1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[Resolved] Malewarebytes log and DDS logs

Discussion in 'Spyware, Adware, Viruses and Malware Removal' started by norman, Aug 15, 2014.

  1. norman

    norman Established Techie7 Member

    I had to reinstall Windows 7 because no matter what I tried I was lock out of this website or any other program to run on my PC to find things. Now, after the clean install I am getting the same pop up windows that is telling to run PC clean up and some web pages are just a bunch of this *Y(&^^&UU_*))Y11212361(*(*&&^&, etc. However, I did get to dl and run that two programs you wanted me to.

    First log:

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 8/14/2014
    Scan Time: 9:27:54 PM
    Logfile:
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.08.15.01
    Rootkit Database: v2014.08.04.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Norman Norris

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 286306
    Time Elapsed: 6 min, 29 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 2
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\updateneurowise.exe, 1072, Delete-on-Reboot, [7d603f87ccafde58d28abde7728f7090]
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\bin\utilneurowise.exe, 2156, Delete-on-Reboot, [03da16b093e8c373a0bce7bdd22f8f71]

    Modules: 7
    PUP.Optional.ArcadeGiant.A, C:\Users\Norman Norris\AppData\Local\ArcadeGiant\agiantie.dll, Delete-on-Reboot, [dc014a7ce695092dd3bf564922dfa55b],
    PUP.Optional.ArcadeGiant.A, C:\Users\Norman Norris\AppData\Local\ArcadeGiant\agiantie.dll, Delete-on-Reboot, [dc014a7ce695092dd3bf564922dfa55b],
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\neurowiseBHO.dll, Delete-on-Reboot, [e4f963632c4f6accda8120847f82748c],
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\neurowiseBHO.dll, Delete-on-Reboot, [e4f963632c4f6accda8120847f82748c],
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\neurowiseBHO.dll, Delete-on-Reboot, [e4f963632c4f6accda8120847f82748c],
    PUP.Optional.Spigot, C:\Users\Norman Norris\AppData\Roaming\Browser Extensions\Coupons.dll, Delete-on-Reboot, [825b4e7826555fd7ad4dcfa1d0324cb4],
    PUP.Optional.Spigot, C:\Users\Norman Norris\AppData\Roaming\Browser Extensions\Coupons.dll, Delete-on-Reboot, [825b4e7826555fd7ad4dcfa1d0324cb4],

    Registry Keys: 59
    PUP.Optional.Neurowise.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update neurowise, Quarantined, [7d603f87ccafde58d28abde7728f7090],
    PUP.Optional.Neurowise.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util neurowise, Quarantined, [03da16b093e8c373a0bce7bdd22f8f71],
    PUP.Optional.ArcadeGiant.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{41829420-151B-4920-B8A5-16BE4601B42A}, Quarantined, [dc014a7ce695092dd3bf564922dfa55b],
    PUP.Optional.ArcadeGiant.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{62970E2F-A895-4848-B46C-FBD071192995}, Quarantined, [dc014a7ce695092dd3bf564922dfa55b],
    PUP.Optional.ArcadeGiant.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B3B723CD-7242-4775-B10E-74DB7F4CB5A1}, Quarantined, [dc014a7ce695092dd3bf564922dfa55b],
    PUP.Optional.ArcadeGiant.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{62970E2F-A895-4848-B46C-FBD071192995}, Quarantined, [dc014a7ce695092dd3bf564922dfa55b],
    PUP.Optional.ArcadeGiant.A, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{41829420-151B-4920-B8A5-16BE4601B42A}, Quarantined, [dc014a7ce695092dd3bf564922dfa55b],
    PUP.Optional.ArcadeGiant.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4FD3B33A-372C-439E-BB87-017365EC693C}, Quarantined, [dc014a7ce695092dd3bf564922dfa55b],
    PUP.Optional.ArcadeGiant.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4FD3B33A-372C-439E-BB87-017365EC693C}, Quarantined, [dc014a7ce695092dd3bf564922dfa55b],
    PUP.Optional.ArcadeGiant.A, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4FD3B33A-372C-439E-BB87-017365EC693C}, Quarantined, [dc014a7ce695092dd3bf564922dfa55b],
    PUP.Optional.ArcadeGiant.A, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{4FD3B33A-372C-439E-BB87-017365EC693C}, Quarantined, [dc014a7ce695092dd3bf564922dfa55b],
    PUP.Optional.Neurowise.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{d08ab008-0647-4784-8e2c-5769cd4a7c3a}, Quarantined, [e4f963632c4f6accda8120847f82748c],
    PUP.Optional.Neurowise.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{724dd777-5654-4d06-b3bc-c2ff56615998}, Quarantined, [e4f963632c4f6accda8120847f82748c],
    PUP.Optional.Neurowise.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E693A372-A8D4-4CBD-B011-66358BEA2F48}, Quarantined, [e4f963632c4f6accda8120847f82748c],
    PUP.Optional.Neurowise.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E693A372-A8D4-4CBD-B011-66358BEA2F48}, Quarantined, [e4f963632c4f6accda8120847f82748c],
    PUP.Optional.Neurowise.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{724dd777-5654-4d06-b3bc-c2ff56615998}, Quarantined, [e4f963632c4f6accda8120847f82748c],
    PUP.Optional.Neurowise.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D08AB008-0647-4784-8E2C-5769CD4A7C3A}, Quarantined, [e4f963632c4f6accda8120847f82748c],
    PUP.Optional.Neurowise.A, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D08AB008-0647-4784-8E2C-5769CD4A7C3A}, Quarantined, [e4f963632c4f6accda8120847f82748c],
    PUP.Optional.Neurowise.A, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D08AB008-0647-4784-8E2C-5769CD4A7C3A}, Quarantined, [e4f963632c4f6accda8120847f82748c],
    PUP.Optional.Spigot, HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, Quarantined, [825b4e7826555fd7ad4dcfa1d0324cb4],
    PUP.Optional.Spigot, HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32, Quarantined, [825b4e7826555fd7ad4dcfa1d0324cb4],
    PUP.Optional.Spigot, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, Quarantined, [825b4e7826555fd7ad4dcfa1d0324cb4],
    PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, Quarantined, [825b4e7826555fd7ad4dcfa1d0324cb4],
    PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, Quarantined, [825b4e7826555fd7ad4dcfa1d0324cb4],
    PUP.Optional.Spigot, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, Quarantined, [825b4e7826555fd7ad4dcfa1d0324cb4],
    PUP.Optional.Spigot, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, Quarantined, [825b4e7826555fd7ad4dcfa1d0324cb4],
    PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Quarantined, [1fbe4b7b4833fc3a5c59594ace343ac6],
    PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Quarantined, [1fbe4b7b4833fc3a5c59594ace343ac6],
    PUP.Optional.Astromenda, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}, Quarantined, [8d50d4f2e09b65d195bb70f9c939d42c],
    PUP.Optional.Astromenda, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}, Quarantined, [8d50d4f2e09b65d195bb70f9c939d42c],
    PUP.Optional.Spigot, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3A787631-66A2-4634-B928-A37E73B58FB6}, Quarantined, [4499a5213447e84e14c6eabbf60be719],
    PUP.Optional.ArcadeGiant.A, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{BEC0B5A9-4CE8-4873-90E5-345E66A944DB}, Quarantined, [cf0e487e1566fc3ab3df0897629f7888],
    PUP.Optional.Neurowise.A, HKLM\SOFTWARE\WOW6432NODE\neurowise, Quarantined, [e6f719ad5427fc3a5192dc030af8fe02],
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, Quarantined, [914cc600532856e04977578c2ad87a86],
    PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, Quarantined, [bf1e8b3b4e2d5ed8d2ef52f2cf3508f8],
    PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, Quarantined, [22bb893d2a5161d5d1f1ee56ea1a837d],
    PUP.Optional.Mezza, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SAFEBOOT\NETWORK\MZA, Quarantined, [4598567069121b1bc9e3efee6a98728e],
    PUP.Optional.Neurowise.A, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\neurowise, Quarantined, [f3ea21a5d4a793a360843aa543bf24dc],
    PUP.Optional.CrossRider.A, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [ca133492c2b9aa8c952cae879272c63a],
    PUP.Optional.InstallCore.A, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [0fcea81e3744c86eb59cde2da55efa06],
    PUP.Optional.InstallCore.A, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [22bb3f87314a2e08ca9df0314fb560a0],
    PUP.Optional.SuperFish.A, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Quarantined, [ebf20bbb5b205dd9fd9b72753fc3fb05],
    PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.Updater.A, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\UpdaterEX, Quarantined, [31acc7fffb8067cf3e8da62ea55d4cb4],

    Registry Values: 3
    PUP.Optional.Spigot.A, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Browser Extensions, "C:\Users\Norman Norris\AppData\Roaming\Browser Extensions\CouponsHelper.exe", Quarantined, [4697d2f4f58687afcd9f112a1be923dd]
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [914cc600532856e04977578c2ad87a86]
    PUP.Optional.InstallCore.A, HKU\S-1-5-21-1281124879-2086483837-2393648650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1K1J1N2U0R1O1F, Quarantined, [22bb3f87314a2e08ca9df0314fb560a0]

    Registry Data: 0
    (No malicious items detected)

    Folders: 20
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise, Delete-on-Reboot, [eeef3c8a93e82d09ca18d00f639f669a],
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\bin, Delete-on-Reboot, [eeef3c8a93e82d09ca18d00f639f669a],
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\bin\plugins, Quarantined, [eeef3c8a93e82d09ca18d00f639f669a],
    PUP.Optional.ArcadeGiant.A, C:\Users\Norman Norris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeGiant, Quarantined, [c51816b0483339fd7a60a33f1ce6a060],
    Rogue.Multiple, C:\ProgramData\374311380, Quarantined, [b9243c8a3d3e0f27d478a601a65c23dd],
    PUP.Optional.OpenCandy, C:\Users\Norman Norris\AppData\Roaming\OpenCandy, Quarantined, [05d8a22486f59d9931bcb600b052b64a],
    PUP.Optional.OpenCandy, C:\Users\Norman Norris\AppData\Roaming\OpenCandy\7821060459A94BF4B6F0BF2D09CBD162, Quarantined, [05d8a22486f59d9931bcb600b052b64a],
    PUP.Optional.OpenCandy, C:\Users\Norman Norris\AppData\Roaming\OpenCandy\D6400F1D6A42444C8AF4FC9D467E6D81, Quarantined, [05d8a22486f59d9931bcb600b052b64a],
    PUP.Optional.OpenCandy, C:\Users\Norman Norris\AppData\Roaming\OpenCandy\OpenCandy_7821060459A94BF4B6F0BF2D09CBD162, Quarantined, [05d8a22486f59d9931bcb600b052b64a],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{DADBB28F-E7B8-4E1F-910E-D7BE2C5B06C2}, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.A, C:\Users\Norman Norris\AppData\Local\Temp\comh.18846, Quarantined, [ba23ccfab2c9310573b219b814eedb25],
    PUP.Optional.ArcadeGiant.A, C:\Users\Norman Norris\AppData\Local\ArcadeGiant, Delete-on-Reboot, [2bb24c7a601b81b5cc86686aaf53e719],
    PUP.Optional.Updater.A, C:\Users\Norman Norris\AppData\Roaming\UpdaterEX\UpdateProc, Quarantined, [31acc7fffb8067cf3e8da62ea55d4cb4],
    PUP.Optional.Astromenda.A, C:\Users\Norman Norris\AppData\Roaming\Astromenda, Quarantined, [04d903c392e9fa3c244c28b0828027d9],
    PUP.Optional.Astromenda.A, C:\Users\Norman Norris\AppData\Roaming\Astromenda\icons_2.21.18.7, Quarantined, [04d903c392e9fa3c244c28b0828027d9],

    Files: 63
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\updateneurowise.exe, Delete-on-Reboot, [7d603f87ccafde58d28abde7728f7090],
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\bin\utilneurowise.exe, Delete-on-Reboot, [03da16b093e8c373a0bce7bdd22f8f71],
    PUP.Optional.ArcadeGiant.A, C:\Users\Norman Norris\AppData\Local\ArcadeGiant\agiantie.dll, Delete-on-Reboot, [dc014a7ce695092dd3bf564922dfa55b],
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\neurowiseBHO.dll, Delete-on-Reboot, [e4f963632c4f6accda8120847f82748c],
    PUP.Optional.Spigot, C:\Users\Norman Norris\AppData\Roaming\Browser Extensions\Coupons64.dll, Quarantined, [825b4e7826555fd7ad4dcfa1d0324cb4],
    PUP.Optional.Spigot, C:\Users\Norman Norris\AppData\Roaming\Browser Extensions\Coupons.dll, Delete-on-Reboot, [825b4e7826555fd7ad4dcfa1d0324cb4],
    PUP.Optional.Spigot, C:\Users\Norman Norris\AppData\Roaming\Browser Extensions\Uninstall.exe, Quarantined, [4499a5213447e84e14c6eabbf60be719],
    PUP.Optional.Mezza, C:\Users\Norman Norris\AppData\Roaming\OpenCandy\D6400F1D6A42444C8AF4FC9D467E6D81\MZAAppSetupx30001.exe, Quarantined, [865713b3fd7e88ae8630faae6c9502fe],
    PUP.Optional.Spigot, C:\Users\Norman Norris\AppData\Local\Temp\~sp3FB1.tmp, Quarantined, [57862c9a2259de58ebea5154956c748c],
    PUP.Optional.CrossRider, C:\Users\Norman Norris\AppData\Local\Temp\enfor_mation2.exe, Quarantined, [5588972f611ac57137e9edba3ac76898],
    PUP.Optional.Spigot, C:\Users\Norman Norris\AppData\Local\Temp\~nsu.tmp\Au_.exe, Quarantined, [18c57155e09b1323805594119f626898],
    PUP.Optional.ArcadeGiant.A, C:\Users\Norman Norris\AppData\Local\ArcadeGiant\bkr.exe, Quarantined, [30adc3032b50191df2a0dbc4649db14f],
    PUP.Optional.ArcadeGiant.A, C:\Users\Norman Norris\AppData\Local\ArcadeGiant\uninstaller.exe, Quarantined, [cf0e487e1566fc3ab3df0897629f7888],
    PUP.Optional.ArcadeGiant.A, C:\Users\Norman Norris\AppData\Local\ArcadeGiant\updater.exe, Quarantined, [3ca176508bf065d1eea43a65946da35d],
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\neurowise.ico, Quarantined, [eeef3c8a93e82d09ca18d00f639f669a],
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\7za.exe, Quarantined, [eeef3c8a93e82d09ca18d00f639f669a],
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\updateneurowise.InstallState, Quarantined, [eeef3c8a93e82d09ca18d00f639f669a],
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\bin\utilneurowise.InstallState, Quarantined, [eeef3c8a93e82d09ca18d00f639f669a],
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\bin\plugins\neurowise.Bromon.dll, Quarantined, [eeef3c8a93e82d09ca18d00f639f669a],
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\bin\plugins\neurowise.BroStats.dll, Quarantined, [eeef3c8a93e82d09ca18d00f639f669a],
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\bin\plugins\neurowise.CompatibilityChecker.dll, Quarantined, [eeef3c8a93e82d09ca18d00f639f669a],
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\bin\plugins\neurowise.FFUpdate.dll, Quarantined, [eeef3c8a93e82d09ca18d00f639f669a],
    PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\bin\plugins\neurowise.IEUpdate.dll, Quarantined, [eeef3c8a93e82d09ca18d00f639f669a],
    PUP.Optional.ArcadeGiant.A, C:\Users\Norman Norris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeGiant\Play ArcadeGiant Games.url, Quarantined, [c51816b0483339fd7a60a33f1ce6a060],
    PUP.Optional.ArcadeGiant.A, C:\Users\Norman Norris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeGiant\Uninstall.lnk, Quarantined, [c51816b0483339fd7a60a33f1ce6a060],
    PUP.Optional.ArcadeGiant.A, C:\Windows\Tasks\ArcadeGiant Updater.job, Quarantined, [429bebdbde9d3bfbc615479b36cc3dc3],
    PUP.Optional.ArcadeGiant.A, C:\Windows\System32\Tasks\ArcadeGiant Updater, Quarantined, [fedf13b397e4072fa03c558ded158080],
    PUP.Optional.Spigot.A, C:\Users\Norman Norris\AppData\Roaming\Browser Extensions\CouponsHelper.exe, Quarantined, [4697d2f4f58687afcd9f112a1be923dd],
    PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, Quarantined, [8b522a9c2556350164e8e45e7d87ed13],
    PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, Quarantined, [95481ea8a2d9b680ee5ffc46cd37b947],
    PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, Quarantined, [627bdfe71d5eb97d381663dfbd4743bd],
    PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, Quarantined, [25b8576f95e653e3103f1f23cc38bd43],
    Rogue.Multiple, C:\ProgramData\374311380\BIT5101.tmp, Quarantined, [b9243c8a3d3e0f27d478a601a65c23dd],
    PUP.Optional.OpenCandy, C:\Users\Norman Norris\AppData\Roaming\OpenCandy\7821060459A94BF4B6F0BF2D09CBD162\SkypeSetupFull-6.18.0.106.exe, Quarantined, [05d8a22486f59d9931bcb600b052b64a],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, Quarantined, [fce13294bebdd75f59b0ac25da28c739],
    PUP.Optional.GlobalUpdate.A, C:\Users\Norman Norris\AppData\Local\Temp\comh.18846\GoogleCrashHandler.exe, Quarantined, [ba23ccfab2c9310573b219b814eedb25],
    PUP.Optional.GlobalUpdate.A, C:\Users\Norman Norris\AppData\Local\Temp\comh.18846\GoogleUpdate.exe, Quarantined, [ba23ccfab2c9310573b219b814eedb25],
    PUP.Optional.GlobalUpdate.A, C:\Users\Norman Norris\AppData\Local\Temp\comh.18846\GoogleUpdateBroker.exe, Quarantined, [ba23ccfab2c9310573b219b814eedb25],
    PUP.Optional.GlobalUpdate.A, C:\Users\Norman Norris\AppData\Local\Temp\comh.18846\GoogleUpdateHelper.msi, Quarantined, [ba23ccfab2c9310573b219b814eedb25],
    PUP.Optional.GlobalUpdate.A, C:\Users\Norman Norris\AppData\Local\Temp\comh.18846\GoogleUpdateOnDemand.exe, Quarantined, [ba23ccfab2c9310573b219b814eedb25],
    PUP.Optional.GlobalUpdate.A, C:\Users\Norman Norris\AppData\Local\Temp\comh.18846\goopdate.dll, Quarantined, [ba23ccfab2c9310573b219b814eedb25],
    PUP.Optional.GlobalUpdate.A, C:\Users\Norman Norris\AppData\Local\Temp\comh.18846\goopdateres_en.dll, Quarantined, [ba23ccfab2c9310573b219b814eedb25],
    PUP.Optional.GlobalUpdate.A, C:\Users\Norman Norris\AppData\Local\Temp\comh.18846\npGoogleUpdate4.dll, Quarantined, [ba23ccfab2c9310573b219b814eedb25],
    PUP.Optional.GlobalUpdate.A, C:\Users\Norman Norris\AppData\Local\Temp\comh.18846\psmachine.dll, Quarantined, [ba23ccfab2c9310573b219b814eedb25],
    PUP.Optional.GlobalUpdate.A, C:\Users\Norman Norris\AppData\Local\Temp\comh.18846\psuser.dll, Quarantined, [ba23ccfab2c9310573b219b814eedb25],
    PUP.Optional.ArcadeGiant.A, C:\Users\Norman Norris\AppData\Local\ArcadeGiant\agiantconfig, Quarantined, [2bb24c7a601b81b5cc86686aaf53e719],
    PUP.Optional.ArcadeGiant.A, C:\Users\Norman Norris\AppData\Local\ArcadeGiant\agnt.config, Quarantined, [2bb24c7a601b81b5cc86686aaf53e719],
    PUP.Optional.Updater.A, C:\Users\Norman Norris\AppData\Roaming\UpdaterEX\UpdateProc\config.dat, Quarantined, [31acc7fffb8067cf3e8da62ea55d4cb4],
    PUP.Optional.Updater.A, C:\Users\Norman Norris\AppData\Roaming\UpdaterEX\UpdateProc\prod.dat, Quarantined, [31acc7fffb8067cf3e8da62ea55d4cb4],
    PUP.Optional.Updater.A, C:\Users\Norman Norris\AppData\Roaming\UpdaterEX\UpdateProc\STTL.DAT, Quarantined, [31acc7fffb8067cf3e8da62ea55d4cb4],
    PUP.Optional.Updater.A, C:\Users\Norman Norris\AppData\Roaming\UpdaterEX\UpdateProc\TTL.DAT, Quarantined, [31acc7fffb8067cf3e8da62ea55d4cb4],
    PUP.Optional.Updater.A, C:\Users\Norman Norris\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe, Quarantined, [31acc7fffb8067cf3e8da62ea55d4cb4],
    PUP.Optional.Astromenda.A, C:\Users\Norman Norris\AppData\Roaming\Astromenda\icons_2.21.18.7\ctr.ico, Quarantined, [04d903c392e9fa3c244c28b0828027d9],

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    Second log:

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17239 BrowserJavaVersion: 10.67.2
    Run by Norman Norris at 21:41:59 on 2014-08-14
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.2201 [GMT -4:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Users\Norman Norris\AppData\Local\AOL\AIM\aim.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Windows\system32\RunDll32.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\AVAST Software\Avast\avastui.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\sppsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Windows\system32\SearchProtocolHost.exe
    \\?\C:\Windows\system32\wbem\WMIADAP.EXE
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://msn.com/
    mWinlogon: Userinit = userinit.exe,
    BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
    BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    uRun: [AIM for Windows] "C:\Users\Norman Norris\AppData\Local\AOL\AIM\aim.exe"
    mRun: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
    StartupFolder: C:\Users\NORMAN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
    IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
    DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
    DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
    TCP: NameServer = 24.247.15.53 24.217.0.5 66.189.0.100
    TCP: Interfaces\{98EB31AD-95FC-47F2-B67D-6EB84AE83C96} : DHCPNameServer = 24.247.15.53 24.217.0.5 66.189.0.100
    Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
    SSODL: WebCheck - <orphaned>
    x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
    x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
    x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
    x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
    x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-8-10 65776]
    R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-8-10 224896]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-8-10 1041168]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-8-10 427360]
    R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-8-10 29208]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-8-10 79184]
    R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-8-10 92008]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-8-10 50344]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-8-9 1720608]
    R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-8-9 18956064]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-8-9 411936]
    R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-8-9 20256]
    R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-8-9 40392]
    S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2014-8-9 79360]
    S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2014-8-9 79360]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-14 111616]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-1-23 178760]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-8-10 19456]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-8-10 57856]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-8-9 1255736]
    .
    =============== Created Last 30 ================
    .
    2014-08-15 01:27:42 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2014-08-15 01:27:04 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2014-08-15 01:27:04 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2014-08-15 01:27:04 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2014-08-15 01:27:04 -------- d-----w- C:\ProgramData\Malwarebytes
    2014-08-15 01:27:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-08-15 00:38:06 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
    2014-08-15 00:38:06 171160 ----a-w- C:\Windows\System32\infocardapi.dll
    2014-08-15 00:38:05 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
    2014-08-15 00:38:05 1389208 ----a-w- C:\Windows\System32\icardagt.exe
    2014-08-15 00:38:02 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
    2014-08-15 00:38:02 8856 ----a-w- C:\Windows\System32\icardres.dll
    2014-08-15 00:37:34 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
    2014-08-15 00:37:34 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
    2014-08-14 22:31:38 -------- d-----w- C:\Users\Norman Norris\AppData\Local\globalUpdate
    2014-08-14 22:31:38 -------- d-----w- C:\Program Files (x86)\globalUpdate
    2014-08-14 22:21:18 -------- d-----w- C:\Program Files\PDF Reader for Windows 8
    2014-08-14 22:21:07 -------- d-----w- C:\Users\Norman Norris\AppData\Roaming\Browser Extensions
    2014-08-14 21:30:54 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
    2014-08-14 21:30:54 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
    2014-08-14 21:30:53 -------- d-----w- C:\Users\Norman Norris\AppData\Roaming\StormFall
    2014-08-14 21:30:50 -------- d-----w- C:\Users\Norman Norris\AppData\Local\Sparta
    2014-08-14 21:30:47 -------- d-----w- C:\Users\Norman Norris\AppData\Local\StormFall
    2014-08-14 21:30:34 -------- d-----w- C:\Users\Norman Norris\AppData\Roaming\UpdaterEX
    2014-08-14 21:30:30 -------- d-----w- C:\Users\Norman Norris\AppData\Roaming\WSE_Astromenda
    2014-08-14 21:29:57 -------- d-----w- C:\Program Files (x86)\Optimizer Pro
    2014-08-14 21:25:30 10924376 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2014-08-14 21:25:25 10924376 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AE184149-564B-4E2A-8313-21C4E1440773}\mpengine.dll
    2014-08-11 23:54:08 2871808 ----a-w- C:\Windows\explorer.exe
    2014-08-11 23:54:07 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
    2014-08-11 23:54:06 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
    2014-08-11 23:54:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
    2014-08-11 23:54:06 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
    2014-08-11 23:54:06 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
    2014-08-11 23:54:05 3928064 ----a-w- C:\Windows\System32\d2d1.dll
    2014-08-11 23:54:05 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
    2014-08-11 23:54:03 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
    2014-08-11 23:54:03 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
    2014-08-11 23:54:01 67072 ----a-w- C:\Windows\splwow64.exe
    2014-08-11 23:54:01 559104 ----a-w- C:\Windows\System32\spoolsv.exe
    2014-08-11 02:47:06 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
    2014-08-11 02:47:06 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    2014-08-11 02:47:05 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
    2014-08-11 02:47:04 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
    2014-08-11 02:41:30 -------- d-----w- C:\Windows\Migration
    2014-08-10 23:39:00 -------- d-----w- C:\Windows\SysWow64\Adobe
    2014-08-10 23:36:00 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
    2014-08-10 23:36:00 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
    2014-08-10 23:34:50 -------- d-----w- C:\ProgramData\Oracle
    2014-08-10 23:33:27 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2014-08-10 23:28:46 -------- d-sh--w- C:\Users\Norman Norris\AppData\Local\EmieUserList
    2014-08-10 23:28:46 -------- d-sh--w- C:\Users\Norman Norris\AppData\Local\EmieSiteList
    2014-08-10 23:15:05 -------- d--h--w- C:\Windows\msdownld.tmp
    2014-08-10 23:07:44 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2014-08-10 22:53:06 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
    2014-08-10 22:53:05 13312 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
    2014-08-10 22:53:05 13312 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
    2014-08-10 22:53:02 57856 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
    2014-08-10 22:53:02 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
    2014-08-10 22:17:46 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-08-10 22:17:46 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-08-10 22:17:16 -------- d--h--w- C:\Windows\AxInstSV
    2014-08-10 22:10:51 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
    2014-08-10 22:09:20 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe
    2014-08-10 22:08:59 624128 ----a-w- C:\Windows\System32\qedit.dll
    2014-08-10 22:00:27 878080 ----a-w- C:\Windows\System32\advapi32.dll
    2014-08-10 21:59:47 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys
    2014-08-10 21:50:51 461312 ----a-w- C:\Windows\System32\scavengeui.dll
    2014-08-10 04:02:57 -------- d-----w- C:\Users\Norman Norris\AppData\Roaming\AVAST Software
    2014-08-10 04:01:25 92008 ----a-w- C:\Windows\System32\drivers\aswStm.sys
    2014-08-10 04:01:24 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
    2014-08-10 04:01:23 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2014-08-10 04:01:23 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
    2014-08-10 04:01:23 1041168 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2014-08-10 04:01:21 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
    2014-08-10 04:01:19 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
    2014-08-10 04:01:17 43152 ----a-w- C:\Windows\avastSS.scr
    2014-08-10 03:59:08 -------- d-----w- C:\Program Files\AVAST Software
    2014-08-10 03:58:47 -------- d-----w- C:\ProgramData\AVAST Software
    2014-08-10 03:08:53 464104 ----a-w- C:\Windows\System32\MZA64.dll
    2014-08-10 03:08:42 -------- d-----w- C:\Users\Norman Norris\AppData\Local\AOL
    2014-08-10 03:08:41 -------- d-----w- C:\Program Files (x86)\Common Files\Software Update Utility
    2014-08-10 01:14:58 99384 ----a-w- C:\Users\Norman Norris\AppData\Roaming\inst.exe
    2014-08-10 01:14:58 82816 ----a-w- C:\Users\Norman Norris\AppData\Roaming\pcouffin.sys
    2014-08-10 01:14:51 -------- d-----w- C:\ProgramData\VSO
    2014-08-10 01:14:51 -------- d-----w- C:\Program Files (x86)\VSO
    2014-08-10 01:14:06 -------- d-----w- C:\Users\Norman Norris\AppData\Local\Programs
    2014-08-10 01:12:55 -------- d-----w- C:\Windows\System32\appmgmt
    2014-08-10 01:11:09 -------- d-----w- C:\Users\Norman Norris\AppData\Local\Skype
    2014-08-10 01:07:44 -------- d-----w- C:\Users\Norman Norris\AppData\Roaming\uTorrent
    2014-08-10 00:43:55 96768 ----a-w- C:\Windows\System32\fsutil.exe
    2014-08-10 00:43:55 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
    2014-08-10 00:43:55 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
    2014-08-10 00:43:55 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
    2014-08-10 00:43:55 2565632 ----a-w- C:\Windows\System32\esent.dll
    2014-08-10 00:43:55 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
    2014-08-10 00:43:55 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
    2014-08-10 00:43:55 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
    2014-08-10 00:43:55 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
    2014-08-10 00:19:19 -------- d-----w- C:\Windows\System32\SPReview
    2014-08-10 00:18:34 -------- d-----w- C:\Windows\System32\EventProviders
    2014-08-10 00:18:16 -------- d-----w- C:\Windows\AutoKMS
    2014-08-10 00:16:26 -------- d-----w- C:\ProgramData\Microsoft Toolkit
    2014-08-10 00:05:59 3207680 ----a-w- C:\Windows\SysWow64\mf.dll
    2014-08-10 00:04:59 689152 ----a-w- C:\Windows\System32\FXSSVC.exe
    2014-08-10 00:03:59 749568 ----a-w- C:\Windows\System32\batmeter.dll
    2014-08-10 00:02:37 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
    2014-08-10 00:02:37 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
    2014-08-10 00:01:00 -------- d-----w- C:\Program Files\Microsoft Analysis Services
    2014-08-10 00:01:00 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
    2014-08-10 00:00:38 -------- d-----w- C:\Users\Norman Norris\AppData\Local\Microsoft Help
    2014-08-09 23:58:43 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
    2014-08-09 19:51:42 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
    2014-08-09 19:51:42 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
    2014-08-09 19:51:41 511328 ----a-w- C:\Windows\System32\d3dx10_43.dll
    2014-08-09 19:51:41 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll
    2014-08-09 19:51:41 2401112 ----a-w- C:\Windows\System32\D3DX9_43.dll
    2014-08-09 19:51:41 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
    2014-08-09 19:51:30 -------- d-----w- C:\Users\Norman Norris\AppData\Local\NVIDIA Corporation
    2014-08-09 19:51:29 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
    2014-08-09 19:51:29 1291280 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
    2014-08-09 19:51:29 1283136 ----a-w- C:\Windows\System32\nvspcap64.dll
    2014-08-09 19:51:29 1126480 ----a-w- C:\Windows\SysWow64\nvspcap.dll
    2014-08-09 19:50:55 609240 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
    2014-08-09 19:43:25 -------- d-----w- C:\Windows\SysWow64\Wat
    2014-08-09 19:43:24 -------- d-----w- C:\Windows\System32\Wat
    2014-08-09 19:38:44 -------- d-----w- C:\Users\Norman Norris\AppData\Local\NVIDIA
    2014-08-09 19:00:43 -------- d-----w- C:\Users\Norman Norris\AppData\Local\Google
    2014-08-09 19:00:35 -------- d-----w- C:\Users\Norman Norris\AppData\Local\Deployment
    2014-08-09 19:00:35 -------- d-----w- C:\Users\Norman Norris\AppData\Local\Apps
    2014-08-09 18:53:30 -------- d-----w- C:\Program Files (x86)\Microsoft
    2014-08-09 18:53:28 -------- d-----w- C:\ProgramData\Visan
    2014-08-09 18:53:28 -------- d-----w- C:\ProgramData\HP Photo Creations
    2014-08-09 18:53:28 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
    2014-08-09 18:53:22 -------- d-----w- C:\Users\Norman Norris\AppData\Roaming\HpUpdate
    2014-08-09 18:52:57 -------- d-----w- C:\Program Files\HP
    2014-08-09 18:52:57 -------- d-----w- C:\Program Files (x86)\HP
    2014-08-09 18:52:26 -------- d-----w- C:\Users\Norman Norris\AppData\Local\HP
    2014-08-09 18:43:15 9728 ----a-w- C:\Windows\System32\Wdfres.dll
    2014-08-09 18:43:15 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
    2014-08-09 18:43:15 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
    2014-08-09 18:38:08 -------- d-----w- C:\Windows\System32\MRT
    2014-08-09 18:22:55 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
    2014-08-09 18:22:55 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
    2014-08-09 18:22:55 744448 ----a-w- C:\Windows\System32\WUDFx.dll
    2014-08-09 18:22:55 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
    2014-08-09 18:22:55 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
    2014-08-09 18:22:55 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
    2014-08-09 18:22:55 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
    2014-08-09 18:20:04 3826628 ----a-w- C:\Windows\System32\nvcoproc.bin
    2014-08-09 18:20:04 2558808 ----a-w- C:\Windows\System32\nvsvcr.dll
    2014-08-09 18:18:14 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
    2014-08-09 18:18:14 5120 ----a-w- C:\Windows\System32\wmi.dll
    2014-08-09 18:18:14 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
    2014-08-09 18:12:59 961024 ----a-w- C:\Windows\System32\CPFilters.dll
    2014-08-09 18:11:59 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
    2014-08-09 18:03:14 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
    2014-08-09 18:03:14 634880 ----a-w- C:\Windows\System32\msvcrt.dll
    2014-08-09 17:58:52 77312 ----a-w- C:\Windows\System32\packager.dll
    2014-08-09 17:58:52 67072 ----a-w- C:\Windows\SysWow64\packager.dll
    2014-08-09 17:39:57 -------- d-----w- C:\Windows\Panther
    2014-08-09 17:39:31 255592 ----a-w- C:\Windows\System32\nvcohda6.dll
    2014-08-09 17:39:30 -------- d-----w- C:\NVIDIA
    2014-08-09 17:38:32 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
    2014-08-09 17:38:24 -------- d-sh--w- C:\Windows\Installer
    2014-08-09 17:38:22 -------- d-----w- C:\ProgramData\NVIDIA Corporation
    2014-08-09 17:38:21 -------- d-----w- C:\Program Files\NVIDIA Corporation
    2014-08-09 17:31:22 270496 ------w- C:\Windows\System32\MpSigStub.exe
    2014-08-09 17:12:31 647872 ------w- C:\Windows\SysWow64\Mscomct2.ocx
    2014-08-09 17:12:31 53248 ------w- C:\Windows\Ctregrun.exe
    2014-08-09 17:00:54 7062 ----a-w- C:\Windows\SysWow64\audiopid.vxd
    2014-08-09 17:00:21 -------- d-----w- C:\Program Files (x86)\Common Files\Creative
    2014-08-09 17:00:19 -------- d--h--w- C:\Program Files (x86)\Creative Installation Information
    2014-08-09 17:00:17 419840 ----a-w- C:\Windows\System32\wrap_oal.dll
    2014-08-09 17:00:17 413696 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
    2014-08-09 17:00:17 2873820 ------w- C:\Windows\SysWow64\Sens_oal.dll
    2014-08-09 17:00:17 1908736 ------w- C:\Windows\System32\Sens_oal.dll
    2014-08-09 17:00:17 133632 ----a-w- C:\Windows\System32\OpenAL32.dll
    2014-08-09 17:00:17 110592 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
    2014-08-09 17:00:03 -------- d-----w- C:\Program Files (x86)\Common Files\Creative Labs Shared
    2014-08-09 16:59:55 -------- d-----w- C:\Program Files\Creative
    2014-08-09 16:59:48 -------- d-----w- C:\Program Files (x86)\Creative
    2014-08-09 16:59:33 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
    2014-08-09 16:59:33 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
    2014-08-09 16:59:33 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
    2014-08-09 16:59:33 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
    2014-08-09 16:59:33 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
    2014-08-09 16:59:33 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
    2014-08-09 16:59:32 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
    2014-08-09 16:59:32 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
    2014-08-09 16:55:44 89088 ----a-w- C:\Windows\System32\CmdRtr64.DLL
    2014-08-09 16:55:44 73728 ----a-w- C:\Windows\SysWow64\CmdRtr.DLL
    2014-08-09 16:55:44 214528 ----a-w- C:\Windows\System32\APOMgr64.DLL
    2014-08-09 16:55:44 166912 ----a-w- C:\Windows\SysWow64\APOMngr.DLL
    2014-08-09 16:55:15 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
    2014-08-09 16:55:15 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
    2014-08-09 16:55:15 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
    2014-08-09 16:52:15 2622464 ----a-w- C:\Windows\System32\wucltux.dll
    2014-08-09 16:52:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
    2014-07-27 15:45:32 5532368 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
    2014-07-27 15:45:32 5233848 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\Csi.dll
    2014-07-27 15:41:20 7501528 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
    2014-07-27 15:41:20 7259328 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Csi.dll
    2014-07-27 15:41:18 197328 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\LICLUA.EXE
    .
    ==================== Find3M ====================
    .
    2014-08-10 23:07:44 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2014-08-10 21:26:12 175616 ----a-w- C:\Windows\System32\msclmd.dll
    2014-08-10 21:26:12 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
    2014-07-25 14:02:12 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2014-07-25 14:01:41 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2014-07-25 13:30:30 66048 ----a-w- C:\Windows\System32\iesetup.dll
    2014-07-25 13:28:35 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2014-07-25 13:28:27 548352 ----a-w- C:\Windows\System32\vbscript.dll
    2014-07-25 13:25:45 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
    2014-07-25 13:04:40 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2014-07-25 13:00:51 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
    2014-07-25 13:00:25 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2014-07-25 12:59:28 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
    2014-07-25 12:47:25 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2014-07-25 12:34:49 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2014-07-25 12:34:03 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2014-07-25 12:33:08 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
    2014-07-25 12:30:32 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
    2014-07-25 12:28:15 5824512 ----a-w- C:\Windows\System32\jscript9.dll
    2014-07-25 12:28:05 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
    2014-07-25 12:10:15 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2014-07-25 12:08:47 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2014-07-25 12:06:47 4204032 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2014-07-25 11:43:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
    2014-07-25 11:39:29 2087936 ----a-w- C:\Windows\System32\inetcpl.cpl
    2014-07-25 11:39:25 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
    2014-07-25 11:07:49 2001920 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2014-07-25 11:07:10 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
    2014-07-25 10:52:06 2266624 ----a-w- C:\Windows\System32\wininet.dll
    2014-07-25 10:05:23 1792512 ----a-w- C:\Windows\SysWow64\wininet.dll
    2014-07-16 03:25:04 404480 ----a-w- C:\Windows\System32\gdi32.dll
    2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
    2014-07-16 02:46:24 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
    2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2014-07-16 02:12:11 3163648 ----a-w- C:\Windows\System32\win32k.sys
    2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
    2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
    2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
    2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
    2014-07-02 21:29:29 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
    2014-07-02 21:29:29 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
    2014-07-02 21:29:29 1515296 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
    2014-07-02 18:55:43 6783776 ----a-w- C:\Windows\System32\nvcpl.dll
    2014-07-02 18:55:43 3522392 ----a-w- C:\Windows\System32\nvsvc64.dll
    2014-07-02 18:55:41 935368 ----a-w- C:\Windows\System32\nvvsvc.exe
    2014-07-02 18:55:41 62808 ----a-w- C:\Windows\System32\nvshext.dll
    2014-07-02 18:55:41 386520 ----a-w- C:\Windows\System32\nvmctray.dll
    2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
    2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
    2014-06-16 02:10:19 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
    2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
    2014-06-05 14:45:15 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
    2014-06-05 14:26:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2014-06-05 14:25:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2014-06-03 10:02:37 112064 ----a-w- C:\Windows\System32\consent.exe
    2014-06-03 10:02:21 504320 ----a-w- C:\Windows\System32\msihnd.dll
    2014-06-03 10:02:21 3241984 ----a-w- C:\Windows\System32\msi.dll
    2014-06-03 10:02:12 1941504 ----a-w- C:\Windows\System32\authui.dll
    2014-06-03 09:29:50 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
    2014-06-03 09:29:50 2363392 ----a-w- C:\Windows\SysWow64\msi.dll
    2014-06-03 09:29:40 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
    2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
    2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll
    2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll
    2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll
    2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll
    2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
    2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll
    2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
    2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
    2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
    2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
    2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
    2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
    2014-05-30 06:45:52 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
    .
    ============= FINISH: 21:43:05.01 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Ultimate
    Boot Device: \Device\HarddiskVolume1
    Install Date: 8/9/2014 12:51:27 PM
    System Uptime: 8/14/2014 9:36:40 PM (0 hours ago)
    .
    Motherboard: EVGA | | 132-CK-NF78
    Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2400/267mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 466 GiB total, 415.439 GiB free.
    D: is CDROM ()
    E: is CDROM ()
    F: is Removable
    G: is Removable
    H: is Removable
    I: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID:
    Description: PCI Input Device
    Device ID: PCI\VEN_1102&DEV_7005&SUBSYS_10021102&REV_00\4&36AC3632&0&4978
    Manufacturer:
    Name: PCI Input Device
    PNP Device ID: PCI\VEN_1102&DEV_7005&SUBSYS_10021102&REV_00\4&36AC3632&0&4978
    Service:
    .
    ==== System Restore Points ===================
    .
    RP20: 8/14/2014 8:36:31 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    µTorrent
    Adobe Flash Player 14 ActiveX
    Adobe Shockwave Player 12.1
    AIM for Windows
    avast! Free Antivirus
    Creative ALchemy
    Creative Audio Control Panel
    Creative Software AutoUpdate
    Creative Sound Blaster Properties x64 Edition
    Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
    Download Updater (AOL Inc.)
    HP Deskjet 1050 J410 series Basic Device Software
    HP Deskjet 1050 J410 series Help
    HP Deskjet 1050 J410 series Product Improvement Study
    HP Photo Creations
    HP Update
    Java 7 Update 67
    Java Auto Updater
    Malwarebytes Anti-Malware version 2.0.2.1012
    Microsoft .NET Framework 4.5.1
    Microsoft Access MUI (English) 2013
    Microsoft Access Setup Metadata MUI (English) 2013
    Microsoft DCF MUI (English) 2013
    Microsoft Excel MUI (English) 2013
    Microsoft Groove MUI (English) 2013
    Microsoft InfoPath MUI (English) 2013
    Microsoft Lync MUI (English) 2013
    Microsoft Office 32-bit Components 2013
    Microsoft Office OSM MUI (English) 2013
    Microsoft Office OSM UX MUI (English) 2013
    Microsoft Office Professional Plus 2013
    Microsoft Office Proofing (English) 2013
    Microsoft Office Proofing Tools 2013 - English
    Microsoft Office Proofing Tools 2013 - Español
    Microsoft Office Shared 32-bit MUI (English) 2013
    Microsoft Office Shared MUI (English) 2013
    Microsoft Office Shared Setup Metadata MUI (English) 2013
    Microsoft OneNote MUI (English) 2013
    Microsoft Outlook MUI (English) 2013
    Microsoft PowerPoint MUI (English) 2013
    Microsoft Publisher MUI (English) 2013
    Microsoft Word MUI (English) 2013
    NVIDIA 3D Vision Controller Driver 340.50
    NVIDIA 3D Vision Driver 340.52
    NVIDIA Control Panel 340.52
    NVIDIA Display Control Panel
    NVIDIA GeForce Experience 2.1.1
    NVIDIA Graphics Driver 340.52
    NVIDIA HD Audio Driver 1.3.30.1
    NVIDIA Install Application
    NVIDIA LED Visualizer 1.0
    NVIDIA Network Service
    NVIDIA PhysX
    NVIDIA PhysX System Software 9.13.1220
    NVIDIA ShadowPlay 15.3.33
    NVIDIA Stereoscopic 3D Driver
    NVIDIA Update 15.3.33
    NVIDIA Update Core
    NVIDIA Virtual Audio 1.2.23
    Outils de vérification linguistique 2013 de Microsoft Office - Français
    PDF Reader for Windows 8
    Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition
    SHIELD Streaming
    swMSM
    Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition
    Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition
    Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition
    Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition
    Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition
    Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition
    Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition
    Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition
    Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition
    Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition
    Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition
    VSO ConvertXToDVD
    .
    ==== Event Viewer Messages From Past Week ========
    .
    8/9/2014 8:19:10 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
    8/9/2014 8:10:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2487367).
    8/9/2014 3:23:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845).
    8/9/2014 3:21:09 PM, Error: Service Control Manager [7023] -
    8/9/2014 3:18:46 PM, Error: Service Control Manager [7034] - The BingBar Service service terminated unexpectedly. It has done this 1 time(s).
    8/9/2014 3:18:45 PM, Error: Service Control Manager [7034] - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s).
    8/9/2014 3:18:45 PM, Error: Service Control Manager [7034] - The Creative Audio Service service terminated unexpectedly. It has done this 1 time(s).
    8/9/2014 3:16:09 PM, Error: Service Control Manager [7043] - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
    8/9/2014 12:57:28 PM, Error: NetBT [4300] - The driver could not be created.
    8/9/2014 1:59:10 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
    8/14/2014 8:57:32 PM, Error: Service Control Manager [7034] - The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 1 time(s).
    8/14/2014 5:32:03 PM, Error: Service Control Manager [7031] - The Update ClearThink service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    8/13/2014 8:45:07 PM, Error: Service Control Manager [7031] - The MezvcV2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    8/10/2014 9:04:58 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the osppsvc service.
    8/10/2014 7:34:27 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
    8/10/2014 7:16:22 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2918077).
    8/10/2014 7:16:22 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2891804).
    8/10/2014 7:16:22 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2847077).
    8/10/2014 7:16:22 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2864058).
    8/10/2014 7:16:22 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2901110).
    8/10/2014 7:16:22 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2789645).
    8/10/2014 7:16:22 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2756921).
    8/10/2014 7:16:22 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2656356).
    8/10/2014 7:16:22 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Microsoft .NET Framework 4.5.1 for Windows 7 x64-based Systems (KB2858725).
    8/10/2014 7:16:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706be: Security Update for Windows 7 for x64-based Systems (KB2868626).
    8/10/2014 7:16:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2919469).
    8/10/2014 7:16:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2830477).
    8/10/2014 7:16:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2820331).
    8/10/2014 7:16:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2798162).
    8/10/2014 7:16:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2763523).
    8/10/2014 7:16:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2709981).
    8/10/2014 7:16:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows 7 for x64-based Systems (KB2547666).
    8/10/2014 7:16:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2836942).
    8/10/2014 7:16:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2971850).
    8/10/2014 7:16:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2957509).
    8/10/2014 7:16:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2926765).
    8/10/2014 7:16:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows 7 for x64-based Systems (KB2862966).
    8/10/2014 7:16:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2931356).
    8/10/2014 7:16:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2840631).
    8/10/2014 7:16:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Internet Explorer 11 for Windows 7 for x64-based Systems.
    8/10/2014 6:58:30 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2965788).
    8/10/2014 5:36:35 PM, Error: Microsoft-Windows-WMPNSS-Service [14353] - A media delivery engine with ID '0' was not initialized due to error '0x80070005' when adding the URL 'http://+:10243/WMPNSSv4/390372778/'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.
    8/10/2014 5:36:35 PM, Error: Microsoft-Windows-WMPNSS-Service [14349] - A new media server was not initialized because the Windows Media Delivery Engine did not initialize due to error '0x80070005'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible.
    8/10/2014 1:23:47 AM, Error: Service Control Manager [7031] - The MezvcV1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    .
    ==== End Of File ===========================
     
  2. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ===================================

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2

    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Create new restore point before proceeding with the next step....
    How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

    Download [img=[url]http://www.imgdumper.nl/uploads6/51a5f31352f71/51a5f31352b88-icon_MBAR.png][/url]Malwarebytes Anti-Rootkit to your desktop.
    • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
    • Double click on downloaded file. OK self extracting prompt.
    • MBAR will start. Click "Next" to continue.
    • Click in the following screen "Update" to obtain the latest malware definitions.
    • Once the update is complete select "Next" and click "Scan".
    • When the scan is finished and no malware has been found select "Exit".
    • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
    • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
      • "mbar-log-{date} (xx-xx-xx).txt"
      • "system-log.txt"
     
  3. norman

    norman Established Techie7 Member

    Hey Broni, I just want to update and let you know that I will do this later this afternoon. Thanks for you responce!
     
  4. broni

    broni Malware Annihilator Techie7 Moderator Head Security

  5. norman

    norman Established Techie7 Member

    Okay I have ran both programs and here are the logs:

    RogueKiller V9.2.8.0 [Jul 11 2014] by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/softwares/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Norman Norris [Admin rights]
    Mode : Remove -- Date : 08/16/2014 20:59:14

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 14 ¤¤¤
    [Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1281124879-2086483837-2393648650-1001\Software\Microsoft\Windows\CurrentVersion\Run | AIM for Windows : "C:\Users\Norman Norris\AppData\Local\AOL\AIM\aim.exe" [x] -> DELETED
    [Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1281124879-2086483837-2393648650-1001\Software\Microsoft\Windows\CurrentVersion\Run | AIM for Windows : "C:\Users\Norman Norris\AppData\Local\AOL\AIM\aim.exe" -> ERROR [2]
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 24.247.15.53 24.217.0.5 66.189.0.100 -> NOT SELECTED
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 24.247.15.53 24.217.0.5 66.189.0.100 -> NOT SELECTED
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 24.247.15.53 24.217.0.5 66.189.0.100 -> NOT SELECTED
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{98EB31AD-95FC-47F2-B67D-6EB84AE83C96} | DhcpNameServer : 24.247.15.53 24.217.0.5 66.189.0.100 -> NOT SELECTED
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{98EB31AD-95FC-47F2-B67D-6EB84AE83C96} | DhcpNameServer : 24.247.15.53 24.217.0.5 66.189.0.100 -> NOT SELECTED
    [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{98EB31AD-95FC-47F2-B67D-6EB84AE83C96} | DhcpNameServer : 24.247.15.53 24.217.0.5 66.189.0.100 -> NOT SELECTED
    [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED
    [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED
    [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED
    [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED
    [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1281124879-2086483837-2393648650-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://msn.com/ -> NOT SELECTED
    [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1281124879-2086483837-2393648650-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://msn.com/ -> NOT SELECTED

    ¤¤¤ Scheduled tasks : 4 ¤¤¤
    [Suspicious.Path] UpdaterEX.job -- C:\Users\NORMAN~1\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE (/Check) -> DELETED
    [Suspicious.Path] WSE_Astromenda.job -- C:\Users\NORMAN~1\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE (/Check) -> DELETED
    [Suspicious.Path] \\UpdaterEX -- C:\Users\NORMAN~1\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE (/Check) -> DELETED
    [Suspicious.Path] \\WSE_Astromenda -- C:\Users\NORMAN~1\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE (/Check) -> DELETED

    ¤¤¤ Files : 0 ¤¤¤

    ¤¤¤ HOSTS File : 0 ¤¤¤

    ¤¤¤ Antirootkit : 0 (Driver: NOT LOADED [0xc000036b]) ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: WDC WD50 00AAKS-00V1A SCSI Disk Device +++++
    --- User ---
    [MBR] 2fd8e9a1ae2c3d2875f35296a60b7576
    [BSP] 0307f68bec29149e00aa73723ba02758 : Windows Vista/7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB
    User = LL1 ... OK
    Error reading LL2 MBR! ([1] Incorrect function. )

    +++++ PhysicalDrive1: Generic USB SD Reader USB Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! NOT VALID!
    Error reading LL2 MBR! ([32] The request is not supported. )

    +++++ PhysicalDrive2: Generic USB CF Reader USB Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! NOT VALID!
    Error reading LL2 MBR! ([32] The request is not supported. )

    +++++ PhysicalDrive3: Generic USB SM Reader USB Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! NOT VALID!
    Error reading LL2 MBR! ([32] The request is not supported. )

    +++++ PhysicalDrive4: Generic USB MS Reader USB Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! NOT VALID!
    Error reading LL2 MBR! ([32] The request is not supported. )


    ============================================
    RKreport_SCN_08162014_205834.log

    Malwarebytes Anti-Rootkit BETA 1.07.0.1012
    www.malwarebytes.org

    Database version: v2014.08.16.08

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.17239
    Norman Norris :: NORMANNORRIS-PC [administrator]

    8/16/2014 9:06:59 PM
    mbar-log-2014-08-16 (21-06-59).txt

    Scan type: Quick scan
    Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
    Scan options disabled:
    Objects scanned: 287293
    Time elapsed: 7 minute(s), 8 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    Physical Sectors Detected: 0
    (No malicious items detected)

    (end)

    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.07.0.1012

    (c) Malwarebytes Corporation 2011-2012

    OS version: 6.1.7601 Windows 7 Service Pack 1 x64

    Account is Administrative

    Internet Explorer version: 11.0.9600.17239

    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED
    CPU speed: 2.400000 GHz
    Memory total: 4293435392, free: 2171781120

    Downloaded database version: v2014.08.16.08
    Downloaded database version: v2014.08.16.01
    =======================================
    Initializing...
    ------------ Kernel report ------------
    08/16/2014 21:06:51
    ------------ Loaded modules -----------
    \SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kdcom.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\CLFS.SYS
    \SystemRoot\system32\CI.dll
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\system32\drivers\ACPI.sys
    \SystemRoot\system32\drivers\WMILIB.SYS
    \SystemRoot\system32\drivers\msisadrv.sys
    \SystemRoot\system32\drivers\pci.sys
    \SystemRoot\system32\drivers\vdrvroot.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\system32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\system32\drivers\pciide.sys
    \SystemRoot\system32\drivers\PCIIDEX.SYS
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\system32\drivers\vmbus.sys
    \SystemRoot\system32\drivers\winhv.sys
    \SystemRoot\system32\drivers\atapi.sys
    \SystemRoot\system32\drivers\ataport.SYS
    \SystemRoot\system32\drivers\nvstor.sys
    \SystemRoot\system32\drivers\storport.sys
    \SystemRoot\system32\drivers\amdxata.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\system32\drivers\fileinfo.sys
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\msrpc.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\drivers\vmstorfl.sys
    \SystemRoot\system32\drivers\volsnap.sys
    \SystemRoot\System32\Drivers\spldr.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\hwpolicy.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\system32\DRIVERS\disk.sys
    \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
    \SystemRoot\System32\Drivers\aswVmm.sys
    \SystemRoot\System32\Drivers\aswRvrt.sys
    \SystemRoot\system32\drivers\cdrom.sys
    \SystemRoot\system32\drivers\aswSnx.sys
    \SystemRoot\system32\drivers\aswSP.sys
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\vga.sys
    \SystemRoot\System32\drivers\VIDEOPRT.SYS
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\System32\DRIVERS\RDPCDD.sys
    \SystemRoot\system32\drivers\rdpencdd.sys
    \SystemRoot\system32\drivers\rdprefmp.sys
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\system32\drivers\aswRdr2.sys
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\DRIVERS\wfplwf.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\serial.sys
    \SystemRoot\system32\DRIVERS\wanarp.sys
    \SystemRoot\system32\drivers\termdd.sys
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\system32\drivers\mssmbios.sys
    \SystemRoot\System32\drivers\discache.sys
    \SystemRoot\system32\drivers\csc.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\DRIVERS\blbdrive.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\system32\DRIVERS\intelppm.sys
    \SystemRoot\system32\DRIVERS\nvlddmkm.sys
    \SystemRoot\System32\drivers\dxgkrnl.sys
    \SystemRoot\System32\drivers\dxgmms1.sys
    \SystemRoot\system32\drivers\HDAudBus.sys
    \SystemRoot\system32\DRIVERS\fdc.sys
    \SystemRoot\system32\DRIVERS\serenum.sys
    \SystemRoot\system32\DRIVERS\usbohci.sys
    \SystemRoot\system32\DRIVERS\USBPORT.SYS
    \SystemRoot\system32\DRIVERS\usbehci.sys
    \SystemRoot\system32\drivers\1394ohci.sys
    \SystemRoot\system32\drivers\P17.sys
    \SystemRoot\system32\drivers\portcls.sys
    \SystemRoot\system32\drivers\drmk.sys
    \SystemRoot\system32\drivers\ks.sys
    \SystemRoot\system32\drivers\ksthunk.sys
    \SystemRoot\system32\DRIVERS\nvm62x64.sys
    \SystemRoot\system32\drivers\CompositeBus.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\DRIVERS\rdpbus.sys
    \SystemRoot\system32\drivers\kbdclass.sys
    \SystemRoot\system32\drivers\mouclass.sys
    \SystemRoot\system32\drivers\swenum.sys
    \SystemRoot\system32\drivers\umbus.sys
    \SystemRoot\system32\drivers\nvvad64v.sys
    \SystemRoot\system32\DRIVERS\usbhub.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\system32\drivers\nvhda64v.sys
    \SystemRoot\system32\drivers\HdAudio.sys
    \SystemRoot\System32\win32k.sys
    \SystemRoot\System32\drivers\Dxapi.sys
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\Drivers\dump_diskdump.sys
    \SystemRoot\System32\Drivers\dump_nvstor.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\system32\DRIVERS\monitor.sys
    \SystemRoot\system32\DRIVERS\usbccgp.sys
    \SystemRoot\system32\DRIVERS\USBD.SYS
    \SystemRoot\system32\drivers\hidusb.sys
    \SystemRoot\system32\drivers\HIDCLASS.SYS
    \SystemRoot\system32\drivers\HIDPARSE.SYS
    \SystemRoot\system32\DRIVERS\mouhid.sys
    \SystemRoot\system32\drivers\kbdhid.sys
    \SystemRoot\system32\drivers\usbscan.sys
    \SystemRoot\system32\DRIVERS\usbprint.sys
    \SystemRoot\system32\drivers\USBSTOR.SYS
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\cdd.dll
    \SystemRoot\system32\drivers\luafv.sys
    \SystemRoot\system32\drivers\aswMonFlt.sys
    \SystemRoot\system32\drivers\WudfPf.sys
    \SystemRoot\system32\drivers\aswStm.sys
    \SystemRoot\system32\DRIVERS\lltdio.sys
    \SystemRoot\system32\DRIVERS\rspndr.sys
    \SystemRoot\system32\drivers\HTTP.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\drivers\aswHwid.sys
    \SystemRoot\system32\drivers\peauth.sys
    \SystemRoot\System32\Drivers\secdrv.SYS
    \SystemRoot\System32\DRIVERS\srvnet.sys
    \SystemRoot\System32\drivers\tcpipreg.sys
    \SystemRoot\System32\DRIVERS\srv2.sys
    \SystemRoot\System32\DRIVERS\srv.sys
    \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
    \SystemRoot\system32\DRIVERS\WUDFRd.sys
    \SystemRoot\system32\DRIVERS\asyncmac.sys
    \SystemRoot\system32\drivers\spsys.sys
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
    \Windows\System32\ntdll.dll
    \Windows\System32\smss.exe
    \Windows\System32\apisetschema.dll
    \Windows\System32\autochk.exe
    \Windows\System32\kernel32.dll
    \Windows\System32\usp10.dll
    \Windows\System32\psapi.dll
    \Windows\System32\difxapi.dll
    \Windows\System32\lpk.dll
    \Windows\System32\urlmon.dll
    \Windows\System32\iertutil.dll
    \Windows\System32\msctf.dll
    \Windows\System32\Wldap32.dll
    \Windows\System32\rpcrt4.dll
    \Windows\System32\nsi.dll
    \Windows\System32\ole32.dll
    \Windows\System32\shlwapi.dll
    \Windows\System32\setupapi.dll
    \Windows\System32\msvcrt.dll
    \Windows\System32\wininet.dll
    \Windows\System32\imm32.dll
    \Windows\System32\shell32.dll
    \Windows\System32\ws2_32.dll
    \Windows\System32\normaliz.dll
    \Windows\System32\oleaut32.dll
    \Windows\System32\advapi32.dll
    \Windows\System32\imagehlp.dll
    \Windows\System32\comdlg32.dll
    \Windows\System32\user32.dll
    \Windows\System32\gdi32.dll
    \Windows\System32\sechost.dll
    \Windows\System32\clbcatq.dll
    \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
    \Windows\System32\devobj.dll
    \Windows\System32\wintrust.dll
    \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
    \Windows\System32\crypt32.dll
    \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    \Windows\System32\cfgmgr32.dll
    \Windows\System32\comctl32.dll
    \Windows\System32\KernelBase.dll
    \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
    \Windows\System32\userenv.dll
    \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    \Windows\System32\msasn1.dll
    \Windows\System32\profapi.dll
    \Windows\SysWOW64\normaliz.dll
    ----------- End -----------
    Done!
    <<<1>>>
    Upper Device Name: \Device\Harddisk4\DR4
    Upper Device Object: 0xfffffa8006ae3790
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\0000008e\
    Lower Device Object: 0xfffffa80068e6b60
    Lower Device Driver Name: \Driver\USBSTOR\
    <<<1>>>
    Upper Device Name: \Device\Harddisk3\DR3
    Upper Device Object: 0xfffffa8006aab790
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\0000008d\
    Lower Device Object: 0xfffffa80068e5b60
    Lower Device Driver Name: \Driver\USBSTOR\
    <<<1>>>
    Upper Device Name: \Device\Harddisk2\DR2
    Upper Device Object: 0xfffffa8006aa8790
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\0000008c\
    Lower Device Object: 0xfffffa80068e2b60
    Lower Device Driver Name: \Driver\USBSTOR\
    <<<1>>>
    Upper Device Name: \Device\Harddisk1\DR1
    Upper Device Object: 0xfffffa8006a68790
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\0000008b\
    Lower Device Object: 0xfffffa80068e0b60
    Lower Device Driver Name: \Driver\USBSTOR\
    <<<1>>>
    Upper Device Name: \Device\Harddisk0\DR0
    Upper Device Object: 0xfffffa8004c8b060
    Upper Device Driver Name: \Driver\Disk\
    Lower Device Name: \Device\00000062\
    Lower Device Object: 0xfffffa8004a099c0
    Lower Device Driver Name: \Driver\nvstor\
    <<<2>>>
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa8004c8b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa8004c8bb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa8004c8b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa8004a0cc40, DeviceName: Unknown, DriverName: \Driver\ACPI\
    DevicePointer: 0xfffffa8004a099c0, DeviceName: \Device\00000062\, DriverName: \Driver\nvstor\
    ------------ End ----------
    Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
    Upper DeviceData: 0x0, 0x0, 0x0
    Lower DeviceData: 0x0, 0x0, 0x0
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    <<<2>>>
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
    Done!
    Drive 0
    This is a System drive
    Scanning MBR on drive 0...
    Inspecting partition table:
    MBR Signature: 55AA
    Disk Signature: 439D3F0C

    Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048 Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848 Numsec = 976564224

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Disk Size: 500107862016 bytes
    Sector size: 512 bytes

    Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
    Done!
    Physical Sector Size: 0
    Drive: 1, DevicePointer: 0xfffffa8006a68790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa80068e7b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa8006a68790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa80068e0b60, DeviceName: \Device\0000008b\, DriverName: \Driver\USBSTOR\
    ------------ End ----------
    Physical Sector Size: 0
    Drive: 2, DevicePointer: 0xfffffa8006aa8790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa80068e8b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa8006aa8790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa80068e2b60, DeviceName: \Device\0000008c\, DriverName: \Driver\USBSTOR\
    ------------ End ----------
    Physical Sector Size: 0
    Drive: 3, DevicePointer: 0xfffffa8006aab790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa80068e9b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa8006aab790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa80068e5b60, DeviceName: \Device\0000008d\, DriverName: \Driver\USBSTOR\
    ------------ End ----------
    Physical Sector Size: 0
    Drive: 4, DevicePointer: 0xfffffa8006ae3790, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa80068eab90, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa8006ae3790, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
    DevicePointer: 0xfffffa80068e6b60, DeviceName: \Device\0000008e\, DriverName: \Driver\USBSTOR\
    ------------ End ----------
    Scan finished
    =======================================


    Removal queue found; removal started
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
    Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
    Removal finished

    **So far I have visited several web pages and I haven't seen any of those "pc fix pop-ups."
     
  6. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    Please download ComboFix from Here, Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
      If the connection is not there use restore point you created prior to running Combofix.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try the following...

    Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Download Rkill (courtesy of BleepingComputer.com) to your desktop.
    There are 2 different versions. If one of them won't run then download and try to run the other one.
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
    iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

    Restart computer in safe mode

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    When the scan is done Notepad will open with rKill.txt log.
    NOTE. rKill.txt log will also be present on your desktop.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
     
  7. norman

    norman Established Techie7 Member

    Combofix log:

    ComboFix 14-08-17.01 - Norman Norris 08/17/2014 13:09:10.1.4 - x64
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.2840 [GMT -4:00]
    Running from: c:\users\Norman Norris\Desktop\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Norman Norris\AppData\Local\Microsoft\Windows\Temporary Internet Files\ClearThink_iels
    c:\users\Norman Norris\AppData\Local\Microsoft\Windows\Temporary Internet Files\neurowise_iels
    c:\windows\security\Database\tmp.edb
    .
    .
    ((((((((((((((((((((((((( Files Created from 2014-07-17 to 2014-08-17 )))))))))))))))))))))))))))))))
    .
    .
    2014-08-17 17:16 . 2014-08-17 17:16 -------- d-----w- c:\users\Default\AppData\Local\temp
    2014-08-17 01:06 . 2014-08-17 01:44 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
    2014-08-17 00:50 . 2014-08-17 00:50 33512 ----a-w- c:\windows\SysWow64\drivers\TrueSight.sys
    2014-08-17 00:50 . 2014-08-17 00:50 -------- d-----w- c:\programdata\RogueKiller
    2014-08-16 15:01 . 2014-07-14 08:12 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{97941EEA-EA42-4A31-8A4B-562E5E2A1686}\mpengine.dll
    2014-08-15 01:27 . 2014-08-17 01:06 128728 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2014-08-15 01:27 . 2014-08-17 01:06 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2014-08-15 01:27 . 2014-08-15 01:27 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
    2014-08-15 01:27 . 2014-08-15 01:27 -------- d-----w- c:\programdata\Malwarebytes
    2014-08-15 01:27 . 2014-05-12 11:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
    2014-08-15 01:27 . 2014-05-12 11:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
    2014-08-15 00:38 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
    2014-08-15 00:38 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
    2014-08-15 00:38 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
    2014-08-15 00:38 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
    2014-08-15 00:38 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
    2014-08-15 00:38 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
    2014-08-15 00:37 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
    2014-08-15 00:37 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
    2014-08-14 22:31 . 2014-08-15 01:35 -------- d-----w- c:\program files (x86)\globalUpdate
    2014-08-14 22:21 . 2014-08-14 22:21 -------- d-----w- c:\program files\PDF Reader for Windows 8
    2014-08-14 21:30 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
    2014-08-14 21:30 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
    2014-08-14 21:29 . 2014-08-14 21:34 -------- d-----w- c:\program files (x86)\Optimizer Pro
    2014-08-11 23:54 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
    2014-08-11 23:54 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
    2014-08-11 23:54 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
    2014-08-11 23:54 . 2013-12-24 22:48 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
    2014-08-11 23:54 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
    2014-08-11 23:54 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
    2014-08-11 23:54 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
    2014-08-11 23:54 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
    2014-08-11 23:54 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
    2014-08-11 23:54 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
    2014-08-11 23:54 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
    2014-08-11 23:54 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
    2014-08-11 02:47 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
    2014-08-11 02:47 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
    2014-08-11 02:47 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
    2014-08-11 02:47 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
    2014-08-11 02:47 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
    2014-08-11 02:41 . 2014-08-11 02:41 -------- d-----w- c:\windows\Migration
    2014-08-10 23:39 . 2014-08-10 23:39 -------- d-----w- c:\windows\SysWow64\Adobe
    2014-08-10 23:36 . 2014-05-08 09:32 3178496 ----a-w- c:\windows\system32\rdpcorets.dll
    2014-08-10 23:36 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
    2014-08-10 23:34 . 2014-08-10 23:34 -------- d-----w- c:\programdata\Oracle
    2014-08-10 23:34 . 2014-08-10 23:34 -------- d-----w- c:\program files (x86)\Common Files\Java
    2014-08-10 23:33 . 2014-08-10 23:33 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2014-08-10 23:33 . 2014-08-10 23:33 -------- d-----w- c:\program files (x86)\Java
    2014-08-10 23:15 . 2013-10-14 22:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
    2014-08-10 23:15 . 2014-08-10 23:15 -------- d--h--w- c:\windows\msdownld.tmp
    2014-08-10 23:07 . 2014-08-10 23:07 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2014-08-10 22:53 . 2012-08-23 15:09 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
    2014-08-10 22:53 . 2012-08-23 13:41 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
    2014-08-10 22:53 . 2012-08-23 13:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2014-08-10 22:53 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
    2014-08-10 22:53 . 2012-08-23 14:07 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
    2014-08-10 22:17 . 2014-08-17 17:01 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-08-10 22:17 . 2014-08-17 17:01 699568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2014-08-10 22:17 . 2014-08-10 22:17 -------- d-----w- c:\windows\SysWow64\Macromed
    2014-08-10 22:17 . 2014-08-10 22:17 -------- d-----w- c:\windows\system32\Macromed
    2014-08-10 22:17 . 2014-08-10 22:17 -------- d--h--w- c:\windows\AxInstSV
    2014-08-10 22:10 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
    2014-08-10 22:09 . 2013-12-04 02:16 658432 ----a-w- c:\windows\system32\RMActivate_isv.exe
    2014-08-10 22:08 . 2014-06-06 10:10 624128 ----a-w- c:\windows\system32\qedit.dll
    2014-08-10 22:00 . 2013-08-29 02:16 1732032 ----a-w- c:\windows\system32\ntdll.dll
    2014-08-10 21:59 . 2014-01-24 02:37 1684928 ----a-w- c:\windows\system32\drivers\ntfs.sys
    2014-08-10 21:50 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
    2014-08-10 05:20 . 2014-08-10 05:20 -------- d-----w- c:\program files\Microsoft.NET
    2014-08-10 04:59 . 2014-08-10 04:59 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
    2014-08-10 04:01 . 2014-08-10 04:01 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
    2014-08-10 04:01 . 2014-08-10 04:01 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
    2014-08-10 04:01 . 2014-08-10 04:01 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
    2014-08-10 04:01 . 2014-08-10 04:01 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2014-08-10 04:01 . 2014-08-10 04:01 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
    2014-08-10 04:01 . 2014-08-10 04:01 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2014-08-10 04:01 . 2014-08-10 04:01 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
    2014-08-10 04:01 . 2014-08-10 04:01 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
    2014-08-10 04:01 . 2014-08-10 04:01 307344 ----a-w- c:\windows\system32\aswBoot.exe
    2014-08-10 04:01 . 2014-08-10 04:01 43152 ----a-w- c:\windows\avastSS.scr
    2014-08-10 03:59 . 2014-08-10 03:59 -------- d-----w- c:\program files\AVAST Software
    2014-08-10 03:58 . 2014-08-10 03:59 -------- d-----w- c:\programdata\AVAST Software
    2014-08-10 03:08 . 2014-07-23 22:32 464104 ----a-w- c:\windows\system32\MZA64.dll
    2014-08-10 03:08 . 2014-08-10 03:08 -------- d-----w- c:\program files (x86)\Common Files\Software Update Utility
    2014-08-10 01:14 . 2014-08-10 03:46 -------- d-----w- c:\programdata\VSO
    2014-08-10 01:14 . 2014-08-10 01:14 -------- d-----w- c:\program files (x86)\VSO
    2014-08-10 01:12 . 2014-08-10 01:12 -------- d-----w- c:\windows\system32\appmgmt
    2014-08-10 01:10 . 2014-08-10 01:12 -------- d-----w- c:\programdata\Skype
    2014-08-10 00:43 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
    2014-08-10 00:43 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
    2014-08-10 00:43 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
    2014-08-10 00:43 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
    2014-08-10 00:43 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
    2014-08-10 00:43 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
    2014-08-10 00:43 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
    2014-08-10 00:43 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
    2014-08-10 00:43 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
    2014-08-10 00:43 . 2011-03-11 04:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
    2014-08-10 00:19 . 2014-08-10 00:19 -------- d-----w- c:\windows\system32\SPReview
    2014-08-10 00:18 . 2014-08-10 00:18 -------- d-----w- c:\windows\system32\EventProviders
    2014-08-10 00:18 . 2014-08-10 21:16 -------- d-----w- c:\windows\AutoKMS
    2014-08-10 00:16 . 2014-08-10 00:16 -------- d-----w- c:\programdata\Microsoft Toolkit
    2014-08-10 00:05 . 2010-11-20 13:26 1866240 ----a-w- c:\windows\system32\ExplorerFrame.dll
    2014-08-10 00:04 . 2010-11-20 13:27 1024512 ----a-w- c:\windows\system32\wmpmde.dll
    2014-08-10 00:03 . 2010-11-20 13:25 749568 ----a-w- c:\windows\system32\batmeter.dll
    2014-08-10 00:02 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
    2014-08-10 00:02 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
    2014-08-10 00:01 . 2014-08-10 00:01 -------- d-----w- c:\program files\Microsoft Analysis Services
    2014-08-10 00:01 . 2014-08-10 00:01 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
    2014-08-10 00:00 . 2014-08-10 00:03 -------- d-----w- c:\program files\Microsoft Office
    2014-08-10 00:00 . 2014-08-15 00:53 -------- d-----w- c:\programdata\Microsoft Help
    2014-08-09 23:59 . 2014-08-09 23:59 -------- d-----r- C:\MSOCache
    2014-08-09 23:58 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
    2014-08-09 19:51 . 2010-05-26 15:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
    2014-08-09 19:51 . 2010-05-26 15:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
    2014-08-09 19:51 . 2010-05-26 15:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
    2014-08-09 19:51 . 2010-05-26 15:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
    2014-08-09 19:51 . 2010-05-26 15:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
    2014-08-09 19:51 . 2010-05-26 15:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
    2014-08-09 19:51 . 2014-07-25 14:01 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
    2014-08-09 19:51 . 2014-07-25 14:01 1126480 ----a-w- c:\windows\SysWow64\nvspcap.dll
    2014-08-09 19:51 . 2014-07-25 14:01 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
    2014-08-09 19:51 . 2014-07-25 14:01 1283136 ----a-w- c:\windows\system32\nvspcap64.dll
    2014-08-09 19:51 . 2014-08-09 19:51 -------- d-----w- c:\program files (x86)\AGEIA Technologies
    2014-08-09 19:50 . 2014-07-02 17:44 609240 ----a-w- c:\windows\SysWow64\nvStreaming.exe
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2014-08-10 21:26 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
    2014-08-10 21:26 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
    2014-07-02 20:48 . 2014-03-21 03:03 965312 ----a-w- c:\windows\system32\nvumdshimx.dll
    2014-07-02 20:48 . 2010-07-09 22:38 3196816 ----a-w- c:\windows\system32\nvapi64.dll
    2014-07-02 20:48 . 2010-07-09 22:38 14498552 ----a-w- c:\windows\SysWow64\nvd3dum.dll
    2014-07-02 18:55 . 2010-07-09 20:27 6783776 ----a-w- c:\windows\system32\nvcpl.dll
    2014-07-02 18:55 . 2010-07-09 20:27 3522392 ----a-w- c:\windows\system32\nvsvc64.dll
    2014-07-02 18:55 . 2010-07-09 20:27 935368 ----a-w- c:\windows\system32\nvvsvc.exe
    2014-07-02 18:55 . 2010-07-09 20:27 62808 ----a-w- c:\windows\system32\nvshext.dll
    2014-07-02 18:55 . 2010-07-09 20:27 386520 ----a-w- c:\windows\system32\nvmctray.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
    @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
    [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
    2014-07-27 15:45 1730256 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
    @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
    [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
    2014-07-27 15:45 1730256 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
    @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
    [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
    2014-07-27 15:45 1730256 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "P17RunE"="P17RunE.dll" [2008-03-28 14848]
    "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
    "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-10 4085896]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
    .
    c:\users\Norman Norris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN1981N51S05QT;CONNECTION=USB;MONITOR=1; [2009-7-13 45568]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    .
    R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R3 cpuz134;cpuz134;c:\users\NORMAN~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\NORMAN~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
    R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
    R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
    R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    S0 aswRvrt;avast! Revert; [x]
    S0 aswVmm;avast! VM Monitor; [x]
    S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
    S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
    S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
    S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
    S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
    S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
    S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
    .
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2014-08-17 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-10 17:01]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
    @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
    [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
    2014-07-27 15:41 2335960 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
    @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
    [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
    2014-07-27 15:41 2335960 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
    @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
    [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
    2014-07-27 15:41 2335960 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2014-08-10 04:01 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
    "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://msn.com/
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
    TCP: DhcpNameServer = 24.247.15.53 24.217.0.5 66.189.0.100
    Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
    DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Wow6432Node-HKLM-Run-<NO NAME> - (no file)
    Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
    HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_176_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_176_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.14"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2014-08-17 13:18:10
    ComboFix-quarantined-files.txt 2014-08-17 17:18
    .
    Pre-Run: 443,951,394,816 bytes free
    Post-Run: 444,682,571,776 bytes free
    .
    - - End Of File - - 43CC40A703CBF31D5EA4FF0120E3FD6A
    A36C5E4F47E84449FF07ED3517B43A31
     
  8. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    Looks good...

    [​IMG] Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Scan button.
    • When the scan has finished click on Clean button.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.

    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.

    [​IMG] Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.
     
  9. norman

    norman Established Techie7 Member

    # AdwCleaner v3.307 - Report created 17/08/2014 at 17:12:20
    # Updated 17/08/2014 by Xplode
    # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
    # Username : Norman Norris - NORMANNORRIS-PC
    # Running from : C:\Users\Norman Norris\Desktop\adwcleaner_3.307.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Program Files (x86)\globalUpdate
    Folder Deleted : C:\Program Files (x86)\Optimizer Pro
    Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
    Folder Deleted : C:\Users\Norman Norris\AppData\Local\globalUpdate
    Folder Deleted : C:\Users\Norman Norris\AppData\Roaming\Browser Extensions
    Folder Deleted : C:\Users\Norman Norris\AppData\Roaming\UpdaterEX
    Folder Deleted : C:\Users\Norman Norris\AppData\Roaming\wse_astromenda

    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
    Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
    Key Deleted : HKCU\Software\GlobalUpdate
    Key Deleted : HKCU\Software\Optimizer Pro
    Key Deleted : HKCU\Software\UpdaterEX
    Key Deleted : HKCU\Software\WSE_Astromenda
    Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Key Deleted : HKLM\SOFTWARE\GlobalUpdate
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17239


    *************************

    AdwCleaner[R0].txt - [6957 octets] - [17/08/2014 17:11:15]
    AdwCleaner[S0].txt - [6848 octets] - [17/08/2014 17:12:20]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6908 octets] ##########
     
  10. norman

    norman Established Techie7 Member

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.4 (04.06.2014:1)
    OS: Windows 7 Ultimate x64
    Ran by Norman Norris on Sun 08/17/2014 at 17:17:09.86
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sun 08/17/2014 at 17:25:02.16
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  11. norman

    norman Established Techie7 Member

    This next txt file is too big so I'm going to break it into parts, sorry.

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
    Ran by Norman Norris (administrator) on NORMANNORRIS-PC on 17-08-2014 17:27:42
    Running from C:\Users\Norman Norris\Desktop
    Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-10] (AVAST Software)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
    Startup: C:\Users\Norman Norris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk
    ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
    ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5028A7ECE5B4CF01
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKCU - DefaultScope {F298CB92-7DC8-4334-B056-2315FD9F9D06} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
    SearchScopes: HKCU - {F298CB92-7DC8-4334-B056-2315FD9F9D06} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=242154&p={searchTerms}
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
    DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
    DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 24.247.15.53 24.217.0.5 66.189.0.100

    FireFox:
    ========
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-10]

    Chrome:
    =======
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-10]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-10] (AVAST Software)
    S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-08-09] (Creative Labs) [File not signed]
    S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-08-09] (Creative Labs) [File not signed]
    R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-10] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-10] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-10] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-10] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-10] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-10] (AVAST Software)
    S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-10] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-10] ()
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
    R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
    U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [33512 2014-08-16] ()
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 cpuz134; \??\C:\Users\NORMAN~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================
     
  12. norman

    norman Established Techie7 Member

    Continuing ...

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-08-17 17:27 - 2014-08-17 17:28 - 00011533 _____ () C:\Users\Norman Norris\Desktop\FRST.txt
    2014-08-17 17:27 - 2014-08-17 17:27 - 00000000 ____D () C:\FRST
    2014-08-17 17:26 - 2014-08-17 17:27 - 02101760 _____ (Farbar) C:\Users\Norman Norris\Desktop\FRST64.exe
    2014-08-17 17:25 - 2014-08-17 17:25 - 00000637 _____ () C:\Users\Norman Norris\Desktop\JRT.txt
    2014-08-17 17:17 - 2014-08-17 17:17 - 00000000 ____D () C:\Windows\ERUNT
    2014-08-17 17:16 - 2014-08-17 17:16 - 01016261 _____ (Thisisu) C:\Users\Norman Norris\Desktop\JRT.exe
    2014-08-17 17:14 - 2014-08-17 17:14 - 00006996 _____ () C:\Users\Norman Norris\Desktop\AdwCleaner[S0].txt
    2014-08-17 17:11 - 2014-08-17 17:12 - 00000000 ____D () C:\AdwCleaner
    2014-08-17 17:10 - 2014-08-17 17:10 - 01361671 _____ () C:\Users\Norman Norris\Desktop\adwcleaner_3.307.exe
    2014-08-17 13:18 - 2014-08-17 13:18 - 00026522 _____ () C:\ComboFix.txt
    2014-08-17 13:07 - 2014-08-17 13:18 - 00000000 ____D () C:\Qoobox
    2014-08-17 13:07 - 2014-08-17 13:16 - 00000000 ____D () C:\Windows\erdnt
    2014-08-17 13:07 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
    2014-08-17 13:07 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
    2014-08-17 13:07 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2014-08-17 13:07 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2014-08-17 13:07 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2014-08-17 13:07 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
    2014-08-17 13:07 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
    2014-08-17 13:07 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
    2014-08-17 13:05 - 2014-08-17 13:06 - 05572035 ____R (Swearware) C:\Users\Norman Norris\Desktop\ComboFix.exe
    2014-08-17 13:01 - 2014-08-17 16:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-08-17 13:01 - 2014-08-17 13:01 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-08-16 21:06 - 2014-08-16 21:44 - 00000000 ____D () C:\Users\Norman Norris\Desktop\mbar
    2014-08-16 21:06 - 2014-08-16 21:44 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2014-08-16 21:05 - 2014-08-16 21:05 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Norman Norris\Desktop\mbar-1.07.0.1012.exe
    2014-08-16 20:59 - 2014-08-16 20:59 - 00005207 _____ () C:\Users\Norman Norris\Desktop\RKreport.txt
    2014-08-16 20:50 - 2014-08-16 20:50 - 00033512 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
    2014-08-16 20:50 - 2014-08-16 20:50 - 00000000 ____D () C:\ProgramData\RogueKiller
    2014-08-16 20:49 - 2014-08-16 20:49 - 04851288 _____ () C:\Users\Norman Norris\Desktop\RogueKiller.exe
    2014-08-14 23:34 - 2014-08-14 23:34 - 00503448 _____ () C:\Windows\Minidump\081414-34273-01.dmp
    2014-08-14 23:34 - 2014-08-14 23:34 - 00000000 ____D () C:\Windows\Minidump
    2014-08-14 23:33 - 2014-08-14 23:33 - 463666837 _____ () C:\Windows\MEMORY.DMP
    2014-08-14 21:43 - 2014-08-14 21:44 - 00032168 _____ () C:\Users\Norman Norris\Desktop\dds.txt
    2014-08-14 21:43 - 2014-08-14 21:43 - 00015347 _____ () C:\Users\Norman Norris\Desktop\attach.txt
    2014-08-14 21:41 - 2014-08-14 21:41 - 00688992 ____R (Swearware) C:\Users\Norman Norris\Desktop\dds.com
    2014-08-14 21:27 - 2014-08-16 21:06 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-08-14 21:27 - 2014-08-16 21:06 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-08-14 21:27 - 2014-08-14 21:27 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-08-14 21:27 - 2014-08-14 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-08-14 21:27 - 2014-08-14 21:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-08-14 21:27 - 2014-08-14 21:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-08-14 21:27 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-08-14 21:27 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-08-14 20:38 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
    2014-08-14 20:38 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
    2014-08-14 20:38 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
    2014-08-14 20:38 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
    2014-08-14 20:38 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
    2014-08-14 20:38 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
    2014-08-14 20:37 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
    2014-08-14 20:37 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
    2014-08-14 18:31 - 2014-08-14 18:32 - 00000155 _____ () C:\Windows\Reimage.ini
    2014-08-14 18:21 - 2014-08-14 18:21 - 00000929 _____ () C:\Users\Norman Norris\Desktop\PDF Reader for Windows 8.lnk
    2014-08-14 18:21 - 2014-08-14 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Reader for Windows 8
    2014-08-14 18:21 - 2014-08-14 18:21 - 00000000 ____D () C:\Program Files\PDF Reader for Windows 8
    2014-08-14 17:31 - 2014-08-14 17:31 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\sparta111
    2014-08-14 17:31 - 2014-07-31 19:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-08-14 17:31 - 2014-07-31 19:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-08-14 17:31 - 2014-07-25 10:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-08-14 17:31 - 2014-07-25 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-08-14 17:31 - 2014-07-25 10:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-08-14 17:31 - 2014-07-25 09:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-08-14 17:31 - 2014-07-25 09:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-08-14 17:31 - 2014-07-25 09:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-08-14 17:31 - 2014-07-25 09:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-08-14 17:31 - 2014-07-25 09:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-08-14 17:31 - 2014-07-25 09:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-08-14 17:31 - 2014-07-25 09:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-08-14 17:31 - 2014-07-25 09:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-08-14 17:31 - 2014-07-25 09:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-08-14 17:31 - 2014-07-25 09:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-08-14 17:31 - 2014-07-25 09:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-08-14 17:31 - 2014-07-25 09:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-08-14 17:31 - 2014-07-25 08:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-08-14 17:31 - 2014-07-25 08:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-08-14 17:31 - 2014-07-25 08:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-08-14 17:31 - 2014-07-25 08:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-08-14 17:31 - 2014-07-25 08:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-08-14 17:31 - 2014-07-25 08:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-08-14 17:31 - 2014-07-25 08:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-08-14 17:31 - 2014-07-25 08:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-08-14 17:31 - 2014-07-25 08:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-08-14 17:31 - 2014-07-25 08:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-08-14 17:31 - 2014-07-25 08:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-08-14 17:31 - 2014-07-25 08:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-08-14 17:31 - 2014-07-25 08:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-08-14 17:31 - 2014-07-25 08:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-08-14 17:31 - 2014-07-25 08:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-08-14 17:31 - 2014-07-25 08:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-08-14 17:31 - 2014-07-25 08:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-08-14 17:31 - 2014-07-25 08:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-08-14 17:31 - 2014-07-25 08:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-08-14 17:31 - 2014-07-25 07:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-08-14 17:31 - 2014-07-25 07:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-08-14 17:31 - 2014-07-25 07:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-08-14 17:31 - 2014-07-25 07:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-08-14 17:31 - 2014-07-25 07:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-08-14 17:31 - 2014-07-25 07:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-08-14 17:31 - 2014-07-25 07:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-08-14 17:31 - 2014-07-25 07:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-08-14 17:31 - 2014-07-25 07:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-08-14 17:31 - 2014-07-25 07:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-08-14 17:31 - 2014-07-25 07:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-08-14 17:31 - 2014-07-25 07:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-08-14 17:31 - 2014-07-25 07:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-08-14 17:31 - 2014-07-25 07:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-08-14 17:31 - 2014-07-25 06:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-08-14 17:31 - 2014-07-25 06:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-08-14 17:31 - 2014-07-25 06:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-08-14 17:31 - 2014-07-25 06:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-08-14 17:31 - 2014-07-25 06:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-08-14 17:31 - 2014-07-25 06:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-08-14 17:31 - 2014-07-15 23:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-08-14 17:31 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-08-14 17:31 - 2014-07-15 22:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-08-14 17:31 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2014-08-14 17:31 - 2014-07-15 22:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-08-14 17:31 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
    2014-08-14 17:31 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
    2014-08-14 17:31 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
    2014-08-14 17:31 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
    2014-08-14 17:31 - 2014-07-08 22:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
    2014-08-14 17:31 - 2014-07-08 21:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
    2014-08-14 17:31 - 2014-07-08 21:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
    2014-08-14 17:31 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
    2014-08-14 17:31 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
    2014-08-14 17:31 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
    2014-08-14 17:31 - 2014-07-08 18:38 - 00419992 _____ () C:\Windows\system32\locale.nls
    2014-08-14 17:31 - 2014-07-08 18:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
    2014-08-14 17:31 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2014-08-14 17:31 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2014-08-14 17:31 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2014-08-14 17:31 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2014-08-14 17:31 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2014-08-14 17:31 - 2014-06-03 06:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2014-08-14 17:31 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2014-08-14 17:31 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2014-08-14 17:31 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2014-08-14 17:31 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
    2014-08-14 17:30 - 2014-08-14 17:34 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\Sparta
    2014-08-14 17:30 - 2014-08-14 17:30 - 00862064 _____ ( ) C:\Users\Norman Norris\Downloads\Adobe_Reader_Setup (1).exe
    2014-08-14 17:30 - 2014-08-14 17:30 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\StormFall
    2014-08-14 17:30 - 2014-08-14 17:30 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\StormFall
    2014-08-14 17:30 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2014-08-14 17:30 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2014-08-14 17:29 - 2014-08-14 17:29 - 74696576 _____ (Adobe Systems Incorporated) C:\Users\Norman Norris\Downloads\AdbeRdr11007_en_US.exe
    2014-08-14 17:28 - 2014-08-14 17:28 - 00862064 _____ ( ) C:\Users\Norman Norris\Downloads\Adobe_Reader_Setup.exe
    2014-08-11 20:36 - 2014-08-11 21:58 - 00000000 ____D () C:\Users\Norman Norris\Downloads\The.Trials.of.Cate.McCall.2013.1080p.BluRay.AAC.x264-tomcat12[ETRG]
    2014-08-11 20:35 - 2014-08-11 20:35 - 00013480 _____ () C:\Users\Norman Norris\Downloads\[kickass.to]the.trials.of.cate.mccall.2013.1080p.bluray.aac.x264.tomcat12.etrg.torrent
    2014-08-11 19:54 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-08-11 19:54 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2014-08-11 19:54 - 2013-12-24 19:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2014-08-11 19:54 - 2013-12-24 18:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-08-11 19:54 - 2013-11-26 04:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
    2014-08-11 19:54 - 2013-11-23 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2014-08-11 19:54 - 2013-11-23 13:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2014-08-11 19:54 - 2013-11-22 18:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
    2014-08-11 19:54 - 2012-02-11 02:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
    2014-08-11 19:54 - 2012-02-11 02:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
    2014-08-11 19:54 - 2011-02-25 02:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
    2014-08-11 19:54 - 2011-02-25 01:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
    2014-08-10 22:47 - 2013-05-10 01:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2014-08-10 22:47 - 2013-05-10 01:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
    2014-08-10 22:47 - 2013-05-10 00:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
    2014-08-10 22:47 - 2013-05-10 00:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2014-08-10 19:39 - 2014-08-10 19:39 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
    2014-08-10 19:36 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2014-08-10 19:36 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
    2014-08-10 19:35 - 2014-08-10 19:35 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\Oracle
    2014-08-10 19:34 - 2014-08-10 19:34 - 00000000 ____D () C:\ProgramData\Sun
    2014-08-10 19:34 - 2014-08-10 19:34 - 00000000 ____D () C:\ProgramData\Oracle
    2014-08-10 19:33 - 2014-08-10 19:33 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-08-10 19:33 - 2014-08-10 19:33 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-08-10 19:33 - 2014-08-10 19:33 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-08-10 19:33 - 2014-08-10 19:33 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-08-10 19:33 - 2014-08-10 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2014-08-10 19:33 - 2014-08-10 19:33 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-08-10 19:28 - 2014-08-10 19:28 - 00000000 __SHD () C:\Users\Norman Norris\AppData\Local\EmieUserList
    2014-08-10 19:28 - 2014-08-10 19:28 - 00000000 __SHD () C:\Users\Norman Norris\AppData\Local\EmieSiteList
    2014-08-10 19:15 - 2014-08-10 19:15 - 00000000 ___HD () C:\Windows\msdownld.tmp
    2014-08-10 19:15 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
    2014-08-10 19:11 - 2014-08-10 19:11 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2014-08-10 19:11 - 2014-08-10 19:11 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
    2014-08-10 19:11 - 2014-08-10 19:11 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-08-10 19:11 - 2014-08-10 19:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2014-08-10 19:11 - 2014-08-10 19:11 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2014-08-10 19:11 - 2014-08-10 19:11 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2014-08-10 19:11 - 2014-08-10 19:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2014-08-10 19:07 - 2014-08-10 19:07 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2014-08-10 19:04 - 2014-08-10 19:15 - 00015386 _____ () C:\Windows\IE11_main.log
     
  13. norman

    norman Established Techie7 Member

    Continuing..

    2014-08-10 18:53 - 2012-08-23 10:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
    2014-08-10 18:53 - 2012-08-23 10:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
    2014-08-10 18:53 - 2012-08-23 09:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
    2014-08-10 18:53 - 2012-08-23 09:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2014-08-10 18:52 - 2012-08-23 10:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2014-08-10 18:52 - 2012-08-23 09:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
    2014-08-10 18:52 - 2012-08-23 09:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
    2014-08-10 18:52 - 2012-08-23 09:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
    2014-08-10 18:52 - 2012-08-23 09:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
    2014-08-10 18:52 - 2012-08-23 09:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
    2014-08-10 18:52 - 2012-08-23 09:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
    2014-08-10 18:52 - 2012-08-23 08:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
    2014-08-10 18:52 - 2012-08-23 07:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
    2014-08-10 18:52 - 2012-08-23 07:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
    2014-08-10 18:52 - 2012-08-23 07:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
    2014-08-10 18:52 - 2012-08-23 07:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
    2014-08-10 18:52 - 2012-08-23 06:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
    2014-08-10 18:52 - 2012-08-23 06:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
    2014-08-10 18:52 - 2012-08-23 06:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
    2014-08-10 18:52 - 2012-08-23 06:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
    2014-08-10 18:52 - 2012-08-23 04:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2014-08-10 18:52 - 2012-08-23 04:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2014-08-10 18:17 - 2014-08-17 13:01 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-08-10 18:17 - 2014-08-17 13:01 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-08-10 18:17 - 2014-08-10 18:17 - 00000000 ___HD () C:\Windows\AxInstSV
    2014-08-10 18:17 - 2014-08-10 18:17 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
    2014-08-10 18:17 - 2014-08-10 18:17 - 00000000 ____D () C:\Windows\system32\Macromed
    2014-08-10 18:11 - 2013-10-05 16:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2014-08-10 18:11 - 2013-10-05 15:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2014-08-10 18:11 - 2013-07-09 01:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2014-08-10 18:11 - 2013-07-09 01:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2014-08-10 18:11 - 2013-07-09 01:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
    2014-08-10 18:11 - 2013-07-09 00:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2014-08-10 18:11 - 2013-07-09 00:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2014-08-10 18:11 - 2013-07-09 00:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
    2014-08-10 18:11 - 2013-02-27 01:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2014-08-10 18:11 - 2012-10-03 13:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2014-08-10 18:11 - 2012-10-03 13:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
    2014-08-10 18:11 - 2012-10-03 13:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2014-08-10 18:11 - 2012-10-03 13:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2014-08-10 18:11 - 2012-10-03 13:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
    2014-08-10 18:11 - 2012-10-03 13:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
    2014-08-10 18:11 - 2012-10-03 12:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
    2014-08-10 18:11 - 2012-10-03 12:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
    2014-08-10 18:11 - 2012-10-03 12:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
    2014-08-10 18:11 - 2012-10-03 12:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
    2014-08-10 18:11 - 2012-01-13 03:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2014-08-10 18:10 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
    2014-08-10 18:10 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
    2014-08-10 18:10 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2014-08-10 18:10 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
    2014-08-10 18:10 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2014-08-10 18:10 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2014-08-10 18:10 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
    2014-08-10 18:10 - 2013-11-26 07:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
    2014-08-10 18:10 - 2013-10-29 22:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
    2014-08-10 18:10 - 2013-10-29 22:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
    2014-08-10 18:10 - 2013-10-18 22:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
    2014-08-10 18:10 - 2013-10-18 21:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
    2014-08-10 18:10 - 2013-10-03 22:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
    2014-08-10 18:10 - 2013-10-03 22:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
    2014-08-10 18:10 - 2013-10-03 21:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
    2014-08-10 18:10 - 2013-10-03 21:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
    2014-08-10 18:10 - 2013-07-04 08:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
    2014-08-10 18:10 - 2013-07-04 07:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
    2014-08-10 18:10 - 2013-03-19 01:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
    2014-08-10 18:10 - 2012-10-09 14:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
    2014-08-10 18:10 - 2012-10-09 14:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
    2014-08-10 18:10 - 2012-10-09 13:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
    2014-08-10 18:10 - 2012-10-09 13:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
    2014-08-10 18:09 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
    2014-08-10 18:09 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
    2014-08-10 18:09 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2014-08-10 18:09 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2014-08-10 18:09 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2014-08-10 18:09 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
    2014-08-10 18:09 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
    2014-08-10 18:09 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2014-08-10 18:09 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2014-08-10 18:09 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
    2014-08-10 18:09 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
    2014-08-10 18:09 - 2013-12-03 22:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
    2014-08-10 18:09 - 2013-12-03 22:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
    2014-08-10 18:09 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
    2014-08-10 18:09 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
    2014-08-10 18:09 - 2013-12-03 22:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
    2014-08-10 18:09 - 2013-12-03 22:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
    2014-08-10 18:09 - 2013-12-03 22:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
    2014-08-10 18:09 - 2013-12-03 22:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
    2014-08-10 18:09 - 2013-12-03 22:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
    2014-08-10 18:09 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
    2014-08-10 18:09 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
    2014-08-10 18:09 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
    2014-08-10 18:09 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
    2014-08-10 18:09 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
    2014-08-10 18:09 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
    2014-08-10 18:09 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
    2014-08-10 18:09 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
    2014-08-10 18:09 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
    2014-08-10 18:09 - 2013-11-26 21:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
    2014-08-10 18:09 - 2013-11-26 21:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
    2014-08-10 18:09 - 2013-11-26 21:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
    2014-08-10 18:09 - 2013-11-26 21:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
    2014-08-10 18:09 - 2013-11-26 21:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
    2014-08-10 18:09 - 2013-11-26 21:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
    2014-08-10 18:09 - 2013-11-26 21:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
    2014-08-10 18:09 - 2013-10-03 22:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
    2014-08-10 18:09 - 2013-10-03 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
    2014-08-10 18:09 - 2013-07-12 06:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
    2014-08-10 18:09 - 2013-07-03 00:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
    2014-08-10 18:09 - 2013-07-03 00:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
    2014-08-10 18:09 - 2013-07-03 00:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
    2014-08-10 18:09 - 2013-06-25 18:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
    2014-08-10 18:09 - 2013-06-06 01:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2014-08-10 18:09 - 2013-06-06 01:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2014-08-10 18:09 - 2013-06-06 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2014-08-10 18:09 - 2013-06-06 01:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2014-08-10 18:09 - 2013-06-06 00:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2014-08-10 18:09 - 2013-06-06 00:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2014-08-10 18:09 - 2013-06-06 00:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2014-08-10 18:09 - 2013-06-05 23:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2014-08-10 18:09 - 2013-06-05 23:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2014-08-10 18:09 - 2013-06-05 23:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2014-08-10 18:09 - 2013-04-25 19:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
    2014-08-10 18:09 - 2013-03-31 18:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
    2014-08-10 18:08 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2014-08-10 18:08 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2014-08-10 18:08 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2014-08-10 18:08 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
    2014-08-10 18:08 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2014-08-10 18:08 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
    2014-08-10 18:08 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2014-08-10 18:08 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
    2014-08-10 18:08 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
    2014-08-10 18:08 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
    2014-08-10 18:08 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
    2014-08-10 18:08 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
    2014-08-10 18:08 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2014-08-10 18:08 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2014-08-10 18:08 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
    2014-08-10 18:08 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
    2014-08-10 18:08 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
    2014-08-10 18:08 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
    2014-08-10 18:08 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
    2014-08-10 18:08 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
    2014-08-10 18:08 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
    2014-08-10 18:08 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2014-08-10 18:08 - 2013-08-01 22:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2014-08-10 18:08 - 2013-08-01 22:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2014-08-10 18:08 - 2013-08-01 21:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2014-08-10 18:08 - 2013-08-01 20:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2014-08-10 18:08 - 2013-07-04 08:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2014-08-10 18:08 - 2013-07-04 08:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2014-08-10 18:08 - 2013-07-04 07:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2014-08-10 18:08 - 2013-07-04 07:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
    2014-08-10 18:08 - 2013-07-04 06:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2014-08-10 18:00 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-08-10 18:00 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2014-08-10 18:00 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2014-08-10 18:00 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-08-10 18:00 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2014-08-10 18:00 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2014-08-10 18:00 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2014-08-10 18:00 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2014-08-10 18:00 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2014-08-10 18:00 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2014-08-10 18:00 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2014-08-10 18:00 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2014-08-10 18:00 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2014-08-10 18:00 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2014-08-10 18:00 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2014-08-10 18:00 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2014-08-10 18:00 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2014-08-10 18:00 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2014-08-10 18:00 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2014-08-10 18:00 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2014-08-10 18:00 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2014-08-10 18:00 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2014-08-10 18:00 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2014-08-10 18:00 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2014-08-10 18:00 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2014-08-10 18:00 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2014-08-10 18:00 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2014-08-10 18:00 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2014-08-10 18:00 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2014-08-10 18:00 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2014-08-10 18:00 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2014-08-10 18:00 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2014-08-10 18:00 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2014-08-10 18:00 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2014-08-10 18:00 - 2013-08-28 22:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2014-08-10 18:00 - 2013-08-28 22:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2014-08-10 18:00 - 2013-08-28 22:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2014-08-10 18:00 - 2013-08-28 21:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2014-08-10 18:00 - 2013-08-28 21:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2014-08-10 18:00 - 2013-08-28 21:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2014-08-10 18:00 - 2013-08-01 22:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 21:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2014-08-10 18:00 - 2013-08-01 20:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 20:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 20:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2014-08-10 18:00 - 2013-08-01 20:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2014-08-10 18:00 - 2013-07-04 08:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2014-08-10 17:59 - 2014-02-03 22:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
    2014-08-10 17:59 - 2014-02-03 22:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
    2014-08-10 17:59 - 2014-02-03 22:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
    2014-08-10 17:59 - 2014-02-03 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
    2014-08-10 17:59 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
    2014-08-10 17:59 - 2014-01-23 22:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2014-08-10 17:59 - 2013-10-11 22:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
    2014-08-10 17:59 - 2013-10-11 22:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
    2014-08-10 17:59 - 2013-10-11 22:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
    2014-08-10 17:59 - 2013-10-11 22:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2014-08-10 17:59 - 2013-10-11 22:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
    2014-08-10 17:59 - 2013-10-11 22:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
    2014-08-10 17:59 - 2013-10-11 22:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
    2014-08-10 17:59 - 2013-10-11 22:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
    2014-08-10 17:59 - 2013-10-11 22:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
    2014-08-10 17:59 - 2013-10-11 21:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
    2014-08-10 17:59 - 2013-10-11 21:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
    2014-08-10 17:59 - 2013-10-11 21:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
    2014-08-10 17:59 - 2013-10-11 21:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
    2014-08-10 17:59 - 2013-09-07 22:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
    2014-08-10 17:59 - 2013-09-07 22:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
    2014-08-10 17:59 - 2013-08-04 22:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
    2014-08-10 17:59 - 2013-07-25 22:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
    2014-08-10 17:59 - 2013-07-25 21:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
    2014-08-10 17:59 - 2013-07-25 05:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2014-08-10 17:59 - 2013-07-25 04:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2014-08-10 17:59 - 2013-07-20 06:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2014-08-10 17:59 - 2013-07-20 06:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2014-08-10 17:59 - 2013-06-15 00:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
    2014-08-10 17:59 - 2013-05-13 01:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
    2014-08-10 17:59 - 2013-05-12 23:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
    2014-08-10 17:59 - 2013-05-12 23:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
    2014-08-10 17:59 - 2013-05-12 23:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
    2014-08-10 17:59 - 2013-05-10 01:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
    2014-08-10 17:59 - 2013-05-09 23:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
    2014-08-10 17:59 - 2013-04-26 01:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
    2014-08-10 17:59 - 2013-04-26 00:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
    2014-08-10 17:59 - 2013-04-10 02:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
    2014-08-10 17:59 - 2012-11-22 23:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
    2014-08-10 17:59 - 2012-08-22 14:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2014-08-10 17:59 - 2012-08-21 17:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
    2014-08-10 17:59 - 2012-07-04 16:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
    2014-08-10 17:59 - 2011-02-03 07:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
    2014-08-10 17:50 - 2013-08-27 21:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
    2014-08-10 01:06 - 2014-08-10 01:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-08-10 00:59 - 2014-08-10 00:59 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
    2014-08-10 00:59 - 2014-08-10 00:59 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
    2014-08-10 00:02 - 2014-08-10 00:02 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\AVAST Software
    2014-08-10 00:01 - 2014-08-17 12:49 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2014-08-10 00:01 - 2014-08-10 00:01 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2014-08-10 00:01 - 2014-08-10 00:01 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
    2014-08-10 00:01 - 2014-08-10 00:01 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2014-08-10 00:01 - 2014-08-10 00:01 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
    2014-08-10 00:01 - 2014-08-10 00:01 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2014-08-10 00:01 - 2014-08-10 00:01 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2014-08-10 00:01 - 2014-08-10 00:01 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2014-08-10 00:01 - 2014-08-10 00:01 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
    2014-08-10 00:01 - 2014-08-10 00:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2014-08-10 00:01 - 2014-08-10 00:01 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
    2014-08-10 00:01 - 2014-08-10 00:01 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    2014-08-10 00:01 - 2014-08-10 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
    2014-08-09 23:59 - 2014-08-09 23:59 - 00000000 ____D () C:\Program Files\AVAST Software
    2014-08-09 23:58 - 2014-08-09 23:59 - 00000000 ____D () C:\ProgramData\AVAST Software
    2014-08-09 23:09 - 2014-08-09 23:09 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\Macromedia
    2014-08-09 23:09 - 2014-08-09 23:09 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\Adobe
    2014-08-09 23:08 - 2014-08-09 23:09 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\AOL
    2014-08-09 23:08 - 2014-08-09 23:08 - 00001105 _____ () C:\Users\Norman Norris\Desktop\AIM.lnk
    2014-08-09 23:08 - 2014-08-09 23:08 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIM for Windows
    2014-08-09 23:08 - 2014-07-23 18:32 - 00464104 _____ (MZA) C:\Windows\system32\MZA64.dll
    2014-08-09 22:58 - 2014-08-11 21:09 - 00000000 ____D () C:\Users\Norman Norris\Documents\ConvertXtoDVD
    2014-08-09 21:14 - 2014-08-09 23:46 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\Vso
    2014-08-09 21:14 - 2014-08-09 23:46 - 00000000 ____D () C:\ProgramData\VSO
    2014-08-09 21:14 - 2014-08-09 21:14 - 00099384 _____ () C:\Users\Norman Norris\AppData\Roaming\inst.exe
    2014-08-09 21:14 - 2014-08-09 21:14 - 00082816 _____ (VSO Software) C:\Users\Norman Norris\AppData\Roaming\pcouffin.sys
    2014-08-09 21:14 - 2014-08-09 21:14 - 00007859 _____ () C:\Users\Norman Norris\AppData\Roaming\pcouffin.cat
    2014-08-09 21:14 - 2014-08-09 21:14 - 00001232 _____ () C:\Users\Norman Norris\Desktop\ConvertXToDVD 5.lnk
    2014-08-09 21:14 - 2014-08-09 21:14 - 00000055 _____ () C:\Users\Norman Norris\AppData\Roaming\pcouffin.log
    2014-08-09 21:14 - 2014-08-09 21:14 - 00000000 ____D () C:\Users\Norman Norris\Documents\PcSetup
    2014-08-09 21:14 - 2014-08-09 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
    2014-08-09 21:14 - 2014-08-09 21:14 - 00000000 ____D () C:\Program Files (x86)\VSO
    2014-08-09 21:12 - 2014-08-09 21:12 - 00000000 ____D () C:\Windows\system32\appmgmt
    2014-08-09 21:11 - 2014-08-09 21:12 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\Skype
    2014-08-09 21:11 - 2014-08-09 21:11 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\Skype
    2014-08-09 21:10 - 2014-08-09 21:12 - 00000000 ____D () C:\ProgramData\Skype
    2014-08-09 21:10 - 2014-08-09 21:10 - 00000866 _____ () C:\Users\Norman Norris\Desktop\µTorrent.lnk
    2014-08-09 21:10 - 2014-08-09 21:10 - 00000846 _____ () C:\Users\Norman Norris\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
    2014-08-09 21:07 - 2014-08-11 21:59 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\uTorrent
    2014-08-09 20:43 - 2011-03-11 02:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
    2014-08-09 20:43 - 2011-03-11 02:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
    2014-08-09 20:43 - 2011-03-11 02:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
    2014-08-09 20:43 - 2011-03-11 02:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
    2014-08-09 20:43 - 2011-03-11 02:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
    2014-08-09 20:43 - 2011-03-11 02:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
    2014-08-09 20:43 - 2011-03-11 02:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
    2014-08-09 20:43 - 2011-03-11 01:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
    2014-08-09 20:43 - 2011-03-11 01:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
    2014-08-09 20:43 - 2011-03-11 00:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
    2014-08-09 20:19 - 2014-08-09 20:19 - 00000000 ____D () C:\Windows\system32\SPReview
    2014-08-09 20:18 - 2014-08-17 17:16 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
    2014-08-09 20:18 - 2014-08-10 17:16 - 00000000 ____D () C:\Windows\AutoKMS
    2014-08-09 20:18 - 2014-08-09 20:18 - 00000000 ____D () C:\Windows\system32\EventProviders
    2014-08-09 20:16 - 2014-08-09 20:16 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
    2014-08-09 20:07 - 2014-08-09 20:07 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
    2014-08-09 20:06 - 2014-08-14 20:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2014-08-09 20:06 - 2010-11-20 09:27 - 03650560 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
    2014-08-09 20:06 - 2010-11-20 09:27 - 03008000 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
    2014-08-09 20:06 - 2010-11-20 09:27 - 02086912 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2014-08-09 20:06 - 2010-11-20 09:27 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2014-08-09 20:06 - 2010-11-20 09:27 - 01646080 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2014-08-09 20:06 - 2010-11-20 09:27 - 01556992 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
    2014-08-09 20:06 - 2010-11-20 09:27 - 01197056 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
    2014-08-09 20:06 - 2010-11-20 09:27 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2014-08-09 20:06 - 2010-11-20 09:27 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
    2014-08-09 20:06 - 2010-11-20 09:27 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
    2014-08-09 20:06 - 2010-11-20 09:26 - 04120064 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2014-08-09 20:06 - 2010-11-20 09:26 - 03205120 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
    2014-08-09 20:06 - 2010-11-20 09:26 - 01340416 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
    2014-08-09 20:06 - 2010-11-20 09:25 - 00095744 _____ () C:\Windows\system32\RDVGHelper.exe
    2014-08-09 20:06 - 2010-11-20 08:19 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
    2014-08-09 20:06 - 2010-11-20 08:19 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
    2014-08-09 20:06 - 2010-11-20 08:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PushPrinterConnections.exe
    2014-08-09 20:06 - 2010-11-04 21:58 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
    2014-08-09 20:06 - 2010-11-04 21:58 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
    2014-08-09 20:06 - 2010-11-04 21:57 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
    2014-08-09 20:06 - 2010-11-04 21:57 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
    2014-08-09 20:06 - 2010-11-04 21:57 - 00048976 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
    2014-08-09 20:06 - 2009-07-13 21:16 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pmcsnap.dll
    2014-08-09 20:06 - 2009-07-13 21:16 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ppcsnap.dll
    2014-08-09 20:05 - 2014-08-09 20:05 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
    2014-08-09 20:05 - 2010-11-20 09:39 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
    2014-08-09 20:05 - 2010-11-20 09:34 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
    2014-08-09 20:05 - 2010-11-20 09:34 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
    2014-08-09 20:05 - 2010-11-20 09:33 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
    2014-08-09 20:05 - 2010-11-20 09:33 - 00299392 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
    2014-08-09 20:05 - 2010-11-20 09:29 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 03860992 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 03027968 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
    2014-08-09 20:05 - 2010-11-20 09:27 - 02652160 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 02543616 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 02018304 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 01900544 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 01808384 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 01753088 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 01509888 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 01326080 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 01281024 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 01243136 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 01212416 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 01158656 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 01098240 _____ (Microsoft Corporation) C:\Windows\system32\Vault.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 01008128 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00867840 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00849920 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00582656 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00481280 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
    2014-08-09 20:05 - 2010-11-20 09:27 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL
    2014-08-09 20:05 - 2010-11-20 09:27 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\prncache.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\tspubwmi.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
    2014-08-09 20:05 - 2010-11-20 09:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 03391488 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 01866240 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 01244160 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 00784896 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
    2014-08-09 20:05 - 2010-11-20 09:26 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 00317952 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 00281600 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\hgprint.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
    2014-08-09 20:05 - 2010-11-20 09:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
    2014-08-09 20:05 - 2010-11-20 09:25 - 03957760 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
    2014-08-09 20:05 - 2010-11-20 09:25 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
    2014-08-09 20:05 - 2010-11-20 09:25 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
    2014-08-09 20:05 - 2010-11-20 09:25 - 01600512 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
    2014-08-09 20:05 - 2010-11-20 09:25 - 01504256 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
    2014-08-09 20:05 - 2010-11-20 09:25 - 00958464 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2014-08-09 20:05 - 2010-11-20 09:25 - 00897536 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
    2014-08-09 20:05 - 2010-11-20 09:25 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
    2014-08-09 20:05 - 2010-11-20 09:25 - 00692224 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
    2014-08-09 20:05 - 2010-11-20 09:25 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2014-08-09 20:05 - 2010-11-20 09:25 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
    2014-08-09 20:05 - 2010-11-20 09:25 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
    2014-08-09 20:05 - 2010-11-20 09:25 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
    2014-08-09 20:05 - 2010-11-20 09:25 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
    2014-08-09 20:05 - 2010-11-20 09:25 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2014-08-09 20:05 - 2010-11-20 09:25 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
    2014-08-09 20:05 - 2010-11-20 09:25 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
    2014-08-09 20:05 - 2010-11-20 09:25 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2014-08-09 20:05 - 2010-11-20 09:25 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
    2014-08-09 20:05 - 2010-11-20 09:25 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
    2014-08-09 20:05 - 2010-11-20 09:25 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
    2014-08-09 20:05 - 2010-11-20 09:25 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\PushPrinterConnections.exe
    2014-08-09 20:05 - 2010-11-20 09:24 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
    2014-08-09 20:05 - 2010-11-20 09:24 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
    2014-08-09 20:05 - 2010-11-20 09:24 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe
    2014-08-09 20:05 - 2010-11-20 09:24 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
    2014-08-09 20:05 - 2010-11-20 08:32 - 05066752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
    2014-08-09 20:05 - 2010-11-20 08:30 - 00079232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgumd32.dll
    2014-08-09 20:05 - 2010-11-20 08:21 - 01712640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
    2014-08-09 20:05 - 2010-11-20 08:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
    2014-08-09 20:05 - 2010-11-20 08:21 - 01363456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
    2014-08-09 20:05 - 2010-11-20 08:21 - 01175040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2014-08-09 20:05 - 2010-11-20 08:21 - 01128448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
    2014-08-09 20:05 - 2010-11-20 08:21 - 01115136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
    2014-08-09 20:05 - 2010-11-20 08:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
    2014-08-09 20:05 - 2010-11-20 08:21 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
    2014-08-09 20:05 - 2010-11-20 08:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
    2014-08-09 20:05 - 2010-11-20 08:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
    2014-08-09 20:05 - 2010-11-20 08:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
    2014-08-09 20:05 - 2010-11-20 08:21 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
    2014-08-09 20:05 - 2010-11-20 08:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
    2014-08-09 20:05 - 2010-11-20 08:21 - 00113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
    2014-08-09 20:05 - 2010-11-20 08:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
    2014-08-09 20:05 - 2010-11-20 08:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2014-08-09 20:05 - 2010-11-20 08:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
    2014-08-09 20:05 - 2010-11-20 08:20 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
    2014-08-09 20:05 - 2010-11-20 08:20 - 00547840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
    2014-08-09 20:05 - 2010-11-20 08:20 - 00406528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
     
  14. norman

    norman Established Techie7 Member

    Continuing...

    2014-08-09 20:05 - 2010-11-20 08:19 - 03207680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2014-08-09 20:05 - 2010-11-20 08:19 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
    2014-08-09 20:05 - 2010-11-20 08:19 - 02151936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
    2014-08-09 20:05 - 2010-11-20 08:19 - 01493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
    2014-08-09 20:05 - 2010-11-20 08:19 - 00732160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll
    2014-08-09 20:05 - 2010-11-20 08:19 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
    2014-08-09 20:05 - 2010-11-20 08:18 - 02522624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
    2014-08-09 20:05 - 2010-11-20 08:18 - 01828352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
    2014-08-09 20:05 - 2010-11-20 08:18 - 01555456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certmgr.dll
    2014-08-09 20:05 - 2010-11-20 08:18 - 01371136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
    2014-08-09 20:05 - 2010-11-20 08:18 - 01334272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
    2014-08-09 20:05 - 2010-11-20 08:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
    2014-08-09 20:05 - 2010-11-20 08:18 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2014-08-09 20:05 - 2010-11-20 08:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
    2014-08-09 20:05 - 2010-11-20 08:18 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
    2014-08-09 20:05 - 2010-11-20 08:18 - 00252928 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
    2014-08-09 20:05 - 2010-11-20 08:18 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
    2014-08-09 20:05 - 2010-11-20 08:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
    2014-08-09 20:05 - 2010-11-20 07:05 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll
    2014-08-09 20:05 - 2010-11-20 06:44 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys
    2014-08-09 20:05 - 2010-11-20 05:27 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
    2014-08-09 20:05 - 2010-11-20 05:27 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
    2014-08-09 20:05 - 2010-11-20 05:25 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2014-08-09 20:05 - 2010-11-20 05:23 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
    2014-08-09 20:05 - 2010-11-20 05:21 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2014-08-09 20:05 - 2010-11-04 22:20 - 00347904 _____ () C:\Windows\system32\systemsf.ebd
    2014-08-09 20:05 - 2010-11-04 21:58 - 00049488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
    2014-08-09 20:05 - 2010-11-04 21:53 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
    2014-08-09 20:05 - 2010-11-04 21:53 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
    2014-08-09 20:05 - 2010-11-04 21:53 - 00109928 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
    2014-08-09 20:05 - 2010-11-04 21:53 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
    2014-08-09 20:05 - 2009-07-13 21:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpmonui.dll
    2014-08-09 20:04 - 2014-08-09 20:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
    2014-08-09 20:04 - 2010-11-20 09:44 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
    2014-08-09 20:04 - 2010-11-20 09:34 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
    2014-08-09 20:04 - 2010-11-20 09:34 - 00199552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
    2014-08-09 20:04 - 2010-11-20 09:34 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
    2014-08-09 20:04 - 2010-11-20 09:33 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
    2014-08-09 20:04 - 2010-11-20 09:33 - 00263040 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
    2014-08-09 20:04 - 2010-11-20 09:33 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
    2014-08-09 20:04 - 2010-11-20 09:33 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys
    2014-08-09 20:04 - 2010-11-20 09:33 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys
    2014-08-09 20:04 - 2010-11-20 09:33 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys
    2014-08-09 20:04 - 2010-11-20 09:33 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys
    2014-08-09 20:04 - 2010-11-20 09:33 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
    2014-08-09 20:04 - 2010-11-20 09:33 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
    2014-08-09 20:04 - 2010-11-20 09:32 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
    2014-08-09 20:04 - 2010-11-20 09:32 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
    2014-08-09 20:04 - 2010-11-20 09:28 - 00780008 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
    2014-08-09 20:04 - 2010-11-20 09:28 - 00298104 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2014-08-09 20:04 - 2010-11-20 09:28 - 00166784 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 02262528 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 02250752 _____ (Microsoft Corporation) C:\Windows\system32\SensorsCpl.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 02193920 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 02072576 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 01363968 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
    2014-08-09 20:04 - 2010-11-20 09:27 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 01082880 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 01050624 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00799744 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00633344 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00605696 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\mspbda.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00568832 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00418816 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
    2014-08-09 20:04 - 2010-11-20 09:27 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\netjoin.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL
    2014-08-09 20:04 - 2010-11-20 09:27 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\samcli.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\RpcRtRemote.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
    2014-08-09 20:04 - 2010-11-20 09:27 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\vpnikeapi.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 01457664 _____ (Microsoft Corporation) C:\Windows\system32\DxpTaskSync.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 01066496 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00934912 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
    2014-08-09 20:04 - 2010-11-20 09:26 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00116224 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\fms.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll
    2014-08-09 20:04 - 2010-11-20 09:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
    2014-08-09 20:04 - 2010-11-20 09:25 - 01264640 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
    2014-08-09 20:04 - 2010-11-20 09:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
    2014-08-09 20:04 - 2010-11-20 09:25 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
    2014-08-09 20:04 - 2010-11-20 09:25 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
    2014-08-09 20:04 - 2010-11-20 09:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\biocpl.dll
    2014-08-09 20:04 - 2010-11-20 09:25 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
    2014-08-09 20:04 - 2010-11-20 09:25 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-08-09 20:04 - 2010-11-20 09:25 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
    2014-08-09 20:04 - 2010-11-20 09:25 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
    2014-08-09 20:04 - 2010-11-20 09:25 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
    2014-08-09 20:04 - 2010-11-20 09:25 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
    2014-08-09 20:04 - 2010-11-20 09:25 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
    2014-08-09 20:04 - 2010-11-20 09:25 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
    2014-08-09 20:04 - 2010-11-20 09:25 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
    2014-08-09 20:04 - 2010-11-20 09:25 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll
    2014-08-09 20:04 - 2010-11-20 09:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
    2014-08-09 20:04 - 2010-11-20 09:25 - 00128000 _____ (Microsoft) C:\Windows\system32\Robocopy.exe
    2014-08-09 20:04 - 2010-11-20 09:25 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
    2014-08-09 20:04 - 2010-11-20 09:25 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
    2014-08-09 20:04 - 2010-11-20 09:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\rdpsign.exe
    2014-08-09 20:04 - 2010-11-20 09:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
    2014-08-09 20:04 - 2010-11-20 09:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
    2014-08-09 20:04 - 2010-11-20 09:24 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
    2014-08-09 20:04 - 2010-11-20 09:24 - 00763904 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
    2014-08-09 20:04 - 2010-11-20 09:24 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
    2014-08-09 20:04 - 2010-11-20 09:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\FXSSVC.exe
    2014-08-09 20:04 - 2010-11-20 09:24 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl
    2014-08-09 20:04 - 2010-11-20 09:24 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
    2014-08-09 20:04 - 2010-11-20 09:24 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
    2014-08-09 20:04 - 2010-11-20 09:24 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
    2014-08-09 20:04 - 2010-11-20 09:24 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
    2014-08-09 20:04 - 2010-11-20 09:24 - 00300032 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe
    2014-08-09 20:04 - 2010-11-20 09:24 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
    2014-08-09 20:04 - 2010-11-20 09:24 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2014-08-09 20:04 - 2010-11-20 09:24 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
    2014-08-09 20:04 - 2010-11-20 08:51 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-08-09 20:04 - 2010-11-20 08:23 - 00144768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 02983424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 02146304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 01624064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPEncEn.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00782336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlsrv32.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00560128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00464896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00352256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00335872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00246272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scansetting.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regapi.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
    2014-08-09 20:04 - 2010-11-20 08:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samcli.dll
    2014-08-09 20:04 - 2010-11-20 08:20 - 02504192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
    2014-08-09 20:04 - 2010-11-20 08:20 - 02494464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
    2014-08-09 20:04 - 2010-11-20 08:20 - 01750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pnidui.dll
    2014-08-09 20:04 - 2010-11-20 08:20 - 01508864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
    2014-08-09 20:04 - 2010-11-20 08:20 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
    2014-08-09 20:04 - 2010-11-20 08:20 - 00932352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
    2014-08-09 20:04 - 2010-11-20 08:20 - 00801280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
    2014-08-09 20:04 - 2010-11-20 08:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercpl.dll
    2014-08-09 20:04 - 2010-11-20 08:20 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netdiagfx.dll
    2014-08-09 20:04 - 2010-11-20 08:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\onex.dll
    2014-08-09 20:04 - 2010-11-20 08:20 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QAGENT.DLL
    2014-08-09 20:04 - 2010-11-20 08:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
    2014-08-09 20:04 - 2010-11-20 08:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll
    2014-08-09 20:04 - 2010-11-20 08:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
    2014-08-09 20:04 - 2010-11-20 08:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prncache.dll
    2014-08-09 20:04 - 2010-11-20 08:19 - 00830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
    2014-08-09 20:04 - 2010-11-20 08:19 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
    2014-08-09 20:04 - 2010-11-20 08:19 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll
    2014-08-09 20:04 - 2010-11-20 08:19 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
    2014-08-09 20:04 - 2010-11-20 08:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
    2014-08-09 20:04 - 2010-11-20 08:19 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
    2014-08-09 20:04 - 2010-11-20 08:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
    2014-08-09 20:04 - 2010-11-20 08:19 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
    2014-08-09 20:04 - 2010-11-20 08:19 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
    2014-08-09 20:04 - 2010-11-20 08:19 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msutb.dll
    2014-08-09 20:04 - 2010-11-20 08:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fde.dll
    2014-08-09 20:04 - 2010-11-20 08:19 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
    2014-08-09 20:04 - 2010-11-20 08:19 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hbaapi.dll
    2014-08-09 20:04 - 2010-11-20 08:19 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mimefilt.dll
    2014-08-09 20:04 - 2010-11-20 08:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
    2014-08-09 20:04 - 2010-11-20 08:18 - 00854016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
    2014-08-09 20:04 - 2010-11-20 08:18 - 00762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroles.dll
    2014-08-09 20:04 - 2010-11-20 08:18 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll
    2014-08-09 20:04 - 2010-11-20 08:18 - 00630784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
    2014-08-09 20:04 - 2010-11-20 08:18 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
    2014-08-09 20:04 - 2010-11-20 08:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2014-08-09 20:04 - 2010-11-20 08:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
    2014-08-09 20:04 - 2010-11-20 08:18 - 00222208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
    2014-08-09 20:04 - 2010-11-20 08:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2014-08-09 20:04 - 2010-11-20 08:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscobj.dll
    2014-08-09 20:04 - 2010-11-20 08:17 - 00303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
    2014-08-09 20:04 - 2010-11-20 08:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
    2014-08-09 20:04 - 2010-11-20 08:17 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
    2014-08-09 20:04 - 2010-11-20 08:17 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
    2014-08-09 20:04 - 2010-11-20 08:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\net1.exe
    2014-08-09 20:04 - 2010-11-20 08:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\proquota.exe
    2014-08-09 20:04 - 2010-11-20 08:16 - 00905216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
    2014-08-09 20:04 - 2010-11-20 08:16 - 00776192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
    2014-08-09 20:04 - 2010-11-20 08:16 - 00679424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
    2014-08-09 20:04 - 2010-11-20 08:16 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
    2014-08-09 20:04 - 2010-11-20 08:16 - 00658944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
    2014-08-09 20:04 - 2010-11-20 08:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
    2014-08-09 20:04 - 2010-11-20 08:08 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2014-08-09 20:04 - 2010-11-20 06:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
    2014-08-09 20:04 - 2010-11-20 06:52 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
    2014-08-09 20:04 - 2010-11-20 06:52 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys
    2014-08-09 20:04 - 2010-11-20 06:52 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
    2014-08-09 20:04 - 2010-11-20 06:52 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys
    2014-08-09 20:04 - 2010-11-20 06:33 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
    2014-08-09 20:04 - 2010-11-20 05:58 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
    2014-08-09 20:04 - 2010-11-20 05:26 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
    2014-08-09 20:04 - 2010-11-04 21:58 - 00155472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
    2014-08-09 20:04 - 2010-11-04 21:57 - 00154960 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
    2014-08-09 20:03 - 2014-08-09 20:04 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
    2014-08-09 20:03 - 2014-08-09 20:03 - 00000000 ____D () C:\Windows\PCHEALTH
    2014-08-09 20:03 - 2010-11-20 09:44 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL
    2014-08-09 20:03 - 2010-11-20 09:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL
    2014-08-09 20:03 - 2010-11-20 09:34 - 00046464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
    2014-08-09 20:03 - 2010-11-20 09:34 - 00034688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
    2014-08-09 20:03 - 2010-11-20 09:33 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
    2014-08-09 20:03 - 2010-11-20 09:33 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys
    2014-08-09 20:03 - 2010-11-20 09:33 - 00094592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2014-08-09 20:03 - 2010-11-20 09:33 - 00052096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
    2014-08-09 20:03 - 2010-11-20 09:33 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
    2014-08-09 20:03 - 2010-11-20 09:32 - 02217856 _____ (Microsoft Corporation) C:\Windows\system32\bootres.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 02146816 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 01911808 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 01672704 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
    2014-08-09 20:03 - 2010-11-20 09:27 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\onexui.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
    2014-08-09 20:03 - 2010-11-20 09:27 - 00898560 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00812032 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00781312 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\sdcpl.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
    2014-08-09 20:03 - 2010-11-20 09:27 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00527872 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\prnfldr.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00300032 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL
    2014-08-09 20:03 - 2010-11-20 09:27 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceSyncProvider.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\OnLineIDCpl.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\recovery.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\wiavideo.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
    2014-08-09 20:03 - 2010-11-20 09:27 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountControlSettings.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL
    2014-08-09 20:03 - 2010-11-20 09:27 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\unimdmat.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\rdpd3d.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\PrintIsolationProxy.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\wdiasqmmodule.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\netutils.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\sisbkup.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\schedcli.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\rdprefdrvapi.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TRAPI.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wshirda.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
    2014-08-09 20:03 - 2010-11-20 09:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
    2014-08-09 20:03 - 2010-11-20 09:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\DiagCpl.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\iTVData.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\defaultlocationcpl.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL
    2014-08-09 20:03 - 2010-11-20 09:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\FXSMON.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\mciqtz32.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll
    2014-08-09 20:03 - 2010-11-20 09:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\elsTrans.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 03745792 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 03524608 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 01065984 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00749568 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\cca.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\CertPolEng.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\tzutil.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\repair-bde.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\proquota.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\bitsperf.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\shadow.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
    2014-08-09 20:03 - 2010-11-20 09:25 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\BWUnpairElevated.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
    2014-08-09 20:03 - 2010-11-20 09:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL
     
  15. norman

    norman Established Techie7 Member

    Continuing...

    2014-08-09 20:03 - 2010-11-20 09:24 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00899584 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr
    2014-08-09 20:03 - 2010-11-20 09:24 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
    2014-08-09 20:03 - 2010-11-20 09:24 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl
    2014-08-09 20:03 - 2010-11-20 09:24 - 00474112 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
    2014-08-09 20:03 - 2010-11-20 09:24 - 00373248 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
    2014-08-09 20:03 - 2010-11-20 09:24 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl
    2014-08-09 20:03 - 2010-11-20 09:24 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr
    2014-08-09 20:03 - 2010-11-20 09:24 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
    2014-08-09 20:03 - 2010-11-20 09:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
    2014-08-09 20:03 - 2010-11-20 09:24 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr
    2014-08-09 20:03 - 2010-11-20 09:24 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr
    2014-08-09 20:03 - 2010-11-20 09:24 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
    2014-08-09 20:03 - 2010-11-20 09:24 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
    2014-08-09 20:03 - 2010-11-20 09:24 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\iscsicli.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
    2014-08-09 20:03 - 2010-11-20 09:24 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl
    2014-08-09 20:03 - 2010-11-20 09:24 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax
    2014-08-09 20:03 - 2010-11-20 09:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax
    2014-08-09 20:03 - 2010-11-20 09:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\isoburn.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00071168 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax
    2014-08-09 20:03 - 2010-11-20 09:24 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\djoin.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax
    2014-08-09 20:03 - 2010-11-20 09:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax
    2014-08-09 20:03 - 2010-11-20 09:24 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\choice.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\FXSUNATD.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
    2014-08-09 20:03 - 2010-11-20 09:24 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
    2014-08-09 20:03 - 2010-11-20 09:15 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
    2014-08-09 20:03 - 2010-11-20 09:14 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll
    2014-08-09 20:03 - 2010-11-20 09:13 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll
    2014-08-09 20:03 - 2010-11-20 09:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
    2014-08-09 20:03 - 2010-11-20 09:12 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\pifmgr.dll
    2014-08-09 20:03 - 2010-11-20 09:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
    2014-08-09 20:03 - 2010-11-20 09:09 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\vmbusres.dll
    2014-08-09 20:03 - 2010-11-20 09:09 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\vmstorfltres.dll
    2014-08-09 20:03 - 2010-11-20 09:02 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
    2014-08-09 20:03 - 2010-11-20 09:02 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
    2014-08-09 20:03 - 2010-11-20 09:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUQ.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUF.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDSG.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\kbdlk41a.dll
    2014-08-09 20:03 - 2010-11-20 09:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDGKL.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDCZ1.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDSF.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDPO.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDNEPR.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTAM.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDINBEN.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDGR1.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDUS.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDUGHR1.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTURME.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAJIK.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDMON.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDMAORI.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDLT1.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTEL.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINORI.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINMAR.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINKAN.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINHIN.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBULG.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBLR.DLL
    2014-08-09 20:03 - 2010-11-20 09:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGEO.DLL
    2014-08-09 20:03 - 2010-11-20 08:54 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\BlbEvents.dll
    2014-08-09 20:03 - 2010-11-20 08:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
    2014-08-09 20:03 - 2010-11-20 08:36 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPHLPR.DLL
    2014-08-09 20:03 - 2010-11-20 08:36 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPCRYPT.DLL
    2014-08-09 20:03 - 2010-11-20 08:21 - 02202624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsCpl.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 02157568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 01326592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanpref.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 01227776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 01003008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00933376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vault.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00902656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
    2014-08-09 20:03 - 2010-11-20 08:21 - 00755200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
    2014-08-09 20:03 - 2010-11-20 08:21 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00638976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00616960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00600064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
    2014-08-09 20:03 - 2010-11-20 08:21 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmdev.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmnet.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00428544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shwebsvc.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00416768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadefui.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00410112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00406528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00372224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\termmgr.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlcese30.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wavemsp.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdwcn.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdscore.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpsrcwp.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vdsbas.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syncui.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remotepg.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twext.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpps.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiavideo.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppinst.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QUTIL.DLL
    2014-08-09 20:03 - 2010-11-20 08:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountControlSettings.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdmat.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vfwwdm32.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpd3d.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcRtRemote.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wtsapi32.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimgvw.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\utildll.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vpnikeapi.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TRAPI.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdprefdrvapi.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shgina.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sisbkup.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schedcli.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syssetup.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshirda.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shunimpl.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched32.dll
    2014-08-09 20:03 - 2010-11-20 08:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
    2014-08-09 20:03 - 2010-11-20 08:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 02130944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\networkmap.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 01661440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\networkexplorer.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 01644032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 01111552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\onexui.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00859648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00600576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PerfCenterCPL.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceStatus.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnfldr.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshipsec.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdv.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OnLineIDCpl.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00190976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qcap.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00183296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceSyncProvider.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netjoin.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mydocs.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prntvpt.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
    2014-08-09 20:03 - 2010-11-20 08:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nci.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olethk32.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QCLIPROV.DLL
    2014-08-09 20:03 - 2010-11-20 08:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\napdsnap.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptui.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netutils.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfts.dll
    2014-08-09 20:03 - 2010-11-20 08:20 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallControlPanel.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00592384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localsec.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxclu.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MediaMetadataHandler.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAC3ENC.DLL
    2014-08-09 20:03 - 2010-11-20 08:19 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iTVData.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstask.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprapi.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvfw32.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fphc.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\SysWOW64\fms.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00082944 _____ (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetmib1.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\luainstall.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciqtz32.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\httpapi.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdmo.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lsmproxy.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
    2014-08-09 20:03 - 2010-11-20 08:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 03727872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\accessibilitycpl.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DxpTaskSync.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 01040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 01003520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00744448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00743424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00685056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsuiext.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00537600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00438272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroleui.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpx.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodev.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\defaultlocationcpl.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairingFolder.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\activeds.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dskquoui.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsldp.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoplay.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EhStorAPI.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscmmc.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3cfg.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabinet.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\amstream.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cca.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertPolEng.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsauth.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzSqlExt.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elsTrans.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bitsperf.dll
    2014-08-09 20:03 - 2010-11-20 08:18 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_ISCII.DLL
    2014-08-09 20:03 - 2010-11-20 08:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browseui.dll
    2014-08-09 20:03 - 2010-11-20 08:17 - 00586752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimserv.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eudcedit.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00276480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskraid.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sethc.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskmgr.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetup.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsicli.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mobsync.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00098816 _____ (Microsoft) C:\Windows\SysWOW64\Robocopy.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nslookup.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\isoburn.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmstp.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MuiUnattend.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
     
  16. norman

    norman Established Techie7 Member

    Continuing...

    2014-08-09 20:03 - 2010-11-20 08:17 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findstr.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\takeown.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzutil.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unlodctr.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userinit.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiougc.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
    2014-08-09 20:03 - 2010-11-20 08:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
    2014-08-09 20:03 - 2010-11-20 08:16 - 00878592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Bubbles.scr
    2014-08-09 20:03 - 2010-11-20 08:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
    2014-08-09 20:03 - 2010-11-20 08:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
    2014-08-09 20:03 - 2010-11-20 08:16 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\main.cpl
    2014-08-09 20:03 - 2010-11-20 08:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
    2014-08-09 20:03 - 2010-11-20 08:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
    2014-08-09 20:03 - 2010-11-20 08:16 - 00345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
    2014-08-09 20:03 - 2010-11-20 08:16 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysdm.cpl
    2014-08-09 20:03 - 2010-11-20 08:16 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ssText3d.scr
    2014-08-09 20:03 - 2010-11-20 08:16 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
    2014-08-09 20:03 - 2010-11-20 08:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mystify.scr
    2014-08-09 20:03 - 2010-11-20 08:16 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Ribbons.scr
    2014-08-09 20:03 - 2010-11-20 08:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
    2014-08-09 20:03 - 2010-11-20 08:16 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bitsadmin.exe
    2014-08-09 20:03 - 2010-11-20 08:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv
    2014-08-09 20:03 - 2010-11-20 08:16 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
    2014-08-09 20:03 - 2010-11-20 08:16 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
    2014-08-09 20:03 - 2010-11-20 08:16 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\desk.cpl
    2014-08-09 20:03 - 2010-11-20 08:16 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Kswdmcap.ax
    2014-08-09 20:03 - 2010-11-20 08:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kstvtune.ax
    2014-08-09 20:03 - 2010-11-20 08:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSTPager.ax
    2014-08-09 20:03 - 2010-11-20 08:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksxbar.ax
    2014-08-09 20:03 - 2010-11-20 08:16 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\g711codc.ax
    2014-08-09 20:03 - 2010-11-20 08:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbisurf.ax
    2014-08-09 20:03 - 2010-11-20 08:08 - 00119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
    2014-08-09 20:03 - 2010-11-20 08:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUQ.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUF.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDSG.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdlk41a.dll
    2014-08-09 20:03 - 2010-11-20 08:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGR1.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGKL.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDCZ1.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDSF.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDPO.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDNEPR.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTAM.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINORI.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINMAR.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINKAN.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINHIN.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINBEN.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDUS.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDUGHR1.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTURME.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAJIK.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDMON.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDMAORI.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDLT1.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTEL.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGEO.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBULG.DLL
    2014-08-09 20:03 - 2010-11-20 08:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBLR.DLL
    2014-08-09 20:03 - 2010-11-20 08:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
    2014-08-09 20:03 - 2010-11-20 08:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizres.dll
    2014-08-09 20:03 - 2010-11-20 08:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
    2014-08-09 20:03 - 2010-11-20 08:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pifmgr.dll
    2014-08-09 20:03 - 2010-11-20 08:00 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
    2014-08-09 20:03 - 2010-11-20 08:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
    2014-08-09 20:03 - 2010-11-20 07:37 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys
    2014-08-09 20:03 - 2010-11-20 07:06 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
    2014-08-09 20:03 - 2010-11-20 06:52 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
    2014-08-09 20:03 - 2010-11-20 06:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
    2014-08-09 20:03 - 2010-11-20 06:51 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
    2014-08-09 20:03 - 2010-11-20 06:50 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
    2014-08-09 20:03 - 2010-11-20 06:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
    2014-08-09 20:03 - 2010-11-20 06:44 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
    2014-08-09 20:03 - 2010-11-20 06:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys
    2014-08-09 20:03 - 2010-11-20 06:44 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
    2014-08-09 20:03 - 2010-11-20 06:43 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
    2014-08-09 20:03 - 2010-11-20 06:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
    2014-08-09 20:03 - 2010-11-20 06:34 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
    2014-08-09 20:03 - 2010-11-20 06:33 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys
    2014-08-09 20:03 - 2010-11-20 06:33 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
    2014-08-09 20:03 - 2010-11-20 06:14 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2014-08-09 20:03 - 2010-11-20 06:09 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
    2014-08-09 20:03 - 2010-11-20 06:04 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
    2014-08-09 20:03 - 2010-11-20 05:57 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\VmbusCoinstaller.dll
    2014-08-09 20:03 - 2010-11-20 05:57 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\VmdCoinstall.dll
    2014-08-09 20:03 - 2010-11-20 05:57 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
    2014-08-09 20:03 - 2010-11-20 05:57 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
    2014-08-09 20:03 - 2010-11-20 05:57 - 00021760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys
    2014-08-09 20:03 - 2010-11-20 05:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
    2014-08-09 20:03 - 2010-11-20 05:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys
    2014-08-09 20:03 - 2010-11-20 05:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys
    2014-08-09 20:03 - 2010-11-20 05:26 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
    2014-08-09 20:03 - 2010-11-20 05:22 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys
    2014-08-09 20:03 - 2010-11-20 05:19 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
    2014-08-09 20:03 - 2010-11-09 21:48 - 00010429 _____ () C:\Windows\system32\ScavengeSpace.xml
    2014-08-09 20:03 - 2010-11-04 22:20 - 00105559 _____ () C:\Windows\SysWOW64\RacRules.xml
    2014-08-09 20:03 - 2010-11-04 22:20 - 00105559 _____ () C:\Windows\system32\RacRules.xml
    2014-08-09 20:03 - 2010-11-04 22:11 - 00433512 _____ (Microsoft Corporation) C:\Windows\system32\MCEWMDRMNDBootstrap.dll
    2014-08-09 20:03 - 2010-11-04 22:11 - 00312168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCEWMDRMNDBootstrap.dll
    2014-08-09 20:03 - 2010-11-04 21:58 - 00080720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
    2014-08-09 20:02 - 2010-11-20 08:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemcomn.dll
    2014-08-09 20:02 - 2009-06-10 17:40 - 00146389 _____ () C:\Windows\SysWOW64\printmanagement.msc
    2014-08-09 20:02 - 2009-06-10 17:39 - 00001041 _____ () C:\Windows\SysWOW64\tcpbidi.xml
    2014-08-09 20:01 - 2014-08-09 20:01 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
    2014-08-09 20:01 - 2014-08-09 20:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
    2014-08-09 20:00 - 2014-08-14 20:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-08-09 20:00 - 2014-08-09 20:03 - 00000000 ____D () C:\Program Files\Microsoft Office
    2014-08-09 20:00 - 2014-08-09 20:00 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\Microsoft Help
    2014-08-09 20:00 - 2014-08-09 20:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
    2014-08-09 19:59 - 2014-08-09 19:59 - 00000000 ___RD () C:\MSOCache
    2014-08-09 19:58 - 2010-11-20 09:27 - 00529408 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll
    2014-08-09 19:37 - 2014-08-09 19:37 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
    2014-08-09 15:51 - 2014-08-09 19:37 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\NVIDIA Corporation
    2014-08-09 15:51 - 2014-08-09 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2014-08-09 15:51 - 2014-08-09 15:51 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
    2014-08-09 15:51 - 2014-07-25 10:01 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
    2014-08-09 15:51 - 2014-07-25 10:01 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
    2014-08-09 15:51 - 2014-07-25 10:01 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
    2014-08-09 15:51 - 2014-07-25 10:01 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
    2014-08-09 15:51 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
    2014-08-09 15:51 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
    2014-08-09 15:51 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
    2014-08-09 15:51 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
    2014-08-09 15:51 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
    2014-08-09 15:51 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
    2014-08-09 15:50 - 2014-07-02 13:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
    2014-08-09 15:49 - 2014-08-11 22:02 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
    2014-08-09 15:45 - 2014-07-02 17:29 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
    2014-08-09 15:45 - 2014-07-02 17:29 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
    2014-08-09 15:45 - 2014-07-02 17:29 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 18626304 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
    2014-08-09 15:45 - 2014-07-02 16:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 02814656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
    2014-08-09 15:45 - 2014-07-02 16:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
    2014-08-09 15:45 - 2014-03-31 12:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
    2014-08-09 15:45 - 2014-03-31 12:42 - 00037320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
    2014-08-09 15:45 - 2014-03-31 12:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
    2014-08-09 15:38 - 2014-08-09 19:38 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\NVIDIA
    2014-08-09 15:00 - 2014-08-14 18:31 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-08-09 15:00 - 2014-08-14 18:17 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\Google
    2014-08-09 15:00 - 2014-08-09 15:00 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\Deployment
    2014-08-09 15:00 - 2014-08-09 15:00 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\Apps\2.0
    2014-08-09 14:53 - 2014-08-16 20:49 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\HpUpdate
    2014-08-09 14:53 - 2014-08-09 14:53 - 00003668 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series
    2014-08-09 14:53 - 2014-08-09 14:53 - 00002272 _____ () C:\Users\Public\Desktop\HP Deskjet 1050 J410 series.lnk
    2014-08-09 14:53 - 2014-08-09 14:53 - 00001995 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk
    2014-08-09 14:53 - 2014-08-09 14:53 - 00001194 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 1050 J410 series.lnk
    2014-08-09 14:53 - 2014-08-09 14:53 - 00000000 ____D () C:\ProgramData\Visan
    2014-08-09 14:53 - 2014-08-09 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
    2014-08-09 14:53 - 2014-08-09 14:53 - 00000000 ____D () C:\ProgramData\HP Photo Creations
    2014-08-09 14:53 - 2014-08-09 14:53 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations
    2014-08-09 14:52 - 2014-08-10 17:54 - 00111520 _____ () C:\Users\Norman Norris\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-08-09 14:52 - 2014-08-09 14:54 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\HP
    2014-08-09 14:52 - 2014-08-09 14:53 - 00000000 ____D () C:\Program Files (x86)\HP
    2014-08-09 14:52 - 2014-08-09 14:52 - 00000057 _____ () C:\ProgramData\Ament.ini
    2014-08-09 14:52 - 2014-08-09 14:52 - 00000000 ____D () C:\ProgramData\HP
    2014-08-09 14:52 - 2014-08-09 14:52 - 00000000 ____D () C:\Program Files\HP
    2014-08-09 14:43 - 2012-07-26 00:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
    2014-08-09 14:43 - 2012-07-25 22:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
    2014-08-09 14:43 - 2012-06-02 10:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
    2014-08-09 14:38 - 2014-08-14 20:47 - 00000000 ____D () C:\Windows\system32\MRT
    2014-08-09 14:38 - 2014-08-14 20:46 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-08-09 14:30 - 2014-08-09 14:31 - 00003733 _____ () C:\Windows\IE9_main.log
    2014-08-09 14:22 - 2012-07-25 23:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
    2014-08-09 14:22 - 2012-07-25 23:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
    2014-08-09 14:22 - 2012-07-25 23:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
    2014-08-09 14:22 - 2012-07-25 23:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
    2014-08-09 14:22 - 2012-07-25 23:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
    2014-08-09 14:22 - 2012-07-25 22:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
    2014-08-09 14:22 - 2012-07-25 22:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
    2014-08-09 14:22 - 2012-06-02 10:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
    2014-08-09 14:20 - 2014-07-02 06:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
    2014-08-09 14:20 - 2014-03-04 09:05 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2014-08-09 14:18 - 2012-03-01 02:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
    2014-08-09 14:18 - 2012-03-01 02:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
    2014-08-09 14:18 - 2012-03-01 01:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
    2014-08-09 14:13 - 2012-12-07 09:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
    2014-08-09 14:13 - 2012-12-07 09:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
    2014-08-09 14:13 - 2012-12-07 08:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
    2014-08-09 14:13 - 2012-12-07 08:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
    2014-08-09 14:13 - 2012-12-07 07:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
    2014-08-09 14:13 - 2012-12-07 07:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
    2014-08-09 14:13 - 2012-12-07 07:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
    2014-08-09 14:13 - 2012-12-07 07:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
    2014-08-09 14:13 - 2012-12-07 07:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
    2014-08-09 14:13 - 2012-12-07 07:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
    2014-08-09 14:13 - 2012-12-07 07:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
    2014-08-09 14:13 - 2012-12-07 07:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
    2014-08-09 14:13 - 2012-12-07 07:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
    2014-08-09 14:13 - 2012-12-07 07:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
    2014-08-09 14:13 - 2012-12-07 07:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
    2014-08-09 14:13 - 2012-12-07 07:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
    2014-08-09 14:13 - 2012-12-07 07:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
    2014-08-09 14:13 - 2012-12-07 07:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
    2014-08-09 14:13 - 2012-12-07 06:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
    2014-08-09 14:13 - 2012-12-07 06:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
    2014-08-09 14:13 - 2012-12-07 06:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
    2014-08-09 14:13 - 2012-12-07 06:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
    2014-08-09 14:13 - 2012-12-07 06:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
    2014-08-09 14:13 - 2012-12-07 06:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
    2014-08-09 14:13 - 2012-12-07 06:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
    2014-08-09 14:13 - 2012-12-07 06:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
    2014-08-09 14:13 - 2012-12-07 06:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
    2014-08-09 14:13 - 2012-12-07 06:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
    2014-08-09 14:13 - 2012-12-07 06:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
    2014-08-09 14:13 - 2012-12-07 06:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
    2014-08-09 14:13 - 2012-12-07 06:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
    2014-08-09 14:13 - 2012-12-07 06:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
     
  17. norman

    norman Established Techie7 Member

    Continuing...

    2014-08-09 14:13 - 2012-01-04 06:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
    2014-08-09 14:13 - 2012-01-04 04:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
    2014-08-09 14:13 - 2011-05-04 01:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
    2014-08-09 14:13 - 2011-05-04 01:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
    2014-08-09 14:13 - 2011-05-04 01:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
    2014-08-09 14:13 - 2011-05-04 01:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
    2014-08-09 14:13 - 2011-05-04 01:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
    2014-08-09 14:13 - 2011-05-04 01:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
    2014-08-09 14:13 - 2011-05-04 01:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
    2014-08-09 14:13 - 2011-05-04 01:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
    2014-08-09 14:13 - 2011-05-04 01:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
    2014-08-09 14:13 - 2011-05-04 00:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
    2014-08-09 14:13 - 2011-05-04 00:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
    2014-08-09 14:13 - 2011-05-04 00:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
    2014-08-09 14:13 - 2011-05-04 00:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
    2014-08-09 14:13 - 2011-05-04 00:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
    2014-08-09 14:13 - 2011-05-04 00:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
    2014-08-09 14:13 - 2011-05-04 00:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
    2014-08-09 14:13 - 2011-05-04 00:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
    2014-08-09 14:13 - 2011-05-04 00:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
    2014-08-09 14:12 - 2013-01-24 02:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
    2014-08-09 14:12 - 2012-05-05 04:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2014-08-09 14:12 - 2012-05-05 03:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2014-08-09 14:12 - 2012-05-01 01:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2014-08-09 14:12 - 2011-12-30 02:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
    2014-08-09 14:12 - 2011-12-30 01:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
    2014-08-09 14:12 - 2011-11-17 02:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
    2014-08-09 14:12 - 2011-11-17 01:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
    2014-08-09 14:12 - 2011-10-26 01:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
    2014-08-09 14:12 - 2011-10-26 01:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2014-08-09 14:12 - 2011-10-26 00:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
    2014-08-09 14:12 - 2011-10-26 00:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
    2014-08-09 14:12 - 2011-07-08 22:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2014-08-09 14:12 - 2011-06-16 01:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
    2014-08-09 14:12 - 2011-06-16 00:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
    2014-08-09 14:12 - 2011-06-15 06:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
    2014-08-09 14:12 - 2011-06-15 06:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
    2014-08-09 14:12 - 2011-06-15 06:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
    2014-08-09 14:12 - 2011-06-15 06:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
    2014-08-09 14:12 - 2011-06-15 04:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
    2014-08-09 14:12 - 2011-06-15 04:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
    2014-08-09 14:12 - 2011-06-15 04:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
    2014-08-09 14:12 - 2011-06-15 04:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
    2014-08-09 14:12 - 2011-06-15 04:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
    2014-08-09 14:12 - 2011-04-28 23:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
    2014-08-09 14:12 - 2011-04-28 23:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2014-08-09 14:12 - 2011-04-28 23:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2014-08-09 14:12 - 2011-04-26 22:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2014-08-09 14:12 - 2011-04-26 22:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2014-08-09 14:12 - 2011-04-09 02:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2014-08-09 14:12 - 2011-04-09 01:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2014-08-09 14:12 - 2011-03-11 02:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
    2014-08-09 14:12 - 2011-03-11 02:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
    2014-08-09 14:12 - 2011-03-11 01:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
    2014-08-09 14:12 - 2011-03-11 01:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
    2014-08-09 14:12 - 2011-03-03 02:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
    2014-08-09 14:12 - 2011-03-03 02:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
    2014-08-09 14:12 - 2011-03-03 02:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
    2014-08-09 14:12 - 2011-03-03 01:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
    2014-08-09 14:12 - 2011-03-03 01:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
    2014-08-09 14:12 - 2011-02-18 06:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
    2014-08-09 14:12 - 2011-02-18 01:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
    2014-08-09 14:12 - 2010-12-23 06:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
    2014-08-09 14:12 - 2010-12-23 06:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
    2014-08-09 14:12 - 2010-12-23 06:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
    2014-08-09 14:12 - 2010-12-23 01:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
    2014-08-09 14:12 - 2010-12-23 01:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
    2014-08-09 14:12 - 2010-12-23 01:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
    2014-08-09 14:12 - 2010-11-20 09:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\profprov.dll
    2014-08-09 14:12 - 2010-11-20 09:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2014-08-09 14:11 - 2013-02-12 00:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
    2014-08-09 14:11 - 2012-11-02 01:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
    2014-08-09 14:11 - 2012-11-02 01:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
    2014-08-09 14:11 - 2012-09-25 18:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
    2014-08-09 14:11 - 2012-09-25 18:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
    2014-08-09 14:11 - 2012-07-04 18:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
    2014-08-09 14:11 - 2012-07-04 18:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
    2014-08-09 14:11 - 2012-07-04 18:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
    2014-08-09 14:11 - 2012-07-04 17:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
    2014-08-09 14:11 - 2012-07-04 17:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
    2014-08-09 14:11 - 2012-06-06 02:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
    2014-08-09 14:11 - 2012-06-06 01:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
    2014-08-09 14:11 - 2012-05-14 01:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2014-08-09 14:11 - 2012-04-27 23:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
    2014-08-09 14:11 - 2012-04-26 01:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
    2014-08-09 14:11 - 2012-04-26 01:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
    2014-08-09 14:11 - 2012-04-26 01:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
    2014-08-09 14:11 - 2012-03-17 03:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
    2014-08-09 14:11 - 2011-10-15 02:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
    2014-08-09 14:11 - 2011-10-15 01:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
    2014-08-09 14:11 - 2011-08-27 01:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
    2014-08-09 14:11 - 2011-08-27 01:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
    2014-08-09 14:11 - 2011-08-27 00:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
    2014-08-09 14:11 - 2011-08-27 00:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
    2014-08-09 14:11 - 2011-08-17 01:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
    2014-08-09 14:11 - 2011-08-17 01:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
    2014-08-09 14:11 - 2011-08-17 00:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
    2014-08-09 14:11 - 2011-08-17 00:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
    2014-08-09 14:11 - 2011-05-24 07:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
    2014-08-09 14:11 - 2011-05-24 06:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
    2014-08-09 14:11 - 2011-05-24 06:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
    2014-08-09 14:11 - 2011-05-24 06:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
    2014-08-09 14:11 - 2011-05-24 06:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
    2014-08-09 14:11 - 2011-05-03 01:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2014-08-09 14:11 - 2011-05-03 00:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2014-08-09 14:11 - 2011-02-23 00:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
    2014-08-09 14:11 - 2011-02-12 07:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
    2014-08-09 14:11 - 2011-02-05 13:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2014-08-09 14:11 - 2011-02-05 13:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
    2014-08-09 14:11 - 2011-02-05 13:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
    2014-08-09 14:11 - 2011-02-05 13:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
    2014-08-09 14:11 - 2011-02-05 13:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2014-08-09 14:11 - 2011-02-05 13:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2014-08-09 14:11 - 2011-02-05 13:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
    2014-08-09 14:11 - 2010-11-20 09:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2014-08-09 14:11 - 2010-11-20 09:25 - 00974336 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe
    2014-08-09 14:11 - 2010-11-20 09:25 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll
    2014-08-09 14:11 - 2010-11-20 09:24 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
    2014-08-09 14:11 - 2010-11-20 09:24 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
    2014-08-09 14:11 - 2010-11-20 09:24 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
    2014-08-09 14:11 - 2010-11-20 08:58 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
    2014-08-09 14:11 - 2010-11-20 08:16 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
    2014-08-09 14:11 - 2010-11-20 08:16 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
    2014-08-09 14:11 - 2010-11-20 08:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
    2014-08-09 14:11 - 2010-11-20 07:57 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
    2014-08-09 14:03 - 2011-12-16 04:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
    2014-08-09 14:03 - 2011-12-16 03:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
    2014-08-09 13:58 - 2011-11-19 10:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2014-08-09 13:58 - 2011-11-19 10:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
    2014-08-09 13:39 - 2014-08-17 17:13 - 00000000 ____D () C:\ProgramData\NVIDIA
    2014-08-09 13:39 - 2014-08-09 15:44 - 00000000 ____D () C:\NVIDIA
    2014-08-09 13:39 - 2014-08-09 12:51 - 00000000 ____D () C:\Windows\Panther
    2014-08-09 13:39 - 2010-06-21 18:07 - 00255592 _____ (NVIDIA Corporation) C:\Windows\system32\nvcohda6.dll
    2014-08-09 13:38 - 2014-08-09 19:37 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
    2014-08-09 13:38 - 2014-08-09 15:51 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
    2014-08-09 13:38 - 2014-08-09 15:51 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
    2014-08-09 13:38 - 2014-07-02 16:48 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
    2014-08-09 13:31 - 2014-08-05 09:20 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2014-08-09 13:17 - 2014-08-09 13:17 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Creative
    2014-08-09 13:17 - 2014-08-09 13:17 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\Creative
    2014-08-09 13:12 - 2006-10-06 14:17 - 00053248 ____N (Creative Technology Ltd ) C:\Windows\Ctregrun.exe
    2014-08-09 13:12 - 2000-05-22 16:58 - 00647872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Mscomct2.ocx
    2014-08-09 13:07 - 2014-08-17 17:13 - 00260962 _____ () C:\Windows\PFRO.log
    2014-08-09 13:00 - 2014-08-09 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
    2014-08-09 13:00 - 2014-08-09 13:00 - 00419840 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
    2014-08-09 13:00 - 2014-08-09 13:00 - 00413696 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
    2014-08-09 13:00 - 2014-08-09 13:00 - 00133632 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
    2014-08-09 13:00 - 2014-08-09 13:00 - 00110592 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
    2014-08-09 13:00 - 2014-08-09 13:00 - 00000000 ___HD () C:\Program Files (x86)\Creative Installation Information
    2014-08-09 13:00 - 2009-04-02 11:38 - 01908736 ____N (Creative) C:\Windows\system32\Sens_oal.dll
    2014-08-09 13:00 - 2009-04-02 11:33 - 02873820 ____N (Creative) C:\Windows\SysWOW64\Sens_oal.dll
    2014-08-09 13:00 - 2003-06-12 23:25 - 00007062 _____ () C:\Windows\SysWOW64\audiopid.vxd
    2014-08-09 12:59 - 2014-08-09 13:12 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-08-09 12:59 - 2014-08-09 13:12 - 00000000 ____D () C:\Program Files (x86)\Creative
    2014-08-09 12:59 - 2014-08-09 13:00 - 00000000 ____D () C:\Program Files\Creative
    2014-08-09 12:55 - 2014-08-09 13:12 - 00000000 ____D () C:\ProgramData\Creative
    2014-08-09 12:55 - 2014-08-09 12:55 - 00000159 ___RH () C:\Windows\ctfile.rfc
    2014-08-09 12:55 - 2012-02-17 02:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
    2014-08-09 12:55 - 2012-02-17 01:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
    2014-08-09 12:55 - 2012-02-17 00:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
    2014-08-09 12:55 - 2009-07-10 09:09 - 00214528 _____ () C:\Windows\system32\APOMgr64.DLL
    2014-08-09 12:55 - 2009-07-10 09:07 - 00166912 _____ () C:\Windows\SysWOW64\APOMngr.DLL
    2014-08-09 12:55 - 2009-02-06 18:53 - 00089088 _____ () C:\Windows\system32\CmdRtr64.DLL
    2014-08-09 12:55 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
    2014-08-09 12:52 - 2012-06-02 18:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2014-08-09 12:52 - 2012-06-02 18:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2014-08-09 12:52 - 2012-06-02 18:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2014-08-09 12:52 - 2012-06-02 18:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2014-08-09 12:52 - 2012-06-02 18:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2014-08-09 12:52 - 2012-06-02 18:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2014-08-09 12:52 - 2012-06-02 18:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2014-08-09 12:51 - 2014-08-10 19:27 - 00001417 _____ () C:\Users\Norman Norris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2014-08-09 12:51 - 2014-08-09 12:59 - 00000000 ____D () C:\Users\Norman Norris
    2014-08-09 12:51 - 2014-08-09 12:51 - 00000020 ___SH () C:\Users\Norman Norris\ntuser.ini
    2014-08-09 12:51 - 2014-08-09 12:51 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\VirtualStore
    2014-08-09 12:51 - 2014-08-09 12:51 - 00000000 ____D () C:\Recovery
    2014-08-09 12:51 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2014-08-09 12:51 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2014-08-09 12:51 - 2009-07-14 00:54 - 00000000 ___RD () C:\Users\Norman Norris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2014-08-09 12:51 - 2009-07-14 00:49 - 00000000 ___RD () C:\Users\Norman Norris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2014-08-09 12:49 - 2014-08-17 17:17 - 01107063 _____ () C:\Windows\WindowsUpdate.log
    2014-08-09 12:43 - 2014-08-09 12:43 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
    2014-08-09 12:43 - 2014-08-09 12:43 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
    2014-08-09 12:43 - 2014-08-09 12:43 - 00001313 _____ () C:\Windows\TSSysprep.log
    2014-08-09 12:41 - 2014-08-09 12:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-08-17 17:28 - 2014-08-17 17:27 - 00011533 _____ () C:\Users\Norman Norris\Desktop\FRST.txt
    2014-08-17 17:27 - 2014-08-17 17:27 - 00000000 ____D () C:\FRST
    2014-08-17 17:27 - 2014-08-17 17:26 - 02101760 _____ (Farbar) C:\Users\Norman Norris\Desktop\FRST64.exe
    2014-08-17 17:25 - 2014-08-17 17:25 - 00000637 _____ () C:\Users\Norman Norris\Desktop\JRT.txt
    2014-08-17 17:21 - 2009-07-14 00:45 - 00020576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-08-17 17:21 - 2009-07-14 00:45 - 00020576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-08-17 17:20 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-08-17 17:17 - 2014-08-17 17:17 - 00000000 ____D () C:\Windows\ERUNT
    2014-08-17 17:17 - 2014-08-09 12:49 - 01107063 _____ () C:\Windows\WindowsUpdate.log
    2014-08-17 17:16 - 2014-08-17 17:16 - 01016261 _____ (Thisisu) C:\Users\Norman Norris\Desktop\JRT.exe
    2014-08-17 17:16 - 2014-08-09 20:18 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
    2014-08-17 17:14 - 2014-08-17 17:14 - 00006996 _____ () C:\Users\Norman Norris\Desktop\AdwCleaner[S0].txt
    2014-08-17 17:13 - 2014-08-09 13:39 - 00000000 ____D () C:\ProgramData\NVIDIA
    2014-08-17 17:13 - 2014-08-09 13:07 - 00260962 _____ () C:\Windows\PFRO.log
    2014-08-17 17:13 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-08-17 17:13 - 2009-07-14 00:51 - 00025645 _____ () C:\Windows\setupact.log
    2014-08-17 17:12 - 2014-08-17 17:11 - 00000000 ____D () C:\AdwCleaner
    2014-08-17 17:10 - 2014-08-17 17:10 - 01361671 _____ () C:\Users\Norman Norris\Desktop\adwcleaner_3.307.exe
    2014-08-17 16:30 - 2014-08-17 13:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-08-17 13:35 - 2009-07-14 00:45 - 00442192 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-08-17 13:18 - 2014-08-17 13:18 - 00026522 _____ () C:\ComboFix.txt
    2014-08-17 13:18 - 2014-08-17 13:07 - 00000000 ____D () C:\Qoobox
    2014-08-17 13:18 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
    2014-08-17 13:16 - 2014-08-17 13:07 - 00000000 ____D () C:\Windows\erdnt
    2014-08-17 13:16 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
    2014-08-17 13:06 - 2014-08-17 13:05 - 05572035 ____R (Swearware) C:\Users\Norman Norris\Desktop\ComboFix.exe
    2014-08-17 13:01 - 2014-08-17 13:01 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-08-17 13:01 - 2014-08-10 18:17 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-08-17 13:01 - 2014-08-10 18:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-08-17 12:49 - 2014-08-10 00:01 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2014-08-16 22:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
    2014-08-16 21:44 - 2014-08-16 21:06 - 00000000 ____D () C:\Users\Norman Norris\Desktop\mbar
    2014-08-16 21:44 - 2014-08-16 21:06 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2014-08-16 21:06 - 2014-08-14 21:27 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-08-16 21:06 - 2014-08-14 21:27 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-08-16 21:05 - 2014-08-16 21:05 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Norman Norris\Desktop\mbar-1.07.0.1012.exe
    2014-08-16 20:59 - 2014-08-16 20:59 - 00005207 _____ () C:\Users\Norman Norris\Desktop\RKreport.txt
    2014-08-16 20:50 - 2014-08-16 20:50 - 00033512 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
    2014-08-16 20:50 - 2014-08-16 20:50 - 00000000 ____D () C:\ProgramData\RogueKiller
    2014-08-16 20:49 - 2014-08-16 20:49 - 04851288 _____ () C:\Users\Norman Norris\Desktop\RogueKiller.exe
    2014-08-16 20:49 - 2014-08-09 14:53 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\HpUpdate
    2014-08-14 23:34 - 2014-08-14 23:34 - 00503448 _____ () C:\Windows\Minidump\081414-34273-01.dmp
    2014-08-14 23:34 - 2014-08-14 23:34 - 00000000 ____D () C:\Windows\Minidump
    2014-08-14 23:33 - 2014-08-14 23:33 - 463666837 _____ () C:\Windows\MEMORY.DMP
    2014-08-14 23:32 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\LiveKernelReports
    2014-08-14 21:44 - 2014-08-14 21:43 - 00032168 _____ () C:\Users\Norman Norris\Desktop\dds.txt
    2014-08-14 21:43 - 2014-08-14 21:43 - 00015347 _____ () C:\Users\Norman Norris\Desktop\attach.txt
    2014-08-14 21:41 - 2014-08-14 21:41 - 00688992 ____R (Swearware) C:\Users\Norman Norris\Desktop\dds.com
    2014-08-14 21:27 - 2014-08-14 21:27 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-08-14 21:27 - 2014-08-14 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-08-14 21:27 - 2014-08-14 21:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-08-14 21:27 - 2014-08-14 21:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-08-14 20:55 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-08-14 20:53 - 2014-08-09 20:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-08-14 20:47 - 2014-08-09 14:38 - 00000000 ____D () C:\Windows\system32\MRT
    2014-08-14 20:46 - 2014-08-09 14:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-08-14 20:45 - 2014-08-09 20:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2014-08-14 18:32 - 2014-08-14 18:31 - 00000155 _____ () C:\Windows\Reimage.ini
    2014-08-14 18:31 - 2014-08-09 15:00 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-08-14 18:21 - 2014-08-14 18:21 - 00000929 _____ () C:\Users\Norman Norris\Desktop\PDF Reader for Windows 8.lnk
    2014-08-14 18:21 - 2014-08-14 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Reader for Windows 8
    2014-08-14 18:21 - 2014-08-14 18:21 - 00000000 ____D () C:\Program Files\PDF Reader for Windows 8
    2014-08-14 18:17 - 2014-08-09 15:00 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\Google
    2014-08-14 17:34 - 2014-08-14 17:30 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\Sparta
    2014-08-14 17:31 - 2014-08-14 17:31 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\sparta111
    2014-08-14 17:30 - 2014-08-14 17:30 - 00862064 _____ ( ) C:\Users\Norman Norris\Downloads\Adobe_Reader_Setup (1).exe
    2014-08-14 17:30 - 2014-08-14 17:30 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\StormFall
    2014-08-14 17:30 - 2014-08-14 17:30 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\StormFall
    2014-08-14 17:29 - 2014-08-14 17:29 - 74696576 _____ (Adobe Systems Incorporated) C:\Users\Norman Norris\Downloads\AdbeRdr11007_en_US.exe
    2014-08-14 17:28 - 2014-08-14 17:28 - 00862064 _____ ( ) C:\Users\Norman Norris\Downloads\Adobe_Reader_Setup.exe
    2014-08-11 22:02 - 2014-08-09 15:49 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
    2014-08-11 21:59 - 2014-08-09 21:07 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\uTorrent
    2014-08-11 21:58 - 2014-08-11 20:36 - 00000000 ____D () C:\Users\Norman Norris\Downloads\The.Trials.of.Cate.McCall.2013.1080p.BluRay.AAC.x264-tomcat12[ETRG]
    2014-08-11 21:09 - 2014-08-09 22:58 - 00000000 ____D () C:\Users\Norman Norris\Documents\ConvertXtoDVD
    2014-08-11 20:35 - 2014-08-11 20:35 - 00013480 _____ () C:\Users\Norman Norris\Downloads\[kickass.to]the.trials.of.cate.mccall.2013.1080p.bluray.aac.x264.tomcat12.etrg.torrent
    2014-08-11 19:41 - 2009-07-14 03:46 - 00000000 ____D () C:\Program Files\Windows Journal
    2014-08-10 19:39 - 2014-08-10 19:39 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
    2014-08-10 19:35 - 2014-08-10 19:35 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\Oracle
    2014-08-10 19:34 - 2014-08-10 19:34 - 00000000 ____D () C:\ProgramData\Sun
    2014-08-10 19:34 - 2014-08-10 19:34 - 00000000 ____D () C:\ProgramData\Oracle
    2014-08-10 19:33 - 2014-08-10 19:33 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-08-10 19:33 - 2014-08-10 19:33 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-08-10 19:33 - 2014-08-10 19:33 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-08-10 19:33 - 2014-08-10 19:33 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-08-10 19:33 - 2014-08-10 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2014-08-10 19:33 - 2014-08-10 19:33 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-08-10 19:28 - 2014-08-10 19:28 - 00000000 __SHD () C:\Users\Norman Norris\AppData\Local\EmieUserList
    2014-08-10 19:28 - 2014-08-10 19:28 - 00000000 __SHD () C:\Users\Norman Norris\AppData\Local\EmieSiteList
    2014-08-10 19:27 - 2014-08-09 12:51 - 00001417 _____ () C:\Users\Norman Norris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2014-08-10 19:24 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    2014-08-10 19:17 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Defender
    2014-08-10 19:17 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
    2014-08-10 19:17 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
    2014-08-10 19:17 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
    2014-08-10 19:17 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
    2014-08-10 19:17 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\zh-HK
    2014-08-10 19:17 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\tr-TR
    2014-08-10 19:17 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
    2014-08-10 19:15 - 2014-08-10 19:15 - 00000000 ___HD () C:\Windows\msdownld.tmp
    2014-08-10 19:15 - 2014-08-10 19:04 - 00015386 _____ () C:\Windows\IE11_main.log
    2014-08-10 19:11 - 2014-08-10 19:11 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2014-08-10 19:11 - 2014-08-10 19:11 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
    2014-08-10 19:11 - 2014-08-10 19:11 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-08-10 19:11 - 2014-08-10 19:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2014-08-10 19:11 - 2014-08-10 19:11 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2014-08-10 19:11 - 2014-08-10 19:11 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2014-08-10 19:11 - 2014-08-10 19:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2014-08-10 19:11 - 2014-08-10 19:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2014-08-10 19:11 - 2014-08-10 19:11 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2014-08-10 19:07 - 2014-08-10 19:07 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2014-08-10 19:07 - 2014-08-10 19:07 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2014-08-10 18:17 - 2014-08-10 18:17 - 00000000 ___HD () C:\Windows\AxInstSV
    2014-08-10 18:17 - 2014-08-10 18:17 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
    2014-08-10 18:17 - 2014-08-10 18:17 - 00000000 ____D () C:\Windows\system32\Macromed
    2014-08-10 17:54 - 2014-08-09 14:52 - 00111520 _____ () C:\Users\Norman Norris\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-08-10 17:40 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
    2014-08-10 17:30 - 2009-07-14 03:46 - 00000000 __SHD () C:\Windows\BitLockerDiscoveryVolumeContents
    2014-08-10 17:30 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
    2014-08-10 17:30 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
    2014-08-10 17:30 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
    2014-08-10 17:30 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files\DVD Maker
    2014-08-10 17:30 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
    2014-08-10 17:30 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
    2014-08-10 17:30 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
    2014-08-10 17:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
    2014-08-10 17:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
    2014-08-10 17:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
    2014-08-10 17:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
    2014-08-10 17:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
    2014-08-10 17:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
    2014-08-10 17:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sppui
    2014-08-10 17:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Setup
    2014-08-10 17:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\oobe
    2014-08-10 17:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\migwiz
    2014-08-10 17:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\manifeststore
    2014-08-10 17:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
    2014-08-10 17:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\servicing
    2014-08-10 17:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
    2014-08-10 17:26 - 2009-07-13 22:36 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
    2014-08-10 17:26 - 2009-07-13 22:36 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
    2014-08-10 17:16 - 2014-08-09 20:18 - 00000000 ____D () C:\Windows\AutoKMS
    2014-08-10 01:23 - 2009-07-13 22:34 - 00000478 _____ () C:\Windows\win.ini
    2014-08-10 01:20 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
    2014-08-10 01:06 - 2014-08-10 01:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-08-10 00:59 - 2014-08-10 00:59 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
    2014-08-10 00:59 - 2014-08-10 00:59 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
    2014-08-10 00:02 - 2014-08-10 00:02 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\AVAST Software
    2014-08-10 00:01 - 2014-08-10 00:01 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
    2014-08-10 00:01 - 2014-08-10 00:01 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
    2014-08-10 00:01 - 2014-08-10 00:01 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2014-08-10 00:01 - 2014-08-10 00:01 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
    2014-08-10 00:01 - 2014-08-10 00:01 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2014-08-10 00:01 - 2014-08-10 00:01 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2014-08-10 00:01 - 2014-08-10 00:01 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2014-08-10 00:01 - 2014-08-10 00:01 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
    2014-08-10 00:01 - 2014-08-10 00:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2014-08-10 00:01 - 2014-08-10 00:01 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
    2014-08-10 00:01 - 2014-08-10 00:01 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    2014-08-10 00:01 - 2014-08-10 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
    2014-08-09 23:59 - 2014-08-09 23:59 - 00000000 ____D () C:\Program Files\AVAST Software
    2014-08-09 23:59 - 2014-08-09 23:58 - 00000000 ____D () C:\ProgramData\AVAST Software
    2014-08-09 23:46 - 2014-08-09 21:14 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\Vso
    2014-08-09 23:46 - 2014-08-09 21:14 - 00000000 ____D () C:\ProgramData\VSO
    2014-08-09 23:09 - 2014-08-09 23:09 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\Macromedia
    2014-08-09 23:09 - 2014-08-09 23:09 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\Adobe
    2014-08-09 23:09 - 2014-08-09 23:08 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\AOL
    2014-08-09 23:08 - 2014-08-09 23:08 - 00001105 _____ () C:\Users\Norman Norris\Desktop\AIM.lnk
    2014-08-09 23:08 - 2014-08-09 23:08 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIM for Windows
    2014-08-09 21:14 - 2014-08-09 21:14 - 00099384 _____ () C:\Users\Norman Norris\AppData\Roaming\inst.exe
    2014-08-09 21:14 - 2014-08-09 21:14 - 00082816 _____ (VSO Software) C:\Users\Norman Norris\AppData\Roaming\pcouffin.sys
    2014-08-09 21:14 - 2014-08-09 21:14 - 00007859 _____ () C:\Users\Norman Norris\AppData\Roaming\pcouffin.cat
    2014-08-09 21:14 - 2014-08-09 21:14 - 00001232 _____ () C:\Users\Norman Norris\Desktop\ConvertXToDVD 5.lnk
    2014-08-09 21:14 - 2014-08-09 21:14 - 00000055 _____ () C:\Users\Norman Norris\AppData\Roaming\pcouffin.log
    2014-08-09 21:14 - 2014-08-09 21:14 - 00000000 ____D () C:\Users\Norman Norris\Documents\PcSetup
    2014-08-09 21:14 - 2014-08-09 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
    2014-08-09 21:14 - 2014-08-09 21:14 - 00000000 ____D () C:\Program Files (x86)\VSO
    2014-08-09 21:12 - 2014-08-09 21:12 - 00000000 ____D () C:\Windows\system32\appmgmt
    2014-08-09 21:12 - 2014-08-09 21:11 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\Skype
    2014-08-09 21:12 - 2014-08-09 21:10 - 00000000 ____D () C:\ProgramData\Skype
    2014-08-09 21:11 - 2014-08-09 21:11 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\Skype
    2014-08-09 21:10 - 2014-08-09 21:10 - 00000866 _____ () C:\Users\Norman Norris\Desktop\µTorrent.lnk
    2014-08-09 21:10 - 2014-08-09 21:10 - 00000846 _____ () C:\Users\Norman Norris\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
    2014-08-09 20:19 - 2014-08-09 20:19 - 00000000 ____D () C:\Windows\system32\SPReview
    2014-08-09 20:18 - 2014-08-09 20:18 - 00000000 ____D () C:\Windows\system32\EventProviders
    2014-08-09 20:16 - 2014-08-09 20:16 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
    2014-08-09 20:07 - 2014-08-09 20:07 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
    2014-08-09 20:05 - 2014-08-09 20:05 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
    2014-08-09 20:05 - 2009-07-14 03:46 - 00000000 ____D () C:\Windows\ShellNew
    2014-08-09 20:04 - 2014-08-09 20:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
    2014-08-09 20:04 - 2014-08-09 20:03 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
    2014-08-09 20:03 - 2014-08-09 20:03 - 00000000 ____D () C:\Windows\PCHEALTH
    2014-08-09 20:03 - 2014-08-09 20:00 - 00000000 ____D () C:\Program Files\Microsoft Office
    2014-08-09 20:01 - 2014-08-09 20:01 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
    2014-08-09 20:01 - 2014-08-09 20:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
    2014-08-09 20:00 - 2014-08-09 20:00 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\Microsoft Help
    2014-08-09 20:00 - 2014-08-09 20:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
    2014-08-09 19:59 - 2014-08-09 19:59 - 00000000 ___RD () C:\MSOCache
    2014-08-09 19:38 - 2014-08-09 15:38 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\NVIDIA
    2014-08-09 19:37 - 2014-08-09 19:37 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
    2014-08-09 19:37 - 2014-08-09 15:51 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\NVIDIA Corporation
    2014-08-09 19:37 - 2014-08-09 13:38 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
    2014-08-09 15:51 - 2014-08-09 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2014-08-09 15:51 - 2014-08-09 15:51 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
    2014-08-09 15:51 - 2014-08-09 13:38 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
    2014-08-09 15:51 - 2014-08-09 13:38 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
    2014-08-09 15:44 - 2014-08-09 13:39 - 00000000 ____D () C:\NVIDIA
    2014-08-09 15:00 - 2014-08-09 15:00 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\Deployment
    2014-08-09 15:00 - 2014-08-09 15:00 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\Apps\2.0
    2014-08-09 14:54 - 2014-08-09 14:52 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\HP
    2014-08-09 14:53 - 2014-08-09 14:53 - 00003668 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series
    2014-08-09 14:53 - 2014-08-09 14:53 - 00002272 _____ () C:\Users\Public\Desktop\HP Deskjet 1050 J410 series.lnk
    2014-08-09 14:53 - 2014-08-09 14:53 - 00001995 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk
    2014-08-09 14:53 - 2014-08-09 14:53 - 00001194 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 1050 J410 series.lnk
    2014-08-09 14:53 - 2014-08-09 14:53 - 00000000 ____D () C:\ProgramData\Visan
    2014-08-09 14:53 - 2014-08-09 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
    2014-08-09 14:53 - 2014-08-09 14:53 - 00000000 ____D () C:\ProgramData\HP Photo Creations
    2014-08-09 14:53 - 2014-08-09 14:53 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations
    2014-08-09 14:53 - 2014-08-09 14:52 - 00000000 ____D () C:\Program Files (x86)\HP
    2014-08-09 14:52 - 2014-08-09 14:52 - 00000057 _____ () C:\ProgramData\Ament.ini
    2014-08-09 14:52 - 2014-08-09 14:52 - 00000000 ____D () C:\ProgramData\HP
    2014-08-09 14:52 - 2014-08-09 14:52 - 00000000 ____D () C:\Program Files\HP
    2014-08-09 14:31 - 2014-08-09 14:30 - 00003733 _____ () C:\Windows\IE9_main.log
    2014-08-09 13:39 - 2009-07-14 01:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
    2014-08-09 13:39 - 2009-07-14 01:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
    2014-08-09 13:38 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\Help
    2014-08-09 13:17 - 2014-08-09 13:17 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Creative
    2014-08-09 13:17 - 2014-08-09 13:17 - 00000000 ____D () C:\Users\Norman Norris\AppData\Roaming\Creative
    2014-08-09 13:12 - 2014-08-09 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
    2014-08-09 13:12 - 2014-08-09 12:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-08-09 13:12 - 2014-08-09 12:59 - 00000000 ____D () C:\Program Files (x86)\Creative
    2014-08-09 13:12 - 2014-08-09 12:55 - 00000000 ____D () C:\ProgramData\Creative
    2014-08-09 13:00 - 2014-08-09 13:00 - 00419840 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
    2014-08-09 13:00 - 2014-08-09 13:00 - 00413696 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
    2014-08-09 13:00 - 2014-08-09 13:00 - 00133632 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
    2014-08-09 13:00 - 2014-08-09 13:00 - 00110592 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
    2014-08-09 13:00 - 2014-08-09 13:00 - 00000000 ___HD () C:\Program Files (x86)\Creative Installation Information
    2014-08-09 13:00 - 2014-08-09 12:59 - 00000000 ____D () C:\Program Files\Creative
    2014-08-09 12:59 - 2014-08-09 12:51 - 00000000 ____D () C:\Users\Norman Norris
    2014-08-09 12:55 - 2014-08-09 12:55 - 00000159 ___RH () C:\Windows\ctfile.rfc
    2014-08-09 12:51 - 2014-08-09 13:39 - 00000000 ____D () C:\Windows\Panther
    2014-08-09 12:51 - 2014-08-09 12:51 - 00000020 ___SH () C:\Users\Norman Norris\ntuser.ini
    2014-08-09 12:51 - 2014-08-09 12:51 - 00000000 ____D () C:\Users\Norman Norris\AppData\Local\VirtualStore
    2014-08-09 12:51 - 2014-08-09 12:51 - 00000000 ____D () C:\Recovery
    2014-08-09 12:51 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\restore
    2014-08-09 12:51 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Public\Libraries
    2014-08-09 12:51 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Recovery
    2014-08-09 12:43 - 2014-08-09 12:43 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
    2014-08-09 12:43 - 2014-08-09 12:43 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
    2014-08-09 12:43 - 2014-08-09 12:43 - 00001313 _____ () C:\Windows\TSSysprep.log
    2014-08-09 12:43 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2014-08-09 12:43 - 2009-07-14 00:46 - 00001774 _____ () C:\Windows\DtcInstall.log
    2014-08-09 12:43 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sysprep
    2014-08-09 12:41 - 2014-08-09 12:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
    2014-08-09 12:41 - 2009-07-14 03:46 - 00000000 ____D () C:\Windows\CSC
    2014-08-05 09:20 - 2014-08-09 13:31 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2014-07-31 19:41 - 2014-08-14 17:31 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-07-31 19:16 - 2014-08-14 17:31 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-07-25 10:52 - 2014-08-14 17:31 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-07-25 10:02 - 2014-08-14 17:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-07-25 10:01 - 2014-08-14 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-07-25 10:01 - 2014-08-09 15:51 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
    2014-07-25 10:01 - 2014-08-09 15:51 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
    2014-07-25 10:01 - 2014-08-09 15:51 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
    2014-07-25 10:01 - 2014-08-09 15:51 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
    2014-07-25 09:51 - 2014-08-14 17:31 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-07-25 09:30 - 2014-08-14 17:31 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-07-25 09:28 - 2014-08-14 17:31 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-07-25 09:28 - 2014-08-14 17:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-07-25 09:25 - 2014-08-14 17:31 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-07-25 09:25 - 2014-08-14 17:31 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-07-25 09:11 - 2014-08-14 17:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-07-25 09:10 - 2014-08-14 17:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-07-25 09:04 - 2014-08-14 17:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-07-25 09:03 - 2014-08-14 17:31 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-07-25 09:00 - 2014-08-14 17:31 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-07-25 09:00 - 2014-08-14 17:31 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-07-25 08:59 - 2014-08-14 17:31 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-07-25 08:47 - 2014-08-14 17:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-07-25 08:40 - 2014-08-14 17:31 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-07-25 08:34 - 2014-08-14 17:31 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-07-25 08:34 - 2014-08-14 17:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-07-25 08:33 - 2014-08-14 17:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-07-25 08:30 - 2014-08-14 17:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-07-25 08:28 - 2014-08-14 17:31 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-07-25 08:28 - 2014-08-14 17:31 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-07-25 08:21 - 2014-08-14 17:31 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-07-25 08:19 - 2014-08-14 17:31 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-07-25 08:18 - 2014-08-14 17:31 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-07-25 08:17 - 2014-08-14 17:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-07-25 08:17 - 2014-08-14 17:31 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-07-25 08:12 - 2014-08-14 17:31 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-07-25 08:10 - 2014-08-14 17:31 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-07-25 08:10 - 2014-08-14 17:31 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-07-25 08:08 - 2014-08-14 17:31 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-07-25 08:06 - 2014-08-14 17:31 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-07-25 07:52 - 2014-08-14 17:31 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-07-25 07:47 - 2014-08-14 17:31 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-07-25 07:43 - 2014-08-14 17:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-07-25 07:42 - 2014-08-14 17:31 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-07-25 07:39 - 2014-08-14 17:31 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-07-25 07:39 - 2014-08-14 17:31 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-07-25 07:36 - 2014-08-14 17:31 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-07-25 07:34 - 2014-08-14 17:31 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-07-25 07:29 - 2014-08-14 17:31 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-07-25 07:23 - 2014-08-14 17:31 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-07-25 07:13 - 2014-08-14 17:31 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-07-25 07:07 - 2014-08-14 17:31 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-07-25 07:07 - 2014-08-14 17:31 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-07-25 07:03 - 2014-08-14 17:31 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-07-25 06:52 - 2014-08-14 17:31 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-07-25 06:26 - 2014-08-14 17:31 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-07-25 06:17 - 2014-08-14 17:31 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-07-25 06:09 - 2014-08-14 17:31 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-07-25 06:05 - 2014-08-14 17:31 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-07-25 06:00 - 2014-08-14 17:31 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-07-23 18:32 - 2014-08-09 23:08 - 00464104 _____ (MZA) C:\Windows\system32\MZA64.dll

    Some content of TEMP:
    ====================
    C:\Users\Norman Norris\AppData\Local\Temp\Quarantine.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-08-17 00:04

    ==================== End Of Log ============================
     
  18. norman

    norman Established Techie7 Member

    Last log:

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
    Ran by Norman Norris at 2014-08-17 17:28:54
    Running from C:\Users\Norman Norris\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32691 - BitTorrent Inc.)
    Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
    AIM for Windows (HKCU\...\AIM) (Version: - AOL Inc.)
    avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
    Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.43 - Creative Technology Limited)
    Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
    Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
    Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - )
    Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E17BF11-A72D-4DA8-BFAA-DD262C17C2DE}) (Version: - Microsoft)
    HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
    HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
    HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{D638A23C-5C5F-4B71-A354-EC78B2BDD320}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
    HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
    Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
    Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
    NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
    NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
    NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
    NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
    NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
    NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
    NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
    NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
    NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
    NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
    Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
    PDF Reader for Windows 8 (HKLM\...\PDF Reader for Windows_is1) (Version: - PDFLogic Corporation)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
    Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
    SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version: - Microsoft)
    Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version: - Microsoft)
    Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version: - Microsoft)
    Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version: - Microsoft)
    Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version: - Microsoft)
    Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version: - Microsoft)
    Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version: - Microsoft)
    Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8260F0BF-F234-41FC-AB11-218A9925F77B}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6E2862B8-C10A-4FD0-9B82-8D9761301AAA}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version: - Microsoft)
    Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version: - Microsoft)
    Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version: - Microsoft)
    Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version: - Microsoft)
    Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version: - Microsoft)
    Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version: - Microsoft)
    Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
    Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
    Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
    Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
    Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
    Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version: - Microsoft)
    Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version: - Microsoft)
    Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version: - Microsoft)
    Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version: - Microsoft)
    Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
    Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
    Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version: - Microsoft)
    Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version: - Microsoft)
    Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version: - Microsoft)
    Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version: - Microsoft)
    Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version: - Microsoft)
    VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.2.0.7 - VSO Software)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


    ==================== Restore Points =========================

    15-08-2014 00:36:31 Windows Update
    17-08-2014 01:03:52 fresh restore after scan

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 22:34 - 2014-08-17 13:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {144D7E64-2D96-47A0-865D-707619306C24} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: {445A26A5-3A05-4AAA-B959-C456441ED86E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-17] (Adobe Systems Incorporated)
    Task: {510AE1F0-F085-4243-BF27-F214E835C43B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-10] (AVAST Software)
    Task: {BBB8608C-9491-49B2-97D4-B81ABC5B79FF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
    Task: {D7A274AF-6301-4FB9-BC74-62C8E90224E7} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-08-09] ()
    Task: {DE20C496-C47C-4444-B742-76ACF1E85104} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
    Task: {E5EF541E-9183-4E48-A54B-1EA276CB85DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    ==================== Loaded Modules (whitelisted) =============

    2014-08-09 14:20 - 2014-07-02 14:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2014-07-27 11:41 - 2014-07-27 11:41 - 08892576 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2014-08-10 00:01 - 2014-08-10 00:01 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
    2014-08-17 17:15 - 2014-08-17 17:15 - 02797568 _____ () C:\Program Files\AVAST Software\Avast\defs\14081701\algo.dll
    2014-08-10 00:01 - 2014-08-10 00:01 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)


    ==================== Faulty Device Manager Devices =============

    Name: PCI Input Device
    Description: PCI Input Device
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================

    System errors:
    =============

    Microsoft Office Sessions:
    =========================

    CodeIntegrity Errors:
    ===================================
    Date: 2014-08-17 13:15:15.538
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2014-08-17 13:15:15.429
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
    Percentage of memory in use: 31%
    Total physical RAM: 4094.54 MB
    Available physical RAM: 2789 MB
    Total Pagefile: 8187.26 MB
    Available Pagefile: 6751.95 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:465.66 GB) (Free:414.04 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 439D3F0C)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  19. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
     

    Attached Files:

  20. norman

    norman Established Techie7 Member

    Okay Broni I'm little confused here, I see the fixlist.txt file but here is the FRST(FRST64) at? Btw, I made a folder on desktop and placed the txt file there and I will put the FRST file there as well but I don't see where to click to dl to that folder?