Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus or hijack?


  • This topic is locked This topic is locked
2 replies to this topic

#1 bingvnn

bingvnn

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 PM

Posted 16 June 2015 - 06:35 AM

I am desperate at this point!

Something is going on with my computer and I just can't figure out exactly how to stop it. I have a HP Pavilion DV7-7121nr laptop, I rely on it for work, as I work at home so its very imperative that I can fix this. I am pretty sure that this has something to do with a network but since I am not computer literate, I am not sure what to look for. I recently installed the windows 8.1 update and thats when I really noticed big problems although I was pretty sure they were there before. 

I ran a thorough scan with Avast antivirus and the network scan said my router was infected. Certain programs and software don't work, for example, Internet Explorer stopped working ~ it will open but I cannot type anything into it. Nothing seems to update, my drivers are wrong, my graphics are horrible and they should be HD. The sound is working but very tinny and generic sounding, it had beats mobile on it. The programs are all "old" looking, like they are from old versions of windows but maybe thats my graphics. I have turned off remote connections yet they still get in. I am using wifi on my laptop but have a router wired to desktop computer. I used to be able to log in to router page from my laptop and change the password which i did frequently, but now I am unable to. I can log in from desktop but according to the antivirus program, it says my user name and password are too weak and its not the same as the one I use. If you can offer any help I would be forever grateful! I have tried all kinds of things, but the "advice" I keep getting isnt working. I've ran scans, fixes, anything I could find and nothing. I reset the router but it didnt seem to change anything at all. I hope I have explained it enough but please if you need me to tell you anything at all, let me know! 

Thank you so much in advance~

 

Here is the Frst scan:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-05-2015
Ran by Rita (administrator) on RITAS on 31-05-2015 13:47:06
Running from C:\Users\Rita\Downloads
Loaded Profiles: Rita (Available Profiles: Rita)
Platform: Microsoft Windows 8.1 Pro (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Users\Rita\Desktop\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Hewlett-Packard Company) C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Users\Rita\Desktop\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
(ATI Technologies Inc.) C:\Users\Rita\Desktop\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Insight Software Solutions, Inc.) C:\Program Files\ShortKeys 3\shortkey.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Kayako Infotech Ltd.) C:\Program Files\Kayako\Desktop\KayakoDesktop.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x86__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16.0.3327.1043_x86__8wekyb3d8bbwe\onenoteim.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\...\Run: [StartCCC] => C:\Users\Rita\Desktop\ATI.ACE\Core-Static\x86\CLIStart.exe [748232 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [HP CoolSense] => C:\Program Files\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM Group Policy restriction on software: C:\Windows\System32\comsvcs.dll <====== ATTENTION
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [28919424 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [370912 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\...\Run: [AppleIEDAV] => C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe [1079592 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Heimdal.lnk [2015-05-31]
ShortcutTarget: Heimdal.lnk -> C:\Program Files\Heimdal\Client\HeimdalAgent.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ShortKeys 3.lnk [2015-05-27]
ShortcutTarget: ShortKeys 3.lnk -> C:\Program Files\ShortKeys 3\shortkey.exe (Insight Software Solutions, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3649269765-1493721424-2895019357-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =http://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3649269765-1493721424-2895019357-1001 -> {CA852356-48DC-43AA-BA3A-DCFC03D89431} URL =http://www.youtube.com/results?search_query={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-22] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-22] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-05-22] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\..\Interfaces\{DE1CC5D0-0765-477C-A40D-659C2C5F8877}: [NameServer] 8.8.8.8 4.2.2.3

FireFox:
========
FF ProfilePath: C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\r90e9flw.default
FF DefaultSearchEngine.US: Google
FF NetworkProxy: "type", 0
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-22] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-30]
CHR Extension: (Google Docs) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-30]
CHR Extension: (Google Drive) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-30]
CHR Extension: (YouTube) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-30]
CHR Extension: (Google Search) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-30]
CHR Extension: (Google Sheets) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-30]
CHR Extension: (Bookmark Manager) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-30]
CHR Extension: (Google Wallet) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-30]
CHR Extension: (Gmail) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-30]
CHR Profile: C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (OpenOffice Writer on rollApp) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aefnmlhnadcihhnfplfbmcmodoiannan [2015-05-31]
CHR Extension: (Google Drive) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-30]
CHR Extension: (YouTube) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-30]
CHR Extension: (Google Search) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-30]
CHR Extension: (Gmail Offline) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-05-31]
CHR Extension: (Word Online) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2015-05-31]
CHR Extension: (Bookmark Manager) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-30]
CHR Extension: (HackerTarget.com) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gnikiapabimimdaghiakglffkdplamfp [2015-05-31]
CHR Extension: (CloudConvert) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hfpmbfgodkfcebpgheiedaddoikmljkk [2015-05-31]
CHR Extension: (My IP) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ikbgmfgkdplpkdnamkjbdanfcgfeejmg [2015-05-31]
CHR Extension: (Excel Online) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2015-05-31]
CHR Extension: (Online PDF Tools) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jddfpnmfhodaljeelokfceepbeapgbdn [2015-05-31]
CHR Extension: (ZeroPC Cloud) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kgkinkhhmalgmcpcjlohfoencnigfngl [2015-05-31]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-30]
CHR Extension: (OneDrive) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2015-05-31]
CHR Extension: (TextNow) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nkjdngkmnogclafejjgbgjjegoaahihg [2015-05-31]
CHR Extension: (Google Wallet) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-30]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2015-05-31]
CHR Extension: (Outlook.com) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2015-05-31]
CHR Extension: (Gmail) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-30]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Users\Rita\Desktop\ATI.ACE\Fuel\Fuel.Service.exe [276992 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
S3 BthHFSrv; C:\WINDOWS\System32\BthHFSrv.dll [250880 2014-11-21] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1856176 2015-04-07] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 NZERDP; C:\Users\Rita\AppData\Local\Temp\NZERDP.exe [531328 2015-05-31] (Sysinternals - www.sysinternals.com) [File not signed]
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [103936 2014-11-21] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [284488 2015-05-21] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2014-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22200 2015-05-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [15528 2012-09-22] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Users\Rita\Desktop\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [187072 2014-10-28] (AppEx Networks Corporation)
R3 athr; C:\WINDOWS\system32\DRIVERS\athw8.sys [2795520 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB3.sys [200704 2014-06-21] (Advanced Micro Devices)
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-11-21] (Microsoft Corporation)
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [10320 2013-09-30] ()
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [34504 2015-05-27] (Synaptics Incorporated)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [84800 2015-05-21] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver86.sys [18752 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-11-21] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [190976 2014-11-21] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-31 13:47 - 2015-05-31 13:47 - 00018473 _____ () C:\Users\Rita\Downloads\FRST.txt
2015-05-31 13:46 - 2015-05-31 13:47 - 00000000 ____D () C:\FRST
2015-05-31 13:43 - 2015-05-31 13:43 - 01147392 _____ (Farbar) C:\Users\Rita\Downloads\FRST.exe
2015-05-31 13:41 - 2015-05-31 13:41 - 00000470 _____ () C:\Users\Rita\Downloads\defogger_disable.log
2015-05-31 13:41 - 2015-05-31 13:41 - 00000000 _____ () C:\Users\Rita\defogger_reenable
2015-05-31 13:38 - 2015-05-31 13:38 - 00050477 _____ () C:\Users\Rita\Downloads\Defogger.exe
2015-05-31 13:11 - 2015-05-31 13:11 - 00005686 _____ () C:\Users\Rita\Downloads\Room List 5-31 Basecamp.csv
2015-05-31 13:01 - 2015-05-31 13:01 - 205734963 _____ () C:\WINDOWS\MEMORY.DMP
2015-05-31 13:01 - 2015-05-31 13:01 - 00149136 _____ () C:\WINDOWS\Minidump\053115-21156-01.dmp
2015-05-31 13:01 - 2015-05-31 13:01 - 00000000 ____D () C:\WINDOWS\Minidump
2015-05-31 12:50 - 2015-05-31 12:50 - 00035935 _____ () C:\Users\Rita\Desktop\dds.txt
2015-05-31 12:50 - 2015-05-31 12:50 - 00018610 _____ () C:\Users\Rita\Desktop\attach.txt
2015-05-31 12:43 - 2015-05-31 12:44 - 00688992 ____R (Swearware) C:\Users\Rita\Downloads\dds.com
2015-05-31 12:41 - 2015-01-14 11:27 - 02894848 _____ () C:\WINDOWS\system32\pwNative.exe
2015-05-31 12:41 - 2013-09-30 16:26 - 00015688 ____N () C:\WINDOWS\system32\pwdrvio.sys
2015-05-31 12:40 - 2013-09-30 16:26 - 00010320 ____N () C:\WINDOWS\system32\pwdspio.sys
2015-05-31 12:38 - 2015-05-31 13:44 - 00000000 ____D () C:\Program Files\MiniTool Partition Wizard Free 9.0
2015-05-31 12:30 - 2015-05-31 12:30 - 31973976 _____ (MiniTool Solution Ltd. ) C:\Users\Rita\Downloads\pwfree9.exe
2015-05-31 12:29 - 2015-05-31 12:29 - 00000000 ____D () C:\Users\Rita\Downloads\TCPView
2015-05-31 12:28 - 2015-05-31 12:28 - 00291606 _____ () C:\Users\Rita\Downloads\TCPView.zip
2015-05-31 11:50 - 2015-05-31 11:51 - 00000000 ____D () C:\Users\Rita\Downloads\RootkitRevealer
2015-05-31 11:50 - 2015-05-31 11:50 - 00231390 _____ () C:\Users\Rita\Downloads\RootkitRevealer.zip
2015-05-31 11:49 - 2015-05-31 11:49 - 00464491 _____ () C:\Users\Rita\Downloads\RootRepeal (1).zip
2015-05-31 11:47 - 2015-05-31 11:47 - 00464491 _____ () C:\Users\Rita\Downloads\RootRepeal.zip
2015-05-31 11:43 - 2015-05-31 11:43 - 04177016 _____ (CSIS Security Group) C:\Users\Rita\Downloads\HeimdalSetup.exe
2015-05-31 11:43 - 2015-05-31 11:43 - 00000000 ____D () C:\ProgramData\CSIS
2015-05-31 01:01 - 2015-05-31 01:01 - 00001166 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-31 01:01 - 2015-05-31 01:01 - 00001154 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-31 01:01 - 2015-05-31 01:01 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Mozilla
2015-05-31 01:01 - 2015-05-31 01:01 - 00000000 ____D () C:\Users\Rita\AppData\Local\Mozilla
2015-05-31 01:01 - 2015-05-31 01:01 - 00000000 ____D () C:\ProgramData\Mozilla
2015-05-31 01:01 - 2015-05-31 01:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-31 01:00 - 2015-05-31 01:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-05-31 00:59 - 2015-05-31 00:59 - 00243344 _____ () C:\Users\Rita\Downloads\Firefox Setup Stub 38.0.1.exe
2015-05-31 00:24 - 2015-05-31 00:24 - 00000017 _____ () C:\Users\Rita\AppData\Local\resmon.resmoncfg
2015-05-30 22:33 - 2015-05-31 13:27 - 00002412 _____ () C:\Users\Rita\Desktop\Rita - Chrome.lnk
2015-05-30 22:32 - 2015-05-30 22:32 - 00208804 ____H () C:\WINDOWS\system32\mlfcache.dat
2015-05-30 17:15 - 2015-05-30 17:15 - 00008707 _____ () C:\Users\Rita\Desktop\Book1.xlsx
2015-05-30 15:04 - 2015-05-30 15:04 - 00000000 ____D () C:\WINDOWS\Sun
2015-05-30 13:01 - 2015-05-30 13:01 - 00002302 _____ () C:\Users\Rita\Desktop\Chrome App Launcher.lnk
2015-05-30 13:01 - 2015-05-30 13:01 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-30 12:53 - 2015-05-31 11:07 - 00000000 ____D () C:\Users\Rita\AppData\Local\20F87B15-4F03-49D2-9A74-8699A7C8C9F1.aplzod
2015-05-30 12:52 - 2015-05-31 13:04 - 00000000 ___RD () C:\Users\Rita\iCloudDrive
2015-05-30 12:52 - 2015-05-31 00:23 - 00000000 ____D () C:\Users\Rita\Documents\Outlook Files
2015-05-30 12:52 - 2015-05-30 12:52 - 00000000 ____D () C:\Users\Rita\AppData\Local\Apple Inc
2015-05-30 12:41 - 2015-05-30 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-05-30 12:40 - 2015-05-30 12:56 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak2
2015-05-30 12:40 - 2015-05-30 12:40 - 00001860 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-05-30 12:40 - 2015-05-30 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-05-30 12:39 - 2015-05-30 12:40 - 00000000 ____D () C:\Program Files\QuickTime
2015-05-29 23:14 - 2015-05-30 17:16 - 00001735 _____ () C:\Users\Rita\Desktop\keno 5-30.txt
2015-05-29 21:05 - 2015-05-30 22:38 - 00001798 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-05-29 21:05 - 2015-05-30 12:58 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Apple Computer
2015-05-29 21:05 - 2015-05-30 12:55 - 00000000 ____D () C:\Users\Rita\AppData\Local\Apple Computer
2015-05-29 21:05 - 2015-05-29 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-29 21:04 - 2012-10-03 16:14 - 00026840 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2015-05-29 21:03 - 2015-05-31 00:34 - 00000000 ____D () C:\Program Files\iTunes
2015-05-29 21:03 - 2015-05-30 12:52 - 00000000 ____D () C:\Users\Rita\AppData\Local\Apple
2015-05-29 21:03 - 2015-05-29 21:04 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-05-29 21:03 - 2015-05-29 21:03 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-05-29 21:03 - 2015-05-29 21:03 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-05-29 21:03 - 2015-05-29 21:03 - 00000000 ____D () C:\Program Files\iPod
2015-05-29 21:03 - 2015-05-29 21:03 - 00000000 ____D () C:\Program Files\Apple Software Update
2015-05-29 21:02 - 2015-05-30 12:40 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-29 21:02 - 2015-05-29 21:03 - 00000000 ____D () C:\ProgramData\Apple
2015-05-29 21:02 - 2015-05-29 21:03 - 00000000 ____D () C:\Program Files\Bonjour
2015-05-29 16:16 - 2015-05-29 16:16 - 00000000 ____D () C:\Users\Rita\AppData\Local\AMD
2015-05-29 16:15 - 2015-05-29 16:15 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\ATI
2015-05-29 16:15 - 2015-05-29 16:15 - 00000000 ____D () C:\Users\Rita\AppData\Local\ATI
2015-05-29 16:15 - 2015-05-29 16:15 - 00000000 ____D () C:\Users\Rita\AppData\Local\AppEx Networks
2015-05-29 16:15 - 2015-05-29 16:15 - 00000000 ____D () C:\ProgramData\ATI
2015-05-29 16:13 - 2015-05-31 12:59 - 00065536 _____ () C:\WINDOWS\system32\spu_storage.bin
2015-05-29 16:06 - 2015-05-29 16:06 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\library_dir
2015-05-29 16:05 - 2015-05-29 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2015-05-29 16:05 - 2015-05-29 16:05 - 00000000 ____D () C:\Program Files\AMD Quick Stream
2015-05-29 16:05 - 2015-05-29 16:05 - 00000000 ____D () C:\Program Files\AMD AVT
2015-05-29 16:05 - 2014-10-28 14:24 - 00187072 _____ (AppEx Networks Corporation) C:\WINDOWS\system32\Drivers\appexDrv.sys
2015-05-29 16:04 - 2015-05-29 16:04 - 00062404 _____ () C:\WINDOWS\system32\CCCInstall_201505291604583168.log
2015-05-29 16:04 - 2015-05-29 16:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-05-29 16:03 - 2015-05-29 16:05 - 00000000 ____D () C:\ProgramData\AMD
2015-05-29 16:02 - 2015-05-29 16:02 - 00000000 ____D () C:\Program Files\AMD
2015-05-29 16:01 - 2015-05-29 16:04 - 00000000 ____D () C:\Users\Rita\Desktop\ATI.ACE
2015-05-29 15:58 - 2015-05-29 15:58 - 00000000 ____D () C:\AMD
2015-05-29 15:23 - 2015-05-29 15:23 - 00011891 _____ () C:\Users\Rita\Downloads\Schedule Effective May 30 - June 5.xlsx
2015-05-29 00:05 - 2015-05-29 15:20 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak1
2015-05-28 16:10 - 2015-05-30 23:29 - 00000000 ____D () C:\Users\Rita\AppData\Local\Microsoft Help
2015-05-28 15:50 - 2015-05-28 15:50 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-05-28 15:50 - 2015-05-28 15:50 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2015-05-28 13:27 - 2015-05-28 13:27 - 00000299 _____ () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2015-05-28 13:09 - 2015-05-28 13:23 - 00000000 ____D () C:\ProgramData\RiYtkJ
2015-05-28 13:08 - 2015-05-28 13:23 - 00000000 ____D () C:\Program Files\ORBTR
2015-05-28 13:08 - 2015-05-28 13:22 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Desktop Search
2015-05-28 13:08 - 2015-05-28 13:22 - 00000000 ____D () C:\ProgramData\DesktopSearch
2015-05-28 13:08 - 2015-05-28 13:11 - 00000000 ____D () C:\Users\Rita\AppData\Local\WebBar
2015-05-28 13:08 - 2015-05-28 13:08 - 00000000 ____D () C:\ProgramData\InstallSightSDK
2015-05-28 13:07 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\Edu App
2015-05-28 12:09 - 2015-05-29 01:41 - 00000000 ____D () C:\Users\Rita\AppData\Local\avabvcxvyx
2015-05-28 12:08 - 2015-05-28 13:22 - 00000000 ____D () C:\ProgramData\{d1c9f557-9291-ae4c-d1c9-9f557929d55e}
2015-05-28 12:08 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\WebBar
2015-05-28 12:08 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\BubbleSound
2015-05-28 12:08 - 2015-05-28 12:09 - 00000000 ____D () C:\Program Files\SearchProtect
2015-05-28 12:08 - 2015-05-28 12:08 - 00000000 ____D () C:\Users\Rita\AppData\Local\SearchProtect
2015-05-28 11:59 - 2015-05-28 12:03 - 00000000 ____D () C:\Users\Rita\AppData\Local\Games Bot
2015-05-28 11:56 - 2015-05-28 12:08 - 00000112 _____ () C:\ProgramData\551a7ju.dat
2015-05-28 11:40 - 2015-05-28 11:40 - 00000000 ____D () C:\Users\Rita\AppData\Local\Consumer Input
2015-05-28 11:39 - 2015-05-28 13:23 - 00000000 ____D () C:\Program Files\CinemaPlus-3.2cV28.05
2015-05-28 11:39 - 2015-05-28 13:22 - 00000000 ____D () C:\Users\Rita\AppData\Local\gmsd_us_627
2015-05-28 11:39 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\gmsd_us_627
2015-05-28 11:39 - 2015-05-28 11:39 - 00000005 _____ () C:\end
2015-05-28 11:38 - 2015-05-28 13:23 - 00000000 ____D () C:\Program Files\Coupoon
2015-05-28 11:38 - 2015-05-28 11:51 - 00000000 ____D () C:\ProgramData\abc
2015-05-28 11:38 - 2015-05-28 11:38 - 00000000 ____D () C:\Users\Rita\AppData\Local\Crossbrowse
2015-05-28 11:37 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\Consumer Input
2015-05-28 11:37 - 2015-05-28 11:37 - 00000000 ____D () C:\Program Files\Crossbrowse
2015-05-28 11:36 - 2015-05-28 13:23 - 00000000 ____D () C:\ProgramData\FlashBeat
2015-05-28 11:36 - 2015-05-28 13:22 - 00000000 ____D () C:\ProgramData\0f8be51fc7a84a16a49ae00b238d2a95
2015-05-28 11:36 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\Common Files\Umbrella
2015-05-28 11:36 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\Common Files\IMGUpdater
2015-05-28 11:36 - 2015-05-28 11:36 - 00000000 ____D () C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-05-28 11:36 - 2015-05-28 11:36 - 00000000 ____D () C:\Program Files\Iminent
2015-05-28 11:35 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\Infonaut_1.10.0.14
2015-05-28 11:34 - 2015-05-28 11:34 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Super Optimizer
2015-05-28 11:32 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\user extensions
2015-05-28 11:32 - 2015-05-28 11:32 - 00000064 _____ () C:\Users\Rita\AppData\Local\026917dab9ae4d79f21beb64d61a7123
2015-05-28 11:32 - 2015-05-28 11:32 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Tny_cassiopesa
2015-05-28 11:31 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\Tny_Cassiopesa
2015-05-28 11:31 - 2015-05-28 11:31 - 00000000 ____D () C:\Users\Rita\AppData\Local\Boost
2015-05-28 11:31 - 2015-05-28 11:31 - 00000000 ____D () C:\ProgramData\{CA4E228D-9ACC-F30B-2B4A-8389FBC85007}
2015-05-28 11:30 - 2015-05-28 11:30 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Itibiti
2015-05-28 11:29 - 2015-05-28 13:23 - 00000000 ____D () C:\Program Files\SafeGuard
2015-05-28 11:29 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\Itibiti Soft Phone
2015-05-28 11:29 - 2015-05-28 11:29 - 00000000 ____D () C:\Users\Rita\AppData\Local\SafeGuard
2015-05-28 11:28 - 2015-05-28 13:23 - 00000000 ____D () C:\Program Files\Super Optimizer
2015-05-28 11:28 - 2015-05-28 13:22 - 00000000 ____D () C:\ProgramData\{bdcdc238-cfa5-616c-bdcd-dc238cfa08e3}
2015-05-28 11:27 - 2015-05-28 13:22 - 00000000 ____D () C:\Users\Rita\AppData\Local\205DE133-1432812431-E111-A2AB-F678E23D4077
2015-05-28 11:26 - 2015-05-28 13:22 - 00000000 ____D () C:\Users\Rita\AppData\Local\205DE133-1432812413-E111-A2AB-F678E23D4077
2015-05-28 11:24 - 2015-05-28 13:22 - 00000000 ____D () C:\Users\Rita\AppData\Local\205DE133-1432812273-E111-A2AB-F678E23D4077
2015-05-28 11:23 - 2015-05-29 01:52 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\205DE133-1432837422-E111-A2AB-F678E23D4077
2015-05-28 11:22 - 2015-05-28 11:22 - 00000000 ____D () C:\Users\Rita\AppData\Local\globalUpdate
2015-05-28 11:22 - 2015-05-28 11:22 - 00000000 ____D () C:\Program Files\globalUpdate
2015-05-28 11:21 - 2015-05-28 13:23 - 00000000 ____D () C:\Program Files\HQCinema Pro 2.1V28.05
2015-05-28 11:11 - 2015-05-28 11:12 - 00000000 ____D () C:\Users\Rita\Documents\Insight Software
2015-05-27 11:13 - 2015-05-27 11:13 - 01637784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00472264 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-05-27 11:13 - 2015-05-27 11:13 - 00419528 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00217800 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00206536 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo27.dll
2015-05-27 11:13 - 2015-05-27 11:13 - 00034504 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF.sys
2015-05-27 09:57 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\ShortKeys 3
2015-05-27 09:57 - 2015-05-28 13:22 - 00000000 ____D () C:\Program Files\Common Files\Insight Software Solutions
2015-05-27 09:57 - 2015-05-27 09:57 - 00001047 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShortKeys 3.lnk
2015-05-27 09:57 - 2015-05-27 09:57 - 00000000 ____D () C:\ProgramData\Insight Software Solutions
2015-05-27 09:55 - 2015-05-27 09:55 - 07403160 _____ () C:\Users\Rita\Downloads\shkey.exe
2015-05-26 12:28 - 2015-05-28 13:22 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-26 01:54 - 2015-05-31 11:33 - 00000000 ____D () C:\Users\Rita\Desktop\sherlock
2015-05-26 01:54 - 2015-04-30 13:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-26 01:54 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-05-25 19:48 - 2015-05-25 19:48 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2015-05-25 19:08 - 2015-05-25 19:08 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-05-25 19:08 - 2015-05-25 19:08 - 00000000 ____D () C:\Program Files\MSBuild
2015-05-25 19:05 - 2013-08-02 21:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-05-25 19:02 - 2015-05-25 19:48 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\PortForward.com
2015-05-25 19:02 - 2015-05-25 19:02 - 00000000 ____D () C:\Users\Rita\AppData\Local\Downloaded Installations
2015-05-24 15:13 - 2015-05-24 15:13 - 00000000 ___RD () C:\Users\Rita\Documents\Notes
2015-05-24 13:14 - 2015-05-24 13:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-24 13:13 - 2015-05-24 13:13 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-23 22:39 - 2015-05-23 22:39 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2015-05-23 22:30 - 2015-05-23 22:30 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-05-23 21:05 - 2015-05-23 21:05 - 00009080 _____ () C:\Users\Rita\Documents\ASTEROIDS NIGHT.xlsx
2015-05-23 19:42 - 2015-05-23 19:42 - 00009646 _____ () C:\Users\Rita\Documents\KENO CLAIMS.xlsx
2015-05-23 13:14 - 2015-05-23 13:14 - 00000000 __RHD () C:\MSOCache
2015-05-23 12:16 - 2015-05-23 12:16 - 00000357 _____ () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2015-05-23 03:27 - 2015-05-23 03:27 - 00000600 _____ () C:\Users\Rita\Documents\bentley.txt
2015-05-23 02:51 - 2015-01-05 19:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-05-23 02:51 - 2015-01-05 19:17 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-05-23 02:51 - 2015-01-05 18:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-05-23 02:50 - 2015-04-24 13:49 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-23 02:50 - 2015-04-15 23:22 - 00259928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-05-23 02:50 - 2015-04-13 15:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-05-23 02:50 - 2015-04-09 17:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-05-23 02:50 - 2015-04-08 15:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rgb9rast.dll
2015-05-23 02:50 - 2015-04-08 15:07 - 00410336 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-23 02:50 - 2015-04-01 15:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-05-23 02:50 - 2015-03-31 19:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-05-23 02:50 - 2015-03-31 19:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-05-23 02:50 - 2015-03-31 19:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-05-23 02:50 - 2015-03-31 19:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-05-23 02:50 - 2015-03-31 19:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-05-23 02:50 - 2015-03-31 19:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-05-23 02:50 - 2015-03-19 19:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-05-23 02:50 - 2015-03-19 18:57 - 00873984 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-05-23 02:50 - 2015-03-04 16:08 - 00977920 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-23 02:50 - 2015-03-01 18:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-05-23 02:40 - 2015-05-23 02:40 - 00000178 _____ () C:\Users\Rita\Documents\location.txt
2015-05-23 02:29 - 2015-05-23 02:29 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-05-23 02:28 - 2015-05-23 02:32 - 00000000 ____D () C:\Users\Rita\AppData\Local\PackageStaging
2015-05-23 01:12 - 2015-05-23 02:32 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak
2015-05-22 23:02 - 2015-05-22 23:02 - 00000178 _____ () C:\Users\Rita\keno 5-23.txt
2015-05-22 20:10 - 2015-05-25 19:21 - 00002182 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-22 20:10 - 2015-05-22 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-22 20:09 - 2015-05-31 13:19 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-22 20:09 - 2015-05-31 13:03 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-22 20:09 - 2015-05-22 20:10 - 00000000 ____D () C:\Program Files\Google
2015-05-22 20:08 - 2015-05-22 20:10 - 00000000 ____D () C:\Users\Rita\AppData\Local\Google
2015-05-22 19:52 - 2015-05-22 19:52 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-05-22 19:52 - 2015-05-22 19:52 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-05-22 19:48 - 2015-05-22 19:48 - 00011784 _____ () C:\Users\Rita\Downloads\Schedule Effective May 23 - May 29.xlsx
2015-05-22 19:40 - 2015-05-22 19:40 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-05-22 19:35 - 2015-05-22 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-22 19:33 - 2015-05-22 19:33 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-05-22 18:46 - 2015-05-22 23:00 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\TeamViewer
2015-05-22 18:38 - 2015-05-31 13:43 - 00000000 ____D () C:\Program Files\TeamViewer
2015-05-22 17:18 - 2015-05-22 17:18 - 00000000 ____D () C:\Users\Rita\Tracing
2015-05-22 17:17 - 2015-05-31 13:42 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Skype
2015-05-22 17:17 - 2015-05-29 15:17 - 00000000 ___RD () C:\Program Files\Skype
2015-05-22 17:17 - 2015-05-22 17:17 - 00002701 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-05-22 17:17 - 2015-05-22 17:17 - 00000000 ____D () C:\Users\Rita\AppData\Local\Skype
2015-05-22 17:17 - 2015-05-22 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-05-22 17:17 - 2015-05-22 17:17 - 00000000 ____D () C:\Program Files\Common Files\Skype
2015-05-22 16:53 - 2015-05-22 16:54 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-22 16:53 - 2015-05-22 16:53 - 00096352 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-05-22 16:53 - 2015-05-22 16:53 - 00000000 ____D () C:\ProgramData\Sun
2015-05-22 16:53 - 2015-05-22 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-22 16:53 - 2015-05-22 16:53 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-05-22 16:52 - 2015-05-22 16:52 - 00000000 ____D () C:\Program Files\Java
2015-05-22 16:45 - 2015-05-28 13:15 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-22 16:45 - 2015-05-22 16:45 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Kayako
2015-05-22 16:34 - 2015-05-22 16:34 - 00000000 ____D () C:\4c8cd9ddf9fa745ccf35863725
2015-05-22 16:21 - 2015-05-22 17:17 - 00000000 ____D () C:\ProgramData\Skype
2015-05-22 16:20 - 2015-05-22 16:21 - 43031680 _____ (Skype Technologies S.A.) C:\Users\Rita\Downloads\SkypeSetupFull.exe
2015-05-22 16:20 - 2015-05-22 16:20 - 00000000 ____D () C:\Program Files\Kayako
2015-05-22 15:35 - 2015-05-22 15:35 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-RITAS-Windows-8.1-Pro-(32-bit).dat
2015-05-22 15:35 - 2015-05-22 15:35 - 00000000 ____D () C:\RegBackup
2015-05-22 14:45 - 2015-05-22 14:45 - 00000000 _____ () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-05-22 14:34 - 2015-05-22 14:34 - 00000000 ____D () C:\Users\Rita\Documents\Security
2015-05-22 14:28 - 2015-05-22 17:31 - 00045698 __RSH () C:\ProgramData\ntuser.pol
2015-05-22 13:57 - 2014-04-15 16:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-05-22 13:56 - 2015-01-19 11:36 - 01192552 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-05-22 13:55 - 2015-03-22 15:44 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-05-22 13:55 - 2015-03-22 15:07 - 00896000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-05-22 13:55 - 2015-03-22 15:07 - 00859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-05-22 13:55 - 2015-03-22 15:07 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-05-22 13:55 - 2015-03-22 15:07 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-05-22 13:55 - 2015-03-22 15:07 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-05-22 13:55 - 2015-03-22 15:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-05-22 13:55 - 2015-01-28 17:56 - 00602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-05-22 13:55 - 2014-12-02 16:09 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-05-22 13:55 - 2014-11-09 16:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-05-22 13:54 - 2014-07-23 20:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-05-21 23:57 - 2015-05-28 13:22 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-05-21 23:54 - 2015-05-21 23:54 - 00000000 __SHD () C:\Users\Rita\AppData\Local\EmieUserList
2015-05-21 23:54 - 2015-05-21 23:54 - 00000000 __SHD () C:\Users\Rita\AppData\Local\EmieSiteList
2015-05-21 23:54 - 2015-05-21 23:54 - 00000000 __SHD () C:\Users\Rita\AppData\Local\EmieBrowserModeList
2015-05-21 23:42 - 2015-05-21 23:44 - 00002256 _____ () C:\Users\Rita\Documents\Default.rdp
2015-05-21 23:37 - 2015-05-21 23:29 - 00000000 ___DC () C:\WINDOWS\Panther
2015-05-21 23:33 - 2015-05-21 23:33 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-21 23:33 - 2015-05-21 23:33 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-05-21 23:33 - 2015-05-21 23:33 - 00376128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-21 23:33 - 2015-05-21 23:33 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-05-21 23:33 - 2015-05-21 23:33 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-05-21 23:33 - 2015-05-21 23:33 - 00049664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-21 23:32 - 2015-05-31 13:05 - 00000000 ____D () C:\Users\Rita\OneDrive
2015-05-21 23:32 - 2015-05-21 23:32 - 03040768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 02309120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-05-21 23:32 - 2015-05-21 23:32 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-05-21 23:32 - 2015-05-21 23:32 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-05-21 23:32 - 2015-05-21 23:32 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-05-21 23:31 - 2015-05-21 23:31 - 01117696 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-21 23:31 - 2015-05-21 23:31 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-05-21 23:31 - 2015-05-21 23:31 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-05-21 23:31 - 2015-05-21 23:31 - 00478776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-21 23:30 - 2015-05-21 23:30 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-05-21 23:30 - 2015-05-21 23:30 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-05-21 23:30 - 2015-05-21 23:30 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-05-21 23:30 - 2015-05-21 23:30 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-05-21 23:30 - 2015-05-21 23:30 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-05-21 23:30 - 2015-05-21 23:30 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-05-21 23:30 - 2015-05-21 23:30 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-21 23:30 - 2015-05-21 23:30 - 00083456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-05-21 23:30 - 2015-05-21 23:30 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-05-21 23:30 - 2015-05-21 23:30 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-05-21 23:29 - 2015-05-21 23:29 - 00001446 _____ () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-21 23:28 - 2015-05-21 23:28 - 00485544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-05-21 23:28 - 2015-05-21 23:28 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-05-21 23:28 - 2015-05-21 23:28 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-05-21 23:28 - 2015-05-21 23:28 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-05-21 23:28 - 2015-05-21 23:28 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-05-21 23:28 - 2015-05-21 23:28 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-05-21 23:28 - 2015-05-21 23:28 - 00000020 ___SH () C:\Users\Rita\ntuser.ini
2015-05-21 23:27 - 2015-05-21 23:27 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 03999232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 02975744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 01856320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-05-21 23:27 - 2015-05-21 23:27 - 00897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-05-21 23:27 - 2015-05-21 23:27 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00869696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-05-21 23:27 - 2015-05-21 23:27 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-05-21 23:27 - 2015-05-21 23:27 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-05-21 23:27 - 2015-05-21 23:27 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00410944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00335168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00286528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-05-21 23:27 - 2015-05-21 23:27 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-05-21 23:27 - 2015-05-21 23:27 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-05-21 23:27 - 2015-05-21 23:27 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-05-21 23:27 - 2015-05-21 23:27 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-05-21 23:27 - 2015-05-21 23:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-05-21 23:27 - 2015-05-21 23:27 - 00083456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00076096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00069440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00051520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00045888 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00041792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-05-21 23:27 - 2015-05-21 23:27 - 00036160 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00022528 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00019968 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-05-21 23:27 - 2015-05-21 23:27 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-05-21 23:27 - 2015-05-21 23:27 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-05-21 23:26 - 2015-05-21 23:26 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-05-21 23:26 - 2015-05-21 23:26 - 00227136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-05-21 23:26 - 2015-05-21 23:26 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-05-21 23:26 - 2015-05-21 23:26 - 00084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-05-21 23:26 - 2015-05-21 23:26 - 00038392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-05-21 23:26 - 2015-05-21 23:26 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 03543552 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-21 23:25 - 2015-05-21 23:25 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 01088512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 00148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-05-21 23:25 - 2015-05-21 23:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-21 23:25 - 2015-05-21 23:25 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-05-21 23:25 - 2015-05-21 23:25 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-21 23:24 - 2015-05-21 23:24 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 01619968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00738112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-05-21 23:24 - 2015-05-21 23:24 - 00529352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-05-21 23:24 - 2015-05-21 23:24 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00333624 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-21 23:24 - 2015-05-21 23:24 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00224168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-05-21 23:24 - 2015-05-21 23:24 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-21 23:24 - 2015-05-21 23:24 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-05-21 23:24 - 2015-05-21 23:24 - 00041296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-05-21 23:24 - 2015-05-21 23:24 - 00035840 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-21 23:23 - 2015-05-21 23:23 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-21 23:23 - 2015-05-21 23:23 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-21 23:23 - 2015-05-21 23:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-21 23:23 - 2015-05-21 23:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-21 23:22 - 2015-05-21 23:22 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-05-21 23:22 - 2015-05-21 23:22 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-05-21 23:22 - 2015-05-21 23:22 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-05-21 23:22 - 2015-05-21 23:22 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-21 23:22 - 2015-05-21 23:22 - 00279360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-05-21 23:22 - 2015-05-21 23:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-05-21 23:22 - 2015-05-21 23:22 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-05-21 23:21 - 2015-05-21 23:21 - 05782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-05-21 23:21 - 2015-05-21 23:21 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-21 23:21 - 2015-05-21 23:21 - 01468920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-05-21 23:21 - 2015-05-21 23:21 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-05-21 23:21 - 2015-05-21 23:21 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-05-21 23:21 - 2015-05-21 23:21 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-05-21 23:21 - 2015-05-21 23:21 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-21 23:21 - 2015-05-21 23:21 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-05-21 23:21 - 2015-05-21 23:21 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-05-21 23:21 - 2015-05-21 23:21 - 00200000 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-21 23:21 - 2015-05-21 23:21 - 00131904 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-21 23:20 - 2015-05-21 23:20 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-05-21 23:19 - 2015-05-21 23:19 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-21 22:58 - 2015-05-31 13:23 - 01356465 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-21 22:57 - 2015-05-21 22:57 - 00021348 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-05-21 22:51 - 2015-05-24 16:51 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-05-21 22:49 - 2015-05-21 22:58 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2015-05-21 22:49 - 2015-05-21 22:58 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2015-05-21 22:49 - 2015-05-21 22:49 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-05-21 22:48 - 2015-05-31 13:41 - 00000000 ____D () C:\Users\Rita
2015-05-21 22:48 - 2015-05-28 13:22 - 00000000 ___RD () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-21 22:48 - 2015-05-28 13:22 - 00000000 ___RD () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-21 22:48 - 2015-05-28 13:22 - 00000000 ___RD () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-21 22:48 - 2014-11-21 17:58 - 00000369 _____ () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-21 22:48 - 2014-11-21 17:58 - 00000369 _____ () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-21 22:48 - 2013-08-22 01:17 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-21 22:40 - 2015-05-21 22:40 - 00000000 ____D () C:\Program Files\Synaptics
2015-05-21 22:40 - 2015-05-21 22:40 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-05-21 22:40 - 2015-05-21 22:40 - 00000000 _____ () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-05-21 22:40 - 2015-05-21 22:40 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2015-05-21 22:05 - 2015-05-21 22:58 - 00006680 _____ () C:\WINDOWS\comsetup.log
2015-05-21 20:42 - 2015-05-28 15:50 - 00000000 ____D () C:\ProgramData\Synaptics
2015-05-21 20:42 - 2015-05-21 20:42 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Synaptics
2015-05-21 20:30 - 2015-05-22 14:10 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-05-21 20:15 - 2015-03-03 06:16 - 00246920 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-05-21 19:28 - 2015-05-31 13:04 - 00000000 ____D () C:\Users\Rita\AppData\Local\Hewlett-Packard
2015-05-21 19:18 - 2015-05-21 19:18 - 00000052 _____ () C:\WINDOWS\system32\DOErrors.log
2015-05-21 19:17 - 2015-05-21 19:17 - 00000000 ____D () C:\Program Files\Hp
2015-05-21 19:15 - 2015-05-21 19:18 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-21 19:15 - 2015-04-30 10:07 - 137310008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-21 19:13 - 2015-05-31 11:20 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\hpqLog
2015-05-21 19:13 - 2015-05-31 11:20 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-05-21 19:13 - 2015-05-21 19:13 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-05-21 19:03 - 2015-05-21 19:03 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Macromedia
2015-05-21 18:50 - 2015-05-21 18:50 - 00000156 _____ () C:\WINDOWS\system32\netcfg-4179469.txt
2015-05-21 18:16 - 2013-05-03 21:10 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2015-05-21 17:52 - 2015-05-21 17:52 - 00000000 ____D () C:\Users\Rita\AppData\Roaming\Adobe
2015-05-21 17:51 - 2015-05-22 19:35 - 00000000 ____D () C:\Users\Rita\AppData\Local\VirtualStore
2015-05-21 17:51 - 2015-05-21 22:49 - 00000000 ____D () C:\ProgramData\PRICache
2015-05-21 17:51 - 2015-05-21 17:51 - 00000000 ____D () C:\WINDOWS\CSC
2015-05-21 17:50 - 2015-05-21 17:50 - 00001131 _____ () C:\WINDOWS\system32\netcfg-566252.txt
2015-05-21 17:50 - 2015-05-21 17:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-585690.txt
2015-05-21 17:50 - 2015-05-21 17:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-579325.txt
2015-05-21 17:50 - 2015-05-21 17:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-563896.txt
2015-05-21 17:41 - 2015-05-21 22:12 - 01069051 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-05-21 17:39 - 2015-05-21 17:39 - 00001128 _____ () C:\WINDOWS\system32\netcfg-172802.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00001128 _____ () C:\WINDOWS\system32\netcfg-160181.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000189 _____ () C:\WINDOWS\system32\netcfg-161055.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000177 _____ () C:\WINDOWS\system32\netcfg-168512.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000156 _____ () C:\WINDOWS\system32\netcfg-162334.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000153 _____ () C:\WINDOWS\system32\netcfg-164456.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000152 _____ () C:\WINDOWS\system32\netcfg-164035.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000152 _____ () C:\WINDOWS\system32\netcfg-163364.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000152 _____ () C:\WINDOWS\system32\netcfg-158980.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000151 _____ () C:\WINDOWS\system32\netcfg-162989.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000149 _____ () C:\WINDOWS\system32\netcfg-163676.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000149 _____ () C:\WINDOWS\system32\netcfg-159464.txt
2015-05-21 17:39 - 2015-05-21 17:39 - 00000142 _____ () C:\WINDOWS\system32\netcfg-162646.txt
2015-05-21 16:17 - 2015-05-23 15:37 - 00000000 __RHD () C:\ESD
2015-05-21 15:46 - 2008-05-07 22:03 - 00303616 _____ ( ) C:\SetACL.exe
2015-05-21 15:41 - 2004-06-11 16:33 - 00290304 _____ (Microsoft Corporation) C:\subinacl.exe
2015-05-20 18:10 - 2015-05-28 19:04 - 00000000 __SHD () C:\Recovery

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-31 13:04 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\tracing
2015-05-31 13:03 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-05-31 13:01 - 2013-08-22 00:23 - 00306677 _____ () C:\WINDOWS\setupact.log
2015-05-31 13:01 - 2013-08-22 00:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-31 13:00 - 2013-08-21 23:13 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-31 12:59 - 2013-08-22 01:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-31 12:00 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-30 21:31 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-30 20:58 - 2012-07-25 23:43 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-29 16:11 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-29 16:04 - 2014-11-21 18:00 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-29 15:16 - 2014-11-21 17:51 - 00887010 _____ () C:\WINDOWS\PFRO.log
2015-05-29 01:53 - 2015-04-19 05:20 - 00000626 _____ () C:\Users\Rita\AppData\Roaming\nKXPTkNe84kHX5x9ItR
2015-05-29 01:52 - 2015-04-19 05:20 - 00000626 _____ () C:\Users\Rita\AppData\Roaming\Ec6P3v2bAkcoUG4ixS7
2015-05-28 13:23 - 2013-08-21 23:13 - 00000194 _____ () C:\WINDOWS\win.ini
2015-05-28 13:22 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-28 13:22 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-28 13:22 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-28 13:22 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-28 13:22 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-28 13:22 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-28 13:22 - 2013-08-22 01:17 - 00000000 ____D () C:\Program Files\Windows Defender
2015-05-28 13:17 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\registration
2015-05-26 20:07 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-23 21:47 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-05-23 02:54 - 2013-08-22 01:17 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-05-23 02:23 - 2013-08-22 00:22 - 00478976 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-22 19:52 - 2013-08-22 01:17 - 00000000 ____D () C:\Program Files\Microsoft.NET
2015-05-22 19:52 - 2013-08-22 01:17 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-05-22 16:05 - 2012-07-25 21:17 - 00000855 _____ () C:\WINDOWS\system32\Drivers\etc\hosts_bak_639
2015-05-22 14:23 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2015-05-22 14:10 - 2014-11-21 19:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-05-22 14:10 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-05-22 14:10 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-05-22 14:01 - 2013-08-21 23:13 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-05-22 13:05 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\Macromed
2015-05-21 23:43 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-05-21 23:36 - 2013-08-22 01:17 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-05-21 23:26 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\WinStore
2015-05-21 23:25 - 2013-08-22 01:17 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-21 23:25 - 2013-08-21 23:21 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-21 23:21 - 2014-11-21 17:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-21 22:57 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
2015-05-21 22:56 - 2013-08-22 01:17 - 00000000 __RSD () C:\WINDOWS\Media
2015-05-21 22:55 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Public\Libraries
2015-05-21 22:51 - 2013-08-22 01:18 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-05-21 22:51 - 2012-07-25 21:43 - 00000000 ____D () C:\Users\Default.migrated
2015-05-21 22:50 - 2014-11-21 17:27 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-05-21 22:50 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-05-21 22:50 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-05-21 22:50 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-05-21 22:49 - 2014-11-21 17:27 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-05-21 22:49 - 2013-08-22 01:17 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-05-21 22:49 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-05-21 22:49 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\Help
2015-05-21 22:49 - 2013-08-21 23:21 - 00000000 ___RD () C:\Users\Public
2015-05-21 22:39 - 2013-08-21 23:21 - 00000000 ___RD () C:\Users\Default
2015-05-21 21:46 - 2012-07-25 23:53 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-05-21 20:45 - 2012-07-25 21:17 - 00000762 _____ () C:\WINDOWS\system32\Drivers\etc\hosts_bak_251
2015-05-05 10:59 - 2014-11-21 19:46 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-05-05 10:59 - 2014-11-21 19:46 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-04-19 05:20 - 2015-05-29 01:52 - 0000626 _____ () C:\Users\Rita\AppData\Roaming\Ec6P3v2bAkcoUG4ixS7
2015-04-19 05:20 - 2015-05-29 01:53 - 0000626 _____ () C:\Users\Rita\AppData\Roaming\nKXPTkNe84kHX5x9ItR
2015-05-28 11:32 - 2015-05-28 11:32 - 0000064 _____ () C:\Users\Rita\AppData\Local\026917dab9ae4d79f21beb64d61a7123
2015-05-31 00:24 - 2015-05-31 00:24 - 0000017 _____ () C:\Users\Rita\AppData\Local\resmon.resmoncfg
2015-05-28 11:56 - 2015-05-28 12:08 - 0000112 _____ () C:\ProgramData\551a7ju.dat

Files to move or delete:
====================
C:\ProgramData\551a7ju.dat


Some files in TEMP:
====================
C:\Users\Rita\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win8.1-32bit.exe
C:\Users\Rita\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Rita\AppData\Local\Temp\NZERDP.exe
C:\Users\Rita\AppData\Local\Temp\raptrpatch.exe
C:\Users\Rita\AppData\Local\Temp\raptr_stub.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-21 22:38

==================== End of log ============================

 



BC AdBot (Login to Remove)

 


#2 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:07:35 AM

Posted 16 June 2015 - 01:53 PM

:welcome:

 

You have a bit going on. 

 

Your running FRST64 from your downloads folder, our tools and scanners work more efficiently when run from the Desktop in lieu of being buried in some folder, so go to your Downloads folder and look for FRST64, right click on it and select CUT, then come back to your Desktop and right click on a blank space and select PASTE, then we will have FRST64 exactly where we want it to be.

 

Also please dont quote the logs you post, its easier for me to research them just copied and pasted in

 

 
-AdwCleaner-by Xplode
 
Click on this link to download : ADWCleaner To your Desktop
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.
Use my link only, do not do a search for AdwCleaner as there is a bogus copy going around by scammers
 
 
Do not click on any links in the top Advertisment.
 
AdwCleaner4.201_zpsxrbk2llq.jpg
 
  •  
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
 
 
 
===============================================================================
 
 
thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  •  
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
 
 
 
===============================================================================
 
Download Malwarebytes' Anti-Malware  to your desktop. <---------
 
  •  
  • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
 
 
 
MBAM2010601022_zpsyvzbaddn.jpg
 
  •  
  • On the Dashboard click on Update Now
  • Go to the Setting Tab
  • Under Setting go to Detection and Protection
  • Under PUP and PUM make sure both are set to show Treat Detections as Malware
  • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
  • Then on the Dashboard click on Scan
  • Make sure to select THREAT SCAN
  • Then click on Scan
  • When the scan is finished and the log pops up...select Copy to Clipboard
  • Please paste the log back into this thread for review
  • Exit Malwarebytes
 

mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days


#3 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:07:35 AM

Posted 21 June 2015 - 07:00 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users