maintenanceservice_installer.exe
2015-06-02 12:51 - 2015-05-25 18:12 - 0017008 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\mozalloc.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 0105072 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\mozglue.dll
2015-06-02 12:51 - 2013-10-05 02:38 - 0455328 _____ (Microsoft Corporation) C:\Users\Rita\AppData\Local\msvcp120.dll
2015-06-02 12:51 - 2013-10-05 02:38 - 0970912 _____ (Microsoft Corporation) C:\Users\Rita\AppData\Local\msvcr120.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 1681008 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\nss3.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 0430704 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\nssckbi.dll
2015-06-02 12:51 - 2015-05-25 18:12 - 0000899 _____ () C:\Users\Rita\AppData\Local\nssdbm3.chk
2015-06-02 12:51 - 2015-05-25 18:12 - 0093808 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\nssdbm3.dll
2015-06-02 12:51 - 2015-05-25 18:14 - 11717290 _____ () C:\Users\Rita\AppData\Local\omni.ja
2015-06-02 12:51 - 2015-05-25 17:58 - 0000143 _____ () C:\Users\Rita\AppData\Local\platform.ini
2015-06-02 12:51 - 2015-05-25 18:12 - 0270960 _____ (Mozilla Corporation) C:\Users\Rita\AppData\Local\plugin-container.exe
2015-06-02 12:51 - 2015-05-25 18:13 - 0172144 _____ (Mozilla Corporation) C:\Users\Rita\AppData\Local\plugin-hang-ui.exe
2015-06-02 12:51 - 2015-05-25 18:15 - 0002278 _____ () C:\Users\Rita\AppData\Local\precomplete
2015-06-02 12:51 - 2015-05-25 16:22 - 0000662 _____ () C:\Users\Rita\AppData\Local\removed-files
2015-06-02 12:51 - 2015-05-25 18:13 - 0210032 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\sandboxbroker.dll
2015-06-02 12:51 - 2015-05-25 18:13 - 0000899 _____ () C:\Users\Rita\AppData\Local\softokn3.chk
2015-06-02 12:51 - 2015-05-25 18:13 - 0152688 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\softokn3.dll
2015-06-02 12:51 - 2015-05-25 16:18 - 0000132 _____ () C:\Users\Rita\AppData\Local\update-settings.ini
2015-06-02 12:51 - 2015-05-25 18:13 - 0298608 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\updater.exe
2015-06-02 12:51 - 2015-05-25 17:58 - 0001245 _____ () C:\Users\Rita\AppData\Local\updater.ini
2015-06-02 12:51 - 2015-05-25 18:15 - 0005936 _____ () C:\Users\Rita\AppData\Local\voucher.bin
2015-06-02 12:51 - 2015-05-25 18:13 - 0091032 _____ (Mozilla Corporation) C:\Users\Rita\AppData\Local\webapp-uninstaller.exe
2015-06-02 12:51 - 2015-05-25 18:13 - 0132720 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\webapprt-stub.exe
2015-06-02 12:51 - 2015-05-25 18:14 - 0127064 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\wow_helper.exe
2015-06-02 12:51 - 2015-05-25 18:13 - 35363440 _____ (Mozilla Foundation) C:\Users\Rita\AppData\Local\xul.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-02 09:23

==================== End of log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by Rita at 2015-06-03 15:27:28
Running from C:\Users\Rita\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-618370299-2702776604-2184558157-500 - Administrator - Disabled)
Guest (S-1-5-21-618370299-2702776604-2184558157-501 - Limited - Disabled)
Rita (S-1-5-21-618370299-2702776604-2184558157-1001 - Administrator - Enabled) => C:\Users\Rita

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Firefox Developer Edition 40.0a2 (x86 en-US) (HKLM-x32\...\Firefox Developer Edition 40.0a2 (x86 en-US)) (Version: 40.0a2 - Mozilla)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Kayako Desktop (HKLM-x32\...\KayakoDesktop) (Version:  - )
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-618370299-2702776604-2184558157-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0a2 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29034 - Realtek Semiconductor Corp.)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-618370299-2702776604-2184558157-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Rita\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

02-06-2015 10:13:25 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
02-06-2015 10:14:06 Installed HP Wireless Button Driver.
03-06-2015 14:44:00 Windows Modules Installer

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {27ECAE1A-B0AB-4201-95C4-63F18196D6F1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-30] (Microsoft Corporation)
Task: {29DD790A-A498-47C6-93D4-8A5D24CF5EF8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {2FE7EB4B-8C7E-4CDF-A83D-B83C1C9065AA} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {30244AA1-03B7-4BF0-A992-2C62DC2981AB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {5F7B9A36-2305-4992-A916-DC7D74B9C314} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {6BED7B49-44E7-4C07-A5A4-C79AEBFC3E00} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2014-11-21] (Microsoft Corporation)
Task: {6F73B634-52E7-4DBE-B336-FE09FE3142E4} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-28] (Synaptics Incorporated)
Task: {7D5C8F49-F449-4E9E-B139-3D0FD6AF1E57} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {8295BBBF-B58C-4A2A-9BB2-699212047156} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-06-02] (Microsoft Corporation)
Task: {885BA2D1-3592-4CAE-959A-6B6FE6A269BA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {C922C01E-B9FB-4E3F-AA8A-ABFDB703B7A4} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-618370299-2702776604-2184558157-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {D1200C8C-BCC1-42A7-9E2D-DD739F5A6952} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {FDBC1432-8A35-4207-9F34-3117316A7910} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-15] (Microsoft Corporation)
Task: {FFB71402-6A73-497C-AB0E-EA9735A92093} - System32\Tasks\Microsoft Office 15 Sync Maintenance for IZZIE-Rita Izzie => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-06-02] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (Whitelisted) ==============

2015-06-02 12:10 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-06-02 12:21 - 2015-06-02 12:21 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-06-03 09:40 - 2015-06-03 09:40 - 00818176 _____ () C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\6r2thbel.dev-edition-default\extensions\adbhelper@mozilla.org\win32\adb.exe
2015-06-02 12:12 - 2015-06-02 12:22 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Rita\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-618370299-2702776604-2184558157-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 4.2.2.3

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [TCP Query User{FD5C7900-746F-4BE4-8466-D64C2B3DB9EA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{E2612B43-3F57-4EAA-AC2F-467E36529CDA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{620F6BA1-23E9-4E90-829E-3439CF5BF6A2}C:\program files (x86)\kayako\desktop\kayakodesktop.exe] => (Allow) C:\program files (x86)\kayako\desktop\kayakodesktop.exe
FirewallRules: [UDP Query User{4345BF5E-58C7-40D3-92FC-E625828E512A}C:\program files (x86)\kayako\desktop\kayakodesktop.exe] => (Allow) C:\program files (x86)\kayako\desktop\kayakodesktop.exe
FirewallRules: [{7D0FB61F-907D-410B-B4F4-A4591092CCCC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{AAEDD4DC-282C-4C8F-A6E3-7E0D88D7E228}] => (Allow) C:\Users\Rita\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{49942F12-4661-4915-9AC9-2C73C58C2FD5}] => (Allow) C:\Users\Rita\AppData\Local\firefox.exe
FirewallRules: [{41B319E0-0A7E-4E9C-9F42-CF16A07F33CF}] => (Allow) C:\Users\Rita\AppData\Local\firefox.exe
FirewallRules: [{7AF3F837-E5D4-4448-9C0C-0EF5D8829FD9}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe
FirewallRules: [{49B57E76-30F8-46AF-BA71-28E459038D82}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe
FirewallRules: [TCP Query User{161DC1D0-5606-4806-B982-D42F4B0F21F7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{8AF8A464-6182-4339-82A5-1EC163F6A282}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2015 03:07:23 PM) (Source: MsiInstaller) (EventID: 11314) (User: IZZIE)
Description: Product: Windows Resource Kit Tools - SubInAcl.exe -- Error 1314. The specified path '%windir%\system32' is unavailable.


System errors:
=============
Error: (06/03/2015 03:13:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc. - Graphics Adapter WDDM1.2 - AMD Radeon HD 7640G.

Error: (06/03/2015 03:12:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc. - Graphics Adapter WDDM1.2 - AMD Radeon HD 7640G.

Error: (06/03/2015 02:46:25 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (06/03/2015 02:46:25 PM) (Source: W3SVC) (EventID: 1004) (User: )
Description: The World Wide Web Publishing Service (WWW Service) did not register the URL prefix http://*:80/ for site 1. The site has been disabled. The data field contains the error number.

Error: (06/03/2015 02:16:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc. - Graphics Adapter WDDM1.2 - AMD Radeon HD 7640G.

Error: (06/03/2015 00:17:36 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106.

Error: (06/03/2015 11:14:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc. - Graphics Adapter WDDM1.2 - AMD Radeon HD 7640G.

Error: (06/03/2015 09:46:42 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc. - Graphics Adapter WDDM1.2 - AMD Radeon HD 7640G.

Error: (06/03/2015 09:45:29 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Advanced Micro Devices, Inc. - Graphics Adapter WDDM1.2 - AMD Radeon HD 7640G.

Error: (06/02/2015 10:37:32 PM) (Source: DCOM) (EventID: 10010) (User: IZZIE)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


Microsoft Office:
=========================
Error: (06/03/2015 03:07:23 PM) (Source: MsiInstaller) (EventID: 11314) (User: IZZIE)
Description: Product: Windows Resource Kit Tools - SubInAcl.exe -- Error 1314. The specified path '%windir%\system32' is unavailable.(NULL)(NULL)(NULL)(NULL)(NULL)


==================== Memory info ===========================

Processor: AMD A8-4500M APU with Radeon™ HD Graphics
Percentage of memory in use: 40%
Total physical RAM: 5602.36 MB
Available physical RAM: 3337.09 MB
Total Pagefile: 7202.36 MB
Available Pagefile: 4494.19 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:678.98 GB) (Free:644.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:19.36 GB) (Free:2.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 32F16293)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=679 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=102 MB) - (Type=0C)

==================== End of log ============================



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,752 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:04 AM

Posted 04 June 2015 - 08:14 AM

Looking good.

All is clean.

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,752 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:04 AM

Posted 10 June 2015 - 12:12 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users