Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by Ken (administrator) on BROBECK on 04-11-2014 20:07:46
Running from C:\Users\Ken\Desktop
Loaded Profile: Ken (Available profiles: Ken & nx & Administrator)
Platform: Windows 8 Pro (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
() C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NoMachine) C:\Program Files (x86)\NoMachine\bin\nxdeviced64.exe
(NoMachine) C:\Program Files (x86)\NoMachine\bin\nxdisplay.exe
(NoMachine) C:\Program Files (x86)\NoMachine\bin\nxfsd.exe
(NoMachine) C:\Program Files (x86)\NoMachine\bin\nxusbd64.exe
(NoMachine) C:\Program Files (x86)\NoMachine\bin\nxnode.bin
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(CANON INC.) C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Users\Ken\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Dropbox, Inc.) C:\Users\Ken\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BitLeader) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-09] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [486552 2012-09-27] (CANON INC.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2273056 2013-11-29] (NVIDIA Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-09-27] (cyberlink)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2013-03-02] (Bitleader)
HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe [5164712 2013-04-10] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-28] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-07-21] (Cisco Systems, Inc.)
HKU\S-1-5-21-3669982549-3015656978-1019135266-1002\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-3669982549-3015656978-1019135266-1002\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [45056 2012-07-25] (Microsoft Corporation)
HKU\S-1-5-21-3669982549-3015656978-1019135266-1002\...\Run: [SkyDrive] => C:\Users\Ken\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-3669982549-3015656978-1019135266-1002\...\Run: [MusicManager] => C:\Users\Ken\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631360 2014-10-08] (Google Inc.)
HKU\S-1-5-21-3669982549-3015656978-1019135266-1002\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-03-16] (Google Inc.)
Startup: C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Ken\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x450B4262462ECE01
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3669982549-3015656978-1019135266-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44}
https://fwvpn1.slac.stanford.edu/CACHE/stc/1/binaries/vpnweb.cab
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1
FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Ken\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Ken\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-11-04]
Chrome:
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3287822&SearchSource=48&CUI=UN22836558101853580&UM=2
CHR StartupUrls: Default -> "hxxp://
www.google.com/"
CHR DefaultSuggestURL: Default ->
http://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Profile: C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-15]
CHR Extension: (Google Drive) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-30]
CHR Extension: (YouTube) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-15]
CHR Extension: (Google Search) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-15]
CHR Extension: (Norton Identity Safe) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-24]
CHR Extension: (Norton Safe) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2014-08-24]
CHR Extension: (Google Wallet) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Gmail) - C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-15]
CHR HKCU\...\Chrome\Extension: [oajgghejjpgkmpgbchgjieahoefimdle] - C:\Users\Ken\AppData\Local\CRE\oajgghejjpgkmpgbchgjieahoefimdle.crx []
CHR HKLM-x32\...\Chrome\Extension: [oajgghejjpgkmpgbchgjieahoefimdle] - C:\Users\Ken\AppData\Local\CRE\oajgghejjpgkmpgbchgjieahoefimdle.crx []
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-16] (Adobe Systems) [File not signed]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
R2 FlipShare Service; C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe [460144 2011-05-06] ()
R2 FlipShareServer; C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [1085440 2011-05-06] () [File not signed]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [150464 2012-08-10] (Futuremark Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-25] (Microsoft Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-25] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15128352 2013-11-29] (NVIDIA Corporation)
R2 nxdeviced; C:\Program Files (x86)\NoMachine\bin\nxdeviced64.exe [861360 2014-05-16] (NoMachine)
R2 nxdisplay; C:\Program Files (x86)\NoMachine\bin\nxdisplay.exe [221872 2014-05-16] (NoMachine)
R2 nxfsd; C:\Program Files (x86)\NoMachine\bin\nxfsd.exe [181936 2014-05-16] (NoMachine)
S2 nxservice; C:\Program Files (x86)\NoMachine\bin\nxservice.exe [204464 2014-05-16] (NoMachine)
R2 nxusbd; C:\Program Files (x86)\NoMachine\bin\nxusbd64.exe [1248944 2014-05-16] (NoMachine)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-03-23] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] () [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\Windows\System32\drivers\61883.sys [61440 2012-07-25] (Microsoft Corporation)
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20141030.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20141104.001\IDSvia64.sys [633560 2014-08-29] (Symantec Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141104.004\ENG64.SYS [129752 2014-10-21] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20141104.004\EX64.SYS [2137304 2014-10-21] (Symantec Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-10-30] (NVIDIA Corporation)
R3 nxaudio; C:\Windows\system32\drivers\nxaudio.sys [17920 2013-08-29] (NoMachine)
R2 nxfs; C:\Program Files (x86)\NoMachine\bin\drivers\nxdisk\amd64\nxfs.sys [57008 2014-02-24] (NoMachine)
R3 nxusbh; C:\Windows\System32\drivers\nxusbh.sys [68096 2013-11-12] (NoMachine)
R3 nxusbs; C:\Windows\System32\drivers\nxusbs.sys [10240 2013-11-04] (NoMachine)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1506000.020\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
U3 TrueSight; C:\Windows\System32\Drivers\TrueSight.sys [34808 2014-11-01] ()
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-07-21] (Cisco Systems, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-04 20:07 - 2014-11-04 20:07 - 00023695 _____ () C:\Users\Ken\Desktop\FRST.txt
2014-11-04 20:07 - 2014-11-04 20:07 - 00000000 ____D () C:\Users\Ken\Desktop\FRST-OlderVersion
2014-11-04 20:05 - 2014-11-04 20:07 - 00000000 ____D () C:\Users\Ken\Desktop\Malware issue
2014-11-04 20:01 - 2014-11-04 20:01 - 00000000 ____D () C:\Windows\ERUNT
2014-11-04 20:00 - 2014-11-04 20:00 - 01706359 _____ (Thisisu) C:\Users\Ken\Downloads\JRT (1).exe
2014-11-04 19:54 - 2014-11-04 19:56 - 00000000 ____D () C:\AdwCleaner
2014-11-04 19:54 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-11-04 18:44 - 2014-11-04 18:44 - 00024370 _____ () C:\ComboFix.txt
2014-11-03 20:49 - 2014-11-03 20:49 - 00000000 ____D () C:\Users\Ken\AppData\Roaming\Adobe
2014-11-03 20:49 - 2014-11-03 20:49 - 00000000 ____D () C:\Users\Ken\AppData\Local\Adobe
2014-11-03 20:49 - 2014-11-03 20:49 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-03 17:53 - 2011-06-25 22:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-03 17:53 - 2010-11-07 09:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-03 17:53 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-03 17:53 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-03 17:53 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-03 17:53 - 2000-08-30 16:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-11-03 17:53 - 2000-08-30 16:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-03 17:53 - 2000-08-30 16:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-03 17:53 - 2000-08-30 16:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-03 17:20 - 2014-11-04 18:44 - 00000000 ____D () C:\Qoobox
2014-11-03 17:17 - 2014-11-03 20:33 - 00000000 ____D () C:\Windows\erdnt
2014-11-03 17:13 - 2014-11-03 17:13 - 05591672 _____ (Swearware) C:\Users\Ken\Downloads\ComboFix.exe
2014-11-02 09:21 - 2014-11-02 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2014-11-02 07:55 - 2014-11-02 08:04 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-11-02 07:44 - 2014-11-02 08:04 - 00000000 ____D () C:\Users\Ken\Desktop\mbar
2014-11-01 17:54 - 2014-11-01 17:54 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-11-01 17:54 - 2014-11-01 17:54 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-11-01 12:10 - 2014-11-04 20:07 - 00000000 ____D () C:\FRST
2014-11-01 12:08 - 2014-11-04 20:07 - 02114560 _____ (Farbar) C:\Users\Ken\Desktop\FRST64.exe
2014-11-01 12:07 - 2014-11-01 12:07 - 02114048 _____ (Farbar) C:\Users\Ken\Downloads\frst64.exe
2014-11-01 09:32 - 2014-11-01 09:32 - 00688992 _____ (Swearware) C:\Users\Ken\Downloads\dds.com
2014-11-01 08:46 - 2014-11-04 19:58 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-01 08:46 - 2014-11-02 07:54 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-01 08:46 - 2014-11-01 08:46 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Ken\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-01 08:46 - 2014-11-01 08:46 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-01 08:46 - 2014-11-01 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-01 08:46 - 2014-11-01 08:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-01 08:46 - 2014-11-01 08:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-01 08:46 - 2014-10-01 10:11 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-01 08:46 - 2014-10-01 10:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-31 21:52 - 2014-10-31 21:52 - 00007605 _____ () C:\Users\Ken\AppData\Local\Resmon.ResmonCfg
2014-10-30 21:53 - 2014-10-30 21:53 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-30 21:53 - 2014-10-30 21:53 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-30 21:53 - 2014-10-30 21:53 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-30 21:53 - 2014-10-30 21:53 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-30 21:53 - 2014-10-30 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-30 16:01 - 2014-10-30 16:01 - 00463808 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-27 21:25 - 2014-07-15 14:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-10-27 20:55 - 2014-06-10 14:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-10-27 20:55 - 2014-06-10 14:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-10-27 20:54 - 2014-09-19 21:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-27 20:54 - 2014-09-19 21:17 - 02236928 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-27 20:54 - 2014-09-19 21:17 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-27 20:54 - 2014-09-19 21:17 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-10-27 20:54 - 2014-09-19 21:17 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-10-27 20:54 - 2014-09-19 21:16 - 19280896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-27 20:54 - 2014-09-19 21:16 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-27 20:54 - 2014-09-19 21:16 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-27 20:54 - 2014-09-19 21:16 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-27 20:54 - 2014-09-19 21:16 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-27 20:54 - 2014-09-19 21:16 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-27 20:54 - 2014-09-19 21:16 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-27 20:54 - 2014-09-19 21:16 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-27 20:54 - 2014-09-19 21:16 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-27 20:54 - 2014-09-19 21:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-27 20:54 - 2014-09-19 21:16 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-27 20:54 - 2014-09-19 21:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-27 20:54 - 2014-09-19 21:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-27 20:54 - 2014-09-19 21:15 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-27 20:54 - 2014-09-19 21:15 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-27 20:54 - 2014-09-19 21:15 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-27 20:54 - 2014-09-19 19:57 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-27 20:54 - 2014-09-19 19:57 - 13757952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-27 20:54 - 2014-09-19 19:57 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-27 20:54 - 2014-09-19 19:57 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-27 20:54 - 2014-09-19 19:57 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-27 20:54 - 2014-09-19 19:57 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-27 20:54 - 2014-09-19 19:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-27 20:54 - 2014-09-19 19:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-27 20:54 - 2014-09-19 19:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-27 20:54 - 2014-09-19 19:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-27 20:54 - 2014-09-19 19:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-10-27 20:54 - 2014-09-19 19:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-27 20:54 - 2014-09-19 19:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-27 20:54 - 2014-09-19 19:57 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-10-27 20:54 - 2014-09-19 19:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-27 20:54 - 2014-09-19 19:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-27 20:54 - 2014-09-19 19:56 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-27 20:54 - 2014-09-19 19:56 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-27 20:54 - 2014-09-19 19:56 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-27 20:54 - 2014-09-19 19:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-27 20:54 - 2014-09-19 19:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-27 20:54 - 2014-09-19 17:06 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-10-27 20:54 - 2014-08-28 03:34 - 00059400 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-27 20:54 - 2014-08-27 22:05 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-27 20:54 - 2014-08-27 22:05 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-27 20:54 - 2014-08-27 22:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-27 20:54 - 2014-08-27 22:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-27 20:54 - 2014-08-27 22:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-27 20:54 - 2014-08-27 22:01 - 03285504 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-27 20:54 - 2014-08-27 22:01 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-27 20:54 - 2014-08-27 22:01 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-27 20:54 - 2014-08-27 22:01 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-10-27 20:54 - 2014-08-27 22:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-10-27 20:54 - 2014-08-27 22:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-27 20:54 - 2014-08-27 22:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-27 20:54 - 2014-08-27 22:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-10-27 20:54 - 2014-08-20 15:40 - 00732880 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-10-27 20:54 - 2014-08-20 09:05 - 00694784 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-10-27 20:54 - 2014-08-20 09:05 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-10-27 20:54 - 2014-08-20 09:05 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-27 20:54 - 2014-08-20 09:02 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-10-27 20:54 - 2014-08-20 09:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-27 20:54 - 2014-06-23 23:35 - 00010450 _____ () C:\Windows\system32\autoconfig.cab
2014-10-27 20:54 - 2014-06-23 22:40 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2014-10-27 20:54 - 2014-06-04 17:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2014-10-27 20:54 - 2014-06-03 15:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2014-10-27 20:51 - 2014-05-29 15:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-10-27 20:51 - 2014-05-29 15:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-10-27 20:51 - 2014-05-29 15:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-10-27 20:51 - 2014-05-29 15:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-10-25 15:23 - 2014-10-25 15:23 - 00000000 ____D () C:\ProgramData\Google
2014-10-25 09:16 - 2014-09-02 18:48 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-25 09:16 - 2014-09-02 18:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-25 09:16 - 2014-07-31 15:40 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-10-25 09:16 - 2014-06-17 15:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-10-25 09:16 - 2014-06-17 15:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-10-25 09:16 - 2014-06-12 17:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-10-25 09:16 - 2014-06-12 17:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-10-25 09:15 - 2014-09-12 21:29 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-25 09:15 - 2014-09-12 20:02 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-25 09:15 - 2014-07-23 19:33 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-10-25 09:15 - 2014-07-23 19:33 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-10-25 09:15 - 2014-07-06 21:53 - 01125376 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-25 09:15 - 2014-07-06 21:52 - 03248128 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-25 09:15 - 2014-07-06 21:52 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-25 09:15 - 2014-07-06 21:52 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-25 09:15 - 2014-07-06 21:51 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-25 09:15 - 2014-07-06 20:01 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-25 09:15 - 2014-07-06 20:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-25 09:15 - 2014-07-06 20:00 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-25 09:15 - 2014-07-06 19:59 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-25 09:14 - 2014-09-27 20:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-25 09:14 - 2014-09-17 15:24 - 02416128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-25 09:14 - 2014-09-17 14:56 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-25 09:14 - 2014-08-29 21:48 - 10115072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-10-25 09:14 - 2014-08-29 21:46 - 02306560 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-25 09:14 - 2014-08-29 20:05 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-10-25 09:14 - 2014-08-29 20:03 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-25 09:14 - 2014-08-09 00:30 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-10-25 09:14 - 2014-08-09 00:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2014-10-25 09:14 - 2014-08-06 14:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\PJLMON.DLL
2014-10-25 09:14 - 2014-08-01 14:08 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-10-25 09:14 - 2014-07-24 05:50 - 00447296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-10-25 09:14 - 2014-07-16 15:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2014-10-25 09:14 - 2014-07-16 14:59 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-10-25 09:14 - 2014-07-16 14:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2014-10-25 09:14 - 2014-07-11 22:45 - 01549824 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2014-10-25 09:14 - 2014-07-11 20:36 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-10-25 09:14 - 2014-07-11 20:36 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-10-25 09:14 - 2014-07-11 20:34 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-10-25 09:14 - 2014-07-11 20:34 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-10-25 09:14 - 2014-06-27 22:57 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-10-25 09:14 - 2014-06-27 18:23 - 01126400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-10-25 09:14 - 2014-06-19 15:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-10-25 09:14 - 2014-06-19 14:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-10-25 09:14 - 2014-06-12 15:34 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-10-25 09:14 - 2014-06-12 15:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-10-25 09:14 - 2014-06-05 09:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-10-25 09:14 - 2014-06-05 09:29 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-10-25 09:14 - 2014-06-05 05:11 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-10-25 09:14 - 2014-06-02 14:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-10-25 09:14 - 2014-05-29 14:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-10-25 09:14 - 2014-05-28 20:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-10-25 09:14 - 2014-05-07 17:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-10-25 09:14 - 2014-05-02 22:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-25 09:14 - 2014-05-02 22:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-10-25 09:14 - 2014-05-02 20:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-10-25 09:14 - 2014-05-01 14:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-10-25 09:14 - 2014-04-29 14:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-10-25 09:14 - 2014-04-29 14:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-10-25 09:13 - 2014-07-15 15:03 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-10-25 09:13 - 2014-07-11 18:36 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-10-25 09:13 - 2014-06-06 06:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-10-25 09:13 - 2014-06-06 02:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-10-21 16:48 - 2014-10-21 16:48 - 00000000 _____ () C:\Users\Ken\Documents\boarding.oxps
2014-10-14 07:48 - 2014-10-14 07:48 - 00001638 _____ () C:\Users\Ken\Desktop\Canon MF4700 Series UFRII LT (BROBECK) - Shortcut.lnk
2014-10-14 07:48 - 2014-10-14 07:48 - 00001629 _____ () C:\Users\Ken\Desktop\Canon MF4700 UFRII LT XPS (BROBECK) - Shortcut.lnk
2014-10-14 07:46 - 2014-10-14 07:46 - 00001152 _____ () C:\Users\Ken\Desktop\Canon MF4700 Series - Shortcut (3).lnk
2014-10-14 07:45 - 2014-10-14 07:45 - 00001152 _____ () C:\Users\Ken\Desktop\Canon MF4700 Series - Shortcut (2).lnk
2014-10-14 07:44 - 2014-10-14 07:44 - 00001152 _____ () C:\Users\Ken\Desktop\Canon MF4700 Series - Shortcut.lnk
2014-10-14 03:17 - 2014-10-14 03:17 - 00299136 _____ () C:\Windows\Minidump\101414-21828-01.dmp
2014-10-07 02:00 - 2014-10-07 02:00 - 00299136 _____ () C:\Windows\Minidump\100714-11890-01.dmp
2014-10-05 19:48 - 2014-10-05 19:48 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360